Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
15,851 Commits 15 Branches 491 Tags 148 MiB
Commit Graph

71 Commits

Author SHA1 Message Date
Allen Ray
9254f8f05b Release-3.4: server/etcdmain: add configurable cipher list to gRPC proxy listener 
Signed-off-by: Allen Ray <alray@redhat.com>
 2022-10-19 16:02:13 -04:00
Benjamin Wang
29911e9a5b etcdserver: fix memberID equals to zero in corruption alarm 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-09-28 11:01:26 +08:00
Benjamin Wang
6730ed8477
Merge pull request #14410 from vivekpatani/release-3.4 
[release-3.4] server,test: refresh cache on each NewAuthStore
 2022-09-09 09:34:32 +08:00
Thomas Jungblut
86bc0a25c4 etcdctl: fix move-leader for multiple endpoints 
Due to a duplicate call of clientConfigFromCmd, the move-leader command
would fail with "conflicting environment variable is shadowed by corresponding command-line flag".
Also in scenarios where no command-line flag was supplied.

Signed-off-by: Thomas Jungblut <tjungblu@redhat.com>
 2022-09-08 15:51:19 +02:00
vivekpatani
c0ef7d52e0 server,test: refresh cache on each NewAuthStore 
- permissions were incorrectly loaded on restarts.
- #14355
- Backport of https://github.com/etcd-io/etcd/pull/14358

Signed-off-by: vivekpatani <9080894+vivekpatani@users.noreply.github.com>
 2022-08-31 13:08:11 -07:00
Benjamin Wang
6071b1c523 Support configuring MaxConcurrentStreams for http2 
Backport https://github.com/etcd-io/etcd/pull/14219 to 3.4

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-07-21 14:25:29 +08:00
Benjamin Wang
8160e9ebe2 disable test cases on certificate-based authentication which isn't supported by gRPC proxy. 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-06-30 14:11:54 +08:00
Benjamin Wang
bb9113097a fix test failure in TestCtlV3WatchClientTLS 
Also refer to the following commit in 3.5,
093282f5ea

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-06-30 10:19:03 +08:00
Lili Cosic
35bd924596 integration,raft,tests: Comply with go v1.15 gofmt 2021-04-19 11:18:13 +02:00
Chris Wedgwood
656dc63eab etcdserver: fix incorrect metrics generated when clients cancel watches 
Manual cherry-pick of 9571325fe85173a60c89d6ac6ce3491c7b1ec7a4 for
release-3.4.
 2021-03-31 22:59:29 -07:00
yoyinzyc
7cf32c262c e2e: test curl auth on onoption user 2019-12-10 12:53:10 -08:00
Jingyi Hu
b67862c0a6 etcdserver: strip patch version in cluster version 
Strip patch version in cluster version metrics.
 2019-10-14 17:37:49 -07:00
Gyuho Lee
c91a6bf14f tests/e2e: fix metrics tests 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2019-10-03 16:02:39 -07:00
Gyuho Lee
d04d96c9ac tests/e2e: run metrics test again 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2019-08-30 08:09:32 -07:00
Gyuho Lee
b76f149c35 tests/e2e: skip metrics tests for now 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2019-08-26 00:02:48 -07:00
Gyuho Lee
d23af41bca tests/e2e: remove string replace for v3.4.0-rc.1 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2019-08-23 01:14:42 -07:00
Gyuho Lee
f13a5102ec tests/e2e: fix version matching 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2019-08-15 14:46:19 -07:00
Gyuho Lee
64c16779c0 tests/e2e: pass "rc.0" 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2019-08-12 01:46:58 -07:00
Gyuho Lee
9ff86fe516 tests/e2e: skip release tests until release candidate 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2019-08-03 00:09:10 -07:00
Gyuho Lee
bc9a54beae tests/e2e: fix upgrade, metrics tests 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2019-08-02 15:58:25 -07:00
Gyuho Lee
5ef8f2770c
Merge pull request #10962 from hexfusion/promote_mvcc 
metrics: promote etcd_debugging_mvcc put_total and delete_total
 2019-07-31 22:24:40 -07:00
Sam Batschelet
f46ee91863 metrics: promote etcd_debugging_mvcc put_total and delete_total 
Signed-off-by: Sam Batschelet <sbatsche@redhat.com>
 2019-08-01 01:28:07 +00:00
Gyuho Lee
80efba3368 tests/e2e: fix curl proclaim error message 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2019-07-29 21:28:15 -07:00
Gyuho Lee
ae87b21a72 tests/e2e: enable-v2 for v2 e2e tests 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2019-07-28 21:07:36 -05:00
John Millikin
95f3138b5f
tests: Use more deterministic error message in TestEtcdPeerNameAuth 2019-07-10 14:24:20 +09:00
John Millikin
c6686734b1
tests: Use 'localhost' to match SAN of integration/fixtures/server.crt 2019-07-10 13:33:14 +09:00
John Millikin
5824421f8b
etcdman, pkg: Rename new flags to 'hostname' 2019-07-10 09:30:02 +09:00
John Millikin
9a53601a18
etcdmain, pkg: Support peer and client TLS auth based on SAN fields. 
Etcd currently supports validating peers based on their TLS certificate's
CN field. The current best practice for creation and validation of TLS
certs is to use the Subject Alternative Name (SAN) fields instead, so that
a certificate might be issued with a unique CN and its logical
identities in the SANs.

This commit extends the peer validation logic to use Go's
`(*"crypto/x509".Certificate).ValidateHostname` function for name
validation, which allows SANs to be used for peer access control.

In addition, it allows name validation to be enabled on clients as well.
This is used when running Etcd behind an authenticating proxy, or as
an internal component in a larger system (like a Kubernetes master).
 2019-07-10 09:30:02 +09:00
Hitoshi Mitake
7bbc536e1c tests/e2e: initialize UserAddOptions{} field in testV3CurlAuth() 2019-06-06 23:07:41 +09:00
Gyuho Lee
1caaa9ed4a test: test update for Go 1.12.5 and related changes 
Update to Go 1.12.5 testing. Remove deprecated unused and gosimple
pacakges, and mask staticcheck 1006. Also, fix unconvert errors related
to unnecessary type conversions and following staticcheck errors:
- remove redundant return statements
- use for range instead of for select
- use time.Since instead of time.Now().Sub
- omit comparison to bool constant
- replace T.Fatal and T.Fatalf in tests with T.Error and T.Fatalf respectively because the goroutine calls T.Fatal must be called in the same goroutine as the test
- fix error strings that should not be capitalized
- use sort.Strings(...) instead of sort.Sort(sort.StringSlice(...))
- use he status code of Canceled instead of grpc.ErrClientConnClosing which is deprecated
- use use status.Errorf instead of grpc.Errorf which is deprecated

Related #10528 #10438
 2019-06-05 17:02:05 -04:00
Hitoshi Mitake
8257dfdb51 e2e: add test cases for a user without password 2019-05-30 21:59:30 +09:00
Hitoshi Mitake
5a67dd788d *: support creating a user without password 
This commit adds a feature for creating a user without password. The
purpose of the feature is reducing attack surface by configuring bad
passwords (CN based auth will be allowed for the user).

The feature can be used with `--no-password` of `etcdctl user add`
command.

Fix https://github.com/coreos/etcd/issues/9590
 2019-05-30 21:59:30 +09:00
Gyuho Lee
34bd797e67 *: revert module import paths 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2019-05-28 15:39:35 -07:00
Jingyi Hu
e4296bbad9 tests/e2e: Add test for learner member add 
Added an e2e test to exercise "etcdctl member add --learner".
 2019-05-14 13:10:22 -07:00
shivaramr
9150bf52d6 go modules: Fix module path version to include version number 2019-04-26 15:29:50 -07:00
Gyuho Lee
5877763990 tests/e2e: fix "authLeaseTestLeaseRevoke" 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2019-02-15 09:39:03 -08:00
Hitoshi Mitake
a1f964afd3 tests: add a new e2e test case for the combination of non empty CN and grpc proxy 2019-01-25 00:43:57 +09:00
Hitoshi Mitake
69e2faec00 tests: update TestV3CurlAuthClientTLSCertAuth for using cert with empty CN 2019-01-23 03:26:34 +09:00
johncming
fffb982f1a tests/e2e: add missing return error. 2019-01-09 13:47:09 +08:00
Sam Batschelet
577d7c0df2 e2e: update test to reflect (ST1005) update. 
Signed-off-by: Sam Batschelet <sbatsche@redhat.com>
 2019-01-08 21:04:20 -05:00
Sam Batschelet
99704e2a97 e2e: add ClientTLSCertAuth coverage for curl v3 auth tests 
Signed-off-by: Sam Batschelet <sbatsche@redhat.com>
 2019-01-08 12:31:20 -05:00
Gyuho Lee
0226481584 tests/e2e: test cluster version 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2018-11-13 21:49:33 -08:00
Gyuho Lee
8db439d693 *: use "go.etcd.io/bbolt" 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2018-08-29 12:31:28 -07:00
Gyuho Lee
d37f1521b7 *: update import paths to "go.etcd.io/etcd" 
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
 2018-08-28 17:47:55 -07:00
Joe Betz
b3b06a862a
clientv3: Fix maintenance APIs to directly dial grpc endpoints correctly. 2018-07-23 11:20:15 -07:00
Gyuho Lee
42bef8460c *: clean up code format 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-07-21 16:34:56 -07:00
Gyuho Lee
6a16c7974a tests/e2e: handle cipher suite mismatch error in ubuntu 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-07-05 10:50:07 -07:00
Gyuho Lee
b01d560be0 tests/e2e: remove unnessary type conversion 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-07-05 10:10:30 -07:00
Gyuho Lee
08474ed5bd tests/e2e: do not run cipher suite tests for gRPC proxy 
```
../../bin/etcd-30074: 2018-06-19 11:49:12.052662 I | etcdmain: v2 proxy started listening on client requests on "https://localhost:20002"
../../bin/etcd-30083: Error: unknown flag: --cipher-suites
../../bin/etcd-30083: Usage:
../../bin/etcd-30083:   etcd grpc-proxy start [flags]
```

Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-06-19 11:49:59 -07:00
Gyuho Lee
0d13176c99 tests/e2e: do not run cipher suite tests in coverage tests 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
 2018-06-13 14:32:27 -07:00