Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
15,969 Commits 15 Branches 491 Tags 148 MiB
Commit Graph

15969 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Benjamin Wang
bc19b67f16 bump version to 3.4.25 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-04-14 14:21:15 +08:00
Benjamin Wang
b56268ac48
Merge pull request #15677 from ahrtr/jwt_panic_3.4_20230410 
[3.4] etcdserver: verify field 'username' and 'revision' present when decoding a JWT token
 2023-04-11 18:44:43 +08:00
Marek Siarkowicz
1d759fc8bd
Merge pull request #15697 from ahrtr/3.4_request_progress_20230411 
[3.4] etcdserver: guarantee order of requested progress notification
 2023-04-11 10:49:21 +02:00
Benjamin Wang
90e4d04c8e etcdserver: guarantee order of requested progress notification 
Progress notifications requested using ProgressRequest were sent
directly using the ctrlStream, which means that they could race
against watch responses in the watchStream.

This would especially happen when the stream was not synced - e.g. if
you requested a progress notification on a freshly created unsynced
watcher, the notification would typically arrive indicating a revision
for which not all watch responses had been sent.

This changes the behaviour so that v3rpc always goes through the watch
stream, using a new RequestProgressAll function that closely matches
the behaviour of the v3rpc code - i.e.

1. Generate a message with WatchId -1, indicating the revision for
   *all* watchers in the stream

2. Guarantee that a response is (eventually) sent

The latter might require us to defer the response until all watchers
are synced, which is likely as it should be. Note that we do *not*
guarantee that the number of progress notifications matches the number
of requests, only that eventually at least one gets sent.

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-04-11 12:47:09 +08:00
Benjamin Wang
881147f5d8
Merge pull request #15681 from jmhbnz/release-3.4 
[3.4] Backport fix for all docker images showing amd64 architecture
 2023-04-10 19:31:43 +08:00
James Blair
8f0a8a1271
Backport fix for all docker images showing amd64 architecture. 
Signed-off-by: James Blair <mail@jamesblair.net>
 2023-04-10 22:43:10 +12:00
Benjamin Wang
abdc3cc41f
Merge pull request #15609 from pchan/automated-cherry-pick-of-#15505-upstream-release-3.4 
[3.4] Add testing of etcd in local image in release workflow
 2023-04-10 16:37:01 +08:00
Prasad Chandrasekaran
4a826042f1 scripts: Add testing of etcd in local image in release workflow. 
Signed-off-by: Prasad Chandrasekaran <prasadc@vmware.com>
Co-authored-by: Benjamin Wang <wachao@vmware.com>
 2023-04-10 13:25:57 +05:30
Benjamin Wang
b000f15049 etcdserver: verify field 'username' and 'revision' present when decoding a JWT token 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-04-10 08:26:12 +08:00
Marek Siarkowicz
4b91b6d800
Merge pull request #15662 from ahrtr/backport_15447_3.4_20230407 
[3.4] etcdserver: set zap logging to wsproxy
 2023-04-07 10:55:55 +02:00
Benjamin Wang
b48cf63488
Merge pull request #15655 from mitake/3.4-backport-15648 
[3.4] backport 15648
 2023-04-07 16:49:24 +08:00
Benjamin Wang
b364b48475 etcdserver: set zap logging to wsproxy 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-04-07 13:38:25 +08:00
Benjamin Wang
3618ab4b07 security: remove password after authenticating the user 
fix https://nvd.nist.gov/vuln/detail/CVE-2021-28235

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-04-06 22:42:29 +09:00
Benjamin Wang
1f746597ea test: add an e2e test to reproduce https://nvd.nist.gov/vuln/detail/CVE-2021-28235 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-04-06 22:17:20 +09:00
Benjamin Wang
584576d672
Merge pull request #15652 from ahrtr/bump_go_20230406_3.4 
[3.4] Bump golang to 1.19.8 to fix CVEs
 2023-04-06 15:48:41 +08:00
Benjamin Wang
78a898a903 bump golang to 1.19.8 to fix CVEs 
https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8/m/OV40vnafAwAJ

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-04-06 14:31:15 +08:00
Benjamin Wang
ab64d49a13
Merge pull request #15621 from mitake/3.4-backport-15294 
[3.4] backport 15294
 2023-04-05 08:25:01 +08:00
Hitoshi Mitake
442de314a2 server/auth: disallow creating empty permission ranges 
Signed-off-by: Hitoshi Mitake <h.mitake@gmail.com>
Co-authored-by: Benjamin Wang <wachao@vmware.com>
 2023-04-04 21:41:04 +09:00
J. David Lowe
cee78aca75 etcdserver: don't attempt to grant nil permission to a role 
Prevent etcd from crashing when given a bad grant payload, e.g.:

$ curl -d '{"name": "foo"}' http://localhost:2379/v3/auth/role/add
{"header":{"cluster_id":"14841639068965178418", ...
$ curl -d '{"name": "foo"}' http://localhost:2379/v3/auth/role/grant
curl: (52) Empty reply from server

Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
Signed-off-by: J. David Lowe <j.david.lowe@gmail.com>
 2023-04-04 21:40:54 +09:00
Marek Siarkowicz
a1a37492f5
Merge pull request #15620 from serathius/separate-grpc-server-3.4 
[3.4] Separate grpc server
 2023-04-04 09:48:45 +02:00
Marek Siarkowicz
47d4ff2e36 server: Fix defer function closure escape 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-04-03 16:11:05 +02:00
Marek Siarkowicz
75675cd464 tests: Test separate http port connection multiplexing 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-04-03 16:11:05 +02:00
Marek Siarkowicz
8dc1244179 server: Add --listen-client-http-urls flag to allow running grpc server separate from http server 
Difference in load configuration for watch delay tests show how huge the
impact is. Even with random write scheduler grpc under http
server can only handle 500 KB with 2 seconds delay. On the other hand,
separate grpc server easily hits 10, 100 or even 1000 MB within 100 miliseconds.

Priority write scheduler that was used in most previous releases
is far worse than random one.

Tests configured to only 5 MB to avoid flakes and taking too long to fill
etcd.

Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-04-03 16:11:03 +02:00
Marek Siarkowicz
dd0bc66478 server: Pick one address that all grpc gateways connect to 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-04-03 15:47:35 +02:00
Marek Siarkowicz
a4ac849ec1 server: Extract resolveUrl helper function 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-04-03 15:43:46 +02:00
Marek Siarkowicz
66704b4c59 server: Separate client listener grouping from serving 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-04-03 15:43:35 +02:00
Marek Siarkowicz
6de105e89b refactor: Use proper variable names for urls 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-04-03 15:35:10 +02:00
Benjamin Wang
9ba5c28404
Merge pull request #15590 from ArkaSaha30/backport-14860-3-4 
[3.4] Backport cherry-pick of #14860: Trigger release in current branch for github workflow case
 2023-03-31 17:58:25 +08:00
Benjamin Wang
49d05f88c3
[3.4] Backport cherry-pick of #14860: Trigger release in current branch for github workflow case 
Signed-off-by: ArkaSaha30 <arkasaha30@gmail.com>
 2023-03-31 10:29:09 +05:30
Marek Siarkowicz
f9a4a471a0
Merge pull request #15560 from serathius/test-cmux-3.4 
[3.4] Test cmux
 2023-03-30 15:55:24 +02:00
Marek Siarkowicz
7d62b4d64a tests: Add v2 API to connection multiplexing test 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-30 14:51:39 +02:00
Marek Siarkowicz
7bb5f1f58c tests: Add connection muiltiplexer testing 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-30 14:51:25 +02:00
Marek Siarkowicz
c4a0bac555 tests: Backport tls for etcdctl 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-30 14:49:04 +02:00
Marek Siarkowicz
ec9221f42a tests: Backport etcdctl 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-30 14:49:04 +02:00
Marek Siarkowicz
9e912ba3ed tests: Extract e2e test utils 
Consider creating generic testutils for both e2e and integration tests.

Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-30 14:49:02 +02:00
Marek Siarkowicz
063d3ceed6 tests: Allow specifying http version in curl 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-30 14:48:28 +02:00
Marek Siarkowicz
cee9d4c0f1 tests: Refactor newClient args 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-30 14:48:28 +02:00
Marek Siarkowicz
1bafc86b42 tests: Refactor CURLPrefixArgs 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-30 14:48:28 +02:00
Benjamin Wang
bf22b350b0
Merge pull request #15584 from mitake/follow-up-for-15542 
[3.4] etcdserver: keep server side change of 14548
 2023-03-30 06:34:08 +08:00
Hitoshi Mitake
01c0d8b309 etcdserver: keep server side change of 14548 
Signed-off-by: Hitoshi Mitake <h.mitake@gmail.com>
 2023-03-28 21:43:17 +09:00
Marek Siarkowicz
2b189d8638
Merge pull request #15562 from serathius/fix-e2e 
tests: Avoid testing package root tests in e2e
 2023-03-28 13:53:49 +02:00
Marek Siarkowicz
3f6429d702 tests: Avoid testing package root tests in e2e 
Changes invocation from `go test -timeout 30m -v -cpu 1,2,4 '' -v
--count 1 go.etcd.io/etcd/tests/e2e` to `go test -timeout 30m -v -cpu 1,2,4 -v --count 1 go.etcd.io/etcd/tests/e2e` (removes '').
Those braces caused tests to also run in root package.

Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-28 11:07:34 +02:00
Marek Siarkowicz
63c7a038eb
Merge pull request #15555 from serathius/run-e2e 
Run e2e tests in CI
 2023-03-27 13:38:53 +02:00
Marek Siarkowicz
73f152e61e Run e2e tests in CI 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2023-03-27 12:12:36 +02:00
Marek Siarkowicz
e0fcb9e637
Merge pull request #15504 from fuweid/fix-15487 
[3.4] fix: enable strict mode for CI
 2023-03-23 12:41:08 +01:00
Benjamin Wang
82de82ee80
Merge pull request #15486 from jmhbnz/release-3.4 
[3.4] Backport tls 1.3 support
 2023-03-23 15:25:17 +08:00
Wei Fu
3fc5fbeaa0 fix: enable strict mode for CI 
fixes: #15487

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-03-22 17:55:58 +08:00
Benjamin Wang
284c312fd4
Merge pull request #15518 from fuweid/cp-15509-to-3.4 
[3.4] server/embed: fix data race when start insecure grpc
 2023-03-22 12:10:01 +08:00
Benjamin Wang
336ac78ebe
Merge pull request #15542 from mitake/revert-14548-v2 
[3.4] Revert 14548
 2023-03-22 06:19:30 +08:00
Hitoshi Mitake
be808bde23 Revert "tests: a test case for watch with auth token expiration" 
This reverts commit 91365174b33b15ff165997d6312abab7935a6ebe.

Signed-off-by: Hitoshi Mitake <h.mitake@gmail.com>
 2023-03-21 22:13:27 +09:00