57 Commits

Author SHA1 Message Date
Benjamin Wang
f333148da9 dependency: bump golang.org/x/time to v0.3.0
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2023-02-28 06:49:39 +08:00
Benjamin Wang
a7e94c4843 security: bump golang.org/x/net to v0.7.0 to address CVE GO-2023-1571
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2023-02-17 11:29:47 +08:00
Benjamin Wang
5b8d7698c8 dependency: bump github.com/coreos/go-semver from 0.3.0 to 0.3.1
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2023-01-24 16:59:37 +08:00
Benjamin Wang
ac98432f0b dependency: bump github.com/dustin/go-humanize from v1.0.0 to v1.0.1
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2023-01-17 06:37:19 +08:00
Benjamin Wang
b96be4f1d3 deps: bump github.com/cheggaaa/pb/v3 from 3.0.8 to 3.1.0 in /etcdctl
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-12-14 04:03:53 +08:00
Benjamin Wang
2c192f4205 deps: bump go.uber.org/multierr from 1.8.0 to 1.9.0 in /server
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-12-14 04:00:49 +08:00
Benjamin Wang
c2a7a5870d deps: bump github.com/prometheus/client_golang from 1.12.2 to 1.14.0
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-12-14 03:42:11 +08:00
Benjamin Wang
bc41c0963b deps: bump github.com/coreos/go-systemd/v22 from 22.3.2 to 22.5.0
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-12-14 03:38:55 +08:00
Benjamin Wang
259a73d67a deps: bump github.com/spf13/cobra from 1.4.0 to 1.6.1
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-12-14 03:33:24 +08:00
Benjamin Wang
1a0af6fee6 deps: bump go.uber.org/zap from 1.21.0 to 1.24.0
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-12-14 03:33:24 +08:00
Benjamin Wang
1ba246e1d8 bump golang.org/x/ to v0.4.0
Found 1 known vulnerability.

Vulnerability #1: GO-2022-1144
  An attacker can cause excessive memory growth in a Go server
  accepting HTTP/2 requests. HTTP/2 server connections contain a
  cache of HTTP header keys sent by the client. While the total
  number of entries in this cache is capped, an attacker sending
  very large keys can cause the server to allocate approximately
  64 MiB per open connection.

  Call stacks in your code:
Error:       tools/etcd-dump-metrics/main.go:158:5: go.etcd.io/etcd/v3/tools/etcd-dump-metrics.main calls go.etcd.io/etcd/server/v3/embed.StartEtcd, which eventually calls golang.org/x/net/http2.Server.ServeConn

  Found in: golang.org/x/net/http2@v0.2.0
  Fixed in: golang.org/x/net/http2@v0.4.0
  More info: https://pkg.go.dev/vuln/GO-2022-1144
Error: Process completed with exit code 3.

Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-12-09 08:54:48 +08:00
Benjamin Wang
3f86db5e53 bump golang.org/x imports to address CVEs
Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149

Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-11-30 05:03:43 +08:00
Wei Fu
cf285ea3c7 bump grpc to v1.51.0 from v1.47.0
Signed-off-by: Wei Fu <fuweid89@gmail.com>
2022-11-23 22:16:22 +08:00
Benjamin Wang
cd0b1d0c66 Bump go 1.19: upgrade go version to 1.19 in all go.mod files
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-09-22 08:47:46 +08:00
Colleen Murphy
7ea2a3d7cb *: Update golang.org/x/net to latest
Update golang.org/x/net to address CVE-2022-27664.

Signed-off-by: Colleen Murphy <colleen.murphy@suse.com>
2022-09-19 16:01:45 -07:00
Benjamin Wang
3196c2cb5f Cleanup the go.mod for etcdctl
etcdctl doesn't depend on the following packages at all,
1. go.etcd.io/etcd/client/v2
2. go.etcd.io/etcd/etcdutl/v3
3. go.etcd.io/etcd/raft/v3
4. go.etcd.io/etcd/server/v3

Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-08-25 13:30:55 +08:00
Mikel Olasagasti Uranga
89637a4223 Tools/benchmark: migrate cheggaaa/pb.v1 to cheggaaa/pb/v3
etcdctl/ctlv3: migrate cheggaaa/pb.v1 to cheggaaa/pb/v3

This commit also changes the format of the progress bar, from using a
custom progress bar to the default provided by the library.

Old behaviour:

./benchmarkv1  put
 0 / 10000 B                                                   !   0.00%
 3987 / 10000 Boooooooooooooom                                 !  39.87%
 10000 / 10000 Boooooooooooooooooooooooooooooooooooooooooooo! 100.00% 1s

New behaviour:

./benchmark put
 6536 / 10000 [----------------------->________________] 65.36% 7053 p/s
10000 / 10000 [---------------------------------------] 100.00% 7581 p/s

Signed-off-by: Mikel Olasagasti Uranga <mikel@olasagasti.info>
2022-06-20 15:47:23 +02:00
Piotr Tabor
88cd0fe695 Refresh minor dependencies.
Signed-off-by: Piotr Tabor <ptab@google.com>
2022-06-17 10:23:03 +02:00
Piotr Tabor
e7a84b69c8 Update zap to 1.21.
Signed-off-by: Piotr Tabor <ptab@google.com>
2022-06-17 10:05:25 +02:00
Piotr Tabor
17c1dcd614 Update grpc to 1.47 and go-cmp to 0.5.8.
Signed-off-by: Piotr Tabor <ptab@google.com>
2022-06-17 08:57:22 +02:00
Marek Siarkowicz
d6368a20cf etcdctl: Remove V2 API commands 2022-04-24 12:08:42 +02:00
ahrtr
0dae4b3b1e rollback the opentelemetry bumpping to recover the pipeline failures 2022-04-14 16:13:28 +08:00
Will Beason
eab1e0c5d5 go.mod: upgrade opentelemetry deps
Downstream users of etcd experience build issues when using dependencies
which require more recent (incompatible) versions of opentelemetry. This
commit upgrades the dependencies so that downstream users stop
experiencing these issues.
2022-04-13 07:14:10 -07:00
Marek Siarkowicz
1bb59adb1e *: update golang.org/x/crypto 2022-04-08 16:27:52 +02:00
Manuel Rüger
f0f77fc14e go.mod: Bump prometheus/client_golang to v1.12.1
Signed-off-by: Manuel Rüger <manuel@rueg.eu>
2022-04-06 19:03:24 +02:00
Kay Yan
afecd3139c fix the api dependency in pkg, and update cobra to 1.4.0
Signed-off-by: Kay Yan <kay.yan@daocloud.io>
2022-03-25 17:18:56 +08:00
ahrtr
49e9a14580 migrate unit test to cover the logic of converting ConfigSpec to Config 2022-03-24 07:24:22 +08:00
ahrtr
3780435831 added unit test for newClientCfg 2022-03-22 19:07:40 +08:00
Marek Siarkowicz
fb55910500 version: bump up to 3.6.0-alpha.0 2022-02-28 13:20:27 +01:00
Piotr Tabor
1237b3576c
Merge pull request #13487 from mrueg/go-1.17.3
*: Bump to go 1.17.6
2022-01-15 17:01:17 +01:00
Manuel Rüger
cf7e8b3535 go.mod: Bump golang.org/x/net dependency; regenerate go.sum
Bumps golang.org/x/net dependency due to fix CVE-2021-44716
as requested in https://github.com/etcd-io/etcd/pull/13487#issuecomment-997065540

Signed-off-by: Manuel Rüger <manuel@rueg.eu>
2022-01-12 03:00:08 +01:00
Your Name
77bf0a5a9e update cobra version to 1.2.1
Signed-off-by: yankay <kay.yan@daocloud.io>
2021-12-29 17:35:25 +08:00
Kushal Pisavadia
71493bde3e *: Upgrade to use go.opentelemetry.io/otel@v1.2.0
Upgrading from v1.0.1.

Upgrading related dependencies
------------------------------

The following dependencies also had to be upgraded:

- go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.26.1
  From v0.25.0. This gets rid of a transitive dependency on go.opentelemetry.io/otel@v1.0.1.
- google.golang.org/genproto@v0.0.0-20211118181313-81c1377c94b1
2021-11-24 16:03:33 +00:00
Chao Chen
b5e4c2d3c4 client/v2: remove unsafe json-iterator/reflect2 2021-11-09 11:16:40 -08:00
Lili Cosic
e6e279a14d *: Bump go to go v1.17.2 2021-10-27 13:44:54 +02:00
Vladimir Ermakov
49a8aa7f49
run fix.sh
To fix dependencies.

Signed-off-by: Vladimir Ermakov <vooon341@gmail.com>
2021-10-13 14:08:27 +03:00
Lili Cosic
df696a7e76 go.mod: Bump etcd to 3.5.0 2021-06-22 12:25:39 +02:00
Piotr Tabor
404efd70f7 Upgrade of prometheous deps.
For now we need to depend on unstable: prometheus/client_golang
2021-06-03 16:07:01 +02:00
Piotr Tabor
edcfe575cf Update dependencies:
- github.com/coreos/go-systemd/v22 v22.3.2
  - github.com/google/btree v1.0.1
  - github.com/json-iterator/go v1.1.11
  - github.com/mattn/go-runewidth v0.0.13
  - github.com/prometheus/client_golang v1.10.0
  - github.com/prometheus/common v0.26.0
  - github.com/sirupsen/logrus v1.8.1
2021-06-03 13:03:01 +02:00
Piotr Tabor
90cea7d4e7 Update zap to v1.17.0. 2021-06-03 12:37:43 +02:00
Piotr Tabor
c09aca1ba4 Split etcdctl into etcdctl (public API access) & etcdutl (direct surgery on files)
Motivation is as follows:

  - etcdctl we only depend on clientv3 APIs, no dependencies of bolt, backend, mvcc, file-layout
  - etcdctl can be officially supported across wide range of versions, while etcdutl is pretty specific to file format at particular version.
it's step towards desired modules layout, documented in: https://etcd.io/docs/next/dev-internal/modules/
2021-05-17 11:54:03 +02:00
Piotr Tabor
00c6090110 Refactor common code from etcdctl (v2,v3) to pkg/corbautl.
Preparation for etcdutl split.
2021-05-14 14:16:53 +02:00
Lili Cosic
1a718a958e Add initial Tracing with OpenTelemetry 2021-05-10 10:44:40 +02:00
wpedrak
927b3a3152 server: replace mlockall with Mlock in --experimental-memory-mlock
Implementation of `--experimental-memory-mlock` backed by `mlockall` syscall is replaced by `Mlock` flag (backed by mlock syscall) of bboltDB.
2021-04-29 12:08:20 +02:00
Piotr Tabor
3423a949c0 Update go for 3.5: 1.15 -> 1.16.(3).
https://github.com/etcd-io/etcd/issues/12732
2021-04-19 16:50:54 +02:00
Piotr Tabor
eafbc8c57e Update zap logging dependency.
In particular bring up zapgrpc V2 code:
89e382035d
https://pkg.go.dev/google.golang.org/grpc/grpclog#LoggerV2
2021-04-14 12:15:48 +02:00
Piotr Tabor
3bb7acc8cf Migrate dependencies pkg/foo -> client/pkg/foo 2021-04-07 00:38:47 +02:00
Piotr Tabor
f290ab2e60 Update dependecies:
github.com/grpc-ecosystem/grpc-gateway v1.14.6 -> grpc-gateway v1.16.0
  golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e->v0.0.0-20210220033141-f8bda1e9f3ba
2021-03-27 20:48:33 +01:00
Piotr Tabor
a60676686b Update dep: grpc: 1.32.0 -> 1.36.0. 2021-03-24 22:27:55 +01:00
Sam Batschelet
d3aa3fb486 vendor: bump gogo/proto to v1.3.2
Signed-off-by: Sam Batschelet <sbatsche@redhat.com>
2021-03-11 11:27:25 -05:00