Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
15,975 Commits 15 Branches 491 Tags 148 MiB
Commit Graph

15975 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Benjamin Wang
8aace73c77 3.4: remove the dependency on busybox 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-23 18:43:44 +08:00
Benjamin Wang
c8b7831967 bump version to 3.4.23 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
v3.4.23 		2022-12-21 14:11:16 +08:00
Benjamin Wang
8119eb3951
Merge pull request #15019 from ahrtr/deps_3.4_20221219 
[3.4] Security: address HIGH Vulnerabilities
 2022-12-19 19:33:56 +08:00
Benjamin Wang
5413ce46dc bump go version to 1.17.3 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-19 18:34:04 +08:00
Benjamin Wang
86479c5ba9 deps: bump golang.org/x/net to v0.4.0 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-19 17:43:43 +08:00
Benjamin Wang
68a55439e1 deps: bump golang.org/x/net to 0.0.0-20220906165146-f3363e06e74c to address CVE CVE-2021-44716 and CVE-2022-27664 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-19 16:34:06 +08:00
Benjamin Wang
40566d943a deps: bump github.com/prometheus/client_golang to 1.11.1 to address CVE CVE-2022-21698 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-19 16:32:23 +08:00
Benjamin Wang
fcb048dd67 deps: bump github.com/gogo/protobuf to 1.3.2 to address CVE CVE-2021-3121 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-19 16:30:53 +08:00
Benjamin Wang
f318a39998
Merge pull request #15017 from ahrtr/use_distroless_3.4_20221219 
[3.4] Security: use distroless base image to address critical Vulnerabilities
 2022-12-19 16:23:30 +08:00
Benjamin Wang
c1bec6bd97 security: use distroless base image to address critical Vulnerabilities 
Command:
trivy image --severity CRITICAL gcr.io/etcd-development/etcd:v3.4.22  -f json -o 3.4.22_image_critical.json

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-19 08:04:47 +08:00
Benjamin Wang
9d37e7626a
Merge pull request #15011 from MukulKolpe/specify_branch_release-3.4 
fix: specify the branch name of release-3.4 in the workflow
 2022-12-17 18:09:47 +08:00
Mukul Kolpe
fb07cf843a fix: specify the branch name of release-3.4 in the workflow 
Signed-off-by: Mukul Kolpe <mukulkolpe45@gmail.com>
 2022-12-17 14:40:24 +05:30
Benjamin Wang
e03c62d5e7
Merge pull request #15007 from ArkaSaha30/trivy-release-3-4 
Add trivy nightly scan for `release-3.4`
 2022-12-16 13:59:40 +08:00
ArkaSaha30
7450bcfc49
Add trivy nightly scan for release-3.4 
Signed-off-by: ArkaSaha30 <arkasaha30@gmail.com>
 2022-12-16 11:06:58 +05:30
Benjamin Wang
593711848e
Merge pull request #14900 from ahrtr/fix_readyonly_txn_panic_3.4_20221206 
[3.4] etcdserver: fix nil pointer panic for readonly txn
 2022-12-06 19:25:12 +08:00
Benjamin Wang
acca4fa93e etcdserver: fix nil pointer panic for readonly txn 
Backporting https://github.com/etcd-io/etcd/pull/14895

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-06 18:09:47 +08:00
Benjamin Wang
c619e2705e
Merge pull request #14853 from ahrtr/remove_memberid_alarm_3.4_20221125 
[3.4] etcdserver: intentionally set the memberID as 0 in corruption alarm
 2022-11-25 17:01:02 +08:00
Benjamin Wang
2f4f7328d0 etcdserver: intentionally set the memberID as 0 in corruption alarm 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-11-25 15:58:23 +08:00
Benjamin Wang
f4bf538781
Merge pull request #14792 from ahrtr/auth_3.4_20221117 
[3.4] clientv3: do not refresh token when users use CommonName based authentication
 2022-11-17 18:08:11 +08:00
Benjamin Wang
90585e03a0 test: add test case to cover the CommonName based authentication 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-11-17 09:12:13 +08:00
Benjamin Wang
8b4405b276 test: add certificate with root CommonName 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-11-17 08:34:59 +08:00
Benjamin Wang
8ca42a7ae4 clientv3: do not refresh token when using TLS CommonName based authentication 
When users use the TLS CommonName based authentication, the
authTokenBundle is always nil. But it's possible for the clients
to get `rpctypes.ErrAuthOldRevision` response when the clients
concurrently modify auth data (e.g, addUser, deleteUser etc.).
In this case, there is no need to refresh the token; instead the
clients just need to retry the operations (e.g. Put, Delete etc).

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-11-17 08:32:35 +08:00
Benjamin Wang
1f054980bc Bump version to 3.4.22 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
v3.4.22 		2022-11-02 08:08:33 +08:00
Benjamin Wang
c9cf4db813
Merge pull request #14675 from cenkalti/release-3.4 
server: add more context to panic message
 2022-11-02 07:56:50 +08:00
Cenk Alti
7a4a3ad8db
server: add more context to panic message 
Signed-off-by: Cenk Alti <cenkalti@gmail.com>
 2022-11-01 18:59:17 -04:00
Benjamin Wang
7c1499d3bb
Merge pull request #14649 from mitake/test-authrecover-3.4 
[3.4] server: add a unit test case for authStore.Reocver() with empty rangePermCache
 2022-10-29 13:11:36 +08:00
Hitoshi Mitake
b7a23311e6 etcdserver: call refreshRangePermCache on Recover() in AuthStore 
Signed-off-by: Oleg Guba <oleg@dropbox.com>
Signed-off-by: Hitoshi Mitake <h.mitake@gmail.com>
 2022-10-29 13:55:06 +09:00
Hitoshi Mitake
0b3ff06868 server: add a unit test case for authStore.Reocver() with empty rangePermCache 
Signed-off-by: Hitoshi Mitake <h.mitake@gmail.com>
 2022-10-29 13:27:53 +09:00
Benjamin Wang
ce1630f68f
Merge pull request #14601 from dusk125/release-3.4 
Backport #14500 to 3.4
 2022-10-27 14:21:22 +08:00
Allen Ray
9254f8f05b Release-3.4: server/etcdmain: add configurable cipher list to gRPC proxy listener 
Signed-off-by: Allen Ray <alray@redhat.com>
 2022-10-19 16:02:13 -04:00
Benjamin Wang
b058374fbd
Merge pull request #14594 from ZoeShaw101/fix-watch-test-issue-3.4 
Backport #14591 to 3.4.
 2022-10-17 05:25:50 +08:00
王霄霄
dcebdf7958 Backport #14591 to 3.4. 
Signed-off-by: 王霄霄 1141195807@qq.com
Signed-off-by: 王霄霄 <1141195807@qq.com>
 2022-10-16 21:18:53 +08:00
Benjamin Wang
5b764d8771
Merge pull request #14581 from tomari/tomari/watch-backoff-for-3.4 
[3.4] client/v3: Add backoff before retry when watch stream returns unavailable
 2022-10-13 07:23:02 +08:00
Hisanobu Tomari
7b7fbbf8b8 client/v3: Add backoff before retry when watch stream returns unavailable 
The client retries connection without backoff when the server is gone
after the watch stream is established. This results in high CPU usage
in the client process. This change introduces backoff when the stream is
failed and unavailable.

Signed-off-by: Hisanobu Tomari <posco.grubb@gmail.com>
 2022-10-13 05:26:31 +09:00
Sahdev Zala
429fcb98ab
Merge pull request #14579 from ahrtr/wal_log_3.4 
[3.4] etcdserver: added more debug log for the purgeFile goroutine
 2022-10-12 11:34:33 -04:00
Benjamin Wang
1d7639f796 etcdserver: added more debug log for the purgeFile goroutine 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-10-12 19:39:20 +08:00
Benjamin Wang
5b3ac7da6b
Merge pull request #14577 from pchan/acp3.4 
Cherry pick of #13224
 2022-10-12 17:58:26 +08:00
Sergey Kacheev
5381dafaae netutil: make a raw URL comparison part of the urlsEqual function 
Signed-off-by: Prasad Chandrasekaran <prasadc@vmware.com>
 2022-10-12 15:07:46 +05:30
Sergey Kacheev
90e7e254ae Apply suggestions from code review 
Co-authored-by: Lili Cosic <cosiclili@gmail.com>
Signed-off-by: Prasad Chandrasekaran <prasadc@vmware.com>
 2022-10-12 15:07:46 +05:30
Sergey Kacheev
abb019a51e netutil: add url comparison without resolver to URLStringsEqual 
If one of the nodes in the cluster has lost a dns record,
restarting the second node will break it.
This PR makes an attempt to add a comparison without using a resolver,
which allows to protect cluster from dns errors and does not break
the current logic of comparing urls in the URLStringsEqual function.
You can read more in the issue #7798

Fixes #7798

Signed-off-by: Prasad Chandrasekaran <prasadc@vmware.com>
 2022-10-12 15:07:46 +05:30
Hitoshi Mitake
57a27de189
Merge pull request #14562 from kafuu-chino/3.4-backport-14296 
*: avoid closing a watch with ID 0 incorrectly
 2022-10-10 22:48:53 +09:00
Kafuu Chino
ed10ca13f4 *: avoid closing a watch with ID 0 incorrectly 
Signed-off-by: Kafuu Chino <KafuuChinoQ@gmail.com>

add test

1

1

1
 2022-10-10 19:54:58 +08:00
Benjamin Wang
de11726a8a
Merge pull request #14548 from mitake/3.4-backport-14322 
Backport PR 14322 to release-3.4
 2022-10-05 05:50:43 +08:00
Hitoshi Mitake
91365174b3 tests: a test case for watch with auth token expiration 
Signed-off-by: Hitoshi Mitake <h.mitake@gmail.com>
 2022-10-04 22:55:36 +09:00
Hitoshi Mitake
0c6e466024 *: handle auth invalid token and old revision errors in watch 
Signed-off-by: Hitoshi Mitake <h.mitake@gmail.com>
 2022-10-04 22:49:06 +09:00
Marek Siarkowicz
d0a732f96d
Merge pull request #14530 from ahrtr/memberid_alarm 
etcdserver: fix memberID equals to zero in corruption alarm
 2022-09-28 09:30:10 +02:00
Benjamin Wang
29911e9a5b etcdserver: fix memberID equals to zero in corruption alarm 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-09-28 11:01:26 +08:00
Benjamin Wang
85b640cee7 Bump version to 3.4.21 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
v3.4.21 		2022-09-15 08:46:22 +08:00
Marek Siarkowicz
1a05326fae
Merge pull request #14442 from ahrtr/fix_TestV3AuthRestartMember 
[release-3.4] Fix the flaky test TestV3AuthRestartMember
 2022-09-09 09:57:24 +02:00
Benjamin Wang
b8bea91f22 fix the flaky test TestV3AuthRestartMember 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-09-09 09:37:25 +08:00