3e0f0ba40e
Merge pull request #10401 from markmc/doc-drop-etcdctl-v3-flag
...
Eliminate some ETCDCTL_API=3 usage
2019-02-01 11:25:55 -08:00
6070db22ed
Merge pull request #10424 from hexfusion/fx_genproto
...
*: bump protoc to 3.6.1 and fix genproto.sh
2019-01-30 12:53:39 -05:00
46e23b233c
vendor: update boltdb and grpc middleware version
2019-01-30 06:21:57 -05:00
329be66e8b
Merge pull request #10343 from mitake/proxy-cn
...
*: let grpcproxy rise an error when its cert has non empty CN
2019-01-26 01:53:12 +09:00
a1f964afd3
tests: add a new e2e test case for the combination of non empty CN and grpc proxy
2019-01-25 00:43:57 +09:00
b1afe210e4
Documentation: describe the problem of CN based auth + grpcproxy
2019-01-25 00:43:57 +09:00
65887ae1b4
pkg, clientv3, etcdmain: let grpcproxy rise an error when its cert has non empty CN
...
Fix https://github.com/etcd-io/etcd/issues/9521
2019-01-25 00:43:57 +09:00
fa521f4e00
Merge pull request #10392 from mitake/cn-gateway
...
*: grpc gateway and CN based auth
2019-01-24 09:08:04 +09:00
de8e29e71c
Merge pull request #10423 from markmc/prober-http-status
...
prober: check response http status code
2019-01-22 11:19:15 -08:00
69e2faec00
tests: update TestV3CurlAuthClientTLSCertAuth for using cert with empty CN
2019-01-23 03:26:34 +09:00
11fb62ecb4
embed: requests for grpc gateway must have empty CN if --client-cert-auth is passed
...
This commit lets grpc gateway return a correct error to clients.
Even if a client has a cert with non empty CN, current gateway returns
an error like below:
```
$ curl --cacert ./integration/fixtures/ca.crt --cert ./integration/fixtures/server.crt --key ./integration/fixtures/server.key.insecure https://localhost:2379/v3/kv/put -X POST -d '{"key": "fromcurl", "value": "test"}'
{"error":"etcdserver: user name is empty","code":3}
```
This is because etcd ignores CN from gateway connection.
The error will be like this:
```
$ curl --cacert ./integration/fixtures/ca.crt --cert ./integration/fixtures/server.crt --key ./integration/fixtures/server.key.insecure https://localhost:2379/v3/kv/put -X POST -d '{"key": "fromcurl", "value": "test"}'
CommonName of client sending a request against gateway will be ignored and not used as expected
```
The error will be returned if the server is enabling auth and gRPC
gateway.
2019-01-23 03:26:34 +09:00
72dd4a18c5
*: add a new option --enable-grpc-gateway for enabling/disabling grpc gateway
2019-01-23 03:26:34 +09:00
cbdb36295e
Documentation: regenerate proto
...
Signed-off-by: Sam Batschelet <sbatsche@redhat.com>
2019-01-22 16:57:07 +00:00
a011b2c4c4
scripts: disable go mod and bump protoc to 3.6.1
...
Signed-off-by: Sam Batschelet <sbatsche@redhat.com>
2019-01-22 16:55:01 +00:00
627660e94e
prober: check response http status code
...
Updated vendored probing module to 0.0.2.
Fixes #10404
2019-01-22 16:21:23 +00:00
ea0cf681c7
OWNERS: add hexfusion as approver and remove joelegasse
...
Signed-off-by: Sam Batschelet <sbatsche@redhat.com>
2019-01-21 10:52:34 -05:00
25068dfc1e
Merge pull request #10244 from paskal/master
...
Sync prometheus alerting rules with prometheus-operator version
2019-01-20 21:07:32 -08:00
2a1f271f91
Merge pull request #10419 from WIZARD-CXY/fixdeadlock
...
bugfix:dead lock on store.mu when store.Compact in store.Restore happens
2019-01-20 19:29:22 -08:00
6e8913b004
bugfix:dead lock on store.mu when store.Compact in store.Restore happens
2019-01-21 10:46:58 +08:00
69ed707fab
CONTRIBUTING: clarify commit message style
...
Signed-off-by: Sam Batschelet <sbatsche@redhat.com>
2019-01-18 13:00:24 -05:00
fcc29894c2
config: multiple logging fixes
...
First, don't panic with invalid --log-outputs. For example:
$> ./bin/etcd --log-outputs foo
2018-12-20 15:05:47.988652 C | embed: unknown log-output "foo" (only supports "default", "stderr", "stdout")
panic: unknown log-output "foo" (only supports "default", "stderr", "stdout")
goroutine 1 [running]:
go.etcd.io/etcd/vendor/github.com/coreos/pkg/capnslog.(*PackageLogger).Panicf(0xc000294b00, 0x10fe067, 0x30, 0xc0001fa398, 0x4, 0x4)
go.etcd.io/etcd/vendor/github.com/coreos/pkg/capnslog/pkg_logger.go:75 +0x161
go.etcd.io/etcd/embed.(*Config).setupLogging(0xc000291400, 0xc0002a85b0, 0x1)
go.etcd.io/etcd/embed/config_logging.go:120 +0x1939
...
Or:
$> ./bin/etcd --log-outputs foo,default --logger zap
panic: multi logoutput for "default" is not supported yet
goroutine 1 [running]:
go.etcd.io/etcd/embed.(*Config).setupLogging(0xc000314500, 0xc0001b2f70, 0x1)
go.etcd.io/etcd/embed/config_logging.go:129 +0x2437
go.etcd.io/etcd/embed.(*Config).Validate(0xc000314500, 0xc000268a98, 0x127e440)
go.etcd.io/etcd/embed/config.go:543 +0x43
Second, don't exit in embed.setupLogging(). Before:
$> ./bin/etcd --log-outputs foo,bar
--logger=capnslog supports only 1 value in '--log-outputs', got ["bar" "foo"]
and after:
$> ./bin/etcd --log-outputs foo,bar
2018-12-20 15:10:24.317982 E | etcdmain: error verifying flags, --logger=capnslog supports only 1 value in '--log-outputs', got ["bar" "foo"]. See 'etcd --help'.
Third, remove duplicated unique strings code. UniqueStringsFromFlag()
is already available to return a sorted slice of values, so just use
that.
Lastly, fix a tiny logging typo in config.
2019-01-17 15:09:26 -05:00
cbfe0b4b79
Merge pull request #10409 from nolouch/add-logger
...
embed: add zap logger builder
2019-01-17 11:21:52 -08:00
a00bff7848
Merge pull request #10402 from markmc/interactive-watch-panic
...
etcdctl: fix interactive mode panic
2019-01-16 11:40:34 +08:00
ac090fe326
embed: add zap logger builder
...
Signed-off-by: nolouch <nolouch@gmail.com>
2019-01-15 23:22:04 +08:00
e53324db3b
scripts/release: stop using ETCDCTL_API=3
...
Note: v3 has been the default since 25bc65794
2019-01-14 14:46:16 +00:00
4d45a9ca43
build: stop using ETCDCTL_API=3
...
Note: v3 has been the default since 25bc65794
2019-01-14 14:46:16 +00:00
0427f46f17
doc: don't set ETCDCTL_API=3 in local_cluster guide
...
These docs are incorrectly saying that v2 is the default.
Note: v3 has been the default since 25bc65794
2019-01-14 14:46:16 +00:00
034312eac5
doc: fix note that says ETCDCTL_API=2 is the default
...
Note: v3 has been the default since 25bc65794
2019-01-14 14:46:03 +00:00
36d7acf330
etcdctl: fix interactive mode panic
...
Don't panic if command is given in interactive mode, give a nice error
message instead.
Before:
$ ./bin/etcdctl watch -i
<hit return>
panic: runtime error: index out of range
goroutine 1 [running]:
etcdctl/ctlv3/command.watchInteractiveFunc(...)
etcd/etcdctl/ctlv3/command/watch_command.go:104 ...
After:
$ ./bin/etcdctl watch -i
<hit return>
Invalid command: (watch and progress supported)
foo
Invalid command foo (only support watch)
2019-01-14 13:01:37 +00:00
071a0157e0
etcdctl: fix README to not suggest v2 is default
...
Note: v3 has been the default since 25bc65794
2019-01-14 12:38:37 +00:00
39ef3901ef
README: stop using ETCDCTL_API=3
...
Note: v3 has been the default since 25bc65794
2019-01-14 12:38:37 +00:00
b398947cf9
doc: don't use ETCDCTL_API=3 in dl_build
...
In the spirit of keeping newb instructions simple, do not specify
ETCDCTL_API=3 since it is redundant.
Note: v3 has been the default since 25bc65794
2019-01-14 12:38:24 +00:00
1eee465a43
CHANGELOG: revert discovery-srv-name feature from 3.3.11
...
Signed-off-by: Sam Batschelet <sbatsche@redhat.com>
2019-01-11 13:12:16 -05:00
a26fa9fe1f
CHANGELOG: add "disable CommonName authentication for gRPC-gateway" PR
...
Signed-off-by: Sam Batschelet <sbatsche@redhat.com>
2019-01-11 13:00:14 -05:00
1eec48083b
CHANGELOG: bump version and release date
...
Signed-off-by: Sam Batschelet <sbatsche@redhat.com>
2019-01-11 12:59:19 -05:00
fae6e92407
Merge pull request #10390 from johncming/missing-err
...
tests/e2e: add missing return error.
2019-01-09 14:41:48 -08:00
2063b358c8
Merge pull request #10218 from mailgun/maxim/develop
...
Remove infinite loop in doSerialize
2019-01-09 10:38:25 -08:00
fffb982f1a
tests/e2e: add missing return error.
2019-01-09 13:47:09 +08:00
1e42503bea
Merge pull request #10379 from johncming/app-resp
...
etcdserver: add a test to verify number of MsgAppResp sent is correct.
2019-01-08 18:55:30 -08:00
e8f46ce341
etcdserver: add a test to verify not to send duplicated append responses
2019-01-09 10:37:43 +08:00
577d7c0df2
e2e: update test to reflect (ST1005) update.
...
Signed-off-by: Sam Batschelet <sbatsche@redhat.com>
2019-01-08 21:04:20 -05:00
a82703b69e
*: error strings should not end with punctuation or a newline (ST1005)
...
Signed-off-by: Sam Batschelet <sbatsche@redhat.com>
2019-01-08 21:04:20 -05:00
6511829d1f
Merge pull request #10374 from johncming/deprecated
...
api/rafthttp: remove deprecated req.Cancel.
2019-01-08 14:33:25 -08:00
1e15c7434e
vendor: cleanup and revendor deps
...
Signed-off-by: Sam Batschelet <sbatsche@redhat.com>
2019-01-08 16:49:51 -05:00
2001786f02
*: Use -n instead of ! -z. [SC2236]
...
Signed-off-by: Sam Batschelet <sbatsche@redhat.com>
2019-01-08 13:45:40 -05:00
442c863413
Merge pull request #10377 from johncming/cancel-pos
...
api/v2auth: remove defer in loop.
2019-01-08 09:43:06 -08:00
21e0d3e527
Merge pull request #10359 from rkday/install-instructions
...
docs: install etcdctl with `go get` as well
2019-01-08 09:42:11 -08:00
83c051b701
CHANGELOG: add "disable CommonName authentication for gRPC-gateway" PR
...
Signed-off-by: Sam Batschelet <sbatsche@redhat.com>
2019-01-08 12:31:20 -05:00
99704e2a97
e2e: add ClientTLSCertAuth coverage for curl v3 auth tests
...
Signed-off-by: Sam Batschelet <sbatsche@redhat.com>
2019-01-08 12:31:20 -05:00
a9a9466fb8
Documentation: document gRPC-gateway CN authentication support
...
Signed-off-by: Sam Batschelet <sbatsche@redhat.com>
2019-01-08 12:31:20 -05:00
Gyuho Lee