Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[v14] Fixes crash when writing kubeconfig with tctl auth sign --tar #34874

Merged
merged 2 commits into from Dec 5, 2023
Merged

[v14] Fixes crash when writing kubeconfig with tctl auth sign --tar #34874

merged 2 commits into from Dec 5, 2023

Conversation

tcsc
Copy link
Contributor

@tcsc tcsc commented Nov 22, 2023

Backports #34612

Prior this patch, using the --format=kubernetes option with
tctl auth sign --tar would crash due to the filesystem abstraction
used to capture the tctl output files did not support removing or
stating files.

In addition, the kubeconfig file writer did not use the filesystem
abstraction given to the identity file writer, but would only write
files out to the host filesystem. This means that any kubeconfig
file oututs would not be included in the output tarfile stream.

This patch:

  • Updates the tarfile filesystem abstraction to buffer files created
    by tctl until the write is complete, and then stream the archive
    out at the end. This gives sensible semabtics to the remove and
    stat operations.
  • Updates the kubeconfig writer to take a filesystem abstraction
    compatible with the one used by the identity file writer, so that
    the kubeconfg file output is correctly caught by the tarfile writer.

Fixes: #34371
Changelog: Fixes crash when writing kubeconfig with tctl auth sign --tar

@tcsc
[v14] Fixes crash when writing kubeconfig with tctl auth sign --tar
1341248 
Backports #34612

Prior this patch, using the `--format=kubernetes` option with
`tctl auth sign --tar` would crash due to the filesystem abstraction
used to capture the `tctl` output files did not support removing or
`stat`ing files.

In addition, the kubeconfig file writer did not use the filesystem
abstraction given to the identity file writer, but would only write
files out to the host filesystem. This means that any kubeconfig
file oututs would not be included in the output tarfile stream.

This patch:
 * Updates the tarfile filesystem abstraction to buffer files created
   by `tctl` until the write is complete, and then stream the archive
   out at the end. This gives sensible semabtics to the remove and
   stat operations.
 * Updates the kubeconfig writer to take a filesystem abstraction
   compatible with the one used by the identity file writer, so that
   the kubeconfg file output is correctly caught by the tarfile writer.

Fixes: #34371
Changelog: Fixes crash when writing kubeconfig with `tctl auth sign --tar`

* Fix backport test detritus
@tcsc tcsc added the backport label Nov 22, 2023
@public-teleport-github-review-bot public-teleport-github-review-bot bot removed the request for review from r0mant December 5, 2023 13:13
@tcsc tcsc enabled auto-merge December 5, 2023 13:16
@tcsc tcsc added this pull request to the merge queue Dec 5, 2023
Merged via the queue into branch/v14 with commit 8e9cbea Dec 5, 2023
25 checks passed
@tcsc tcsc deleted the tcsc/branch/v14/tar-writer-support-remove branch December 5, 2023 13:47
@BrewTestBot BrewTestBot mentioned this pull request Dec 8, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lxea lxea lxea approved these changes

@strideynet strideynet strideynet approved these changes

@hugoShaka hugoShaka hugoShaka approved these changes

Assignees
No one assigned
Labels
backport kubernetes-access machine-id size/md tctl tctl - Teleport admin tool
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@tcsc @lxea @strideynet @hugoShaka