Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OCPBUGS-24939: Rebase etcd 3.5.11 openshift 4.14 #235

Merged
merged 31 commits into from Jan 9, 2024
Merged

OCPBUGS-24939: Rebase etcd 3.5.11 openshift 4.14 #235

merged 31 commits into from Jan 9, 2024

Conversation

Elbehery
Copy link

@Elbehery Elbehery commented Dec 10, 2023
edited

This PR rebases etcd 3.5.11 into openshift-4.14.

This PR has been created by this workflow

  • git rebase --rebase-merges --fork-point v3.5.10 v3.5.11 ( rebasing the changes from upstream 3.5.10 --> 3.5.11 )
  • git cherry-pick -m 1 c89a29056e881a1862dda376fc3ba5002121f289 to cherrypick the downstream changes (commit)

After rebasing, running make locally produce

SUCCESS: etcd_build (GOARCH=amd64)
./bin/etcd --version
etcd Version: 3.5.11
Git SHA: 51dffdbd4
Go Version: go1.21.1
Go OS/Arch: darwin/amd64
./bin/etcdctl version
etcdctl version: 3.5.11
API version: 3.5
./bin/etcdutl version
etcdutl version: 3.5.11
API version: 3.5

Note: commit has been skipped as all it sub-commits exist in upstream v3.5.11.

cc @hasbro17 @dusk125 @tjungblu @soltysh @deads2k

arjunmalhotra1 and others added 30 commits November 12, 2023 17:45
@arjunmalhotra1
etcd: upgrade go version from 1.20.10 to 1.20.11
e1aa1b9 
To keep etcd projects up to date with the latest patch releases &
incorporate the latest security updates.

Signed-off-by: arjunmalhotra1 <am2cj@virginia.edu>
@ahrtr
Merge pull request etcd-io#16915 from arjunmalhotra1/release-3.5
a0cb92e 
[3.5] etcd: upgrade go version from 1.20.10 to 1.20.11
@ivanvc
github workflow: run arm64 tests on every push
f9f38bc 
Use a template to consolidate arm64 and amd64 test workflows. Enable
running armd64 tests on every push and pull request.

Signed-off-by: Ivan Valdes <ivan@vald.es>
CVE-2023-47108: Backport go.opentelemetry.io/otel@v1.20.0 and go.open…
f26074a 
…telemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.46.0

Signed-off-by: sharath sivakumar <sharath.sivakumar@mollie.com>
upgrade github.com/stretchr/testify,google.golang.org/genproto/google…
7f7b915 
…apis/api,google.golang.org/grpc to make it consistent

Signed-off-by: sharath sivakumar <sharath.sivakumar@mollie.com>
@ahrtr
Merge pull request etcd-io#16946 from sharathsivakumar/release-3.5
a733d92 
[3.5] CVE-2023-47108: Backport go.opentelemetry.io/otel@v1.20.0 and go.open…
@ahrtr
Merge pull request etcd-io#16921 from ivanvc/enable-arm64-builds-for-…
0b46d43 
…every-push-and-pr-in-release-3.5

github workflow: run arm64 tests on every push
@jmhbnz
Backport server: Add sampling rate to distributed tracing.
3a54851 
ExperimentalDistributedTracingSamplingRatePerMillion is the
number of samples to collect per million spans.
Defaults to 0.

Signed-off-by: James Blair <mail@jamesblair.net>
@jmhbnz
Backport server: Have tracingExporter own resources it initialises.
5a564d5 
Signed-off-by: James Blair <mail@jamesblair.net>
@jmhbnz
Backport embed: Add tracing integration test.
f952197 
Signed-off-by: James Blair <mail@jamesblair.net>
@serathius
Merge pull request etcd-io#16951 from jmhbnz/fix-distributed-tracing
0e64a6d 
[3.5] Backport add sampling rate to fix distributed tracing
@jmhbnz
Backport server: Don't follow redirects when checking peer urls.
9e21048 
It's possible that etcd server may run into SSRF situation when adding a new member. If users provide a malicious peer URL, the existing etcd members may be redirected to other unexpected internal URL when getting the new member's version.

Signed-off-by: James Blair <mail@jamesblair.net>
@serathius @siyuanfoundation
server: Use named struct initialization in healthcheck test
c6784a7 
Signed-off-by: Siyuan Zhang <sizhang@google.com>
@serathius @siyuanfoundation
server: Rename test case expect fields
2f6c84e 
Signed-off-by: Siyuan Zhang <sizhang@google.com>
@serathius @siyuanfoundation
server: Run health check tests in subtests
eed94f6 
Signed-off-by: Siyuan Zhang <sizhang@google.com>
@serathius @siyuanfoundation
server: Refactor health checks
9db8ddb 
Signed-off-by: Siyuan Zhang <sizhang@google.com>
@serathius @siyuanfoundation
server: Cover V3 health with tests
8ab1c0f 
Signed-off-by: Siyuan Zhang <sizhang@google.com>
@serathius @siyuanfoundation
server: Split metrics and health code
46e3942 
Signed-off-by: Siyuan Zhang <sizhang@google.com>
@serathius
Merge pull request etcd-io#17000 from siyuanfoundation/livez-bp-3.5-s…
d4e8610 
…tep1

[3.5] Backport healthcheck code cleanup
@chaochn47 @siyuanfoundation
http health check bug fixes
2b54660 
Signed-off-by: Chao Chen <chaochn@amazon.com>
@siyuanfoundation
etcdserver: add livez and ready http endpoints for etcd.
f5d7f99 
Add two separate probes, one for liveness and one for readiness. The liveness probe would check that the local individual node is up and running, or else restart the node, while the readiness probe would check that the cluster is ready to serve traffic. This would make etcd health-check fully Kubernetes API complient.

Signed-off-by: Siyuan Zhang <sizhang@google.com>
@siyuanfoundation
etcdserver: add metric counters for livez/readyz health checks.
293fc21 
Signed-off-by: Siyuan Zhang <sizhang@google.com>
@serathius
Merge pull request etcd-io#17024 from jmhbnz/backport-ssrf-fix
ce4ae2b 
[3.5] Backport disable following redirects when checking peer urls
@ivanvc
server: disable redirects in peer communication
98aa466 
Disable following redirects from peer HTTP communication on the client's side.
Etcd server may run into SSRF (Server-side request forgery) when adding a new
member. If users provide a malicious peer URL, the existing etcd members may be
redirected to another unexpected internal URL when getting the new member's
version.

Signed-off-by: Ivan Valdes <ivan@vald.es>
@ahrtr
Merge pull request etcd-io#17070 from ivanvc/release-3.5-backport-ssrf
7df2e90 
Backport disable redirects in peer communication to release-3.5
@jonasrdl
etcd: Update go version to 1.20.12
13bafdf 
Signed-off-by: Jonas Riedel <jonasriedel@pm.me>
@siyuanfoundation
etcdserver: add linearizable_read check to readyz.
ebb7e79 
Signed-off-by: Siyuan Zhang <sizhang@google.com>
@ahrtr
Merge pull request etcd-io#17077 from jonasrdl/release-3.5-update-to-…
33cf21c 
…go-1.20.12

[3.5] Update go version to 1.20.12
@serathius
Merge pull request etcd-io#17039 from siyuanfoundation/release-3.5-step2
6f125ce 
[3.5] Backport livez/readyz
@serathius
version: bump up to 3.5.11
3b252db
@Elbehery
Copy link
Author

/jira refresh

@openshift-ci-robot
Copy link

@Elbehery: This pull request references Jira Issue OCPBUGS-24939, which is invalid:

  • expected dependent Jira Issue OCPBUGS-24933 to be in one of the following states: VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA), but it is ASSIGNED instead
  • expected dependent Jira Issue OCPBUGS-24933 to target a version in 4.15.0, but it targets "4.15" instead

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@Elbehery
Copy link
Author

/jira refresh

@openshift-ci-robot
Copy link

@Elbehery: This pull request references Jira Issue OCPBUGS-24939, which is invalid:

  • expected dependent Jira Issue OCPBUGS-24933 to be in one of the following states: VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA), but it is ASSIGNED instead

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-merge-robot openshift-merge-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Dec 10, 2023
@Elbehery
Copy link
Author

/retest-required

@Elbehery
Copy link
Author

/payload 4.14 nightly informing

@Elbehery
Copy link
Author

/payload 4.14 nightly blocking

@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Dec 10, 2023

@Elbehery: trigger 8 job(s) of type blocking for the nightly release of OCP 4.14

  • periodic-ci-openshift-release-master-nightly-4.14-e2e-aws-ovn-serial
  • periodic-ci-openshift-release-master-ci-4.14-e2e-aws-ovn-upgrade
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-aws-sdn-upgrade
  • periodic-ci-openshift-release-master-ci-4.14-e2e-azure-ovn-upgrade
  • periodic-ci-openshift-release-master-ci-4.14-upgrade-from-stable-4.13-e2e-gcp-ovn-rt-upgrade
  • periodic-ci-openshift-hypershift-release-4.14-periodics-e2e-aws-ovn-conformance
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-metal-ipi-ovn-ipv6
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-metal-ipi-sdn-bm

See details on https://pr-payload-tests.ci.openshift.org/runs/ci/4c9f9da0-979e-11ee-8fea-cadaeab22b00-0

@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Dec 10, 2023

@Elbehery: trigger 64 job(s) of type informing for the nightly release of OCP 4.14

  • periodic-ci-openshift-release-master-nightly-4.14-e2e-agent-compact-ipv4
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-agent-ha-dualstack
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-agent-sno-ipv6
  • periodic-ci-openshift-release-master-nightly-4.14-console-aws
  • periodic-ci-openshift-cluster-control-plane-machine-set-operator-release-4.14-periodics-e2e-aws
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-aws-csi
  • periodic-ci-openshift-release-master-ci-4.14-e2e-aws-ovn
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-aws-ovn-fips
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-aws-ovn-single-node
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-aws-ovn-single-node-serial
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-aws-ovn-upgrade-rollback-oldest-supported
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-aws-sdn
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-aws-sdn-cgroupsv2
  • periodic-ci-openshift-release-master-ci-4.14-e2e-aws-sdn-techpreview
  • periodic-ci-openshift-release-master-ci-4.14-e2e-aws-sdn-techpreview-serial
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-aws-ovn-upi
  • periodic-ci-openshift-cluster-control-plane-machine-set-operator-release-4.14-periodics-e2e-azure
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-azure-csi
  • periodic-ci-openshift-release-master-ci-4.14-e2e-azure-ovn
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-azure-sdn
  • periodic-ci-openshift-release-master-ci-4.14-e2e-azure-sdn-techpreview
  • periodic-ci-openshift-release-master-ci-4.14-e2e-azure-sdn-techpreview-serial
  • periodic-ci-openshift-release-master-ci-4.14-e2e-azure-sdn-upgrade
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-azure-deploy-cnv
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-azure-upgrade-cnv
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-aws-driver-toolkit
  • periodic-ci-openshift-cluster-control-plane-machine-set-operator-release-4.14-periodics-e2e-gcp
  • periodic-ci-openshift-release-master-ci-4.14-e2e-gcp-ovn
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-gcp-ovn-csi
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-gcp-ovn-rt
  • periodic-ci-openshift-release-master-ci-4.14-upgrade-from-stable-4.13-e2e-gcp-ovn-upgrade
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-gcp-sdn
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-gcp-sdn-serial
  • periodic-ci-openshift-release-master-ci-4.14-e2e-gcp-sdn-techpreview
  • periodic-ci-openshift-release-master-ci-4.14-e2e-gcp-sdn-techpreview-serial
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-gcp-sdn-upgrade
  • periodic-ci-openshift-release-master-ci-4.14-upgrade-from-stable-4.13-e2e-gcp-sdn-upgrade
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-metal-ipi-ovn-dualstack
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-metal-ipi-sdn-bm-upgrade
  • periodic-ci-openshift-release-master-nightly-4.14-upgrade-from-stable-4.13-e2e-metal-ipi-sdn-bm-upgrade
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-metal-ipi-sdn-serial-ipv4
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-metal-ipi-sdn-serial-virtualmedia-bond
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-metal-ipi-serial-ovn-ipv6
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-metal-ipi-serial-ovn-dualstack
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-metal-ipi-upgrade-ovn-ipv6
  • periodic-ci-openshift-release-master-nightly-4.14-upgrade-from-stable-4.13-e2e-metal-ipi-upgrade-ovn-ipv6
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-metal-ovn-assisted
  • periodic-ci-openshift-microshift-release-4.14-ocp-conformance-nightly
  • periodic-ci-openshift-microshift-release-4.14-ocp-metal-nightly
  • periodic-ci-openshift-osde2e-main-nightly-4.14-osd-aws
  • periodic-ci-openshift-osde2e-main-nightly-4.14-osd-gcp
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-aws-ovn-proxy
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-metal-ovn-single-node-live-iso
  • periodic-ci-openshift-osde2e-main-nightly-4.14-rosa-classic-sts
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-aws-sdn-upgrade
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-telco5g
  • periodic-ci-openshift-release-master-nightly-4.14-upgrade-from-stable-4.13-e2e-aws-sdn-upgrade
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-vsphere-ovn-csi
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-vsphere-ovn-serial
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-vsphere-ovn-techpreview
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-vsphere-ovn-techpreview-serial
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-vsphere-ovn-upi
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-vsphere-ovn-upi-serial
  • periodic-ci-openshift-release-master-nightly-4.14-e2e-vsphere-sdn

See details on https://pr-payload-tests.ci.openshift.org/runs/ci/42ff5240-979e-11ee-8776-d4013d5fdbba-0

@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Dec 10, 2023

@Elbehery: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/e2e-aws-etcd-recovery a830cfa link false /test e2e-aws-etcd-recovery

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@dusk125
Copy link

dusk125 commented Dec 13, 2023

/lgtm
/label backport-risk-assessed

@openshift-ci openshift-ci bot added the backport-risk-assessed Indicates a PR to a release branch has been evaluated and considered safe to accept. label Dec 13, 2023
@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Dec 13, 2023
@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Dec 13, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dusk125, Elbehery

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Dec 13, 2023
@Elbehery
Copy link
Author

Elbehery commented Jan 3, 2024

/jira refresh

@openshift-ci-robot
Copy link

@Elbehery: This pull request references Jira Issue OCPBUGS-24939, which is invalid:

  • expected dependent Jira Issue OCPBUGS-24933 to be in one of the following states: VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA), but it is ASSIGNED instead

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@Elbehery
Copy link
Author

Elbehery commented Jan 3, 2024

/jira refresh

@openshift-ci-robot
Copy link

@Elbehery: This pull request references Jira Issue OCPBUGS-24939, which is invalid:

  • expected dependent Jira Issue OCPBUGS-24933 to be in one of the following states: VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA), but it is ASSIGNED instead

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@sandeepknd
Copy link

/label cherry-pick-approved

@openshift-ci openshift-ci bot added the cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. label Jan 9, 2024
@soltysh
Copy link
Member

soltysh commented Jan 9, 2024

/remove-label jira/invalid-bug
/label jira/valid-bug

4.16 merge in #232, so manually overriding the bug to allow merges

@openshift-ci openshift-ci bot added jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. and removed jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. labels Jan 9, 2024
@openshift-merge-bot openshift-merge-bot bot merged commit 77303c4 into openshift:openshift-4.14 Jan 9, 2024
7 of 8 checks passed
@openshift-ci-robot
Copy link

@Elbehery: Jira Issue OCPBUGS-24939: All pull requests linked via external trackers have merged:

Jira Issue OCPBUGS-24939 has been moved to the MODIFIED state.

In response to this:

This PR rebases etcd 3.5.11 into openshift-4.14.

This PR has been created by this workflow

  • git rebase --rebase-merges --fork-point v3.5.10 v3.5.11 ( rebasing the changes from upstream 3.5.10 --> 3.5.11 )
  • git cherry-pick -m 1 c89a29056e881a1862dda376fc3ba5002121f289 to cherrypick the downstream changes (commit)

After rebasing, running make locally produce

SUCCESS: etcd_build (GOARCH=amd64)
./bin/etcd --version
etcd Version: 3.5.11
Git SHA: 51dffdbd4
Go Version: go1.21.1
Go OS/Arch: darwin/amd64
./bin/etcdctl version
etcdctl version: 3.5.11
API version: 3.5
./bin/etcdutl version
etcdutl version: 3.5.11
API version: 3.5

Note: commit has been skipped as all it sub-commits exist in upstream v3.5.11.

cc @hasbro17 @dusk125 @tjungblu @soltysh @deads2k

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-bot
Copy link

[ART PR BUILD NOTIFIER]

This PR has been included in build ose-etcd-container-v4.14.0-202401091536.p0.g77303c4.assembly.stream for distgit ose-etcd.
All builds following this will include this PR.

@Elbehery Elbehery deleted the rebase-etcd-3.5.11-openshift-4.14 branch February 1, 2024 15:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@dusk125 dusk125

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. backport-risk-assessed Indicates a PR to a release branch has been evaluated and considered safe to accept. cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet