New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OCPBUGS-24939: Rebase etcd 3.5.11 openshift 4.14 #235
OCPBUGS-24939: Rebase etcd 3.5.11 openshift 4.14 #235
Conversation
To keep etcd projects up to date with the latest patch releases & incorporate the latest security updates. Signed-off-by: arjunmalhotra1 <am2cj@virginia.edu>
[3.5] etcd: upgrade go version from 1.20.10 to 1.20.11
Use a template to consolidate arm64 and amd64 test workflows. Enable running armd64 tests on every push and pull request. Signed-off-by: Ivan Valdes <ivan@vald.es>
…telemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.46.0 Signed-off-by: sharath sivakumar <sharath.sivakumar@mollie.com>
…apis/api,google.golang.org/grpc to make it consistent Signed-off-by: sharath sivakumar <sharath.sivakumar@mollie.com>
[3.5] CVE-2023-47108: Backport go.opentelemetry.io/otel@v1.20.0 and go.open…
…every-push-and-pr-in-release-3.5 github workflow: run arm64 tests on every push
ExperimentalDistributedTracingSamplingRatePerMillion is the number of samples to collect per million spans. Defaults to 0. Signed-off-by: James Blair <mail@jamesblair.net>
Signed-off-by: James Blair <mail@jamesblair.net>
Signed-off-by: James Blair <mail@jamesblair.net>
[3.5] Backport add sampling rate to fix distributed tracing
It's possible that etcd server may run into SSRF situation when adding a new member. If users provide a malicious peer URL, the existing etcd members may be redirected to other unexpected internal URL when getting the new member's version. Signed-off-by: James Blair <mail@jamesblair.net>
Signed-off-by: Siyuan Zhang <sizhang@google.com>
Signed-off-by: Siyuan Zhang <sizhang@google.com>
Signed-off-by: Siyuan Zhang <sizhang@google.com>
Signed-off-by: Siyuan Zhang <sizhang@google.com>
Signed-off-by: Siyuan Zhang <sizhang@google.com>
Signed-off-by: Siyuan Zhang <sizhang@google.com>
…tep1 [3.5] Backport healthcheck code cleanup
Signed-off-by: Chao Chen <chaochn@amazon.com>
Add two separate probes, one for liveness and one for readiness. The liveness probe would check that the local individual node is up and running, or else restart the node, while the readiness probe would check that the cluster is ready to serve traffic. This would make etcd health-check fully Kubernetes API complient. Signed-off-by: Siyuan Zhang <sizhang@google.com>
Signed-off-by: Siyuan Zhang <sizhang@google.com>
[3.5] Backport disable following redirects when checking peer urls
Disable following redirects from peer HTTP communication on the client's side. Etcd server may run into SSRF (Server-side request forgery) when adding a new member. If users provide a malicious peer URL, the existing etcd members may be redirected to another unexpected internal URL when getting the new member's version. Signed-off-by: Ivan Valdes <ivan@vald.es>
Backport disable redirects in peer communication to release-3.5
Signed-off-by: Jonas Riedel <jonasriedel@pm.me>
Signed-off-by: Siyuan Zhang <sizhang@google.com>
…go-1.20.12 [3.5] Update go version to 1.20.12
[3.5] Backport livez/readyz
/jira refresh |
@Elbehery: This pull request references Jira Issue OCPBUGS-24939, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/jira refresh |
@Elbehery: This pull request references Jira Issue OCPBUGS-24939, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/retest-required |
/payload 4.14 nightly informing |
/payload 4.14 nightly blocking |
@Elbehery: trigger 8 job(s) of type blocking for the nightly release of OCP 4.14
See details on https://pr-payload-tests.ci.openshift.org/runs/ci/4c9f9da0-979e-11ee-8fea-cadaeab22b00-0 |
@Elbehery: trigger 64 job(s) of type informing for the nightly release of OCP 4.14
See details on https://pr-payload-tests.ci.openshift.org/runs/ci/42ff5240-979e-11ee-8776-d4013d5fdbba-0 |
@Elbehery: The following test failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dusk125, Elbehery The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/jira refresh |
@Elbehery: This pull request references Jira Issue OCPBUGS-24939, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
/jira refresh |
@Elbehery: This pull request references Jira Issue OCPBUGS-24939, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
/label cherry-pick-approved |
/remove-label jira/invalid-bug 4.16 merge in #232, so manually overriding the bug to allow merges |
77303c4
into
openshift:openshift-4.14
@Elbehery: Jira Issue OCPBUGS-24939: All pull requests linked via external trackers have merged: Jira Issue OCPBUGS-24939 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
[ART PR BUILD NOTIFIER] This PR has been included in build ose-etcd-container-v4.14.0-202401091536.p0.g77303c4.assembly.stream for distgit ose-etcd. |
This PR rebases etcd 3.5.11 into openshift-4.14.
This PR has been created by this workflow
git rebase --rebase-merges --fork-point v3.5.10 v3.5.11
( rebasing the changes from upstream 3.5.10 --> 3.5.11 )git cherry-pick -m 1 c89a29056e881a1862dda376fc3ba5002121f289
to cherrypick the downstream changes (commit)After rebasing, running
make
locally produceNote: commit has been skipped as all it sub-commits exist in upstream v3.5.11.
cc @hasbro17 @dusk125 @tjungblu @soltysh @deads2k