WIP: Rebase v3.5.31#6
Open
redhat-chai-bot wants to merge 180 commits into
Open
Conversation
Reference: - etcd-io#19713 Signed-off-by: Chun-Hung Tseng <henrytseng@google.com>
[release-3.5] Bump Go to 1.23.8
Previously, the compaction pause duration metric was skipped if the number of keys was smaller than `batchNum`, leading to gaps in monitoring data. This change ensures the metric is emitted for every batch, regardless of key count. Signed-off-by: Miancheng Lin <iml@amazon.com>
Signed-off-by: Benjamin Wang <benjamin.ahrtr@gmail.com>
Signed-off-by: Benjamin Wang <benjamin.ahrtr@gmail.com>
Signed-off-by: Benjamin Wang <benjamin.ahrtr@gmail.com>
Signed-off-by: Benjamin Wang <benjamin.ahrtr@gmail.com>
Signed-off-by: Benjamin Wang <benjamin.ahrtr@gmail.com>
…ry-pick-19762-to-release-3.5 [release-3.5] emit compaction pause duration metric in every compaction batch
…ry-pick-19780-to-release-3.5 [release-3.5] Replace `resolver.State.Addresses` with `resolver.State.Endpoint.Addresses`
resolves: etcd-io#19706 Signed-off-by: amosehiguese <amosehiguese@gmail.com>
[release 3.5] Backport Deprecated Metadata field in Endpoint struct
Signed-off-by: Mustafa Elbehery <melbeher@redhat.com>
…bump [release-3.5] Bump Go to 1.23.9
… permissions issues Signed-off-by: hwdef <hwdefcom@outlook.com>
…ry-pick-19862-to-release-3.5 [release-3.5] release: Fix the tar unzip command, avoid permissions issues
…on-existent members This test verifies that etcd no longer panics when restarting after removing a member that was already removed from the cluster. addresses: issue etcd-io#13715 Signed-off-by: amosehiguese <amosehiguese@gmail.com>
Signed-off-by: Benjamin Wang <benjamin.ahrtr@gmail.com>
…ry-pick-19951-to-release-3.5 [release-3.5] Update release script to exactly match the target tag
[release-3.5][Integration Test]: Add test for panic-free removal of non-existent members
This occurs specifically when the watch is for a compacted revision, as there's
a possible interleaving of cancel/close that invokes the `cancelWatch` function
twice.
It's fairly difficult to provoke the race condition but it is possible to
observe on `main` the racing test can fail with a negative gauge:
```
$ go test ./... -run TestNewWatcherCountGauge/compacted_watch,_close/cancel_race
--- FAIL: TestNewWatcherCountGauge (0.34s)
watchable_store_test.go:86: # HELP etcd_debugging_mvcc_watcher_total Total number of watchers.
# TYPE etcd_debugging_mvcc_watcher_total gauge
-etcd_debugging_mvcc_watcher_total -1
+etcd_debugging_mvcc_watcher_total 0
FAIL
FAIL go.etcd.io/etcd/server/v3/storage/mvcc 0.830s
? go.etcd.io/etcd/server/v3/storage/mvcc/testutil [no test files]
FAIL
```
It seems as though it is partially expected for the cancel function to be
invoked multiple times and to handle that safely (i.e., the existing `ch == nil`
check) - the bug here is that in the `if/else if` branches it comes "too late",
and multiple invocations where `wa.compacted` is true will both decrement the
counter. Shifting the case up one ensures that we can't follow that decrement
branch multiple times.
In fact, it seems logically more sensible to put this `wa.ch == nil` case
_first_, as a guard for the function being invoked multiple times, but moving i
before the sync/unsynced watch set delete functions could have a greater
inadvertent functional impact (i.e., if we never deleted cancelled watches from
these sets it would presumably introduce a leak), so from an abundance of
caution I've made the smallest change I think will fix my issue.
Signed-off-by: Kieran Gorman <kieran@kjgorman.com>
…lease-3.5 [release-3.5] mvcc: avoid double decrement of watcher gauge on close/cancel race (3.5 backport)
Manual backport of https://github.com/etcd-io/etcd/pull/14481/commits Co-authored-by: Marek Siarkowicz <siarkowicz@google.com > Signed-off-by: Abdur Rehman <razashahid107@gmail.com>
…50528/backport-verify-split-3.5 [release-3.5] makefile: Split fmt into separate verify commands
Signed-off-by: Abdur Rehman <razashahid107@gmail.com>
…50602/remove-static-analysis-workflow [release-3.5] Remove static analysis workflow
Signed-off-by: hwdef <hwdefcom@outlook.com>
[release-3.5] Bump Go to 1.23.10
Signed-off-by: Abdur Rehman <razashahid107@gmail.com>
…50613-add-run-govulun-check-release-3.5 [release-3.5] Add makefile target for run-govuluncheck
[release-3.5] Fix etcdctl endpoint command with option --cluster when auth is enabled
In some environments, etcd members do not have stable hostnames or IP addresses. During maintenance, all etcd nodes may be replaced, resulting in new hostnames and IPs for every member. In that case, clients such as Patroni can lose access to the cluster entirely if they are not allowed to refresh the member list. Allow non-admin users to fetch the member list so they can rediscover updated member endpoints after such topology changes. Signed-off-by: Wei Fu <fuweid89@gmail.com>
…n-admin-user-to-list-members [release-3.5] etcdserver: allow non-admin to fetch member list and alarms
Signed-off-by: Ivan Valdes <iv@a.ki>
Signed-off-by: Wei Fu <fuweid89@gmail.com>
[release-3.5] *: bump go to 1.25.9
…r is down Signed-off-by: Benjamin Wang <benjamin.ahrtr@gmail.com>
…g member is down Assume the new member is unavailable and check whether quorum is still preserved. Signed-off-by: Benjamin Wang <benjamin.ahrtr@gmail.com>
[release-3.5] Fix the issue that cannot add a new member when one member is down, even if quorum is still satisfied
Signed-off-by: Benjamin Wang <benjamin.ahrtr@gmail.com>
[release-3.5] Get all Put related auth check into a separate function 'checkPutAuth'
…rbac check issue Signed-off-by: Benjamin Wang <benjamin.ahrtr@gmail.com>
…XN bypass RBAC check Signed-off-by: Benjamin Wang <benjamin.ahrtr@gmail.com>
…ck issue Signed-off-by: Benjamin Wang <benjamin.ahrtr@gmail.com>
[release-3.5] Fix read access via PrevKv or lease attachment in a Put request in etcd transactions bypass RBAC authorization checks
Signed-off-by: Ivan Valdes <iv@a.ki>
Signed-off-by: shenmu.wy <shenmu.wy@antfin.com>
….25.10 [release-3.5] Bump Go to 1.25.10 and fix govulncheck
Signed-off-by: shenmu.wy <shenmu.wy@antfin.com>
…mberupdate-learner [release-3.5] bugfix: MemberUpdate implicitly and unexpectedly promotes a learner
… of panic when given non-existent paths Signed-off-by: shenmu.wy <shenmu.wy@antfin.com>
…nvalid-datadir [release-3.5] etcdutl: validate data file path instead of panic
- replace user.Current().Name == "root" with os.Getuid() == 0. - drop os/user import and user.Current() error path. - backport of etcd-io#21788 - address: etcd-io#21787 Signed-off-by: vivekpatani <9080894+vivekpatani@users.noreply.github.com>
…elease-3.5 [release-3.5] client/pkg/fileutil: use os.Getuid() to skip TestIsDirWriteable as root
…vulncheck govulncheck on release-3.5 is currently failing with 17 vulnerabilities in golang.org/x/crypto@v0.50.0 (GO-2026-5013..5033 plus older), all listed as fixed in v0.52.0: https://prow.k8s.io/view/gs/kubernetes-ci-logs/pr-logs/pull/etcd-io_etcd/21815/pull-etcd-govulncheck/2059609075888427008 Bumping x/crypto to v0.52.0 transitively pulls x/net v0.55.0, which in turn resolves GO-2026-5026 (idna.ToASCII Punycode-handling) reachable from server/proxy/httpproxy. Both fixes are required for a clean govulncheck pass. Changes: - golang.org/x/crypto v0.50.0 -> v0.52.0 - golang.org/x/net v0.53.0 -> v0.55.0 - golang.org/x/sys v0.43.0 -> v0.45.0 (transitive) - golang.org/x/text v0.36.0 -> v0.37.0 (transitive) Plus minor tools/mod transitive bumps (x/mod, x/tools) picked up by go mod tidy. Followed the documented dependency_management.md workflow: - ./scripts/update_dep.sh golang.org/x/crypto v0.52.0 - ./scripts/update_dep.sh golang.org/x/net v0.55.0 - go get on indirect-only modules (api, client/v3, pkg, client/pkg, tools/mod) to keep versions consistent across all modules - make fix - PASSES="dep" ./test.sh -> "SUCCESS: dependencies are consistent across modules" Verified locally: - go build ./... clean in all 9 modules touched - govulncheck -mode source ./... reports "No vulnerabilities found" in all 5 modules that had the affected deps - go test ./auth/... (server) passes Signed-off-by: Ian Chechin <ian00chechin@gmail.com>
[release-3.5] bump golang.org/x/crypto and golang.org/x/net to fix govulncheck
Signed-off-by: Ivan Valdes <iv@a.ki>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
19 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Changelog https://github.com/etcd-io/etcd/blob/master/CHANGELOG/CHANGELOG-3.5.md#v3531