Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

⬆️ Upgrade the go.etcd.io/etcd dependency to v3.4.34, and other dependencies #30

Merged
merged 1 commit into from
Nov 7, 2024
Merged

⬆️ Upgrade the go.etcd.io/etcd dependency to v3.4.34, and other dependencies #30

merged 1 commit into from
Nov 7, 2024

Conversation

renormalize
Copy link
Member

@renormalize renormalize commented Sep 27, 2024
edited
Loading

How to categorize this PR?

/area quality
/area security
/area dev-productivity
/kind impediment

What this PR does / why we need it:

  • Upgrade the go.etcd.io/etcd dependency to v3.4.34.

  • Remove the google.golang.org/grpc replace directive which forced usage of the older version v1.27.0. v1.58.3 is used now.

  • Upgrade go.uber.org/zap to v1.27.0.

  • Upgrade github.com/onsi/gomega to v1.34.2.

Which issue(s) this PR fixes:
Fixes #28 #29

Special notes for your reviewer:

The replace directives which hardcoded google.golang.org/grpc to v1.27.0 is now removed, and a newer minor version v1.58.3 is used.
There (ideally) should not be any issues with the components that etcd-wrapper interacts with since they all use the same major version, with not a large difference in the minor version.
Let me know in case this doesn't work.

Release note:

`etcd-wrapper` has been updated to start etcd version `v3.4.34`.
All dependencies upgraded to the newer versions for enhanced security and support.

@renormalize renormalize added area/dev-productivity Developer productivity related (how to improve development) area/quality Output qualification (tests, checks, scans, automation in general, etc.) related area/security Security related labels Sep 27, 2024
@renormalize renormalize added this to the v0.1.2 milestone Sep 27, 2024
@renormalize renormalize self-assigned this Sep 27, 2024
@renormalize renormalize requested a review from a team as a code owner September 27, 2024 08:56
@gardener-robot gardener-robot added the needs/review Needs review label Sep 27, 2024
@gardener-robot-ci-3 gardener-robot-ci-3 added the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Sep 27, 2024
@gardener-robot gardener-robot added kind/impediment Something that impedes developers, operators, users or others in their work size/m Size of pull request is medium (see gardener-robot robot/bots/size.py) labels Sep 27, 2024
@gardener-robot-ci-1 gardener-robot-ci-1 added needs/ok-to-test Needs approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels Sep 27, 2024
@renormalize
Copy link
Member Author

renormalize commented Sep 27, 2024
edited
Loading

The pipeline fails because the Go version was updated in the same PR.

Unit tests make test pass. 
> Test...
> Running tests...
=== RUN   TestAddEtcdFlags
--- PASS: TestAddEtcdFlags (0.00s)
PASS
coverage: 28.0% of statements
ok  	github.com/gardener/etcd-wrapper/cmd	0.020s	coverage: 28.0% of statements
  github.com/gardener/etcd-wrapper/internal/testutil		coverage: 0.0% of statements
=== RUN   TestSuit
=== RUN   TestSuit/queryAndUpdateEtcdReadiness
  readycheck_test.go:67: etcd ready status should be set to true when etcd query succeeds
{"level":"info","msg":"Initializing application","config":{"BackupRestore":{"HostPort":":2379","TLSEnabled":false,"CaCertBundlePath":""},"EtcdClientTLS":{"ServerName":"","CertPath":"","KeyPath":""}}}
  readycheck_test.go:67: etcd ready status should be set to false when etcd query fails
{"level":"info","msg":"Initializing application","config":{"BackupRestore":{"HostPort":":2379","TLSEnabled":false,"CaCertBundlePath":""},"EtcdClientTLS":{"ServerName":"","CertPath":"","KeyPath":""}}}
{"level":"warn","ts":"2024-09-27T14:27:04.831+0530","caller":"clientv3/retry_interceptor.go:62","msg":"retrying of unary invoker failed","target":"etcd-endpoints://0x140002a9a40/:2379","attempt":0,"error":"rpc error: code = DeadlineExceeded desc = latest balancer error: last connection error: connection error: desc = \"transport: Error while dialing: dial tcp :2379: connect: connection refused\""}
{"level":"error","msg":"failed to retrieve from etcd db","error":"context deadline exceeded"}
=== RUN   TestSuit/readinessHandler
  readycheck_test.go:97: should return http.StatusOK when etcdStatus.Ready is set to true
{"level":"info","msg":"Initializing application","config":{"BackupRestore":{"HostPort":":2379","TLSEnabled":false,"CaCertBundlePath":""},"EtcdClientTLS":{"ServerName":"","CertPath":"","KeyPath":""}}}
  readycheck_test.go:97: should return http.StatusServiceUnavailable when etcdStatus.Ready is set to false
{"level":"info","msg":"Initializing application","config":{"BackupRestore":{"HostPort":":2379","TLSEnabled":false,"CaCertBundlePath":""},"EtcdClientTLS":{"ServerName":"","CertPath":"","KeyPath":""}}}
=== RUN   TestSuit/createEtcdClient
  readycheck_test.go:135: should return valid etcd client with HTTP scheme when no certificates are passed
{"level":"info","msg":"Initializing application","config":{"BackupRestore":{"HostPort":":2379","TLSEnabled":false,"CaCertBundlePath":""},"EtcdClientTLS":{"ServerName":"","CertPath":"","KeyPath":""}}}
  readycheck_test.go:135: should return valid etcd client with HTTPS scheme when all certificates are passed
{"level":"info","msg":"Initializing application","config":{"BackupRestore":{"HostPort":":2379","TLSEnabled":false,"CaCertBundlePath":""},"EtcdClientTLS":{"ServerName":"","CertPath":"","KeyPath":""}}}
  readycheck_test.go:135: should return valid etcd client with HTTP scheme when empty certificate file path is passed
{"level":"info","msg":"Initializing application","config":{"BackupRestore":{"HostPort":":2379","TLSEnabled":false,"CaCertBundlePath":""},"EtcdClientTLS":{"ServerName":"","CertPath":"","KeyPath":""}}}
  readycheck_test.go:135: should return valid etcd client with HTTP scheme when empty key file path is passed
{"level":"info","msg":"Initializing application","config":{"BackupRestore":{"HostPort":":2379","TLSEnabled":false,"CaCertBundlePath":""},"EtcdClientTLS":{"ServerName":"","CertPath":"","KeyPath":""}}}
  readycheck_test.go:135: should return valid etcd client with HTTP scheme when empty CA cert file path is passed
{"level":"info","msg":"Initializing application","config":{"BackupRestore":{"HostPort":":2379","TLSEnabled":false,"CaCertBundlePath":""},"EtcdClientTLS":{"ServerName":"","CertPath":"","KeyPath":""}}}
  readycheck_test.go:135: should return error when wrong certificate file path is passed
{"level":"info","msg":"Initializing application","config":{"BackupRestore":{"HostPort":":2379","TLSEnabled":false,"CaCertBundlePath":""},"EtcdClientTLS":{"ServerName":"","CertPath":"","KeyPath":""}}}
=== RUN   TestSuit/isTLSEnabled
  readycheck_test.go:172: should return true when all files are present
{"level":"info","msg":"Initializing application","config":{"BackupRestore":{"HostPort":":2379","TLSEnabled":false,"CaCertBundlePath":""},"EtcdClientTLS":{"ServerName":"","CertPath":"","KeyPath":""}}}
  readycheck_test.go:172: should return false when only certFile is not present
{"level":"info","msg":"Initializing application","config":{"BackupRestore":{"HostPort":":2379","TLSEnabled":false,"CaCertBundlePath":""},"EtcdClientTLS":{"ServerName":"","CertPath":"","KeyPath":""}}}
  readycheck_test.go:172: should return false when only keyFile is not present
{"level":"info","msg":"Initializing application","config":{"BackupRestore":{"HostPort":":2379","TLSEnabled":false,"CaCertBundlePath":""},"EtcdClientTLS":{"ServerName":"","CertPath":"","KeyPath":""}}}
  readycheck_test.go:172: should return false when only trusterCAFile is not present
{"level":"info","msg":"Initializing application","config":{"BackupRestore":{"HostPort":":2379","TLSEnabled":false,"CaCertBundlePath":""},"EtcdClientTLS":{"ServerName":"","CertPath":"","KeyPath":""}}}
  readycheck_test.go:172: should return true when all files not are present
{"level":"info","msg":"Initializing application","config":{"BackupRestore":{"HostPort":":2379","TLSEnabled":false,"CaCertBundlePath":""},"EtcdClientTLS":{"ServerName":"","CertPath":"","KeyPath":""}}}
--- PASS: TestSuit (7.75s)
  --- PASS: TestSuit/queryAndUpdateEtcdReadiness (5.00s)
  --- PASS: TestSuit/readinessHandler (0.00s)
  --- PASS: TestSuit/createEtcdClient (0.01s)
  --- PASS: TestSuit/isTLSEnabled (0.00s)
PASS
coverage: 31.7% of statements
ok  	github.com/gardener/etcd-wrapper/internal/app	7.782s	coverage: 31.7% of statements
=== RUN   TestCleanupExitCodeFile
=== RUN   TestCleanupExitCodeFile/cleanup_exit_code_file_when_file_exists
=== RUN   TestCleanupExitCodeFile/cleanup_exit_code_file_when_it_does_not_exist
--- PASS: TestCleanupExitCodeFile (0.00s)
  --- PASS: TestCleanupExitCodeFile/cleanup_exit_code_file_when_file_exists (0.00s)
  --- PASS: TestCleanupExitCodeFile/cleanup_exit_code_file_when_it_does_not_exist (0.00s)
=== RUN   TestCaptureExitCode
=== RUN   TestCaptureExitCode/do_nothing_when_signal_is_nil
=== RUN   TestCaptureExitCode/capture_signal_in_exit_code_when_it_is_not_nil
=== RUN   TestCaptureExitCode/return_error_when_WriteFile_fails
--- PASS: TestCaptureExitCode (0.00s)
  --- PASS: TestCaptureExitCode/do_nothing_when_signal_is_nil (0.00s)
  --- PASS: TestCaptureExitCode/capture_signal_in_exit_code_when_it_is_not_nil (0.00s)
  --- PASS: TestCaptureExitCode/return_error_when_WriteFile_fails (0.00s)
=== RUN   TestGetValidationMode
=== RUN   TestGetValidationMode/exit_code_file_not_being_present_should_result_in_full_validation
  bootstrap_test.go:134: exit code file not being present should result in full validation
=== NAME  TestGetValidationMode
  logger.go:146: 2024-09-27T14:26:57.103+0530	ERROR	error in checking if exitCodeFile exists, assuming full-validation to be done.	{"exitCodeFilePath": "/var/folders/jj/dzvcbqd54s1gbt9rtjbs9mtc0000gn/T/etcd-wrapper1538484633/exit_code", "error": "stat /var/folders/jj/dzvcbqd54s1gbt9rtjbs9mtc0000gn/T/etcd-wrapper1538484633/exit_code: no such file or directory"}
=== RUN   TestGetValidationMode/exit_code_having_error_string_`interrupt`_should_result_in_sanity_validation
  bootstrap_test.go:134: exit code having error string `interrupt` should result in sanity validation
=== NAME  TestGetValidationMode
  logger.go:146: 2024-09-27T14:26:57.104+0530	INFO	last captured exit code read, assuming sanity validation to be done.	{"exitCodeFilePath": "/var/folders/jj/dzvcbqd54s1gbt9rtjbs9mtc0000gn/T/etcd-wrapper2416079088/exit_code", "signal-captured": "interrupt"}
=== RUN   TestGetValidationMode/exit_code_having_error_string_`terminated`_should_result_in_sanity_validation
  bootstrap_test.go:134: exit code having error string `terminated` should result in sanity validation
=== NAME  TestGetValidationMode
  logger.go:146: 2024-09-27T14:26:57.106+0530	INFO	last captured exit code read, assuming sanity validation to be done.	{"exitCodeFilePath": "/var/folders/jj/dzvcbqd54s1gbt9rtjbs9mtc0000gn/T/etcd-wrapper311184448/exit_code", "signal-captured": "terminated"}
=== RUN   TestGetValidationMode/exit_code_having_any_other_error_string_should_result_in_full_validation
  bootstrap_test.go:134: exit code having any other error string should result in full validation
=== NAME  TestGetValidationMode
  logger.go:146: 2024-09-27T14:26:57.108+0530	ERROR	error in checking if exitCodeFile exists, assuming full-validation to be done.	{"exitCodeFilePath": "/var/folders/jj/dzvcbqd54s1gbt9rtjbs9mtc0000gn/T/etcd-wrapper878877789/exit_code"}
--- PASS: TestGetValidationMode (0.01s)
  --- PASS: TestGetValidationMode/exit_code_file_not_being_present_should_result_in_full_validation (0.00s)
  --- PASS: TestGetValidationMode/exit_code_having_error_string_`interrupt`_should_result_in_sanity_validation (0.00s)
  --- PASS: TestGetValidationMode/exit_code_having_error_string_`terminated`_should_result_in_sanity_validation (0.00s)
  --- PASS: TestGetValidationMode/exit_code_having_any_other_error_string_should_result_in_full_validation (0.00s)
=== RUN   TestTryGetEtcdConfig
=== RUN   TestTryGetEtcdConfig/should_not_return_error_when_etcd_config_is_returned
  bootstrap_test.go:163: should not return error when etcd config is returned
2024-09-27T14:26:57.109+0530	INFO	bootstrap/bootstrap.go:112	Fetched and written etcd configuration	{"path": "/var/folders/jj/dzvcbqd54s1gbt9rtjbs9mtc0000gn/T/etcd-wrapper2778384990/etcdConfig.yaml"}
[WARNING] Deprecated '--logger=capnslog' flag is set; use '--logger=zap' flag instead
2024-09-27 14:26:57.109447 W | embed: Running http and grpc server on single port. This is not recommended for production.
=== RUN   TestTryGetEtcdConfig/should_return_error_when_invalid_etcd_config_is_returned
  bootstrap_test.go:163: should return error when invalid etcd config is returned
2024-09-27T14:26:58.110+0530	INFO	util/retry.go:59	re-attempting operation	{"operation": "GetEtcdConfig", "current-attempt": 0, "error": "server returned error response code when attempting to fetch etcd config: &{ 404  0 0 map[] 0x1400028c920 14 [] false false map[] <nil> <nil>}"}
2024-09-27T14:26:59.111+0530	INFO	util/retry.go:59	re-attempting operation	{"operation": "GetEtcdConfig", "current-attempt": 1, "error": "server returned error response code when attempting to fetch etcd config: &{ 404  0 0 map[] 0x140000aa140 14 [] false false map[] <nil> <nil>}"}
2024-09-27T14:27:00.111+0530	INFO	util/retry.go:59	re-attempting operation	{"operation": "GetEtcdConfig", "current-attempt": 2, "error": "server returned error response code when attempting to fetch etcd config: &{ 404  0 0 map[] 0x1400028c9a0 14 [] false false map[] <nil> <nil>}"}
2024-09-27T14:27:01.112+0530	INFO	util/retry.go:59	re-attempting operation	{"operation": "GetEtcdConfig", "current-attempt": 3, "error": "server returned error response code when attempting to fetch etcd config: &{ 404  0 0 map[] 0x1400028ca00 14 [] false false map[] <nil> <nil>}"}
2024-09-27T14:27:02.112+0530	INFO	util/retry.go:59	re-attempting operation	{"operation": "GetEtcdConfig", "current-attempt": 4, "error": "server returned error response code when attempting to fetch etcd config: &{ 404  0 0 map[] 0x1400028ca60 14 [] false false map[] <nil> <nil>}"}
2024-09-27T14:27:02.112+0530	ERROR	util/retry.go:62	all retries exhausted	{"operation": "GetEtcdConfig", "numAttempts": 5}
github.com/gardener/etcd-wrapper/internal/util.Retry[...]
  /Users/renormalize/go/src/github.com/gardener/etcd-wrapper/internal/util/retry.go:62
github.com/gardener/etcd-wrapper/internal/bootstrap.(*initializer).tryGetEtcdConfig
  /Users/renormalize/go/src/github.com/gardener/etcd-wrapper/internal/bootstrap/bootstrap.go:105
github.com/gardener/etcd-wrapper/internal/bootstrap.TestTryGetEtcdConfig.func1
  /Users/renormalize/go/src/github.com/gardener/etcd-wrapper/internal/bootstrap/bootstrap_test.go:181
testing.tRunner
  /Users/renormalize/go/pkg/mod/golang.org/[email protected]/src/testing/testing.go:1690
--- PASS: TestTryGetEtcdConfig (5.00s)
  --- PASS: TestTryGetEtcdConfig/should_not_return_error_when_etcd_config_is_returned (0.00s)
  --- PASS: TestTryGetEtcdConfig/should_return_error_when_invalid_etcd_config_is_returned (5.00s)
=== RUN   TestNewEtcdInitializer
=== RUN   TestNewEtcdInitializer/should_return_error_when_invalid_sidecar_config_is_passed
  bootstrap_test.go:201: should return error when invalid sidecar config is passed
=== RUN   TestNewEtcdInitializer/should_return_error_when_br_client_creation_fails
  bootstrap_test.go:201: should return error when br client creation fails
=== RUN   TestNewEtcdInitializer/should_not_return_error_when_sidecar_config_is_valid_and_br_client_creation_succeeds
  bootstrap_test.go:201: should not return error when sidecar config is valid and br client creation succeeds
--- PASS: TestNewEtcdInitializer (0.00s)
  --- PASS: TestNewEtcdInitializer/should_return_error_when_invalid_sidecar_config_is_passed (0.00s)
  --- PASS: TestNewEtcdInitializer/should_return_error_when_br_client_creation_fails (0.00s)
  --- PASS: TestNewEtcdInitializer/should_not_return_error_when_sidecar_config_is_valid_and_br_client_creation_succeeds (0.00s)
PASS
coverage: 57.4% of statements
ok  	github.com/gardener/etcd-wrapper/internal/bootstrap	5.045s	coverage: 57.4% of statements
=== RUN   TestSuite
=== RUN   TestSuite/getEtcdConfig
  brclient_test.go:78: 200 response code should return a valid etcd config
  brclient_test.go:78: 202 response code should return a valid etcd config
  brclient_test.go:78: 201 response code should return a valid etcd config
  brclient_test.go:78: 208 response code should return an error
  brclient_test.go:78: 400 response code should return an error
  brclient_test.go:78: should return an error when sidecar base address is invalid
=== RUN   TestSuite/getInitializationStatus
  brclient_test.go:118: New initialization status returned by server should result in New
  brclient_test.go:118: InProgress initialization status returned by server should result in InProgress
  brclient_test.go:118: Successful initialization status returned by server should result in Successful
  brclient_test.go:118: Unknown initialization status returned by server should result in InProgress
  brclient_test.go:118: Bad response from server should result in Unknown
  brclient_test.go:118: When sidecar base address is invalid should return an error and result in Unknown
=== RUN   TestSuite/triggerInitializer
  brclient_test.go:148: server returning a valid response should not result in an error
  brclient_test.go:148: server returning an error code should result in an error
  brclient_test.go:148: should return an error when sidecar base address is invalid
=== RUN   TestSuite/createClient
  brclient_test.go:176: return error when incorrect sidecar config (CA filepath) is passed
  brclient_test.go:176: return etcd client when valid sidecar config is passed
--- PASS: TestSuite (1.21s)
  --- PASS: TestSuite/getEtcdConfig (0.01s)
  --- PASS: TestSuite/getInitializationStatus (0.00s)
  --- PASS: TestSuite/triggerInitializer (0.00s)
  --- PASS: TestSuite/createClient (0.01s)
=== RUN   TestNewDefaultClient
  brclient_test.go:199: return error when incorrect sidecar config is passed
  brclient_test.go:199: return backuprestore client when valid sidecar config is passed
--- PASS: TestNewDefaultClient (2.45s)
PASS
coverage: 90.3% of statements
ok  	github.com/gardener/etcd-wrapper/internal/brclient	3.683s	coverage: 90.3% of statements
=== RUN   TestSetupSignalHandler
callback called.
  logger.go:146: 2024-09-27T14:26:57.092+0530	INFO	caught shutdown signal	{"signal": "interrupt"}
--- PASS: TestSetupSignalHandler (5.00s)
PASS
coverage: 91.7% of statements
ok  	github.com/gardener/etcd-wrapper/internal/signal	5.025s	coverage: 91.7% of statements
=== RUN   TestGetBaseAddressWithTLSEnabled
--- PASS: TestGetBaseAddressWithTLSEnabled (0.00s)
=== RUN   TestGetBaseAddressWithTLSDisabled
--- PASS: TestGetBaseAddressWithTLSDisabled (0.00s)
=== RUN   TestValidate
  config_test.go:49: missing host should result in error
  config_test.go:49: missing port should result in error
  config_test.go:49: should allow empty host
  config_test.go:49: should disallow specifying scheme
  config_test.go:49: should disallow empty caCertBundlePath when TLS is enabled
--- PASS: TestValidate (0.00s)
PASS
coverage: 66.7% of statements
ok  	github.com/gardener/etcd-wrapper/internal/types	0.016s	coverage: 66.7% of statements
=== RUN   TestResponseHasOKCode
  http_test.go:27: 200 response code should return true
  http_test.go:27: 201 response code should return true
  http_test.go:27: 202 response code should return true
  http_test.go:27: 400 response code should return true
--- PASS: TestResponseHasOKCode (0.00s)
=== RUN   TestConstructBaseAddress
  http_test.go:47: tls is enabled
  http_test.go:47: tls is disabled
--- PASS: TestConstructBaseAddress (0.00s)
=== RUN   TestErrorIfExceedsAttempts
=== RUN   TestErrorIfExceedsAttempts/num_attempts_exhausted
=== NAME  TestErrorIfExceedsAttempts
  logger.go:146: 2024-09-27T14:26:58.095+0530	INFO	re-attempting operation	{"operation": "always-fails", "current-attempt": 0, "error": "attempt failed"}
  logger.go:146: 2024-09-27T14:26:59.097+0530	INFO	re-attempting operation	{"operation": "always-fails", "current-attempt": 1, "error": "attempt failed"}
  logger.go:146: 2024-09-27T14:27:00.098+0530	INFO	re-attempting operation	{"operation": "always-fails", "current-attempt": 2, "error": "attempt failed"}
  logger.go:146: 2024-09-27T14:27:01.099+0530	INFO	re-attempting operation	{"operation": "always-fails", "current-attempt": 3, "error": "attempt failed"}
  logger.go:146: 2024-09-27T14:27:02.101+0530	INFO	re-attempting operation	{"operation": "always-fails", "current-attempt": 4, "error": "attempt failed"}
  logger.go:146: 2024-09-27T14:27:02.101+0530	ERROR	all retries exhausted	{"operation": "always-fails", "numAttempts": 5}
=== RUN   TestErrorIfExceedsAttempts/neverRetry_short-circuits_num-attempts
--- PASS: TestErrorIfExceedsAttempts (5.01s)
  --- PASS: TestErrorIfExceedsAttempts/num_attempts_exhausted (5.01s)
  --- PASS: TestErrorIfExceedsAttempts/neverRetry_short-circuits_num-attempts (0.00s)
=== RUN   TestSuccessWhenEventuallySucceeds
  logger.go:146: 2024-09-27T14:27:03.102+0530	INFO	re-attempting operation	{"operation": "eventually-succeeds", "current-attempt": 0, "error": "attempt failed"}
  logger.go:146: 2024-09-27T14:27:04.103+0530	INFO	re-attempting operation	{"operation": "eventually-succeeds", "current-attempt": 1, "error": "attempt failed"}
--- PASS: TestSuccessWhenEventuallySucceeds (2.00s)
=== RUN   TestRetryWhenContextCancelled
  logger.go:146: 2024-09-27T14:27:05.105+0530	INFO	re-attempting operation	{"operation": "context-cancelled", "current-attempt": 0, "error": "attempt failed"}
  logger.go:146: 2024-09-27T14:27:05.105+0530	ERROR	context has been cancelled. stopping retry	{"operation": "context-cancelled", "error": "context canceled"}
--- PASS: TestRetryWhenContextCancelled (1.00s)
=== RUN   TestCreateCACertPool
  tls_test.go:41: should return error when empty ca cert file path is passed
  tls_test.go:41: should return error when wrong ca cert file path is passed
  tls_test.go:41: should not return error when valid ca cert file path is passed
--- PASS: TestCreateCACertPool (2.07s)
=== RUN   TestCreateTLSConfigWhenTLSDisabled
--- PASS: TestCreateTLSConfigWhenTLSDisabled (0.00s)
=== RUN   TestCreateTLSConfig
--- PASS: TestCreateTLSConfig (2.39s)
PASS
coverage: 87.8% of statements
ok  	github.com/gardener/etcd-wrapper/internal/util	12.488s	coverage: 87.8% of statements
github.com/gardener/etcd-wrapper/cmd/command.go:36:				IsCommandSupported		0.0%
github.com/gardener/etcd-wrapper/cmd/etcd.go:50:				AddEtcdFlags			100.0%
github.com/gardener/etcd-wrapper/cmd/etcd.go:61:				InitAndStartEtcd		0.0%
github.com/gardener/etcd-wrapper/cmd/help.go:28:				PrintHelp			0.0%
github.com/gardener/etcd-wrapper/cmd/help.go:36:				executeTemplate			0.0%
github.com/gardener/etcd-wrapper/internal/app/app.go:36:			NewApplication			80.0%
github.com/gardener/etcd-wrapper/internal/app/app.go:53:			Setup				0.0%
github.com/gardener/etcd-wrapper/internal/app/app.go:66:			Start				0.0%
github.com/gardener/etcd-wrapper/internal/app/app.go:104:			Close				66.7%
github.com/gardener/etcd-wrapper/internal/app/app.go:111:			cancelContext			100.0%
github.com/gardener/etcd-wrapper/internal/app/app.go:118:			startEtcd			0.0%
github.com/gardener/etcd-wrapper/internal/app/fakes.go:17:			Get				100.0%
github.com/gardener/etcd-wrapper/internal/app/fakes.go:22:			Put				0.0%
github.com/gardener/etcd-wrapper/internal/app/fakes.go:27:			Delete				0.0%
github.com/gardener/etcd-wrapper/internal/app/fakes.go:32:			Compact				0.0%
github.com/gardener/etcd-wrapper/internal/app/fakes.go:37:			Txn				0.0%
github.com/gardener/etcd-wrapper/internal/app/fakes.go:42:			Do				0.0%
github.com/gardener/etcd-wrapper/internal/app/readycheck.go:33:			SetupReadinessProbe		0.0%
github.com/gardener/etcd-wrapper/internal/app/readycheck.go:54:			queryAndUpdateEtcdReadiness	0.0%
github.com/gardener/etcd-wrapper/internal/app/readycheck.go:75:			isEtcdReady			100.0%
github.com/gardener/etcd-wrapper/internal/app/readycheck.go:86:			readinessHandler		100.0%
github.com/gardener/etcd-wrapper/internal/app/readycheck.go:95:			createEtcdClient		85.7%
github.com/gardener/etcd-wrapper/internal/app/readycheck.go:120:		isTLSEnabled			100.0%
github.com/gardener/etcd-wrapper/internal/bootstrap/bootstrap.go:39:		NewEtcdInitializer		100.0%
github.com/gardener/etcd-wrapper/internal/bootstrap/bootstrap.go:58:		Run				0.0%
github.com/gardener/etcd-wrapper/internal/bootstrap/bootstrap.go:86:		CaptureExitCode			100.0%
github.com/gardener/etcd-wrapper/internal/bootstrap/bootstrap.go:95:		CleanupExitCode			100.0%
github.com/gardener/etcd-wrapper/internal/bootstrap/bootstrap.go:103:		tryGetEtcdConfig		100.0%
github.com/gardener/etcd-wrapper/internal/bootstrap/bootstrap.go:116:		determineValidationMode		83.3%
github.com/gardener/etcd-wrapper/internal/bootstrap/loggerutil.go:13:		SetupLoggerConfig		0.0%
github.com/gardener/etcd-wrapper/internal/brclient/brclient.go:67:		NewDefaultClient		87.5%
github.com/gardener/etcd-wrapper/internal/brclient/brclient.go:81:		NewClient			100.0%
github.com/gardener/etcd-wrapper/internal/brclient/brclient.go:89:		GetInitializationStatus		92.9%
github.com/gardener/etcd-wrapper/internal/brclient/brclient.go:116:		TriggerInitialization		100.0%
github.com/gardener/etcd-wrapper/internal/brclient/brclient.go:132:		GetEtcdConfig			83.3%
github.com/gardener/etcd-wrapper/internal/brclient/brclient.go:154:		createAndExecuteHTTPRequest	88.9%
github.com/gardener/etcd-wrapper/internal/brclient/brclient.go:174:		createClient			100.0%
github.com/gardener/etcd-wrapper/internal/brclient/initstatus_string.go:7:	_				0.0%
github.com/gardener/etcd-wrapper/internal/brclient/initstatus_string.go:21:	String				66.7%
github.com/gardener/etcd-wrapper/internal/signal/signal.go:26:			SetupHandler			91.7%
github.com/gardener/etcd-wrapper/internal/testutil/tls.go:28:			NewTLSResourceCreator		75.0%
github.com/gardener/etcd-wrapper/internal/testutil/tls.go:42:			pemEncode			100.0%
github.com/gardener/etcd-wrapper/internal/testutil/tls.go:51:			EncodeAndWrite			83.3%
github.com/gardener/etcd-wrapper/internal/testutil/tls.go:69:			CreateCACertAndKey		75.0%
github.com/gardener/etcd-wrapper/internal/testutil/tls.go:96:			CreateETCDClientCertAndKey	75.0%
github.com/gardener/etcd-wrapper/internal/testutil/tls.go:119:			createCACertTemplate		85.7%
github.com/gardener/etcd-wrapper/internal/testutil/tls.go:131:			createCertTemplate		75.0%
github.com/gardener/etcd-wrapper/internal/testutil/tls.go:152:			generateSerialNumber		100.0%
github.com/gardener/etcd-wrapper/internal/types/config.go:42:			Validate			100.0%
github.com/gardener/etcd-wrapper/internal/types/config.go:60:			GetBaseAddress			100.0%
github.com/gardener/etcd-wrapper/internal/types/config.go:65:			GetHost				0.0%
github.com/gardener/etcd-wrapper/internal/util/http.go:17:			ResponseHasOKCode		100.0%
github.com/gardener/etcd-wrapper/internal/util/http.go:31:			CloseResponseBody		0.0%
github.com/gardener/etcd-wrapper/internal/util/http.go:45:			ConstructBaseAddress		100.0%
github.com/gardener/etcd-wrapper/internal/util/retry.go:27:			IsErr				0.0%
github.com/gardener/etcd-wrapper/internal/util/retry.go:34:			Retry				87.5%
github.com/gardener/etcd-wrapper/internal/util/retry.go:68:			AlwaysRetry			0.0%
github.com/gardener/etcd-wrapper/internal/util/tls.go:14:			CreateCACertPool		100.0%
github.com/gardener/etcd-wrapper/internal/util/tls.go:37:			CreateTLSConfig			100.0%
total:										(statements)			64.4%

@unmarshall unmarshall added status/on-hold Issue on hold (e.g. because work was suspended) and removed status/on-hold Issue on hold (e.g. because work was suspended) labels Sep 27, 2024
@unmarshall
Copy link
Contributor

unmarshall commented Sep 30, 2024
edited
Loading

@renormalize as discussed during etcd biweekly sync, we break this PR into 2

  1. Separate PR which only updates go version. This fixes the very high CVE.
  2. Create a new PR across wrapper and etcdbr to upgrade to a higher version of etcd where the reported CVE is fixed. What has been chosen in this PR is version v3.4.28. We need to check higher patch version releases for the same minor version and check for any fixes that have been done on top of v3.4.28 and then decide which is the safer version to upgrade to. Since the CVE for etcd is not high we can also take a call and directly move to v3.4.32 as well which we planned for Q4.

@renormalize
Copy link
Member Author

Opened #32 to upgrade the Go dependency first, before work can be resumed on this PR.

@gardener-robot-ci-2 gardener-robot-ci-2 added the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Oct 4, 2024
@gardener-robot-ci-3 gardener-robot-ci-3 removed the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Oct 4, 2024
@renormalize
Copy link
Member Author

Opened gardener/etcd-backup-restore#786 to fix the runtime CVE on etcd-backup-restore.

@renormalize
Copy link
Member Author

gardener/etcd-backup-restore#786 got merged.

@renormalize renormalize removed this from the v0.1.2 milestone Oct 8, 2024
@renormalize
Upgrade all dependencies.
1bfaa44 
* Upgrade the `go.etcd.io/etcd` dependency to `v3.4.34`.

* Remove the `google.golang.org/grpc` replace directive which forced
  usage of the older version `v1.27.0`. `v1.58.3` is used now.

* Upgrade `go.uber.org/zap` to `v1.27.0`.

* Upgrade `github.com/onsi/gomega` to `v1.34.2`.
@gardener-robot-ci-3 gardener-robot-ci-3 added the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Oct 10, 2024
@gardener-robot-ci-2 gardener-robot-ci-2 removed the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Oct 10, 2024
@renormalize renormalize mentioned this pull request Nov 7, 2024
Merged
@renormalize renormalize changed the title ⬆️ Upgrade all dependencies ⬆️ Upgrade the go.etcd.io/etcd dependency to v3.4.34, and other dependencies Nov 7, 2024
seshachalam-yv
seshachalam-yv approved these changes Nov 7, 2024
View reviewed changes
Copy link
Contributor

@seshachalam-yv seshachalam-yv left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @renormalize for upgrading the etcd version v3.4.34 ❤️ .

anveshreddy18
anveshreddy18 approved these changes Nov 7, 2024
View reviewed changes
Copy link

@anveshreddy18 anveshreddy18 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the much needed etcd upgrade.

LGTM!!

@renormalize renormalize added this to the v0.3.0 milestone Nov 7, 2024
@renormalize renormalize merged commit 5f0ad50 into main Nov 7, 2024
8 checks passed
@gardener-robot gardener-robot added the status/closed Issue is closed (either delivered or triaged) label Nov 7, 2024
@renormalize renormalize deleted the upgrade-deps branch November 7, 2024 12:27
This was referenced Nov 8, 2024
Closed
Closed
@ishan16696 ishan16696 mentioned this pull request Nov 15, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@seshachalam-yv seshachalam-yv seshachalam-yv approved these changes

@anveshreddy18 anveshreddy18 anveshreddy18 approved these changes

Assignees

@renormalize renormalize

Labels
area/dev-productivity Developer productivity related (how to improve development) area/quality Output qualification (tests, checks, scans, automation in general, etc.) related area/security Security related kind/impediment Something that impedes developers, operators, users or others in their work needs/ok-to-test Needs approval for testing (check PR in detail before setting this label because PR is run on CI/CD) needs/review Needs review size/m Size of pull request is medium (see gardener-robot robot/bots/size.py) status/closed Issue is closed (either delivered or triaged)
Projects
None yet
Milestone
v0.3.0
Development

Successfully merging this pull request may close these issues.

[Feature] Upgrade the etcd version to 3.4.31+ or 3.5.13+
8 participants
@renormalize @unmarshall @anveshreddy18 @seshachalam-yv @gardener-robot-ci-1 @gardener-robot-ci-2 @gardener-robot-ci-3 @gardener-robot