mirror of https://github.com/hashicorp/consul
81a22ae9b6
* [Cloud][CC-6925] Updates to pushing server state (#19682) * Upgrade hcp-sdk-go to latest version v0.73 Changes: - go get github.com/hashicorp/hcp-sdk-go - go mod tidy * From upgrade: regenerate protobufs for upgrade from 1.30 to 1.31 Ran: `make proto` Slack: https://hashicorp.slack.com/archives/C0253EQ5B40/p1701105418579429 * From upgrade: fix mock interface implementation After upgrading, there is the following compile error: cannot use &mockHCPCfg{} (value of type *mockHCPCfg) as "github.com/hashicorp/hcp-sdk-go/config".HCPConfig value in return statement: *mockHCPCfg does not implement "github.com/hashicorp/hcp-sdk-go/config".HCPConfig (missing method Logout) Solution: update the mock to have the missing Logout method * From upgrade: Lint: remove usage of deprecated req.ServerState.TLS Due to upgrade, linting is erroring due to usage of a newly deprecated field 22:47:56 [consul]: make lint --> Running golangci-lint (.) agent/hcp/testing.go:157:24: SA1019: req.ServerState.TLS is deprecated: use server_tls.internal_rpc instead. (staticcheck) time.Until(time.Time(req.ServerState.TLS.CertExpiry)).Hours()/24, ^ * From upgrade: adjust oidc error message From the upgrade, this test started failing: === FAIL: internal/go-sso/oidcauth TestOIDC_ClaimsFromAuthCode/failed_code_exchange (re-run 2) (0.01s) oidc_test.go:393: unexpected error: Provider login failed: Error exchanging oidc code: oauth2: "invalid_grant" "unexpected auth code" Prior to the upgrade, the error returned was: ``` Provider login failed: Error exchanging oidc code: oauth2: cannot fetch token: 401 Unauthorized\nResponse: {\"error\":\"invalid_grant\",\"error_description\":\"unexpected auth code\"}\n ``` Now the error returned is as below and does not contain "cannot fetch token" ``` Provider login failed: Error exchanging oidc code: oauth2: "invalid_grant" "unexpected auth code" ``` * Update AgentPushServerState structs with new fields HCP-side changes for the new fields are in: https://github.com/hashicorp/cloud-global-network-manager-service/pull/1195/files * Minor refactor for hcpServerStatus to abstract tlsInfo into struct This will make it easier to set the same tls-info information to both - status.TLS (deprecated field) - status.ServerTLSMetadata (new field to use instead) * Update hcpServerStatus to parse out information for new fields Changes: - Improve error message and handling (encountered some issues and was confused) - Set new field TLSInfo.CertIssuer - Collect certificate authority metadata and set on TLSInfo.CertificateAuthorities - Set TLSInfo on both server.TLS and server.ServerTLSMetadata.InternalRPC * Update serverStatusToHCP to convert new fields to GNM rpc * Add changelog * Feedback: connect.ParseCert, caCerts * Feedback: refactor and unit test server status * Feedback: test to use expected struct * Feedback: certificate with intermediate * Feedback: catch no leaf, remove expectedErr * Feedback: update todos with jira ticket * Feedback: mock tlsConfigurator * make proto for additional file in 1.17 not in main |
||
---|---|---|
.. | ||
access_logs.pb.binary.go | ||
access_logs.pb.go | ||
access_logs.proto | ||
access_logs_deepcopy.gen.go | ||
access_logs_json.gen.go | ||
address.pb.binary.go | ||
address.pb.go | ||
address.proto | ||
address_deepcopy.gen.go | ||
address_json.gen.go | ||
cluster.pb.binary.go | ||
cluster.pb.go | ||
cluster.proto | ||
cluster_deepcopy.gen.go | ||
cluster_json.gen.go | ||
endpoints.pb.binary.go | ||
endpoints.pb.go | ||
endpoints.proto | ||
endpoints_deepcopy.gen.go | ||
endpoints_json.gen.go | ||
escape_hatches.pb.binary.go | ||
escape_hatches.pb.go | ||
escape_hatches.proto | ||
escape_hatches_deepcopy.gen.go | ||
escape_hatches_json.gen.go | ||
header_mutations.pb.binary.go | ||
header_mutations.pb.go | ||
header_mutations.proto | ||
header_mutations_deepcopy.gen.go | ||
header_mutations_json.gen.go | ||
intentions.pb.go | ||
listener.pb.binary.go | ||
listener.pb.go | ||
listener.proto | ||
listener_deepcopy.gen.go | ||
listener_json.gen.go | ||
protocol.pb.go | ||
protocol.proto | ||
protocol_test.go | ||
references.pb.binary.go | ||
references.pb.go | ||
references.proto | ||
references_deepcopy.gen.go | ||
references_json.gen.go | ||
route.pb.binary.go | ||
route.pb.go | ||
route.proto | ||
route_deepcopy.gen.go | ||
route_json.gen.go | ||
traffic_permissions.pb.binary.go | ||
traffic_permissions.pb.go | ||
traffic_permissions.proto | ||
traffic_permissions_deepcopy.gen.go | ||
traffic_permissions_json.gen.go | ||
transport_socket.pb.binary.go | ||
transport_socket.pb.go | ||
transport_socket.proto | ||
transport_socket_deepcopy.gen.go | ||
transport_socket_json.gen.go |