* no-op commit due to failed cherry-picking
* [NET-4897] net/http host header is now verified and request.host that contains socked now error (#18129)
### Description
This is related to https://github.com/hashicorp/consul/pull/18124 where
we pinned the go versions in CI to 1.20.5 and 1.19.10.
go 1.20.6 and 1.19.11 now validate request host headers for validity,
including the hostname cannot be prefixed with slashes.
For local communications (npipe://, unix://), the hostname is not used,
but we need valid and meaningful hostname. Prior versions go Go would
clean the host header, and strip slashes in the process, but go1.20.6
and go1.19.11 no longer do, and reject the host header. Around the
community we are seeing that others are intercepting the req.host and if
it starts with a slash or ends with .sock, they changing the host to
localhost or another dummy value.
[client: define a "dummy" hostname to use for local connections by
thaJeztah · Pull Request #45942 ·
moby/moby](https://github.com/moby/moby/pull/45942)
### Testing & Reproduction steps
Check CI tests.
### Links
* [ ] updated test coverage
* [ ] external facing docs updated
* [ ] appropriate backport labels added
* [ ] not a security concern
---------
Co-authored-by: temp <temp@hashicorp.com>
Co-authored-by: John Murret <john.murret@hashicorp.com>
## Backport
This PR is auto-generated from #18124 to be assessed for backporting due
to the inclusion of the label backport/1.16.
🚨
>**Warning** automatic cherry-pick of commits failed. If the first
commit failed,
you will see a blank no-op commit below. If at least one commit
succeeded, you
will see the cherry-picked commits up to, _not including_, the commit
where
the merge conflict occurred.
The person who merged in the original PR is:
@jmurret
This person should manually cherry-pick the original PR into a new
backport PR,
and close this one when the manual backport PR is merged in.
> merge conflict error: POST
https://api.github.com/repos/hashicorp/consul/merges: 409 Merge conflict
[]
The below text is copied from the body of the original PR.
---
### Description
The following jobs started failing when go 1.20.6 was released:
- `go-test-api-1-19`
- `go-test-api-1-20`
- `compatibility-integration-tests`
- `upgrade-integration-tests`
`compatibility-integration-tests` and `compatibility-integration-tests`
to this testcontainers issue:
https://github.com/testcontainers/testcontainers-go/issues/1359. This
issue calls for testcontainers to release a new version when one of
their dependencies is fixed. When that is done, we will unpin the go
versions in `compatibility-integration-tests` and
`compatibility-integration-tests`.
### Testing & Reproduction steps
See these jobs broken in CI and then see them work with this PR.
---
<details>
<summary> Overview of commits </summary>
- 747195f7aaf291305681bb7d8ae070761a2aef55 -
516492420bf43427f1cf89adce4d4e222bbb5aaa -
f4d6ca19f8e543048e167b9c47528eeb0bdb656f -
a47407115e086bb5eff6b34a08839989534b505f -
8c03b36e00719b65a87d277012dea2ac08b67442 -
c50b17c46ec64dfea20f61d242e1998c804eb8f7 -
7b55f66218e3a17a0c609a1d85d45f6d1a1e6961 -
93ce5fcc61fe0292f4e0cba98c7101fbe5142139
</details>
---------
Co-authored-by: temp <temp@hashicorp.com>
Co-authored-by: John Murret <john.murret@hashicorp.com>
Co-authored-by: Chris Thain <32781396+cthain@users.noreply.github.com>
* WIP
* ci:upload test results to datadog
* fix use of envvar in expression
* getting correct permission in reusable-unit.yml
* getting correct permission in reusable-unit.yml
* fixing DATADOG_API_KEY envvar expresssion
* pass datadog-api-key
* removing type from datadog-api-key
* remove test splitting from compatibility-integration-tests
* enable on push
* remove ipv6 loopback fix
* re-add ipv6 loopback fix
* remove test splitting from upgrade-integration-tests
* remove test splitting from upgrade-integration-tests
* put test splitting back in for upgrade tests
* upgrade-integration tests-o
ne runner no retries
* update go version to 1.20.3
* add changelog
* rename changelog file to remove underscore
* update to use 1.20.4
* update change log entry to reflect 1.20.4
* upgrade test: use docker.mirror.hashicorp.services to avoid docker login
* upgrade tests: remove docker login
Signed-off-by: Dan Bond <danbond@protonmail.com>
---------
Signed-off-by: Dan Bond <danbond@protonmail.com>
Co-authored-by: Dan Bond <danbond@protonmail.com>
* TProxy integration test
* Fix GHA compatibility integration test command
Previously, when test splitting allocated multiple test directories to a
runner, the workflow ran `go tests "./test/dir1 ./test/dir2"` which
results in a directory not found error. This fixes that.
* Fix straggler from renaming Register->RegisterTypes
* somehow a lint failure got through previously
* Fix lint-consul-retry errors
* adding in fix for success jobs getting skipped. (#17132)
* Temporarily disable inmem backend conformance test to get green pipeline
* Another test needs disabling
---------
Co-authored-by: John Murret <john.murret@hashicorp.com>
* fix runner calculation to exclude the top level directory as part of the calculation
* fix the logic for generating the directories/functions
* De-scope tenenacy requirements to OSS only for now. (#17087)
Partition and namespace must be "default"
Peername must be "local"
* Fix virtual services being included in intention topology as downstreams. (#17099)
* Merge pull request #5200 from hashicorp/NET-3758 (#17102)
* Merge pull request #5200 from hashicorp/NET-3758
NET-3758: connect: update supported envoy versions to 1.26.0
* lint
* CI: remove uneeded AWS creds from test-integrations (#17104)
* Update test-integrations.yml
* removing permission lies now that vault is not used in this job.
---------
Co-authored-by: John Murret <john.murret@hashicorp.com>
* update based on feedback
---------
Co-authored-by: Semir Patel <semir.patel@hashicorp.com>
Co-authored-by: Derek Menteer <105233703+hashi-derek@users.noreply.github.com>
Co-authored-by: Anita Akaeze <anita.akaeze@hashicorp.com>
Co-authored-by: Dan Bond <danbond@protonmail.com>
* Update test-integrations.yml
* removing permission lies now that vault is not used in this job.
---------
Co-authored-by: John Murret <john.murret@hashicorp.com>
* use proper TOTAL_RUNNER setting when generating runner matrix. if matrix size is smaller than total_runners, use the smaller number
* try again
* try again 2
* try again 3
* try again 4
* try again 5
* try scenario where number is less
* reset
* get rid of cat "$GITHUB_OUTPUT"
* Apply suggestions from code review
Co-authored-by: Dan Bond <danbond@protonmail.com>
* removing push trigger that was added for debug
---------
Co-authored-by: Dan Bond <danbond@protonmail.com>
* add test-integrations workflow
* add test-integrations success job
* update vault integration testing versions (#16949)
* change parallelism to 4 forgotestsum. use env.CONSUL_VERSION so we can see the version.
* use env for repeated values
* match test to circleci
* fix envvar
* fix envvar 2
* fix envvar 3
* fix envvar 4
* fix envvar 5
* make upgrade and compatibility tests match circleci
* run go env to check environment
* debug docker
Signed-off-by: Dan Bond <danbond@protonmail.com>
* debug docker
Signed-off-by: Dan Bond <danbond@protonmail.com>
* revert debug docker
Signed-off-by: Dan Bond <danbond@protonmail.com>
* going back to command that worked 5 days ago for compatibility tests
* Update Envoy versions to reflect changes in #16889
* cd to test dir
* try running ubuntu latest
* update PR with latest changes that work in enterprise
* yaml still sucks
* test GH fix (localhost resolution)
* change for testing
* test splitting and ipv6 lookup for compatibility and upgrade tests
* fix indention
* consul as image name
* remove the on push
* add gotestsum back in
* removing the use of the gotestsum download action
* yaml sucks today just like yesterday
* fixing nomad tests
* worked out the kinks on enterprise
---------
Signed-off-by: Dan Bond <danbond@protonmail.com>
Co-authored-by: John Eikenberry <jae@zhar.net>
Co-authored-by: Dan Bond <danbond@protonmail.com>
Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
Co-authored-by: Sarah <sthompson@hashicorp.com>
* Add go-tests-success job and make go-test-enterprise conditional
* fixing lint-32bit reference
* fixing reference to -go-test-troubleshoot
* add all jobs that fan out.
* fixing success job to need set up
* add echo to success job
* adding success jobs to build-artifacts, build-distros, and frontend.
* changing the name of the job in verify ci to be consistent with other workflows
* enable go-tests, build-distros, and verify-ci to run on merge to main and release branches because they currently do not with just the pull_request trigger
* docs: add envoy to the proxycfg diagram (#16834)
* docs: add envoy to the proxycfg diagram
* increase dee-copy job to use large runner. disable lint-enums on ENT
* set lint-enums to a large
* remove redunant installation of deep-copy
---------
Co-authored-by: cskh <hui.kang@hashicorp.com>
* ci: add build-artifacts workflow
Signed-off-by: Dan Bond <danbond@protonmail.com>
* makefile for gha dev-docker
Signed-off-by: Dan Bond <danbond@protonmail.com>
* use docker actions instead of make
Signed-off-by: Dan Bond <danbond@protonmail.com>
* Add context
Signed-off-by: Dan Bond <danbond@protonmail.com>
* testing push
Signed-off-by: Dan Bond <danbond@protonmail.com>
* set short sha
Signed-off-by: Dan Bond <danbond@protonmail.com>
* upload to s3
Signed-off-by: Dan Bond <danbond@protonmail.com>
* rm s3 upload
Signed-off-by: Dan Bond <danbond@protonmail.com>
* use runner setup job
Signed-off-by: Dan Bond <danbond@protonmail.com>
* on push
Signed-off-by: Dan Bond <danbond@protonmail.com>
* testing
Signed-off-by: Dan Bond <danbond@protonmail.com>
* on pr
Signed-off-by: Dan Bond <danbond@protonmail.com>
* revert testing
Signed-off-by: Dan Bond <danbond@protonmail.com>
* OSS/ENT logic
Signed-off-by: Dan Bond <danbond@protonmail.com>
* add comments
Signed-off-by: Dan Bond <danbond@protonmail.com>
* Update .github/workflows/build-artifacts.yml
Co-authored-by: John Murret <john.murret@hashicorp.com>
---------
Signed-off-by: Dan Bond <danbond@protonmail.com>
Co-authored-by: John Murret <john.murret@hashicorp.com>
* go-tests workflow
* add test splitting to go-tests
* fix re-reun fails report path
* fix re-reun fails report path another place
* fixing tests for32bit and race
* use script file to generate runners
* fixing run path
* add checkout
* Apply suggestions from code review
Co-authored-by: Dan Bond <danbond@protonmail.com>
* Apply suggestions from code review
Co-authored-by: Dan Bond <danbond@protonmail.com>
* Apply suggestions from code review
Co-authored-by: Dan Bond <danbond@protonmail.com>
* passing runs-on
* setting up runs-on as a parameter to check-go-mod
* making on pull_request
* Update .github/scripts/rerun_fails_report.sh
Co-authored-by: Dan Bond <danbond@protonmail.com>
* Apply suggestions from code review
Co-authored-by: Dan Bond <danbond@protonmail.com>
* make runs-on required
* removing go-version param that is not used.
* removing go-version param that is not used.
* Modify build-distros to use medium runners (#16773)
* go-tests workflow
* add test splitting to go-tests
* fix re-reun fails report path
* fix re-reun fails report path another place
* fixing tests for32bit and race
* use script file to generate runners
* fixing run path
* add checkout
* Apply suggestions from code review
Co-authored-by: Dan Bond <danbond@protonmail.com>
* Apply suggestions from code review
Co-authored-by: Dan Bond <danbond@protonmail.com>
* Apply suggestions from code review
Co-authored-by: Dan Bond <danbond@protonmail.com>
* passing runs-on
* setting up runs-on as a parameter to check-go-mod
* trying mediums
* adding in script
* fixing runs-on to be parameter
* fixing merge conflict
* changing to on push
* removing whitespace
* go-tests workflow
* add test splitting to go-tests
* fix re-reun fails report path
* fix re-reun fails report path another place
* fixing tests for32bit and race
* use script file to generate runners
* fixing run path
* add checkout
* Apply suggestions from code review
Co-authored-by: Dan Bond <danbond@protonmail.com>
* Apply suggestions from code review
Co-authored-by: Dan Bond <danbond@protonmail.com>
* Apply suggestions from code review
Co-authored-by: Dan Bond <danbond@protonmail.com>
* passing runs-on
* setting up runs-on as a parameter to check-go-mod
* changing back to on pull_request
---------
Co-authored-by: Dan Bond <danbond@protonmail.com>
* Github Actions Migration - move verify-ci workflows to GHA (#16777)
* add verify-ci workflow
* adding comment and changing to on pull request.
* changing to pull_requests
* changing to pull_request
* Apply suggestions from code review
Co-authored-by: Dan Bond <danbond@protonmail.com>
* [NET-3029] Migrate frontend to GHA (#16731)
* changing set up to a small
* using consuls own custom runner pool.
---------
Co-authored-by: Dan Bond <danbond@protonmail.com>
