Commit Graph

24957 Commits

Author SHA1 Message Date
hc-github-team-nomad-core 4ebd0d251f
backport of commit f7a336d2ba95a362504d6094e581b8aeedbd554e (#18323)
Co-authored-by: James Rasell <jrasell@users.noreply.github.com>
2023-08-25 09:37:13 +01:00
hc-github-team-nomad-core 4e8088dfa8
backport of commit e69e3c66776519bc5f551e18ca41ec305dc9e704 (#18310)
Co-authored-by: Luiz Aoqui <luiz@hashicorp.com>
2023-08-23 16:01:29 -04:00
hc-github-team-nomad-core e035c3d9c0
backport of commit 6c43080b55f5afa18d114a354c4aa808b010c161 (#18304)
Co-authored-by: Luiz Aoqui <luiz@hashicorp.com>
2023-08-23 11:50:29 -04:00
Iwan Aucamp debb009cb8
docs: fix a sentence in vault-integration.mdx (#18296) 2023-08-23 11:44:15 +01:00
hc-github-team-nomad-core e4c7388608
backport of commit 3e61b3a37df9ff0836b52ba5440106ad0f607dd7 (#18294)
Co-authored-by: Андрей Неустроев <99169437+aneustroev@users.noreply.github.com>
2023-08-22 16:01:24 -04:00
hc-github-team-nomad-core 3ec251d29c
backport of commit 7548eecbaae6824e1051cf511dd004f99a6a93c0 (#18291)
Co-authored-by: Luiz Aoqui <luiz@hashicorp.com>
2023-08-22 15:13:04 -04:00
hc-github-team-nomad-core 621bce1da2
backport of commit 14a38bee7bc4386e74157f6a99f3db7382d7e6a5 (#18275)
Co-authored-by: Luiz Aoqui <luiz@hashicorp.com>
2023-08-21 16:34:32 -04:00
hc-github-team-nomad-core 27a14e4da1
backport of commit 1e9ccc3ed89adcdfaf4282d432782c03e0e5c615 (#18261)
Co-authored-by: János Szathmáry <29057504+janory@users.noreply.github.com>
2023-08-18 17:44:54 -04:00
James Rasell 1397ec4ad6
nomad: remove custom max func and use Go 1.21.0 builtin (#18237) (#18251) 2023-08-17 16:17:43 +01:00
Nando 66809615f4 volume-status : show namespace the volume belongs to (#17911)
* volume-status : show namespace the volume belongs to

Re-apply changes reverted by 950235df48869e0f3f1dc8950dc430394ababa85
2023-08-17 11:13:42 -04:00
hc-github-team-nomad-core 0fb0054e60
backport of commit 13b4d98bce058c59e054f5cce9ad4175bf3c5374 (#18248)
This pull request was automerged via backport-assistant
2023-08-17 09:47:02 -05:00
Luiz Aoqui d910457159 csi: prevent panic on volume delete (#18234)
When a CSI volume is deleted while its plugin is not running, the
function `volAndPluginLookup` returns a `nil` plugin value resulting in a
panic in the request handler.
2023-08-17 10:09:45 -04:00
hc-github-team-nomad-core 3b6ff9b56d
backport of commit a8a1e5a1c5a098f0b27b121a237db261c4b2dc77 (#18246)
This pull request was automerged via backport-assistant
2023-08-17 09:04:46 -05:00
hc-github-team-nomad-core 5b4eea8b33
Backport of csi: prevent panic on volume delete into release/1.6.x (#18243)
This pull request was automerged via backport-assistant
2023-08-17 08:58:14 -05:00
hc-github-team-nomad-core bd3f52d0e7
Backport of [ui] Preserve HCL2 on stop/start via the web UI into release/1.6.x (#18241)
This pull request was automerged via backport-assistant
2023-08-17 08:33:06 -05:00
hc-github-team-nomad-core d5e3b7c262
backport of commit 6eec37f0717cf62b4fc36ec89e53a7f348f2bddc (#18231)
This pull request was automerged via backport-assistant
2023-08-16 17:13:01 -05:00
hc-github-team-nomad-core 50e0282aca
backport of commit 8a8c4cd45cb471e5a4ce1b301b55571a8594d994 (#18227)
This pull request was automerged via backport-assistant
2023-08-16 16:25:12 -05:00
hc-github-team-nomad-core dafef5b777
Backport of docs: expand documentation on node pools into release/1.6.x (#18222)
This pull request was automerged via backport-assistant
2023-08-16 10:22:41 -05:00
Tim Gross 0a19fe3b60 fix multiple overflow errors in exponential backoff (#18200)
We use capped exponential backoff in several places in the code when handling
failures. The code we've copy-and-pasted all over has a check to see if the
backoff is greater than the limit, but this check happens after the bitshift and
we always increment the number of attempts. This causes an overflow with a
fairly small number of failures (ex. at one place I tested it occurs after only
24 iterations), resulting in a negative backoff which then never recovers. The
backoff becomes a tight loop consuming resources and/or DoS'ing a Nomad RPC
handler or an external API such as Vault. Note this doesn't occur in places
where we cap the number of iterations so the loop breaks (usually to return an
error), so long as the number of iterations is reasonable.

Introduce a helper with a check on the cap before the bitshift to avoid overflow in all 
places this can occur.

Fixes: #18199
Co-authored-by: stswidwinski <stan.swidwinski@gmail.com>
2023-08-15 14:39:09 -04:00
Piotr Kazmierczak 04484a10a0
Merge pull request #18205 from hashicorp/manual-backport-of-d9341f066480cc924c8cf00f981e604e02c62140-to-1.6
admin: manual backport of #18184 to 1.6
2023-08-15 15:09:48 +02:00
Seth Hoenig a45b689d8e update go1.21 (#18184)
* build: update to go1.21

* go: eliminate helpers in favor of min/max

* build: run go mod tidy

* build: swap depguard for semgrep

* command: fixup broken tls error check on go1.21
2023-08-15 14:40:33 +02:00
Tim Gross a3a86a849a test: deflake node drain intergration test (#18171)
The `TestDrainer_AllTypes_NoDeadline` test has been flaky. It looks like this
might be because the final update of batch allocations to complete is improperly
updating the state store directly rather than by RPC. If the service jobs have
restarted in the meantime, the `allocClientStateSimulator` will have updated the
index on the allocations table and that will prevent the drainer from
unblocking (and being marked complete) when the batch jobs are written with an
earlier index.

This changeset attempts to fix that by making the update via RPC (as it normally
would be in real code).
2023-08-14 16:19:00 -04:00
Tim Gross 577d96034d test: deflake job endpoint registration test (#18170)
We've seen test flakiness in the `TestJobEndpoint_Register_NonOverlapping` test,
which asserts that we don't try to placed allocations for blocked evals until
resources have been actually freed by setting the client status of the previous
alloc to complete.

The flaky assertion includes sorting the two allocations by CreateIndex and this
appears to be a non-stable sort in the context of the test run, which results in
failures that shouldn't exist. There's no reason to sort the allocations instead
of just examining them by ID. This changeset does so.
2023-08-14 16:18:53 -04:00
Shantanu Gadgil 04a3628cc4 docs: ampersand and bash backgrounding problem (#18175)
the `&` symbol messes up the command when copy pasting into a shell
2023-08-14 15:13:19 -04:00
Esteban Barrios 9f19d7c373 config: add configurable content security policy (#18085) 2023-08-14 14:25:21 -04:00
hc-github-team-nomad-core c25c04816d
Backport of e2e: modernize vaultcompat testing into release/1.6.x (#18182)
This pull request was automerged via backport-assistant
2023-08-09 09:25:32 -05:00
hc-github-team-nomad-core 8bf5067f86
backport of commit 7bfd268c8ca9caa1c07a2ad4cf197f8b3f97dca1 (#18177)
This pull request was automerged via backport-assistant
2023-08-08 07:34:11 -05:00
hc-github-team-nomad-core f812bccb4e
Backport of Tuning job versions retention. #17635 into release/1.6.x (#18169)
This pull request was automerged via backport-assistant
2023-08-07 13:48:09 -05:00
hc-github-team-nomad-core ebcdd4d82d
backport of commit 65501ff97aa2ec6fa3c4f53d3f8c6c80c6a0e8a3 (#18166)
This pull request was automerged via backport-assistant
2023-08-07 10:17:34 -05:00
hc-github-team-nomad-core d3529d7be6
Backport of CLI: make snapshot name requiered in creating volume snapshots into release/1.6.x (#18152)
This pull request was automerged via backport-assistant
2023-08-04 04:36:50 -05:00
hc-github-team-nomad-core e959895ee7
backport of commit 53c53f1a47e872f7c25673a40c76818dcf9ef0c7 (#18145)
This pull request was automerged via backport-assistant
2023-08-03 15:06:24 -05:00
dependabot[bot] 7120cbefb1 build(deps): bump github.com/hashicorp/go-kms-wrapping/v2 (#17957)
Bumps [github.com/hashicorp/go-kms-wrapping/v2](https://github.com/hashicorp/go-kms-wrapping) from 2.0.8 to 2.0.12.
- [Commits](https://github.com/hashicorp/go-kms-wrapping/compare/v2.0.8...v2.0.12)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-kms-wrapping/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-03 15:43:42 -04:00
dependabot[bot] 5f078adade build(deps): bump github.com/opencontainers/runc from 1.1.5 to 1.1.8 (#18037)
Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.1.5 to 1.1.8.
- [Release notes](https://github.com/opencontainers/runc/releases)
- [Changelog](https://github.com/opencontainers/runc/blob/v1.1.8/CHANGELOG.md)
- [Commits](https://github.com/opencontainers/runc/compare/v1.1.5...v1.1.8)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/runc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-03 15:37:32 -04:00
Charlie Voiselle bac4d112d1 [dep] bump golang.org/x/exp (#18102)
There are some refactorings that have to be made in the getter and state
where the api changed in `slices`

* Bump golang.org/x/exp
* Bump golang.org/x/exp in api
* Update job_endpoint_test
* [feedback] unexport sort function
2023-08-03 15:14:39 -04:00
dependabot[bot] 9fda7305b7 build(deps): bump github.com/hashicorp/consul/api from 1.18.0 to 1.23.0 (#18038)
Bumps [github.com/hashicorp/consul/api](https://github.com/hashicorp/consul) from 1.18.0 to 1.23.0.
- [Release notes](https://github.com/hashicorp/consul/releases)
- [Changelog](https://github.com/hashicorp/consul/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/consul/compare/api/v1.18.0...api/v1.23.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/consul/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-03 15:03:16 -04:00
Tim Gross 87101b131a scheduler: filter device instance IDs by constraints (#18141)
When the scheduler assigns a device instance, it iterates over the feasible
devices and then picks the first instance with availability. If the jobspec uses
a constraint on device ID, this can lead to buggy/surprising behavior where the
node's device matches the constraint but then the individual device instance
does not.

Add a second filter based on the `${device.ids}` constraint after selecting a
node's device to ensure the device instance ID falls within the constraint as
well.

Fixes: #18112
2023-08-03 14:58:51 -04:00
hc-github-team-nomad-core c4f223249d
backport of commit b3601e00578b26d879f8f2678dc8b03e17a2db18 (#18140)
This pull request was automerged via backport-assistant
2023-08-03 09:44:19 -05:00
Karuppiah Natarajan fe4dd2f5bd docs: fix link for stopping an agent (#18130) 2023-08-02 11:52:02 -04:00
hc-github-team-nomad-core 9301daa8e8
backport of commit a3a637ee8efe5e1251f60f781369bd9052c4d4a2 (#18132)
This pull request was automerged via backport-assistant
2023-08-02 08:47:19 -05:00
hc-github-team-nomad-core e9b6be87e2
[ui] Job Variables page (#17964) (#18106)
* Bones of a component that has job variable awareness

* Got vars listed woo

* Variables as its own subnav and some pathLinkedVariable perf fixes

* Automatic Access to Variables alerter

* Helper and component to conditionally render the right link

* A bit of cleanup post-template stuff

* testfix for looping right-arrow keynav bc we have a new subnav section

* A very roundabout way of ensuring that, if a job exists when saving a variable with a pathLinkedEntity of that job, its saved right through to the job itself

* hacky but an async version of pathLinkedVariable

* model-driven and async fetcher driven with cleanup

* Only run the update-job func if jobname is detected in var path

* Test cases begun

* Management token for variables to appear in tests

* Its a management token so it gets to see the clients tab under system jobs

* Pre-review cleanup

* More tests

* Number of requests test and small fix to groups-by-way-or-resource-arrays elsewhere

* Variable intro text tests

* Variable name re-use

* Simplifying our wording a bit

* parse json vs plainId

* Addressed PR feedback, including de-waterfalling

Co-authored-by: Phil Renaud <phil.renaud@hashicorp.com>
2023-08-01 09:59:39 -04:00
hc-github-team-nomad-core 3b076edf11
Backport of cli: search all namespaces for node volumes into release/1.6.x (#18119)
This pull request was automerged via backport-assistant
2023-08-01 08:56:34 -05:00
hc-github-team-nomad-core b75f552246
fingerprint: fix 'default' alias not added to interface specified by `network_interface` (#18096) (#18116)
Co-authored-by: Kevin Schoonover <github@kschoon.me>
2023-08-01 08:38:03 -04:00
Tim Gross 9fe88ebefe cli: support wildcard namespace in alloc subcommands (#18095)
The alloc exec and filesystem/logs commands allow passing the `-job` flag to
select a random allocation. If the namespace for the command is set to `*`, the
RPC handler doesn't handle this correctly as it's expecting to query for a
specific job. Most commands handle this ambiguity by first verifying that only a
single object of the type in question exists (ex. a single node or job).

Update these commands so that when the `-job` flag is set we first verify
there's a single job that matches. This also allows us to extend the
functionality to allow for the `-job` flag to support prefix matching.

Fixes: #12097
2023-07-31 13:15:49 -04:00
hc-github-team-nomad-core f2c70e9d51
Backport of [ui] Search results are overloading filter with sorted results into release/1.6.x (#18105)
This pull request was automerged via backport-assistant
2023-07-31 12:07:52 -05:00
Tim Gross 824a38c1f4 scheduler: fix panic in `render_templates` destructive update check (#18100)
In #18054 we introduced a new field `render_templates` in the `restart`
block. Previously changes to the `restart` block were always non-destructive in
the scheduler but we now need to check the new field so that we can update the
template runner. The check assumed that the block was always non-nil, which
causes panics in our scheduler tests.
2023-07-31 11:53:30 -04:00
Gunnar 7fb7f77b45 docs: added accessor info to Tuples in template.mdx (#18101) 2023-07-31 11:08:09 -04:00
hc-github-team-nomad-core 2ed92e0c6c
Backport of feature: Add new field render_templates on restart block into release/1.6.x (#18094)
This pull request was automerged via backport-assistant
2023-07-28 13:54:00 -05:00
Tim Gross bebed09677 GHA pinning updates (#18093)
Trusted Supply Chain Component Registry (TSCCR) enforcement starts Monday and an
internal report shows our semgrep action is pinned to a version that's not
currently permitted. Update all the action versions to whatever's the new
hotness to maximum the time-to-live on these until we have automated pinning
setup.

Also version bumps our chromedriver action, which randomly broke upstream today.
2023-07-28 11:52:42 -04:00
hc-github-team-nomad-core 34ac0e5aad
cli: add help message for `-consul-namespace` (#18081) (#18091)
Add missing help entry for the `-consul-namespace` flag in `nomad job
run`.
2023-07-28 10:34:44 -04:00
hc-github-team-nomad-core 77d1f188c6
backport of commit 1e73a8a6991214fb57afa37de425dd7b0e765623 (#18089)
This pull request was automerged via backport-assistant
2023-07-28 02:49:50 -05:00