search

d2iq-archive / mesos-dns

DNS-based service discovery for Mesos.
https://mesosphere.github.com/mesos-dns
Apache License 2.0
483 stars 137 forks source link

Moves mesos state endpoint from /state.json to /state #525

Closed GoelDeepak closed 6 years ago

GoelDeepak commented 6 years ago

Mesos has deprecated/removed the /state.json endpoint and has replaced it with /state. This patch updates the url path from /state.json to /state

jira: DCOS_OSS-3941

vespian commented 6 years ago

I have gone through the CircleCi failures:

httpcli/iam/file.go:15::warning: Potential file inclusion via variable,MEDIUM,HIGH (gosec)
records/config.go:316::warning: Potential file inclusion via variable,MEDIUM,HIGH (gosec)
records/generator.go:6::warning: Blacklisted import crypto/sha1: weak cryptographic primitive,MEDIUM,HIGH (gosec)
records/generator.go:200::warning: Use of weak cryptographic primitive,MEDIUM,HIGH (gosec)

I believe that the problem is that linters are a moving target and that the newest version of gosec points out the things that were OK in previous versions.

First two items seem bogus - files are included via variable but for a legitimate reason. Remaining two - sha1 is used only for calculating unique taskID in the context. Only first five chars are used. I am pretty confident that using sha1 here is not a security concern.

I am going to whitelist all 4 cases and push the commit on top of Deepak's.