search

etcd-io / etcd

Distributed reliable key-value store for the most critical data of a distributed system
https://etcd.io
Apache License 2.0
46.77k stars 9.64k forks source link

fix(server): enforce listen-metrics-urls client TLS info when its scheme is https/unixs #18186

Closed gyuho closed 1 week ago

gyuho commented 1 week ago

Otherwise, it will fail with

cannot listen on TLS for 127.0.0.1:8080: KeyFile and CertFile are not presented

We should instead explicitly fail fast, with a clear error message.

Also, adding some documentation how to configure TLS for metrics URLs.

c.f., https://github.com/etcd-io/etcd/issues/8060

k8s-ci-robot commented 1 week ago

Hi @gyuho. Thanks for your PR.

I'm waiting for a etcd-io member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.
codecov-commenter commented 1 week ago

Codecov Report

Attention: Patch coverage is 46.15385% with 7 lines in your changes missing coverage. Please review.

Project coverage is 68.86%. Comparing base (debc8fb) to head (0734121).

:exclamation: Current head 0734121 differs from pull request most recent head 22f20a8

Please upload reports for the commit 22f20a8 to get more accurate results.

:exclamation: Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files | [Files](https://app.codecov.io/gh/etcd-io/etcd/pull/18186?dropdown=coverage&src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=None) | Coverage Δ | | |---|---|---| | [server/embed/etcd.go](https://app.codecov.io/gh/etcd-io/etcd/pull/18186?src=pr&el=tree&filepath=server%2Fembed%2Fetcd.go&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=None#diff-c2VydmVyL2VtYmVkL2V0Y2QuZ28=) | `75.77% <46.15%> (+0.25%)` | :arrow_up: | ... and [21 files with indirect coverage changes](https://app.codecov.io/gh/etcd-io/etcd/pull/18186/indirect-changes?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=None) ```diff @@ Coverage Diff @@ ## main #18186 +/- ## ========================================== - Coverage 68.89% 68.86% -0.04% ========================================== Files 416 416 Lines 35151 35157 +6 ========================================== - Hits 24218 24211 -7 - Misses 9521 9541 +20 + Partials 1412 1405 -7 ``` ------ [Continue to review full report in Codecov by Sentry](https://app.codecov.io/gh/etcd-io/etcd/pull/18186?dropdown=coverage&src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=None). > **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=None) > `Δ = absolute (impact)`, `ø = not affected`, `? = missing data` > Powered by [Codecov](https://app.codecov.io/gh/etcd-io/etcd/pull/18186?dropdown=coverage&src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=None). Last update [debc8fb...22f20a8](https://app.codecov.io/gh/etcd-io/etcd/pull/18186?dropdown=coverage&src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=None). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=None).
gyuho commented 1 week ago

/retest

k8s-ci-robot commented 1 week ago

@gyuho: Cannot trigger testing until a trusted user reviews the PR and leaves an /ok-to-test message.

In response to [this](https://github.com/etcd-io/etcd/pull/18186#issuecomment-2173479410): >/retest Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.
ivanvc commented 1 week ago

/ok-to-test

gyuho commented 1 week ago

/retest

serathius commented 1 week ago

cc @ahrtr

serathius commented 1 week ago

/retest

gyuho commented 1 week ago

/retest

gyuho commented 1 week ago

/retest