fix(scripts): fix update-copyright in venv and remove unused repos #12413
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* feat(opentelemetry): make endpoint field referenceable * docs(changelog): add an entry to the changelog (cherry picked from commit 3e52664)
#11214) * With a hard-coded payload size, for some use cases like uploading a big OpenAPI spec in DevPortal or updating a big config entry for plugins, they can not work as expected. With the new parameter, the user can decide the payload size to meet their needs. In this PR, a new parameter, `worker_events_max_payload` is added, which allows to specify the payload size the `worker_events` lib can accept. The default size is 64k, and the max allowed to set is 16M Bytes. The corresponding PR for `worker_events` lib is [#37](Kong/lua-resty-events#37) FTI-4963 * add changelog entry * Update kong.conf.default Co-authored-by: Datong Sun <[email protected]> * add test case and bump lua-resty-events * correct the default value, and add an entry for bumping the version of lua-resty-events * 1. append PR number to the changelog entry of lua-resty-events 2. correct the spec test 3. style * Update CHANGELOG.md --------- Co-authored-by: Datong Sun <[email protected]> Co-authored-by: Chrono <[email protected]> (cherry picked from commit ff59edb)
* fix(cmd): `kong vault get` doesn't work in dbless mode The cli `kong vault get <reference>` doesn't work in DBless mode if <reference> uses vaults entity. It doesn't affect the normal use of vault in kong instance though. The reason is in DBless mode the vaults entity is stored in LMDB which is implemented by a Nginx C module. However Everytime `resty` cli (which is relied on by `kong` cli) runs it creates a temporary `nginx.conf` which doesn't contain the lmdb-related directives. This PR is fixing this by starting another `resty` call with lmdb-related directives inserted via the `--main-conf` option. Note we only try this after detecting the `no LMDB environment defined` error in order to avoid infinite loop. And because `resty` will create a temmporary nginx instance so we need to convert the relative paths in the nginx.conf to the absolute path under kong instance prefix. [FTI-4937](https://konghq.atlassian.net/browse/FTI-4937) * add CHANGELOG * make it more robust * update comment * update comment * test the existence of LMDB rather than Kong instance * fixup * make the fix more generic * fix and add tests in 04-prefix_handler_spec * add lua_ssl_protocols and fix tests * rename the new configuration files to avoid conflict with the prefix of injected directives * add and fix tests of 14-vault_spec * fix test * rename template files to consistent with configuration file names * add unit tests for inject_directives.lua * change to absolute path * fixup * fix path * Update CHANGELOG.md Co-authored-by: Hans Hübner <[email protected]> * use return (...) syntax instead * don't expose the option and use a better name * pass paths instead of patterns and use better names * correctly handle the stdout/stderr/exit code * preserve original cli args for reusing * use env variable to terminate recursion * resty isn't necessarily in the position -1, so add it explicitly * update the lmdb_map_size to 2048m * fix(cmd): lack of necessary nginx directives in kong cli nginx.conf This is an alternative of (#10675)[#10675]. The primary logic keeps the same. The inject logic is further moved forward from `kong/cmd/init.lua` to `bin/kong` so that the execution flow won't enter `kong/cmd/init.lua` twice. We still keep the `bin/kong` a resty script because many files such as `kong.conf_loader`, `kong.cmd.utils.process_secrets` rely on `ngx`. If we change `bin/kong` into a pure lua or other language script, we need to rewrite the conf_loader and compile part logic. [FTI-4937](https://konghq.atlassian.net/browse/FTI-4937) * fix lint * fix test * fix test * use xpcall to catch exceptions and handle error message * add health to skip_inject_cmds * fix tests in 11-config_spec.lua * add hybrid into skip_inject_cmds * fix typo * remove CHANGELOG entry to the right place ("Unreleased") * extend load() to a subset of fields and these fields can't reference vault * add field `database` to CONF_NO_VAULT * fix test * fix test * keep `conf.nginx_http_lua_ssl_protocols` and `conf.nginx_stream_lua_ssl_protocols` so that we don't change the previous behavior * fixup * fix test * fix test * fix test * update CHANGELOG * Update CHANGELOG.md Co-authored-by: Qirui(Keery) Nie <[email protected]> * always call prepare_prefix as the prefix directory may not existed and the lua_ssl_trusted_certificate config may be updated --------- Co-authored-by: Hans Hübner <[email protected]> Co-authored-by: Qirui(Keery) Nie <[email protected]> (cherry picked from commit 8a1ebba)
`resty.wasm` -> `resty.wasmx`.
(cherry picked from commit 5c7a7b8)
Patch lua-cjson to make it can process a large string correctly. OpenResty PR: openresty/lua-cjson#94 KAG-2151 (cherry picked from commit 65de2c3)
…#11291) This commit allows some configuration fields to be referenced by using vaults. The limitation is introduced by #11127, and this commit removes the limitation to keep the behaviour to be the same as before [FTI-4937](https://konghq.atlassian.net/browse/FTI-4937) (cherry picked from commit 522f554)
This updates one of the checksums for nfpm: https://github.com/goreleaser/nfpm/releases/download/v2.31.0/checksums.txt The 0e711d33[...] checksum is actually for the .sbom file and not the tarball, causing bazel to report this error: > Checksum was e6487dca9d9e9b1781fe7fa0a3d844e70cf12d92f3b5fc0c4ff771aa776b05ca but wanted 0e711d333d7673462f0afff8a57d4c09a215b3d20d989b5e4271f6622f325ded
(cherry picked from commit b4f328e) Co-authored-by: Michael Martin <[email protected]>
this also fixes the following issues: * Previously, the ttl related fields were not actually removed from the vault configuration, causing configurations not to be correctly manipulated before they were sent to older DP versions. https://konghq.atlassian.net/browse/KAG-2061 * When a secret is deleted from a vault, eventually also evict it from caches and stop using it. https://konghq.atlassian.net/browse/KAG-2060 * Previously, references that were nested in tables inside of a plugin configuration were never updated with fresh values from vaults. https://konghq.atlassian.net/browse/KAG-2096 * This fixes a bug that caused global plugins not to pick up new secret values - As they are handled differently from plugins that are attached to services, routes or consumers, they did not have `kong.vault.update` called when they were used. https://konghq.atlassian.net/browse/KAG-2095 as well as: * https://konghq.atlassian.net/browse/KAG-2097 * https://konghq.atlassian.net/browse/KAG-2073 * https://konghq.atlassian.net/browse/KAG-2118 * https://konghq.atlassian.net/browse/KAG-2097 (cherry picked from commit 7a1a373) Signed-off-by: Joshua Schmid <[email protected]> Co-authored-by: Hans Hübner <[email protected]>
* call globalpatches to assure shared dict mocks * make vault function `is_reference` static * added the new vaults_secrets shdict to constants Signed-off-by: Joshua Schmid <[email protected]>
(cherry picked from commit 91dcd61) Co-authored-by: Qi <[email protected]>
This makes build cache key generation reusable across different workflows. The test and release workflows now use the same "recipe" for cache key generation--no more copy/paste.
(cherry picked from commit d5ef304) Co-authored-by: Michael Martin <[email protected]>
Co-authored-by: Samuele <[email protected]>
(cherry picked from commit 7f9ae5f) Co-authored-by: Hisham Muhammad <[email protected]>
Partially reverts #10846 Even though we have been emitting deprecation warnings when the endpoint was used, we didn't remove it in 3.0, and doing it now can be a surprise breaking change for someone. In fact, someone had to update a project which was relying on that path, that is linked in #10846 This reverts the removal and replaces the deprecation version with 4.0 instead of 3.0. This PR does not revert the changes in our tests to use the new endpoint instead of the deprecated one. (cherry picked from commit 1ec4d73) Co-authored-by: Enrique García Cota <[email protected]>
The primary purpose of this change is to ensure that each .filters[].name is validated against available/installed filters in dbless mode (this was only working in db mode prior). I also added an additional entity check which will return a more descriptive error when wasm is disabled or no filters are present (this is more useful for dbless mode than anything). (cherry picked from commit 33dbd4f) Co-authored-by: Michael Martin <[email protected]>
… config for stream tls proxy (#11244) (cherry picked from commit 03d24bc) Co-authored-by: oowl <[email protected]>
* chore(build): support building ngx_wasm_module from tag * style(build): adjust wasm runtime version declarations * chore(deps): pin ngx_wasm_module * docs(changelog): add wasm entry
(cherry picked from commit 6eee6b4) Co-authored-by: Michael Martin <[email protected]>
Signed-off-by: Joshua Schmid <[email protected]>
…ing (#12223) Bumped default values of `nginx_http_keepalive_requests` and `upstream_keepalive_max_requests` to `10000`. KAG-3360 --------- Co-authored-by: Datong Sun <[email protected]> (cherry picked from commit f7e6eee)
In the balancer phase, when obtaining a connection from the upstream connection pool, the `cached` attribute of the peer connection is set to 1(`pc->cached = 1;`), indicating that the connection is obtained from the cache. If an error occurs during the use of this connection, such as "upstream prematurely closed connection" the system will increase the `tries` attribute of the peer connection by executing `u->peer.tries++`. `tries` represents the maximum number of attempts to connect to an upstream server. It is equal to the normal 1 attempt + `retries` (default value is 5) = 6. The occurrence of `u->peer.tries++` is unexpected and it results in the actual retry count exceeding 6 in worst cases. This PR restores tries by callbacks to the balancer when `u->peer.tries++` is unexpectedly set. FIX [FTI-5616](https://konghq.atlassian.net/browse/FTI-5616) Signed-off-by: tzssangglass <[email protected]>
github-actions
bot
added
core/cli
core/balancer
core/proxy
core/pdk
core/clustering
plugins/tcp-log
core/templates
core/router
plugins/aws-lambda
plugins/acme
core/admin-api
core/db
core/configuration
core/docs
plugins/correlation-id
core/logs
chore
|
@kikito did you mean to target the |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
worker_event_max_payloadto kong.conf (fix(core): Add a new parameterworker_event_max_payloadto kong.conf #11214)kong vault getdoesn't work in dbless mode (fix(cmd): lack of necessary nginx directives in kong cli nginx.conf #11127)expressionsin stream subsystem (feat(router): enable flavorexpressionsin stream subsystem #11071)azure-functionstests (tests(*): fix azure plugin test due to mockbin sunset #11879)syncQuery()to prevent deadlock risk (fix(dns): Eliminate asynchronous timer in syncQuery() to prevent hang risk #11900)$kong_request_idfor$request_idfor better performance (perf(tracing/request-id): introduce $kong_request_id #11725)proxy_set_headerinstead ofngx.req.set_header(perf(request-id): use proxy_set_header instead of lua api set_header #11788)proxy_access_logisoff([backport -> release/3.4.x] fix(template): fix failure of starting ifproxy_access_logisoff#12078)dns_stale_ttldefault to 1 hour (feat(templates): bumpdns_stale_ttldefault to 1 hour #12087)/(feat(admin-api): add gateway edition info to the endpoint/#12097)Summary
Checklist
changelog/unreleased/kongorskip-changeloglabel added on PR if changelog is unnecessary. README.mdIssue reference
Fix #[issue number]