merge #1
Open
merge #1
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#49680) * Handle unified mfa response to create privileged token. * Refactor useReauthenticate and Reauthenticate component. * Refactor ChangePasswordWizard to use useReauthenticate. * Fix mfa challenge option preference order; Fix reauthenticate component initial mfa option state. * Remove useReAuthenticate's onAuthenticated parameter. * Fix lint. * Fix flaky test. * Remove extra createPrivilegeToken call from the account page; Add new tokenless mfa endpoints to register/delete mfa devices; add TODOs to use new endpoints in v19+. * Fix tests. * Fix error handling in Web MFA flow. * Update e ref. * Fix stories. * Fix lint.
* Add packet tracing utilities * Rename package, add docs, other minor changes. * Update lib/srv/db/common/packetcapture/capture.go Co-authored-by: Edoardo Spadolini <[email protected]> * add runCommand comment * Update comments --------- Co-authored-by: Edoardo Spadolini <[email protected]>
* Add debugging steps for DiscoverEC2 User Task issues This PR adds a new field when getting an User Task. Description contains a markdown document that should be displayed to the user which helps them fix the issue with the task. * move descriptions from api to lib
…0163) * Add protos for issuance service and attrs * "expiry" -> "expires_at" rename * Pull jwt/x509 svid out into own messages * Add WorkloadIdentity/WorkloadIdentityRevision fields to SPIFFESVIDIssued * Update package name
* docs: update tsh client for trusted clusters * docs: remove extra space in tsh guide
* Add the decisionv1.Service boilerplate * Wire decisionv1.Service to auth.GRPCServer * Wire decisionpb.DecisionServiceClient to client.Client * Add basic service testing
* Cache Kubernetes App Discovery port check results For the K8S Services that we couldn't auto detect the protocol, after trying to infer the port, cache the result. Cache is evicted when the K8S Service changes (we check the Service's ResourceVersion). * add mutex to cached responses * fix flaky test when hitting the HTTPS server
This commit removes the restrictions of the autoupdate_agent_rollout and autoupdate_config schedules but adds groups validation. It also adds some optional server-side validation that should not be enforced at the resource level.
Reflect the v17 release date.
* docs: update backup and restore for data dir * docs: update configuration ref * docs: update teleport config ref
…8894) * Reorganize tctl commands to have commands not required auth client * Replace auth client with lazy loading approach * Fix linter warning * Replace camel case in import alias Replace logrus to use slog * Rename close function * Refactor plugin commands to use interface of auth client and plugin client Code review changes * Refactor workload identity commands * Add access to global config for the commands * Add test checking all tctl commands match process * Fix golangci-lint warnings
By default, the resource reconciler disalows changing a resource origin in order to enforce the segregation of resources created from different sources. This patch introduces an option to allow the reconciler to change a resource's origin, bypassing the origin change check if enabled. This is part of addressing #50654
* docs: update azure and openssh instrs * docs: update usage of its
) Calling the AWS API `ecs:ListServices` with a non-existent ECS Cluster name will return a 400 w/ ClusterNotFoundException. The existing code was not handling that error and a raw error was returned. This PR changes the logic to ensure that case is handled and that the ListDeployedDatabaseServices returns an empty list. An alternative would be to call the ListClusters beforehand, but that would increase the number of API calls we do to external services.
* Replace JSX.Element with React.ReactNode * Allow Icon to receive ref * Use a simpler example in the WithRef story
* Remove deprecated tooltip component aliases * Replace two more references to the old alias
* Fix proto resource 153 marshalling * Update tool/tctl/common/collection_test.go Co-authored-by: Alan Parra <[email protected]> * Update tool/tctl/common/collection_test.go Co-authored-by: Alan Parra <[email protected]> * Address feedback - Change from Resource153AdapterV2 to ProtoResource153Adapter - fix test failures and unmarshal proto resources properly - add a failing round-trip proto 153 test case - bonus: fix the table tesst reosurce create that did not support running a single row * Apply suggestions from code review Co-authored-by: Alan Parra <[email protected]> * lint --------- Co-authored-by: Alan Parra <[email protected]>
* Make Teleport Connect use TCP connection mode for Oracle * Add comments to params
This PR adds description to all known discover EKS issues. It also adds URLs that the user can follow to fix or further debug the issue. The URLs are per-cluster, and they usually link to Amazon EKS Cluster page or one of its sub pages.
* Remove all direct logrus usage from teleport module The only remaining use of logrus is from integrations, which is unfortunately imported by teleport.e, and prevents logrus from being moved to an indirect dependency. The logrus formatter and initialization of the logrus logger will remain in place until integrations is using slog. To prevent any accidental inclusions of logrus within the teleport module the depguard rules have been updated to prohibit importing logrus. The rules also include prohibit a few common log packages that tools like gopls might automatically import. * Refactor logger initialization Consolidates configuring of global loggers to a single function. This is mainly to facilitate configuring the logger for teleport scp, but will also allow us to remove the copy of logger initialization that currently exists in integrations/lib/logger. * fix: document ValidateFields * fix: remove copied yaml tags * fix: update file path comment
* GitHub proxy part 6.5: tsh git ssh/clone/config * review comments * fix test * fix ut for lookpath * fix logger and update dependency version * go mod tidy for integrations
Instead of creating an entire cluster, just mock the client to return 0 database services (we were not creating any in the cluster anyway)
* Validate Azure join using JWT claims * Add note about User-Agent
We suggest that a UUID is used for agentless nodes metadata.name field, but we do not enforce it. This causes several edge cases and slightly weird UX in places that expect the name to be a UUID. Most notably, this presents dialing problems for the web ui as described in #50914. To allowing dialing to function in all cases for these servers, routing has been updated to permit matches on metadata.name, however, the match is given a lower score then a match on a UUID. This should permit dialing, though, it may still result in ambiguity. Closes #50914.
… rds, server, kube (#50606)
#50720) * Allow adding app server labels from join token for install.sh * Address CRs * Reduce label yaml space, improve test
* Fix UserTask Status not being updated The Status field for UserTasks was not being correctly updated when the Spec.State was not changed. * copy the status field * use admin client instead of backend directly
* Support a non-global registry in Teleport * lint * Update lib/service/service.go Co-authored-by: rosstimothy <[email protected]> --------- Co-authored-by: rosstimothy <[email protected]>
This is the _last_ step required to migrate from logrus to slog. All components in the repository have been migrated to use slog allowing the logrus formatter to be deleted. The slog handler tests that validate the output have been updated to assert the format directly instead of comparing it to the output from the logrus formatter.
Closes #48745 Add a warning to the External Audit Storage page that this feature is not compatible with Access Monitoring on Teleport Enterprise (Cloud), complementing the warning on the Access Monitoring page.
* Remove all references to EKS sdk v1. * Address PR comments.
…on (#50853) * Allow labels for generic add web app flow * Update test
* Pull condition operators into a one of * Add wrapper structs to support repeated * Adjust for new protos * Fix tflint * Start fixing tests * Add more test cases * More test cases * Fix marshalling of resource * Fix test in lib/services
* Added RFD 0144 - Client Tools Updates * Fix. * Fix. * Fix. * Fix. * Fix. * Fix. * Fix. * Fix. * Fix. * Fix. * Fix. * Fix. * Fix. * Fix. * Fix. * Client tools RFD update (#45515) * Add changes proposed for client autoupdate * Add proxy flag and CDN info * Naming adjustments * Naming adjustments * Update client tools autoupdate RFD (#47498) * Drop watch command for autoupdate * Add modified tctl commands and `find` endpoint response * Add words to spell checker --------- Co-authored-by: Vadym Popov <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.