From 9e7adb66bb1534534f11c9f4810beb82d392de5c Mon Sep 17 00:00:00 2001 From: Zahari Dichev Date: Mon, 17 Feb 2025 08:28:57 +0000 Subject: [PATCH 1/2] stash Signed-off-by: Zahari Dichev --- .github/workflows/beta.yml | 60 +-- .github/workflows/coverage.yml | 104 ++--- .github/workflows/fuzzers.yml | 116 ++--- .github/workflows/markdown.yml | 34 +- .github/workflows/nightly.yml | 60 +-- .github/workflows/pr.yml | 251 ++++++----- .github/workflows/release-weekly.yml | 146 +++--- .github/workflows/release.yml | 422 +++++++++--------- .github/workflows/shellcheck.yml | 34 +- .github/workflows/toolchain.yml | 120 ++--- justfile | 12 +- linkerd/app/core/Cargo.toml | 2 +- .../app/integration/src/tests/telemetry.rs | 29 +- linkerd/app/src/lib.rs | 1 - linkerd/app/src/spire.rs | 29 +- linkerd/proxy/transport/src/lib.rs | 11 +- linkerd/proxy/transport/src/orig_dst.rs | 156 +------ linkerd/system/src/lib.rs | 4 +- 18 files changed, 764 insertions(+), 827 deletions(-) diff --git a/.github/workflows/beta.yml b/.github/workflows/beta.yml index 3ca547cee5..b8cb6c82fd 100644 --- a/.github/workflows/beta.yml +++ b/.github/workflows/beta.yml @@ -1,34 +1,34 @@ -# Builds the proxy on the beta toolchain to help catch Rust regressions before they hit stable. -name: rust-beta +# # Builds the proxy on the beta toolchain to help catch Rust regressions before they hit stable. +# name: rust-beta -on: - workflow_dispatch: {} - pull_request: - paths: - - justfile - - .github/workflows/beta.yml - schedule: - # Run weekly on wednesday @ midnightish Pacific-time. - - cron: "30 7 * * 3" +# on: +# workflow_dispatch: {} +# pull_request: +# paths: +# - justfile +# - .github/workflows/beta.yml +# schedule: +# # Run weekly on wednesday @ midnightish Pacific-time. +# - cron: "30 7 * * 3" -env: - CARGO_INCREMENTAL: 0 - CARGO_NET_RETRY: 10 - RUSTUP_MAX_RETRIES: 10 - RUSTFLAGS: "-D warnings --cfg tokio_unstable" +# env: +# CARGO_INCREMENTAL: 0 +# CARGO_NET_RETRY: 10 +# RUSTUP_MAX_RETRIES: 10 +# RUSTFLAGS: "-D warnings --cfg tokio_unstable" -permissions: - contents: read +# permissions: +# contents: read -jobs: - build: - runs-on: ubuntu-24.04 - container: ghcr.io/linkerd/dev:v45-rust - timeout-minutes: 20 - continue-on-error: true - steps: - - run: rustup toolchain install --profile=minimal beta - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - - run: git config --global --add safe.directory "$PWD" # actions/runner#2033 - - run: just toolchain=beta fetch - - run: just toolchain=beta build +# jobs: +# build: +# runs-on: ubuntu-24.04 +# container: ghcr.io/linkerd/dev:v45-rust +# timeout-minutes: 20 +# continue-on-error: true +# steps: +# - run: rustup toolchain install --profile=minimal beta +# - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 +# - run: git config --global --add safe.directory "$PWD" # actions/runner#2033 +# - run: just toolchain=beta fetch +# - run: just toolchain=beta build diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index e11c6c4bbe..35ca1afa95 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -1,58 +1,58 @@ -name: Coverage +# name: Coverage -on: - push: - branches: [main] - pull_request: {} +# on: +# push: +# branches: [main] +# pull_request: {} -permissions: - contents: read +# permissions: +# contents: read -concurrency: - group: ${{ github.workflow }}-${{ github.head_ref }} - cancel-in-progress: true +# concurrency: +# group: ${{ github.workflow }}-${{ github.head_ref }} +# cancel-in-progress: true -env: - CARGO_INCREMENTAL: 0 - CARGO_NET_RETRY: 10 - RUSTFLAGS: "-D warnings -A deprecated --cfg tokio_unstable -C debuginfo=2" - RUSTUP_MAX_RETRIES: 10 +# env: +# CARGO_INCREMENTAL: 0 +# CARGO_NET_RETRY: 10 +# RUSTFLAGS: "-D warnings -A deprecated --cfg tokio_unstable -C debuginfo=2" +# RUSTUP_MAX_RETRIES: 10 -jobs: - meta: - timeout-minutes: 5 - runs-on: ubuntu-24.04 - steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - - id: changed - uses: tj-actions/changed-files@dcc7a0cba800f454d79fff4b993e8c3555bcc0a8 - with: - files: | - .codecov.yml - .github/workflows/coverage.yml - **/*.rs - files_ignore: | - *-proto/** - linkerd/transport-header/** - outputs: - any_changed: ${{ steps.changed.outputs.any_changed }} +# jobs: +# meta: +# timeout-minutes: 5 +# runs-on: ubuntu-24.04 +# steps: +# - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 +# - id: changed +# uses: tj-actions/changed-files@dcc7a0cba800f454d79fff4b993e8c3555bcc0a8 +# with: +# files: | +# .codecov.yml +# .github/workflows/coverage.yml +# **/*.rs +# files_ignore: | +# *-proto/** +# linkerd/transport-header/** +# outputs: +# any_changed: ${{ steps.changed.outputs.any_changed }} - codecov: - needs: meta - if: (github.event_name == 'push' && github.ref == 'refs/heads/main') || needs.meta.outputs.any_changed == 'true' - runs-on: ubuntu-24.04 - timeout-minutes: 30 - container: - image: docker://ghcr.io/linkerd/dev:v45-rust - options: --security-opt seccomp=unconfined # 🤷 - env: - CXX: "/usr/bin/clang++-19" - steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - - uses: Swatinem/rust-cache@f0deed1e0edfc6a9be95417288c0e1099b1eeec3 - - run: cargo tarpaulin --locked --workspace --exclude=linkerd2-proxy --exclude=linkerd-transport-header --exclude=opencensus-proto --exclude=spire-proto --no-run - - run: cargo tarpaulin --locked --workspace --exclude=linkerd2-proxy --exclude=linkerd-transport-header --exclude=opencensus-proto --exclude=spire-proto --skip-clean --ignore-tests --no-fail-fast --out=Xml - # Some tests are especially flakey in coverage tests. That's fine. We - # only really care to measure how much of our codebase is covered. - continue-on-error: true - - uses: codecov/codecov-action@13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3 +# codecov: +# needs: meta +# if: (github.event_name == 'push' && github.ref == 'refs/heads/main') || needs.meta.outputs.any_changed == 'true' +# runs-on: ubuntu-24.04 +# timeout-minutes: 30 +# container: +# image: docker://ghcr.io/linkerd/dev:v45-rust +# options: --security-opt seccomp=unconfined # 🤷 +# env: +# CXX: "/usr/bin/clang++-19" +# steps: +# - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 +# - uses: Swatinem/rust-cache@f0deed1e0edfc6a9be95417288c0e1099b1eeec3 +# - run: cargo tarpaulin --locked --workspace --exclude=linkerd2-proxy --exclude=linkerd-transport-header --exclude=opencensus-proto --exclude=spire-proto --no-run +# - run: cargo tarpaulin --locked --workspace --exclude=linkerd2-proxy --exclude=linkerd-transport-header --exclude=opencensus-proto --exclude=spire-proto --skip-clean --ignore-tests --no-fail-fast --out=Xml +# # Some tests are especially flakey in coverage tests. That's fine. We +# # only really care to measure how much of our codebase is covered. +# continue-on-error: true +# - uses: codecov/codecov-action@13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3 diff --git a/.github/workflows/fuzzers.yml b/.github/workflows/fuzzers.yml index 15f788588d..5590ed9eb0 100644 --- a/.github/workflows/fuzzers.yml +++ b/.github/workflows/fuzzers.yml @@ -1,63 +1,63 @@ -name: fuzzers +# name: fuzzers -on: - # Only run on PRs that touch fuzzed crates - pull_request: - paths: - - 'linkerd/addr/**' - - 'linkerd/app/inbound/**' - - 'linkerd/dns/**' - - 'linkerd/proxy/http/**' - - 'linkerd/tls/**' - - 'linkerd/transport-header/**' - - .github/workflows/fuzzers.yml - - .github/fuzzers-list.sh +# on: +# # Only run on PRs that touch fuzzed crates +# pull_request: +# paths: +# - 'linkerd/addr/**' +# - 'linkerd/app/inbound/**' +# - 'linkerd/dns/**' +# - 'linkerd/proxy/http/**' +# - 'linkerd/tls/**' +# - 'linkerd/transport-header/**' +# - .github/workflows/fuzzers.yml +# - .github/fuzzers-list.sh -env: - CARGO_INCREMENTAL: 0 - CARGO_NET_RETRY: 10 - RUST_BACKTRACE: short - RUSTFLAGS: "-D warnings -A deprecated --cfg tokio_unstable -C debuginfo=0" - RUSTUP_MAX_RETRIES: 10 +# env: +# CARGO_INCREMENTAL: 0 +# CARGO_NET_RETRY: 10 +# RUST_BACKTRACE: short +# RUSTFLAGS: "-D warnings -A deprecated --cfg tokio_unstable -C debuginfo=0" +# RUSTUP_MAX_RETRIES: 10 -permissions: - contents: read +# permissions: +# contents: read -jobs: - list-changed: - timeout-minutes: 3 - runs-on: ubuntu-24.04 - container: docker://rust:1.83.0 - steps: - - run: apt update && apt install -y jo - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - - run: git config --global --add safe.directory "$PWD" # actions/runner#2033 - - uses: tj-actions/changed-files@dcc7a0cba800f454d79fff4b993e8c3555bcc0a8 - id: changed-files - - name: list changed crates - id: list-changed - shell: bash - run: | - dirs=$(.github/fuzzers-list.sh ${{ steps.changed-files.outputs.all_changed_files }} | jo -a) - echo "dirs=$dirs" >> "$GITHUB_OUTPUT" - outputs: - dirs: ${{ steps.list-changed.outputs.dirs }} +# jobs: +# list-changed: +# timeout-minutes: 3 +# runs-on: ubuntu-24.04 +# container: docker://rust:1.83.0 +# steps: +# - run: apt update && apt install -y jo +# - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 +# - run: git config --global --add safe.directory "$PWD" # actions/runner#2033 +# - uses: tj-actions/changed-files@dcc7a0cba800f454d79fff4b993e8c3555bcc0a8 +# id: changed-files +# - name: list changed crates +# id: list-changed +# shell: bash +# run: | +# dirs=$(.github/fuzzers-list.sh ${{ steps.changed-files.outputs.all_changed_files }} | jo -a) +# echo "dirs=$dirs" >> "$GITHUB_OUTPUT" +# outputs: +# dirs: ${{ steps.list-changed.outputs.dirs }} - # Build fuzzers for any changed crates. - build: - needs: [list-changed] - timeout-minutes: 40 - runs-on: ubuntu-24.04 - container: docker://rust:1.83.0 - strategy: - matrix: - dir: ${{ fromJson(needs.list-changed.outputs.dirs) }} - steps: - - run: rustup toolchain add nightly - - run: cargo install cargo-fuzz - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - - run: git config --global --add safe.directory "$PWD" # actions/runner#2033 - - working-directory: ${{matrix.dir}} - run: cargo +nightly fetch - - working-directory: ${{matrix.dir}} - run: cargo +nightly fuzz build +# # Build fuzzers for any changed crates. +# build: +# needs: [list-changed] +# timeout-minutes: 40 +# runs-on: ubuntu-24.04 +# container: docker://rust:1.83.0 +# strategy: +# matrix: +# dir: ${{ fromJson(needs.list-changed.outputs.dirs) }} +# steps: +# - run: rustup toolchain add nightly +# - run: cargo install cargo-fuzz +# - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 +# - run: git config --global --add safe.directory "$PWD" # actions/runner#2033 +# - working-directory: ${{matrix.dir}} +# run: cargo +nightly fetch +# - working-directory: ${{matrix.dir}} +# run: cargo +nightly fuzz build diff --git a/.github/workflows/markdown.yml b/.github/workflows/markdown.yml index fdfbefa803..2a6bfab8ae 100644 --- a/.github/workflows/markdown.yml +++ b/.github/workflows/markdown.yml @@ -1,20 +1,20 @@ -name: markdown +# name: markdown -permissions: - contents: read +# permissions: +# contents: read -on: - pull_request: - paths: - - '**/*.md' - - .github/workflows/markdown.yml +# on: +# pull_request: +# paths: +# - '**/*.md' +# - .github/workflows/markdown.yml -jobs: - markdownlint: - timeout-minutes: 5 - runs-on: ubuntu-24.04 - steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - - uses: DavidAnson/markdownlint-cli2-action@05f32210e84442804257b2a6f20b273450ec8265 - with: - globs: "**/*.md" +# jobs: +# markdownlint: +# timeout-minutes: 5 +# runs-on: ubuntu-24.04 +# steps: +# - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 +# - uses: DavidAnson/markdownlint-cli2-action@05f32210e84442804257b2a6f20b273450ec8265 +# with: +# globs: "**/*.md" diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 301170189b..d03806c614 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -1,34 +1,34 @@ -# Builds the proxy on the nightly toolchain to help catch Rust regressions before they hit beta. -name: rust-nightly +# # Builds the proxy on the nightly toolchain to help catch Rust regressions before they hit beta. +# name: rust-nightly -on: - workflow_dispatch: {} - pull_request: - paths: - - justfile - - .github/workflows/nightly.yml - schedule: - # Run daily @ midnightish Pacific-time. - - cron: "0 8 * * *" +# on: +# workflow_dispatch: {} +# pull_request: +# paths: +# - justfile +# - .github/workflows/nightly.yml +# schedule: +# # Run daily @ midnightish Pacific-time. +# - cron: "0 8 * * *" -env: - CARGO_INCREMENTAL: 0 - CARGO_NET_RETRY: 10 - RUSTFLAGS: "-D warnings -A opaque_hidden_inferred_bound --cfg tokio_unstable -C debuginfo=0" - RUSTUP_MAX_RETRIES: 10 +# env: +# CARGO_INCREMENTAL: 0 +# CARGO_NET_RETRY: 10 +# RUSTFLAGS: "-D warnings -A opaque_hidden_inferred_bound --cfg tokio_unstable -C debuginfo=0" +# RUSTUP_MAX_RETRIES: 10 -permissions: - contents: read +# permissions: +# contents: read -jobs: - build: - runs-on: ubuntu-24.04 - container: ghcr.io/linkerd/dev:v45-rust - timeout-minutes: 20 - continue-on-error: true - steps: - - run: rustup toolchain install --profile=minimal nightly - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - - run: git config --global --add safe.directory "$PWD" # actions/runner#2033 - - run: just toolchain=nightly fetch - - run: just toolchain=nightly profile=release build +# jobs: +# build: +# runs-on: ubuntu-24.04 +# container: ghcr.io/linkerd/dev:v45-rust +# timeout-minutes: 20 +# continue-on-error: true +# steps: +# - run: rustup toolchain install --profile=minimal nightly +# - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 +# - run: git config --global --add safe.directory "$PWD" # actions/runner#2033 +# - run: just toolchain=nightly fetch +# - run: just toolchain=nightly profile=release build diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index aeeca8218a..12595c22c0 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -6,6 +6,9 @@ env: CARGO_NET_RETRY: 10 RUSTUP_MAX_RETRIES: 10 RUSTFLAGS: "-D warnings -D deprecated --cfg tokio_unstable -C debuginfo=0" + C_INCLUDE_PATH: "C:\\msys64\\usr\\include" + CPLUS_INCLUDE_PATH: "C:\\msys64\\usr\\include" + LIBRARY_PATH: "C:\\msys64\\usr\\lib" concurrency: group: ${{ github.workflow }}-${{ github.head_ref }} @@ -54,127 +57,159 @@ jobs: cargo_crates: ${{ steps.cargo-crates.outputs.crates }} rust_changed: ${{ steps.build.outputs.any_changed == 'true' || steps.rust.outputs.any_changed == 'true' }} - info: - timeout-minutes: 3 - needs: meta - runs-on: ubuntu-24.04 - steps: - - name: Info - run: | - echo 'github.actor: ${{ github.actor }}' - echo 'github.event_name: ${{ github.event_name }}' - echo 'github.event.pull_request.number: ${{ github.event.pull_request.number }}' - echo 'needs.meta.outputs.is_dependabot: ${{ needs.meta.outputs.is_dependabot }}' - echo 'needs.meta.outputs.any_changed: ${{ needs.meta.outputs.any_changed }}' - echo 'needs.meta.outputs.actions_changed: ${{ needs.meta.outputs.actions_changed }}' - echo 'needs.meta.outputs.cargo_changed: ${{ needs.meta.outputs.cargo_changed }}' - echo 'needs.meta.outputs.cargo_crates: ${{ needs.meta.outputs.cargo_crates }}' - echo 'needs.meta.outputs.rust_changed: ${{ needs.meta.outputs.rust_changed }}' + # info: + # timeout-minutes: 3 + # needs: meta + # runs-on: ubuntu-24.04 + # steps: + # - name: Info + # run: | + # echo 'github.actor: ${{ github.actor }}' + # echo 'github.event_name: ${{ github.event_name }}' + # echo 'github.event.pull_request.number: ${{ github.event.pull_request.number }}' + # echo 'needs.meta.outputs.is_dependabot: ${{ needs.meta.outputs.is_dependabot }}' + # echo 'needs.meta.outputs.any_changed: ${{ needs.meta.outputs.any_changed }}' + # echo 'needs.meta.outputs.actions_changed: ${{ needs.meta.outputs.actions_changed }}' + # echo 'needs.meta.outputs.cargo_changed: ${{ needs.meta.outputs.cargo_changed }}' + # echo 'needs.meta.outputs.cargo_crates: ${{ needs.meta.outputs.cargo_crates }}' + # echo 'needs.meta.outputs.rust_changed: ${{ needs.meta.outputs.rust_changed }}' - actions: - needs: meta - if: needs.meta.outputs.actions_changed == 'true' - runs-on: ubuntu-24.04 - steps: - - uses: linkerd/dev/actions/setup-tools@v45 - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - - run: just action-lint - - run: just action-dev-check + # actions: + # needs: meta + # if: needs.meta.outputs.actions_changed == 'true' + # runs-on: ubuntu-24.04 + # steps: + # - uses: linkerd/dev/actions/setup-tools@v45 + # - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + # - run: just action-lint + # - run: just action-dev-check + + # rust: + # needs: meta + # if: needs.meta.outputs.cargo_changed == 'true' || needs.meta.outputs.rust_changed == 'true' + # runs-on: ubuntu-24.04 + # container: ghcr.io/linkerd/dev:v45-rust + # permissions: + # contents: read + # timeout-minutes: 20 + # steps: + # - run: git config --global --add safe.directory "$PWD" # actions/runner#2033 + # - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + # - uses: Swatinem/rust-cache@f0deed1e0edfc6a9be95417288c0e1099b1eeec3 + # - run: just fetch + # - name: Run cargo deny check bans licenses sources + # uses: EmbarkStudios/cargo-deny-action@e2f4ede4a4e60ea15ff31bc0647485d80c66cfba + # with: + # command: check bans licenses sources + # - run: just check-fmt + # - run: just clippy + # - run: just doc + # - run: just test --exclude=linkerd2-proxy --no-run + # - run: just test --exclude=linkerd2-proxy + # env: + # NEXTEST_RETRIES: 3 - rust: + rust-windows: needs: meta - if: needs.meta.outputs.cargo_changed == 'true' || needs.meta.outputs.rust_changed == 'true' - runs-on: ubuntu-24.04 - container: ghcr.io/linkerd/dev:v45-rust + runs-on: windows-latest permissions: contents: read timeout-minutes: 20 steps: - - run: git config --global --add safe.directory "$PWD" # actions/runner#2033 - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - - uses: Swatinem/rust-cache@f0deed1e0edfc6a9be95417288c0e1099b1eeec3 - - run: just fetch - - name: Run cargo deny check bans licenses sources - uses: EmbarkStudios/cargo-deny-action@e2f4ede4a4e60ea15ff31bc0647485d80c66cfba + - name: Install Rust (rustup) + run: rustup update stable --no-self-update && rustup default stable + shell: bash + - run: rustup target add x86_64-pc-windows-gnu + - name: Install nasm + run: choco install nasm + shell: cmd + - name: Install LLVM and Clang + uses: KyleMayes/install-llvm-action@v2.0.5 with: - command: check bans licenses sources - - run: just check-fmt - - run: just clippy - - run: just doc - - run: just test --exclude=linkerd2-proxy --no-run - - run: just test --exclude=linkerd2-proxy - env: - NEXTEST_RETRIES: 3 + version: "18.1.8" + directory: ${{ runner.temp }}/llvm + - name: Set LIBCLANG_PATH + run: echo "LIBCLANG_PATH=$((gcm clang).source -replace "clang.exe")" >> $env:GITHUB_ENV + - name: fetch + run: cargo fetch --locked + - name: fmt + run: cargo fmt -- --check + - name: clippy + run: cargo clippy --target=x86_64-pc-windows-gnu --workspace --all-targets --frozen + - name: tests + run: cargo test --target=x86_64-pc-windows-gnu --workspace --exclude=linkerd2-proxy --frozen + - rust-crates: - needs: meta - if: needs.meta.outputs.cargo_changed == 'true' - timeout-minutes: 20 - runs-on: ubuntu-24.04 - container: ghcr.io/linkerd/dev:v45-rust - strategy: - matrix: - crate: ${{ fromJson(needs.meta.outputs.cargo_crates) }} - steps: - - run: git config --global --add safe.directory "$PWD" # actions/runner#2033 - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - - uses: Swatinem/rust-cache@f0deed1e0edfc6a9be95417288c0e1099b1eeec3 - - run: just fetch - - run: just check-crate ${{ matrix.crate }} + # rust-crates: + # needs: meta + # if: needs.meta.outputs.cargo_changed == 'true' + # timeout-minutes: 20 + # runs-on: ubuntu-24.04 + # container: ghcr.io/linkerd/dev:v45-rust + # strategy: + # matrix: + # crate: ${{ fromJson(needs.meta.outputs.cargo_crates) }} + # steps: + # - run: git config --global --add safe.directory "$PWD" # actions/runner#2033 + # - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + # - uses: Swatinem/rust-cache@f0deed1e0edfc6a9be95417288c0e1099b1eeec3 + # - run: just fetch + # - run: just check-crate ${{ matrix.crate }} - linkerd-install: - needs: meta - if: needs.meta.outputs.cargo_changed == 'true' || needs.meta.outputs.rust_changed == 'true' - timeout-minutes: 20 - runs-on: ubuntu-24.04 - env: - WAIT_TIMEOUT: 2m - steps: - - uses: linkerd/dev/actions/setup-tools@v45 - - name: scurl https://run.linkerd.io/install-edge | sh - run: | - scurl https://run.linkerd.io/install-edge | sh - echo "PATH=$PATH:$HOME/.linkerd2/bin" >> "$GITHUB_ENV" - export PATH="$PATH:$HOME/.linkerd2/bin" - tag=$(linkerd version --client --short) - echo "linkerd $tag" - echo "LINKERD_TAG=$tag" >> "$GITHUB_ENV" - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - - run: just docker - - run: just-k3d create - - run: just k3d-load-linkerd - - run: just linkerd-install - - run: just linkerd-check-control-plane-proxy - env: - TMPDIR: ${{ runner.temp }} + # linkerd-install: + # needs: meta + # if: needs.meta.outputs.cargo_changed == 'true' || needs.meta.outputs.rust_changed == 'true' + # timeout-minutes: 20 + # runs-on: ubuntu-24.04 + # env: + # WAIT_TIMEOUT: 2m + # steps: + # - uses: linkerd/dev/actions/setup-tools@v45 + # - name: scurl https://run.linkerd.io/install-edge | sh + # run: | + # scurl https://run.linkerd.io/install-edge | sh + # echo "PATH=$PATH:$HOME/.linkerd2/bin" >> "$GITHUB_ENV" + # export PATH="$PATH:$HOME/.linkerd2/bin" + # tag=$(linkerd version --client --short) + # echo "linkerd $tag" + # echo "LINKERD_TAG=$tag" >> "$GITHUB_ENV" + # - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + # - run: just docker + # - run: just-k3d create + # - run: just k3d-load-linkerd + # - run: just linkerd-install + # - run: just linkerd-check-control-plane-proxy + # env: + # TMPDIR: ${{ runner.temp }} - ship-it: - timeout-minutes: 3 - needs: [meta, actions, rust, rust-crates, linkerd-install] - if: always() - runs-on: ubuntu-24.04 + # ship-it: + # timeout-minutes: 3 + # needs: [meta, actions, rust, rust-crates, linkerd-install] + # if: always() + # runs-on: ubuntu-24.04 - permissions: - contents: write - pull-requests: write + # permissions: + # contents: write + # pull-requests: write - steps: - - name: Results - run: | - echo 'needs.actions.result: ${{ needs.actions.result }}' - echo 'needs.rust.result: ${{ needs.rust.result }}' - echo 'needs.rust-crates.result: ${{ needs.rust-crates.result }}' - echo 'needs.linkerd-install.result: ${{ needs.linkerd-install.result }}' + # steps: + # - name: Results + # run: | + # echo 'needs.actions.result: ${{ needs.actions.result }}' + # echo 'needs.rust.result: ${{ needs.rust.result }}' + # echo 'needs.rust-crates.result: ${{ needs.rust-crates.result }}' + # echo 'needs.linkerd-install.result: ${{ needs.linkerd-install.result }}' - - name: Verify jobs - # All jobs must succeed or be skipped. - if: contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') - run: exit 1 + # - name: Verify jobs + # # All jobs must succeed or be skipped. + # if: contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') + # run: exit 1 - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - if: needs.meta.outputs.is_dependabot == 'true' && needs.meta.outputs.any_changed == 'true' - - name: "Merge dependabot changes" - if: needs.meta.outputs.is_dependabot == 'true' && needs.meta.outputs.any_changed == 'true' - run: gh pr merge '${{ github.event.pull_request.number }}' --auto --squash - env: - GH_TOKEN: ${{ github.token }} + # - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + # if: needs.meta.outputs.is_dependabot == 'true' && needs.meta.outputs.any_changed == 'true' + # - name: "Merge dependabot changes" + # if: needs.meta.outputs.is_dependabot == 'true' && needs.meta.outputs.any_changed == 'true' + # run: gh pr merge '${{ github.event.pull_request.number }}' --auto --squash + # env: + # GH_TOKEN: ${{ github.token }} diff --git a/.github/workflows/release-weekly.yml b/.github/workflows/release-weekly.yml index 2154e19e73..a3d86947db 100644 --- a/.github/workflows/release-weekly.yml +++ b/.github/workflows/release-weekly.yml @@ -1,78 +1,78 @@ -name: Weekly proxy release +# name: Weekly proxy release -on: - schedule: - # Wednesday at ~8:40PM Pacific - - cron: "40 3 * * 3" - workflow_dispatch: {} +# on: +# schedule: +# # Wednesday at ~8:40PM Pacific +# - cron: "40 3 * * 3" +# workflow_dispatch: {} -concurrency: - group: ${{ github.workflow }}-${{ github.head_ref }} - cancel-in-progress: true +# concurrency: +# group: ${{ github.workflow }}-${{ github.head_ref }} +# cancel-in-progress: true -jobs: - last-release: - if: github.repository == 'linkerd/linkerd2-proxy' # Don't run this in forks. - runs-on: ubuntu-24.04 - timeout-minutes: 5 - env: - GH_REPO: ${{ github.repository }} - GH_TOKEN: ${{ github.token }} - steps: - - name: Latest release - id: latest - run: gh release view --json name,publishedAt | jq -r 'to_entries[] | (.key + "=" + .value)' >> "$GITHUB_OUTPUT" - - name: Check if release was in last 72 hours - id: recency - env: - PUBLISHED_AT: ${{ steps.latest.outputs.publishedAt }} - run: | - if [ "$(date -d "$PUBLISHED_AT" +%s)" -gt "$(date -d '72 hours ago' +%s)" ]; then - echo "Last release $PUBLISHED_AT is recent" >&2 - echo "recent=true" >> "$GITHUB_OUTPUT" - else - echo "Last release $PUBLISHED_AT is not recent" >&2 - echo "recent=false" >> "$GITHUB_OUTPUT" - fi - outputs: - version: ${{ steps.latest.outputs.name }} - published-at: ${{ steps.latest.outputs.publishedAt }} - recent: ${{ steps.recency.outputs.recent == 'true' }} +# jobs: +# last-release: +# if: github.repository == 'linkerd/linkerd2-proxy' # Don't run this in forks. +# runs-on: ubuntu-24.04 +# timeout-minutes: 5 +# env: +# GH_REPO: ${{ github.repository }} +# GH_TOKEN: ${{ github.token }} +# steps: +# - name: Latest release +# id: latest +# run: gh release view --json name,publishedAt | jq -r 'to_entries[] | (.key + "=" + .value)' >> "$GITHUB_OUTPUT" +# - name: Check if release was in last 72 hours +# id: recency +# env: +# PUBLISHED_AT: ${{ steps.latest.outputs.publishedAt }} +# run: | +# if [ "$(date -d "$PUBLISHED_AT" +%s)" -gt "$(date -d '72 hours ago' +%s)" ]; then +# echo "Last release $PUBLISHED_AT is recent" >&2 +# echo "recent=true" >> "$GITHUB_OUTPUT" +# else +# echo "Last release $PUBLISHED_AT is not recent" >&2 +# echo "recent=false" >> "$GITHUB_OUTPUT" +# fi +# outputs: +# version: ${{ steps.latest.outputs.name }} +# published-at: ${{ steps.latest.outputs.publishedAt }} +# recent: ${{ steps.recency.outputs.recent == 'true' }} - last-commit: - needs: last-release - runs-on: ubuntu-24.04 - timeout-minutes: 5 - steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - - name: Check if the most recent commit is after the last release - id: recency - env: - PUBLISHED_AT: ${{ needs.last-release.outputs.published-at }} - run: | - if [ "$(git log -1 --format=%ct)" -gt "$(date -d "$PUBLISHED_AT" +%s)" ]; then - echo "HEAD after last release $PUBLISHED_AT" >&2 - echo "after-release=true" >> "$GITHUB_OUTPUT" - else - echo "after-release=false" >> "$GITHUB_OUTPUT" - fi - outputs: - after-release: ${{ steps.recency.outputs.after-release == 'true' }} +# last-commit: +# needs: last-release +# runs-on: ubuntu-24.04 +# timeout-minutes: 5 +# steps: +# - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 +# - name: Check if the most recent commit is after the last release +# id: recency +# env: +# PUBLISHED_AT: ${{ needs.last-release.outputs.published-at }} +# run: | +# if [ "$(git log -1 --format=%ct)" -gt "$(date -d "$PUBLISHED_AT" +%s)" ]; then +# echo "HEAD after last release $PUBLISHED_AT" >&2 +# echo "after-release=true" >> "$GITHUB_OUTPUT" +# else +# echo "after-release=false" >> "$GITHUB_OUTPUT" +# fi +# outputs: +# after-release: ${{ steps.recency.outputs.after-release == 'true' }} - trigger-release: - needs: [last-release, last-commit] - if: needs.last-release.outputs.recent == 'false' && needs.last-commit.outputs.after-release == 'true' - runs-on: ubuntu-24.04 - timeout-minutes: 5 - permissions: - actions: write - env: - GH_REPO: ${{ github.repository }} - GH_TOKEN: ${{ github.token }} - LAST_VERSION: ${{ needs.last-release.outputs.version }} - steps: - - name: Get the latest minor version - run: | - m="$(echo "$LAST_VERSION" | cut -d. -f2)" - echo MINOR_VERSION="$((m+1))" >> "$GITHUB_ENV" - - run: gh workflow run release.yml -f publish=true -f version=v2."$MINOR_VERSION".0 +# trigger-release: +# needs: [last-release, last-commit] +# if: needs.last-release.outputs.recent == 'false' && needs.last-commit.outputs.after-release == 'true' +# runs-on: ubuntu-24.04 +# timeout-minutes: 5 +# permissions: +# actions: write +# env: +# GH_REPO: ${{ github.repository }} +# GH_TOKEN: ${{ github.token }} +# LAST_VERSION: ${{ needs.last-release.outputs.version }} +# steps: +# - name: Get the latest minor version +# run: | +# m="$(echo "$LAST_VERSION" | cut -d. -f2)" +# echo MINOR_VERSION="$((m+1))" >> "$GITHUB_ENV" +# - run: gh workflow run release.yml -f publish=true -f version=v2."$MINOR_VERSION".0 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7b7ce1eff3..01baaef78b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,224 +1,224 @@ -name: Release +# name: Release -on: - pull_request: {} - workflow_dispatch: - inputs: - version: - description: "Version in the form v1.2.3-prerelease+buildinfo" - required: true - type: string - tag-prefix: - description: "Tag prefix" - required: false - type: string - default: "release/" - profile: - description: "Build profile" - required: false - type: choice - options: ["debug", "release"] - default: "release" - publish: - description: "Publish the release?" - required: false - type: boolean - default: false - ref: - description: "Reference of the commit to release (default: github.ref)" - required: false - type: string - default: "" - prerelease: - description: "Is this a prerelease?" - required: false - type: boolean - default: false - draft: - description: "Is this a draft?" - required: false - type: boolean - default: false - latest: - description: "Make this the latest release?" - required: false - type: boolean - default: true +# on: +# pull_request: {} +# workflow_dispatch: +# inputs: +# version: +# description: "Version in the form v1.2.3-prerelease+buildinfo" +# required: true +# type: string +# tag-prefix: +# description: "Tag prefix" +# required: false +# type: string +# default: "release/" +# profile: +# description: "Build profile" +# required: false +# type: choice +# options: ["debug", "release"] +# default: "release" +# publish: +# description: "Publish the release?" +# required: false +# type: boolean +# default: false +# ref: +# description: "Reference of the commit to release (default: github.ref)" +# required: false +# type: string +# default: "" +# prerelease: +# description: "Is this a prerelease?" +# required: false +# type: boolean +# default: false +# draft: +# description: "Is this a draft?" +# required: false +# type: boolean +# default: false +# latest: +# description: "Make this the latest release?" +# required: false +# type: boolean +# default: true -env: - CARGO_INCREMENTAL: 0 - CARGO_NET_RETRY: 10 - RUSTFLAGS: "-D warnings -A deprecated --cfg tokio_unstable" - RUSTUP_MAX_RETRIES: 10 +# env: +# CARGO_INCREMENTAL: 0 +# CARGO_NET_RETRY: 10 +# RUSTFLAGS: "-D warnings -A deprecated --cfg tokio_unstable" +# RUSTUP_MAX_RETRIES: 10 -concurrency: - group: ${{ github.workflow }}-${{ inputs.ref || github.head_ref }} - cancel-in-progress: true +# concurrency: +# group: ${{ github.workflow }}-${{ inputs.ref || github.head_ref }} +# cancel-in-progress: true -jobs: - meta: - timeout-minutes: 5 - runs-on: ubuntu-24.04 - steps: - - id: meta - env: - VERSION: ${{ inputs.version }} - shell: bash - run: | - set -euo pipefail - shopt -s extglob - if [[ "$GITHUB_EVENT_NAME" == pull_request ]]; then - echo version="0.0.0-test.${GITHUB_SHA:0:7}" - echo archs='["amd64"]' - exit 0 - fi >> "$GITHUB_OUTPUT" - if ! [[ "$VERSION" =~ ^v[0-9]+\.[0-9]+\.[0-9]+(-[0-9A-Za-z-]+)?(\+[0-9A-Za-z-]+)?$ ]]; then - echo "Invalid version: $VERSION" >&2 - exit 1 - fi - ( echo version="${VERSION#v}" - echo archs='["amd64", "arm64", "arm"]' - ) >> "$GITHUB_OUTPUT" +# jobs: +# meta: +# timeout-minutes: 5 +# runs-on: ubuntu-24.04 +# steps: +# - id: meta +# env: +# VERSION: ${{ inputs.version }} +# shell: bash +# run: | +# set -euo pipefail +# shopt -s extglob +# if [[ "$GITHUB_EVENT_NAME" == pull_request ]]; then +# echo version="0.0.0-test.${GITHUB_SHA:0:7}" +# echo archs='["amd64"]' +# exit 0 +# fi >> "$GITHUB_OUTPUT" +# if ! [[ "$VERSION" =~ ^v[0-9]+\.[0-9]+\.[0-9]+(-[0-9A-Za-z-]+)?(\+[0-9A-Za-z-]+)?$ ]]; then +# echo "Invalid version: $VERSION" >&2 +# exit 1 +# fi +# ( echo version="${VERSION#v}" +# echo archs='["amd64", "arm64", "arm"]' +# ) >> "$GITHUB_OUTPUT" - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - if: github.event_name == 'pull_request' - - id: changed - if: github.event_name == 'pull_request' - uses: tj-actions/changed-files@dcc7a0cba800f454d79fff4b993e8c3555bcc0a8 - with: - files: | - .github/workflows/release.yml - justfile - Cargo.toml +# - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 +# if: github.event_name == 'pull_request' +# - id: changed +# if: github.event_name == 'pull_request' +# uses: tj-actions/changed-files@dcc7a0cba800f454d79fff4b993e8c3555bcc0a8 +# with: +# files: | +# .github/workflows/release.yml +# justfile +# Cargo.toml - outputs: - archs: ${{ steps.meta.outputs.archs }} - version: ${{ steps.meta.outputs.version }} - package: ${{ github.event_name == 'workflow_dispatch' || steps.changed.outputs.any_changed == 'true' }} - profile: ${{ inputs.profile || 'release' }} - publish: ${{ inputs.publish }} - ref: ${{ inputs.ref || github.sha }} - tag: "${{ inputs.tag-prefix || 'release/' }}v${{ steps.meta.outputs.version }}" - prerelease: ${{ inputs.prerelease }} - draft: ${{ inputs.draft }} - latest: ${{ inputs.latest }} +# outputs: +# archs: ${{ steps.meta.outputs.archs }} +# version: ${{ steps.meta.outputs.version }} +# package: ${{ github.event_name == 'workflow_dispatch' || steps.changed.outputs.any_changed == 'true' }} +# profile: ${{ inputs.profile || 'release' }} +# publish: ${{ inputs.publish }} +# ref: ${{ inputs.ref || github.sha }} +# tag: "${{ inputs.tag-prefix || 'release/' }}v${{ steps.meta.outputs.version }}" +# prerelease: ${{ inputs.prerelease }} +# draft: ${{ inputs.draft }} +# latest: ${{ inputs.latest }} - info: - needs: meta - runs-on: ubuntu-24.04 - timeout-minutes: 3 - steps: - - name: Inputs - run: | - jq . <- - needs.meta.outputs.publish == 'true' && - needs.meta.outputs.prerelease == 'false' && - needs.meta.outputs.draft == 'false' && - needs.meta.outputs.latest == 'true' - name: Trigger sync-proxy in linkerd2 - run: gh workflow run sync-proxy.yml -f version="$TAG" - env: - GH_REPO: ${{ vars.LINKERD2_REPO || 'linkerd/linkerd2' }} - GH_TOKEN: ${{ secrets.LINKERD2_GITHUB_TOKEN }} +# publish: +# needs: [meta, package] +# runs-on: ubuntu-24.04 +# timeout-minutes: 5 +# permissions: +# actions: write +# contents: write +# env: +# VERSION: v${{ needs.meta.outputs.version }} +# TAG: ${{ needs.meta.outputs.tag }} +# steps: +# - name: Configure git +# env: +# GITHUB_USERNAME: ${{ vars.LINKERD2_PROXY_GITHUB_USERNAME || 'github-actions[bot]' }} +# run: | +# git config --global --add safe.directory "$PWD" # actions/runner#2033 +# git config --global user.name "$GITHUB_USERNAME" +# git config --global user.email "$GITHUB_USERNAME"@users.noreply.github.com +# # Tag the release. +# - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 +# with: +# token: ${{ secrets.LINKERD2_PROXY_GITHUB_TOKEN || github.token }} +# ref: ${{ needs.meta.outputs.ref }} +# - run: git tag -a -m "$VERSION" "$TAG" +# # Fetch the artifacts. +# - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 +# with: +# path: artifacts +# - run: du -h artifacts/**/* +# # Publish the release. +# - if: needs.meta.outputs.publish == 'true' +# run: git push origin "$TAG" +# - if: needs.meta.outputs.publish == 'true' +# uses: softprops/action-gh-release@c95fe1489396fe8a9eb87c0abf8aa5b2ef267fda +# with: +# name: ${{ env.VERSION }} +# tag_name: ${{ env.TAG }} +# files: artifacts/**/* +# generate_release_notes: true +# prerelease: ${{ needs.meta.outputs.prerelease }} +# draft: ${{ needs.meta.outputs.draft }} +# make_latest: ${{ needs.meta.outputs.latest }} +# - if: >- +# needs.meta.outputs.publish == 'true' && +# needs.meta.outputs.prerelease == 'false' && +# needs.meta.outputs.draft == 'false' && +# needs.meta.outputs.latest == 'true' +# name: Trigger sync-proxy in linkerd2 +# run: gh workflow run sync-proxy.yml -f version="$TAG" +# env: +# GH_REPO: ${{ vars.LINKERD2_REPO || 'linkerd/linkerd2' }} +# GH_TOKEN: ${{ secrets.LINKERD2_GITHUB_TOKEN }} - release-ok: - needs: publish - if: always() - timeout-minutes: 3 - runs-on: ubuntu-24.04 - steps: - - name: Results - run: | - echo 'needs.publish.result: ${{ needs.publish.result }}' +# release-ok: +# needs: publish +# if: always() +# timeout-minutes: 3 +# runs-on: ubuntu-24.04 +# steps: +# - name: Results +# run: | +# echo 'needs.publish.result: ${{ needs.publish.result }}' - - name: Verify jobs - # All jobs must succeed or be skipped. - if: contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') - run: exit 1 +# - name: Verify jobs +# # All jobs must succeed or be skipped. +# if: contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') +# run: exit 1 diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml index 845d67263b..6319fa4f6d 100644 --- a/.github/workflows/shellcheck.yml +++ b/.github/workflows/shellcheck.yml @@ -1,20 +1,20 @@ -name: markdown +# name: markdown -permissions: - contents: read +# permissions: +# contents: read -on: - pull_request: - paths: - - .github/workflows/shellcheck.yml - - '**/*.sh' - - justfile +# on: +# pull_request: +# paths: +# - .github/workflows/shellcheck.yml +# - '**/*.sh' +# - justfile -jobs: - sh-lint: - timeout-minutes: 5 - runs-on: ubuntu-24.04 - steps: - - uses: linkerd/dev/actions/setup-tools@v45 - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - - run: just sh-lint +# jobs: +# sh-lint: +# timeout-minutes: 5 +# runs-on: ubuntu-24.04 +# steps: +# - uses: linkerd/dev/actions/setup-tools@v45 +# - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 +# - run: just sh-lint diff --git a/.github/workflows/toolchain.yml b/.github/workflows/toolchain.yml index 7d99b92214..38e0517ebd 100644 --- a/.github/workflows/toolchain.yml +++ b/.github/workflows/toolchain.yml @@ -1,66 +1,66 @@ -name: rust-toolchain +# name: rust-toolchain -on: - pull_request: - paths: - - rust-toolchain - - "**Dockerfile" - - ".github/workflows/*" - - ".github/**/Dockerfile" +# on: +# pull_request: +# paths: +# - rust-toolchain +# - "**Dockerfile" +# - ".github/workflows/*" +# - ".github/**/Dockerfile" -permissions: - contents: read +# permissions: +# contents: read -jobs: - devcontainer: - runs-on: ubuntu-24.04 - container: ghcr.io/linkerd/dev:v45-rust - steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - - run: git config --global --add safe.directory "$PWD" # actions/runner#2033 - - run: | - VERSION_REGEX='channel = "([0-9]+\.[0-9]+\.[0-9]+)"' - TOOLCHAIN=$(cat rust-toolchain.toml) - if [[ $TOOLCHAIN =~ $VERSION_REGEX ]]; then - VERSION=${BASH_REMATCH[1]} - if [ "$(cargo --version | cut -d' ' -f2)" != "$VERSION" ]; then - echo "::error file=rust-toolchain.toml::rust-toolchain channel '$VERSION' does not match devcontainer '$(cargo --version)'" - exit 1 - fi - else - echo "::error file=rust-toolchain.toml::failed to parse rust-toolchain.toml" - exit 1 - fi - shell: bash +# jobs: +# devcontainer: +# runs-on: ubuntu-24.04 +# container: ghcr.io/linkerd/dev:v45-rust +# steps: +# - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 +# - run: git config --global --add safe.directory "$PWD" # actions/runner#2033 +# - run: | +# VERSION_REGEX='channel = "([0-9]+\.[0-9]+\.[0-9]+)"' +# TOOLCHAIN=$(cat rust-toolchain.toml) +# if [[ $TOOLCHAIN =~ $VERSION_REGEX ]]; then +# VERSION=${BASH_REMATCH[1]} +# if [ "$(cargo --version | cut -d' ' -f2)" != "$VERSION" ]; then +# echo "::error file=rust-toolchain.toml::rust-toolchain channel '$VERSION' does not match devcontainer '$(cargo --version)'" +# exit 1 +# fi +# else +# echo "::error file=rust-toolchain.toml::failed to parse rust-toolchain.toml" +# exit 1 +# fi +# shell: bash - workflows: - runs-on: ubuntu-24.04 - steps: - - uses: linkerd/dev/actions/setup-tools@v45 - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - - shell: bash - run: | - VERSION_REGEX='channel = "([0-9]+\.[0-9]+\.[0-9]+)"' - TOOLCHAIN=$(cat rust-toolchain.toml) - if [[ $TOOLCHAIN =~ $VERSION_REGEX ]]; then - VERSION=${BASH_REMATCH[1]} - else - echo "::error file=rust-toolchain.toml::failed to parse rust-toolchain.toml" - exit 1 - fi +# workflows: +# runs-on: ubuntu-24.04 +# steps: +# - uses: linkerd/dev/actions/setup-tools@v45 +# - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 +# - shell: bash +# run: | +# VERSION_REGEX='channel = "([0-9]+\.[0-9]+\.[0-9]+)"' +# TOOLCHAIN=$(cat rust-toolchain.toml) +# if [[ $TOOLCHAIN =~ $VERSION_REGEX ]]; then +# VERSION=${BASH_REMATCH[1]} +# else +# echo "::error file=rust-toolchain.toml::failed to parse rust-toolchain.toml" +# exit 1 +# fi - ex=0 - while IFS= read -r file ; do - while IFS= read -r image ; do - if [[ "$image" =~ ^docker://(docker.io/library/)?rust: ]]; then - tag="${image##*rust:}" - v="${tag%%-*}" - if [[ "$v" != "$VERSION" ]]; then - echo "::warning file=$file::$file uses incorrect rust version: '$v' (rust-toolchain.toml contains '$VERSION')" - ex=$((ex + 1)) - fi - fi - done < <(yq '.jobs[] | select(.container) | .container.image // .container' "$file") - done < <(find .github/workflows -name '*.yml') - exit $ex +# ex=0 +# while IFS= read -r file ; do +# while IFS= read -r image ; do +# if [[ "$image" =~ ^docker://(docker.io/library/)?rust: ]]; then +# tag="${image##*rust:}" +# v="${tag%%-*}" +# if [[ "$v" != "$VERSION" ]]; then +# echo "::warning file=$file::$file uses incorrect rust version: '$v' (rust-toolchain.toml contains '$VERSION')" +# ex=$((ex + 1)) +# fi +# fi +# done < <(yq '.jobs[] | select(.container) | .container.image // .container' "$file") +# done < <(find .github/workflows -name '*.yml') +# exit $ex diff --git a/justfile b/justfile index 77f677c077..ae0a6d1a8a 100644 --- a/justfile +++ b/justfile @@ -31,10 +31,18 @@ arch := "amd64" libc := 'gnu' +os := 'windows' + # If a `arch` is specified, then we change the default cargo `--target` # to support cross-compilation. Otherwise, we use `rustup` to find the default. _target := if arch == 'amd64' { - "x86_64-unknown-linux-" + libc + if os == 'linux' { + "x86_64-unknown-linux-" + libc + } else if os == 'windows' { + "x86_64-pc-windows-" + libc + } else { + error("unsupported os=" + os) + } } else if arch == "arm64" { "aarch64-unknown-linux-" + libc } else if arch == "arm" { @@ -46,7 +54,7 @@ _target := if arch == 'amd64' { _cargo := 'just-cargo profile=' + profile + ' target=' + _target + ' toolchain=' + toolchain _target_dir := "target" / _target / profile -_target_bin := _target_dir / "linkerd2-proxy" +_target_bin := _target_dir / "linkerd2-proxy.exe" _package_name := "linkerd2-proxy-" + package_version + "-" + arch + if libc == 'musl' { '-static' } else { '' } _package_dir := "target/package" / _package_name shasum := "shasum -a 256" diff --git a/linkerd/app/core/Cargo.toml b/linkerd/app/core/Cargo.toml index 7c4dda476b..ced70fe743 100644 --- a/linkerd/app/core/Cargo.toml +++ b/linkerd/app/core/Cargo.toml @@ -45,7 +45,7 @@ linkerd-identity = { path = "../../identity" } linkerd-idle-cache = { path = "../../idle-cache" } linkerd-io = { path = "../../io" } linkerd-meshtls = { path = "../../meshtls", default-features = false } -linkerd-metrics = { path = "../../metrics", features = ["process", "stack"] } +linkerd-metrics = { path = "../../metrics", features = ["stack"] } linkerd-opencensus = { path = "../../opencensus" } linkerd-opentelemetry = { path = "../../opentelemetry" } linkerd-proxy-api-resolve = { path = "../../proxy/api-resolve" } diff --git a/linkerd/app/integration/src/tests/telemetry.rs b/linkerd/app/integration/src/tests/telemetry.rs index 0f619d1595..faea38ff84 100644 --- a/linkerd/app/integration/src/tests/telemetry.rs +++ b/linkerd/app/integration/src/tests/telemetry.rs @@ -881,19 +881,22 @@ async fn metrics_have_no_double_commas() { assert!(!scrape.contains(",,"), "outbound metrics had double comma"); } -#[tokio::test] -async fn metrics_has_start_time() { - let Fixture { - metrics, - proxy: _proxy, - _profile, - dst_tx: _dst_tx, - pol_out_tx: _pol_out_tx, - .. - } = Fixture::inbound().await; - let uptime_regex = regex::Regex::new(r"process_start_time_seconds \d+") - .expect("compiling regex shouldn't fail"); - assert_eventually!(uptime_regex.find(&metrics.get("/metrics").await).is_some()) +#[cfg(target_os = "linux")] +mod process { + #[tokio::test] + async fn metrics_has_start_time() { + let Fixture { + metrics, + proxy: _proxy, + _profile, + dst_tx: _dst_tx, + pol_out_tx: _pol_out_tx, + .. + } = Fixture::inbound().await; + let uptime_regex = regex::Regex::new(r"process_start_time_seconds \d+") + .expect("compiling regex shouldn't fail"); + assert_eventually!(uptime_regex.find(&metrics.get("/metrics").await).is_some()) + } } mod transport { diff --git a/linkerd/app/src/lib.rs b/linkerd/app/src/lib.rs index 4fceec08dd..0f111c0f54 100644 --- a/linkerd/app/src/lib.rs +++ b/linkerd/app/src/lib.rs @@ -288,7 +288,6 @@ impl Config { }) }; - metrics::process::register(registry.sub_registry_with_prefix("process")); registry.register("proxy_build_info", "Proxy build info", BUILD_INFO.metric()); let admin = { diff --git a/linkerd/app/src/spire.rs b/linkerd/app/src/spire.rs index 5e87d50865..64b5918c2e 100644 --- a/linkerd/app/src/spire.rs +++ b/linkerd/app/src/spire.rs @@ -1,12 +1,10 @@ use linkerd_app_core::{exp_backoff::ExponentialBackoff, Error}; use std::sync::Arc; -use tokio::net::UnixStream; use tokio::sync::watch; use tonic::transport::{Endpoint, Uri}; pub use linkerd_app_core::identity::client::spire as client; -const UNIX_PREFIX: &str = "unix:"; const TONIC_DEFAULT_URI: &str = "http://[::]:50051"; #[derive(Clone, Debug)] @@ -44,18 +42,31 @@ impl tower::Service<()> for Client { let socket = self.config.socket_addr.clone(); let backoff = self.config.backoff; Box::pin(async move { - // Strip the 'unix:' prefix for tonic compatibility. - let stripped_path = socket - .strip_prefix(UNIX_PREFIX) - .unwrap_or(socket.as_str()) - .to_string(); - // We will ignore this uri because uds do not use it // if your connector does use the uri it will be provided // as the request to the `MakeConnection`. let chan = Endpoint::try_from(TONIC_DEFAULT_URI)? .connect_with_connector(tower::util::service_fn(move |_: Uri| { - UnixStream::connect(stripped_path.clone()) + #[cfg(unix)] + { + use tokio::net::UnixStream; + const UNIX_PREFIX: &str = "unix:"; + + // Strip the 'unix:' prefix for tonic compatibility. + let stripped_path = socket + .strip_prefix(UNIX_PREFIX) + .unwrap_or(socket.as_str()) + .to_string(); + + UnixStream::connect(stripped_path.clone()) + } + + #[cfg(windows)] + { + use tokio::net::windows::named_pipe; + let named_pipe = socket.clone(); + async move { named_pipe::ClientOptions::new().open(named_pipe.as_str()) } + } })) .await?; diff --git a/linkerd/proxy/transport/src/lib.rs b/linkerd/proxy/transport/src/lib.rs index b23bceadf7..aa2ffabcbd 100644 --- a/linkerd/proxy/transport/src/lib.rs +++ b/linkerd/proxy/transport/src/lib.rs @@ -71,17 +71,26 @@ fn set_keepalive_or_warn( tokio::net::TcpStream::from_std(stream) } +#[cfg(not(target_os = "windows"))] fn set_user_timeout_or_warn( tcp: TcpStream, - user_timeout: Option, + _user_timeout: Option, ) -> io::Result { let sock = { let stream = tokio::net::TcpStream::into_std(tcp)?; socket2::Socket::from(stream) }; + + #[cfg(target_os = "windows")] if let Err(e) = sock.set_tcp_user_timeout(user_timeout) { tracing::warn!("failed to set user timeout: {}", e); } let stream: std::net::TcpStream = socket2::Socket::into(sock); tokio::net::TcpStream::from_std(stream) } + +#[cfg(target_os = "windows")] +fn set_user_timeout_or_warn(tcp: TcpStream, _: Option) -> io::Result { + tracing::warn!("user timeout is not supported on windows"); + Ok(tcp) +} diff --git a/linkerd/proxy/transport/src/orig_dst.rs b/linkerd/proxy/transport/src/orig_dst.rs index 0aca0829b8..0d2671b050 100644 --- a/linkerd/proxy/transport/src/orig_dst.rs +++ b/linkerd/proxy/transport/src/orig_dst.rs @@ -6,7 +6,7 @@ use futures::prelude::*; use linkerd_error::Result; use linkerd_io as io; use linkerd_stack::Param; -use std::{net::SocketAddr, pin::Pin}; +use std::pin::Pin; use tokio::net::TcpStream; #[derive(Copy, Clone, Debug, Default)] @@ -83,14 +83,7 @@ where let incoming = incoming.map(|res| { let (inner, tcp) = res?; - let orig_dst = match inner.param() { - // IPv4-mapped IPv6 addresses are unwrapped by BindTcp::bind() and received here as - // SocketAddr::V4. We must call getsockopt with IPv4 constants (via - // orig_dst_addr_v4) even if it originally was an IPv6 - Remote(ClientAddr(SocketAddr::V4(_))) => orig_dst_addr_v4(&tcp)?, - Remote(ClientAddr(SocketAddr::V6(_))) => orig_dst_addr_v6(&tcp)?, - }; - let orig_dst = OrigDstAddr(orig_dst); + let (orig_dst, tcp) = orig_dst(tcp)?; let addrs = Addrs { inner, orig_dst }; Ok((addrs, tcp)) }); @@ -99,139 +92,18 @@ where } } -#[cfg(target_os = "linux")] -#[allow(unsafe_code)] -fn orig_dst_addr_v4(sock: &TcpStream) -> io::Result { - use std::os::unix::io::AsRawFd; +fn orig_dst(sock: TcpStream) -> io::Result<(OrigDstAddr, TcpStream)> { + let sock = { + let stream = tokio::net::TcpStream::into_std(sock)?; + socket2::Socket::from(stream) + }; - let fd = sock.as_raw_fd(); - unsafe { linux::so_original_dst_v4(fd) } -} - -#[cfg(target_os = "linux")] -#[allow(unsafe_code)] -fn orig_dst_addr_v6(sock: &TcpStream) -> io::Result { - use std::os::unix::io::AsRawFd; - - let fd = sock.as_raw_fd(); - unsafe { linux::so_original_dst_v6(fd) } -} - -#[cfg(not(target_os = "linux"))] -fn orig_dst_addr_v4(_: &TcpStream) -> io::Result { - Err(io::Error::new( - io::ErrorKind::Other, - "SO_ORIGINAL_DST not supported on this operating system", - )) -} - -#[cfg(not(target_os = "linux"))] -fn orig_dst_addr_v6(_: &TcpStream) -> io::Result { - Err(io::Error::new( - io::ErrorKind::Other, - "SO_ORIGINAL_DST not supported on this operating system", - )) -} - -#[cfg(target_os = "linux")] -#[allow(unsafe_code)] -mod linux { - use std::net::{Ipv4Addr, Ipv6Addr, SocketAddr, SocketAddrV4, SocketAddrV6}; - use std::os::unix::io::RawFd; - use std::{io, mem}; - - pub unsafe fn so_original_dst(fd: RawFd, level: i32, optname: i32) -> io::Result { - let mut sockaddr: libc::sockaddr_storage = mem::zeroed(); - let mut sockaddr_len: libc::socklen_t = mem::size_of::() as u32; - - let ret = libc::getsockopt( - fd, - level, - optname, - &mut sockaddr as *mut _ as *mut _, - &mut sockaddr_len as *mut _ as *mut _, - ); - if ret != 0 { - return Err(io::Error::last_os_error()); - } - - mk_addr(&sockaddr, sockaddr_len) - } + let orig_dst = sock.original_dst()?.as_socket().ok_or(io::Error::new( + io::ErrorKind::InvalidInput, + "Invalid address format", + ))?; - pub unsafe fn so_original_dst_v4(fd: RawFd) -> io::Result { - so_original_dst(fd, libc::SOL_IP, libc::SO_ORIGINAL_DST) - } - - pub unsafe fn so_original_dst_v6(fd: RawFd) -> io::Result { - so_original_dst(fd, libc::SOL_IPV6, libc::IP6T_SO_ORIGINAL_DST) - } - - // Borrowed with love from net2-rs - // https://github.com/rust-lang-nursery/net2-rs/blob/1b4cb4fb05fbad750b271f38221eab583b666e5e/src/socket.rs#L103 - // - // Copyright (c) 2014 The Rust Project Developers - fn mk_addr(storage: &libc::sockaddr_storage, len: libc::socklen_t) -> io::Result { - match storage.ss_family as libc::c_int { - libc::AF_INET => { - assert!(len as usize >= mem::size_of::()); - - let sa = { - let sa = storage as *const _ as *const libc::sockaddr_in; - unsafe { *sa } - }; - - let bits = ntoh32(sa.sin_addr.s_addr); - let ip = Ipv4Addr::new( - (bits >> 24) as u8, - (bits >> 16) as u8, - (bits >> 8) as u8, - bits as u8, - ); - let port = sa.sin_port; - Ok(SocketAddr::V4(SocketAddrV4::new(ip, ntoh16(port)))) - } - libc::AF_INET6 => { - assert!(len as usize >= mem::size_of::()); - - let sa = { - let sa = storage as *const _ as *const libc::sockaddr_in6; - unsafe { *sa } - }; - - let arr = sa.sin6_addr.s6_addr; - let ip = Ipv6Addr::new( - (arr[0] as u16) << 8 | (arr[1] as u16), - (arr[2] as u16) << 8 | (arr[3] as u16), - (arr[4] as u16) << 8 | (arr[5] as u16), - (arr[6] as u16) << 8 | (arr[7] as u16), - (arr[8] as u16) << 8 | (arr[9] as u16), - (arr[10] as u16) << 8 | (arr[11] as u16), - (arr[12] as u16) << 8 | (arr[13] as u16), - (arr[14] as u16) << 8 | (arr[15] as u16), - ); - - let port = sa.sin6_port; - let flowinfo = sa.sin6_flowinfo; - let scope_id = sa.sin6_scope_id; - Ok(SocketAddr::V6(SocketAddrV6::new( - ip, - ntoh16(port), - flowinfo, - scope_id, - ))) - } - _ => Err(io::Error::new( - io::ErrorKind::InvalidInput, - "invalid argument", - )), - } - } - - fn ntoh16(i: u16) -> u16 { - ::from_be(i) - } - - fn ntoh32(i: u32) -> u32 { - ::from_be(i) - } + let stream: std::net::TcpStream = socket2::Socket::into(sock); + let stream = tokio::net::TcpStream::from_std(stream)?; + Ok((OrigDstAddr(orig_dst), stream)) } diff --git a/linkerd/system/src/lib.rs b/linkerd/system/src/lib.rs index 19e0950939..4203548660 100644 --- a/linkerd/system/src/lib.rs +++ b/linkerd/system/src/lib.rs @@ -8,5 +8,5 @@ mod linux; #[cfg(target_os = "linux")] pub use self::linux::{blocking_stat, max_fds, ms_per_tick, open_fds, page_size, Stat}; -#[cfg(not(target_os = "linux"))] -compile_error!("The system crate requires Linux"); +// #[cfg(not(target_os = "linux"))] +// compile_error!("The system crate requires Linux"); From 090a1c1748e8b98629fdda92e0df0c8bbb80b548 Mon Sep 17 00:00:00 2001 From: Zahari Dichev Date: Tue, 18 Feb 2025 13:00:44 +0000 Subject: [PATCH 2/2] nextest Signed-off-by: Zahari Dichev --- .github/workflows/pr.yml | 12 +++++++- .../app/integration/src/tests/telemetry.rs | 28 +++++++++---------- .../app/integration/src/tests/transparency.rs | 4 +-- 3 files changed, 26 insertions(+), 18 deletions(-) diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 12595c22c0..4cc92b8536 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -120,10 +120,16 @@ jobs: - name: Install Rust (rustup) run: rustup update stable --no-self-update && rustup default stable shell: bash + - name: Install nextest + run: curl -LsSf https://get.nexte.st/latest/windows-tar | tar zxf - -C ${CARGO_HOME:-~/.cargo}/bin + shell: bash - run: rustup target add x86_64-pc-windows-gnu - name: Install nasm run: choco install nasm shell: cmd + - name: Install protoc + run: choco install protoc + shell: cmd - name: Install LLVM and Clang uses: KyleMayes/install-llvm-action@v2.0.5 with: @@ -137,8 +143,12 @@ jobs: run: cargo fmt -- --check - name: clippy run: cargo clippy --target=x86_64-pc-windows-gnu --workspace --all-targets --frozen + - name: tests no run + run: cargo nextest run --target=x86_64-pc-windows-gnu --workspace --frozen --exclude=linkerd2-proxy --no-run - name: tests - run: cargo test --target=x86_64-pc-windows-gnu --workspace --exclude=linkerd2-proxy --frozen + run: cargo nextest run --target=x86_64-pc-windows-gnu --workspace --frozen --exclude=linkerd2-proxy + env: + NEXTEST_RETRIES: 3 # rust-crates: diff --git a/linkerd/app/integration/src/tests/telemetry.rs b/linkerd/app/integration/src/tests/telemetry.rs index faea38ff84..c6818cab0e 100644 --- a/linkerd/app/integration/src/tests/telemetry.rs +++ b/linkerd/app/integration/src/tests/telemetry.rs @@ -882,21 +882,19 @@ async fn metrics_have_no_double_commas() { } #[cfg(target_os = "linux")] -mod process { - #[tokio::test] - async fn metrics_has_start_time() { - let Fixture { - metrics, - proxy: _proxy, - _profile, - dst_tx: _dst_tx, - pol_out_tx: _pol_out_tx, - .. - } = Fixture::inbound().await; - let uptime_regex = regex::Regex::new(r"process_start_time_seconds \d+") - .expect("compiling regex shouldn't fail"); - assert_eventually!(uptime_regex.find(&metrics.get("/metrics").await).is_some()) - } +#[tokio::test] +async fn metrics_has_start_time() { + let Fixture { + metrics, + proxy: _proxy, + _profile, + dst_tx: _dst_tx, + pol_out_tx: _pol_out_tx, + .. + } = Fixture::inbound().await; + let uptime_regex = regex::Regex::new(r"process_start_time_seconds \d+") + .expect("compiling regex shouldn't fail"); + assert_eventually!(uptime_regex.find(&metrics.get("/metrics").await).is_some()) } mod transport { diff --git a/linkerd/app/integration/src/tests/transparency.rs b/linkerd/app/integration/src/tests/transparency.rs index 9bf93b1b4a..514c237a74 100644 --- a/linkerd/app/integration/src/tests/transparency.rs +++ b/linkerd/app/integration/src/tests/transparency.rs @@ -1369,8 +1369,8 @@ mod proxy_to_proxy { "transparency.test.svc.cluster.local", ); let res = client.request(client.request_builder("/")).await.unwrap(); - // tracing::info!(res); - assert_eq!(res.status(), http::StatusCode::BAD_GATEWAY); + tracing::info!("result {:?}", res); + assert_eq!(res.status(), http::StatusCode::GATEWAY_TIMEOUT); // ensure panics from the server are propagated proxies.join_servers().await;