self-hosted/teleport
self-hosted/teleport
1
0
Fork 0
mirror of https://github.com/gravitational/teleport synced 2024-10-20 17:23:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
13416 commits 3230 branches 4169 tags 1.3 GiB
Commit graph

278 commits

Author SHA1 Message Date
Ada 43100d4ed0
Remove environment in check and backport workflows (#20862) 
Context:
* Update the workflows to use repository secrets instead of environment
  secrets
 2023-01-27 22:16:17 +00:00
Brian Joerger ff60acd2f2
Remove app access from hardware key support tests since it is currently not supported. (#20787) 2023-01-27 20:50:44 +00:00
Zac Bergquist b817a05d91
Use a GitHub app for the check and backport workflows (#20850) 
These workflows need to be able to check org membership
for the PR author in order to determine whether or not
the author is an internal employee. This information is
only available when authenticated.
 2023-01-27 20:39:18 +00:00
Roman Tkachenko 2838091b4b
Add fake "check reviewers" workflow for merge queue (#20851) 2023-01-27 12:10:30 -08:00
Reed Loden 278e74d260
ci: Use large macOS runner for build-macos workflow (#20713) 
Use larger macOS runner with GitHub Actions to speed up builds.

Comment-only change to `client.go` to cause macOS build to be run.
 2023-01-25 19:39:22 +00:00
rosstimothy 4cc1c76e4d
Batched dependabot updates (#20624) 
* Update rsa requirement in /lib/srv/desktop/rdp/rdpclient

Updates the requirements on [rsa](https://github.com/RustCrypto/RSA) to permit the latest version.
- [Release notes](https://github.com/RustCrypto/RSA/releases)
- [Changelog](https://github.com/RustCrypto/RSA/blob/master/CHANGELOG.md)
- [Commits](https://github.com/RustCrypto/RSA/compare/v0.7.2...v0.8.1)

---
updated-dependencies:
- dependency-name: rsa
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump rsa from 0.7.2 to 0.8.1

Bumps [rsa](https://github.com/RustCrypto/RSA) from 0.7.2 to 0.8.1.
- [Release notes](https://github.com/RustCrypto/RSA/releases)
- [Changelog](https://github.com/RustCrypto/RSA/blob/master/CHANGELOG.md)
- [Commits](https://github.com/RustCrypto/RSA/compare/v0.7.2...v0.8.1)

---
updated-dependencies:
- dependency-name: rsa
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/gravitational/trace from 1.2.0 to 1.2.1 in /api

Bumps [github.com/gravitational/trace](https://github.com/gravitational/trace) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/gravitational/trace/releases)
- [Commits](https://github.com/gravitational/trace/compare/v1.2.0...v1.2.1)

---
updated-dependencies:
- dependency-name: github.com/gravitational/trace
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/aws/aws-sdk-go from 1.44.180 to 1.44.184

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.180 to 1.44.184.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.180...v1.44.184)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/coreos/go-semver from 0.3.0 to 0.3.1

Bumps [github.com/coreos/go-semver](https://github.com/coreos/go-semver) from 0.3.0 to 0.3.1.
- [Release notes](https://github.com/coreos/go-semver/releases)
- [Commits](https://github.com/coreos/go-semver/compare/v0.3.0...v0.3.1)

---
updated-dependencies:
- dependency-name: github.com/coreos/go-semver
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump k8s.io/apimachinery from 0.26.0 to 0.26.1

Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.26.0 to 0.26.1.
- [Release notes](https://github.com/kubernetes/apimachinery/releases)
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.26.0...v0.26.1)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.78.0 to 1.80.0

Bumps [github.com/aws/aws-sdk-go-v2/service/ec2](https://github.com/aws/aws-sdk-go-v2) from 1.78.0 to 1.80.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/ec2/v1.78.0...service/ec2/v1.80.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/ec2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump k8s.io/api from 0.26.0 to 0.26.1

Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.26.0 to 0.26.1.
- [Release notes](https://github.com/kubernetes/api/releases)
- [Commits](https://github.com/kubernetes/api/compare/v0.26.0...v0.26.1)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump cloud.google.com/go/storage from 1.28.1 to 1.29.0

Bumps [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) from 1.28.1 to 1.29.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/storage/v1.28.1...spanner/v1.29.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/storage
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump k8s.io/cli-runtime from 0.26.0 to 0.26.1

Bumps [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime) from 0.26.0 to 0.26.1.
- [Release notes](https://github.com/kubernetes/cli-runtime/releases)
- [Commits](https://github.com/kubernetes/cli-runtime/compare/v0.26.0...v0.26.1)

---
updated-dependencies:
- dependency-name: k8s.io/cli-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* revert firestore to v1.6.0

* Bump k8s.io/kubectl from 0.26.0 to 0.26.1

Bumps [k8s.io/kubectl](https://github.com/kubernetes/kubectl) from 0.26.0 to 0.26.1.
- [Release notes](https://github.com/kubernetes/kubectl/releases)
- [Commits](https://github.com/kubernetes/kubectl/compare/v0.26.0...v0.26.1)

---
updated-dependencies:
- dependency-name: k8s.io/kubectl
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump k8s.io/client-go from 0.26.0 to 0.26.1

Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.26.0 to 0.26.1.
- [Release notes](https://github.com/kubernetes/client-go/releases)
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.26.0...v0.26.1)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump k8s.io/apiserver from 0.26.0 to 0.26.1

Bumps [k8s.io/apiserver](https://github.com/kubernetes/apiserver) from 0.26.0 to 0.26.1.
- [Release notes](https://github.com/kubernetes/apiserver/releases)
- [Commits](https://github.com/kubernetes/apiserver/compare/v0.26.0...v0.26.1)

---
updated-dependencies:
- dependency-name: k8s.io/apiserver
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* use firestore v1.6.1

* go mod tidy

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot-batcher[bot] <122306277+dependabot-batcher[bot]@users.noreply.github.com>
 2023-01-25 00:25:59 +00:00
Brian Joerger 5b6e2ada79
Test plan additions (#20586) 2023-01-24 17:41:45 +00:00
Jakub Nyckowski c1f59a1803
Disconnect moderated session on Ctrl+C (#20580) 
* Disconnect moderated session on Ctrl+C

* Add moderated session to the test plan.
 2023-01-24 01:37:34 +00:00
Mike Jensen 261dce259f
dependabot-batcher - Specify environment (#20563) 
The environment needs to be specified to have access tot he GitHub App auth.
 2023-01-23 18:41:52 +00:00
Mike Jensen 2235827c0e
Update dependabot-batcher to use GitHub app for authentication (#20342) 2023-01-23 13:42:39 +00:00
Roman Tkachenko 98fba76f80
Switch to teleport13 buildbox in CI (#20430) 2023-01-19 13:54:25 -08:00
Alan Parra 4afd9df966
Add credential picker to passwordless testplan (#20431) 
Add an item to cover credential pickers in the testplan.
 2023-01-19 20:59:19 +00:00
Edoardo Spadolini 1267b3b466
Add trusted cluster role map editing to the test plan (#20325) 2023-01-19 14:51:22 +00:00
Jeff Pihach 34f102bdeb
Enable building teleport with the new UI location (#20361) 
* Changes for merging webapps into teleport.
 2023-01-18 22:22:25 +00:00
Roman Tkachenko a4967833e2
Add flaky tests detector. (#20320) 
Co-authored-by: Victor Sokolov <gzigzigzeo@gmail.com>
 2023-01-18 10:29:10 -08:00
Krzysztof Skrzętnicki 06a837eb58
Add Azure and GCP integration to the test plan. (#20182) 2023-01-14 02:54:23 +00:00
Zac Bergquist 553381d3c0
Break web UI test plan out into a separate template (#20136) 
Co-authored-by: Isaiah Becker-Mayer <isaiah@goteleport.com>
Co-authored-by: Alan Parra <alan.parra@goteleport.com>
 2023-01-12 22:58:20 +00:00
STeve (Xin) Huang f9e4b28b5a
Add RDS Proxy and Redshift Serverless to test plan (#20098) 2023-01-12 20:23:34 +00:00
Gabriel Corado d73c54f79f
feat(issue_template): add azure sql server to testplan (#20123) 2023-01-12 17:51:46 +00:00
rosstimothy 3ebbfdd222
Batch Dependabot PRs (#19745) 2023-01-05 13:13:05 +00:00
Jakub Nyckowski d68cb9377b
Switch golang.org/x/crypto to gravitational fork (#19579) 
* Switch golang.org/x/crypto to gravitational fork

* Update golden files

* Add comment to go.mod

* Update api module to use crypto fork.

* Move x/crypto to replaced section in dependabot.yml
 2023-01-04 19:30:58 +00:00
rosstimothy d3cb592304
Dependency Updates (#19814) 
* Bump github.com/aws/aws-sdk-go-v2/config from 1.18.6 to 1.18.7

Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.18.6 to 1.18.7.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.18.6...config/v1.18.7)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/aws/aws-sdk-go from 1.44.163 to 1.44.171

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.163 to 1.44.171.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.163...v1.44.171)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Alan Parra <alan.parra@goteleport.com>
 2023-01-04 15:03:24 +00:00
Roman Tkachenko 844fff1767
Add merge_group triggers to GHA CI workflows (#19749) 2022-12-30 21:11:48 +00:00
Roman Tkachenko c6d2b1d3ea
Add docs section to test plan (#18179) 2022-12-30 18:50:27 +00:00
Gavin Frazar 5bb0ef15db
add dynamodb database access (#18843) 
* Add a new db engine
* Add tests for new engine
* Update tsh db subcommands
* Refactor error message and suggestions for unsupported tsh commands
* Add dynamodb to test plan
* Add AWS external ID to db config and update protos
 2022-12-30 18:22:30 +00:00
Roman Tkachenko f690008528
Fix missing closing apostrophe on operator workflow (#19740) 2022-12-30 00:56:25 +00:00
Roman Tkachenko c286e4cd94
Run GHA tests on Dockerfile updates (#19622) 2022-12-22 20:08:52 +00:00
Roman Tkachenko 1b387aba2c
Run GHA tests when build.assets/Makefile changes (#19616) 2022-12-22 19:04:44 +00:00
Roman Tkachenko f873cbe0ce
Fix skipped but required checks for Github Actions (#19594) 2022-12-22 01:44:11 +00:00
Jakub Nyckowski fcdde32955
Add BPF to the test plan (#19380) 
Add BPF-related tests to the test plan.
 2022-12-21 19:46:21 +00:00
Rafał Cieślak 380b572152
Update Teleport Connect test plan (#17123) 
Co-authored-by: Michael <michael.myers@goteleport.com>
Co-authored-by: Grzegorz Zdunek <grzegorz.zdunek@goteleport.com>
 2022-12-20 15:39:59 +00:00
Roman Tkachenko 91f7030900
Add workflows that build tools on Mac OS and Windows (#19226) 
Signed-off-by: Roman Tkachenko <roman@goteleport.com>
Co-authored-by: Victor Sokolov <gzigzigzeo@gmail.com>
 2022-12-20 05:25:56 +00:00
Russell Jones f44b36ada6 Added "Robustness" section to test plan. 
Added "Robustness" section to test plan that tests connectivity without
access to Auth Server.
 2022-12-19 11:26:39 -08:00
rosstimothy 3f52d028fb
Dependency updates (#19329) 
* Bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp

Bumps [go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp](https://github.com/open-telemetry/opentelemetry-go-contrib) from 0.36.4 to 0.37.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.36.4...zpages/v0.37.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump k8s.io/apiserver from 0.25.4 to 0.26.0

Bumps [k8s.io/apiserver](https://github.com/kubernetes/apiserver) from 0.25.4 to 0.26.0.
- [Release notes](https://github.com/kubernetes/apiserver/releases)
- [Commits](https://github.com/kubernetes/apiserver/compare/v0.25.4...v0.26.0)

---
updated-dependencies:
- dependency-name: k8s.io/apiserver
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump cloud.google.com/go/storage from 1.28.0 to 1.28.1

Bumps [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) from 1.28.0 to 1.28.1.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.28.0...storage/v1.28.1)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/storage
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/schollz/progressbar/v3 from 3.12.1 to 3.12.2

Bumps [github.com/schollz/progressbar/v3](https://github.com/schollz/progressbar) from 3.12.1 to 3.12.2.
- [Release notes](https://github.com/schollz/progressbar/releases)
- [Commits](https://github.com/schollz/progressbar/compare/v3.12.1...v3.12.2)

---
updated-dependencies:
- dependency-name: github.com/schollz/progressbar/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump cloud.google.com/go/iam from 0.7.0 to 0.8.0

Bumps [cloud.google.com/go/iam](https://github.com/googleapis/google-cloud-go) from 0.7.0 to 0.8.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/v0.7.0...v0.8.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/iam
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump golang.org/x/text from 0.4.0 to 0.5.0

Bumps [golang.org/x/text](https://github.com/golang/text) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.4.0...v0.5.0)

---
updated-dependencies:
- dependency-name: golang.org/x/text
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Tiago Silva <tiago.silva@goteleport.com>
 2022-12-16 21:53:25 +00:00
Mike Jensen 6692d5e18f
CodeQL: Set a timeout limit to ensure jobs don't hang (#19224) 
Recently the CodeQL jobs started hanging, this is a stop gap measure to make sure action costs remain under control.
 2022-12-09 00:45:06 +00:00
Hugo Shaka 207567b548
helm: use new helm-unittest plugin (#18964) 
* Invoke helm plugins with correct path
* helm: breaking - change helm unittest plugin
* helm: document test plugin fork choice
* Add Makefile target checking helm plugins
 2022-12-05 18:58:32 +00:00
Hugo Shaka f0dd7d7d85
Kubernetes joinMethod (#18659) 
This commit adds a new joinMethod as described in https://github.com/gravitational/teleport/pull/17905

This method allow pods running in the same Kubernetes cluster than the auth servers to join the Teleport cluster. It relies on Kubernetes tokens to establish trust. The goal is to be able to deploy proxies and auths separately and join them in a single cluser.

Pre Kubernetes 1.20, the tokens are static, long-lived, not bound to pods. We support them for compatibility reasons. Starting with Kubernetes 1.20, tokens are bound to pods (and starting with 1.21 they can be mounted through projected volumes). Starting with 1.21 we should only accept bound tokens. The chart will ensure tokens are properly mounted with projected volumes so we can benefit from the 1h to 10min token lifetime.
 2022-12-02 20:30:52 +00:00
Roman Tkachenko 710b7d18ef
Implicitly set go version in prepare-workspace (#18953) 
- Determine Go version for cache key automatically instead of hardcoding.
- Do not build ghcr CI images (etcd and buildboxes) on PRs to avoid unintended breakages.
- Only build/push them on push events which mirrors our current Drone setup. We might add ability to trigger them manually via workflow_dispatch events later.
- Add release branches pattern for buildbox images trigger as well.
- Remove packages: read permission from test jobs since buildbox images are now public.

Signed-off-by: Roman Tkachenko <roman@goteleport.com>
Co-authored-by: Victor Sokolov <gzigzigzeo@gmail.com>
 2022-12-01 00:40:53 +00:00
Roman Tkachenko cda4be5273
Add Go version to GHA cache key and CI image workflow (#18877) 
* Include Go version in the cache key to prevent cache reuse when upgrading Go.
* Push buildboxes to Github container registry to avoid public ECR rate limiting.

Signed-off-by: Roman Tkachenko <roman@goteleport.com>
Co-authored-by: Victor Sokolov <gzigzigzeo@gmail.com>
 2022-11-30 00:25:45 +00:00
Alan Parra 77cd4e600a
Ignore Dependabot crypto updates on api/go.mod (#18866) 
Add the crypto ignore to `/api` too.
 2022-11-29 19:05:36 +00:00
Alan Parra 118c91f4c2
Bump Go dependencies (#18819) 
Manually bump Go dependency versions, directs only.

A few release logs for bumps that caught the eye:

* https://github.com/grpc/grpc-go/releases/tag/v1.51.0
* https://github.com/elastic/go-elasticsearch/blob/main/CHANGELOG.md
* https://github.com/go-redis/redis/blob/master/CHANGELOG.md
* https://github.com/moby/term/commits/master
 2022-11-29 13:31:58 +00:00
Roman Tkachenko a6dfac72ed
Set permissions for GHA workflows (#18728) 2022-11-22 17:35:43 -08:00
Roman Tkachenko 3fd1cca5b2
Github Actions workflow (#18617) 
Signed-off-by: Roman Tkachenko <roman@goteleport.com>
Co-authored-by: Victor Sokolov <gzigzigzeo@gmail.com>
 2022-11-22 16:55:26 -05:00
Mike Jensen 2d345bd0e7
CodeQL: Rename from codeql-analysis.yml to codeql.yml (#18663) 2022-11-22 16:37:41 +00:00
Alan Parra c09792fd4a
Add warning about /x/crypto v0.3.0+ updates (#18570) 
[A recent /x/crypto commit][1] breaks compatibility with OpenSSH <=7.6, so we
are adding a warning to avoid bumping crypto until that is solved.

As a last resort we have https://github.com/gravitational/crypto, but we are not
using it yet.

[1]: 6fad3dfc18
 2022-11-17 19:56:32 +00:00
Alan Parra 2a25c3eeda
Bump Go dependencies (#18531) 
Update minor/patch versions of direct dependencies.

Changelogs (minor bumps):

* https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md
* https://github.com/aws/aws-sdk-go-v2/blob/main/config/CHANGELOG.md
* https://github.com/aws/aws-sdk-go-v2/blob/main/credentials/CHANGELOG.md
* https://github.com/googleapis/gax-go/blob/main/v2/CHANGES.md
* https://github.com/mdlayher/netlink/blob/main/CHANGELOG.md
 2022-11-17 17:46:51 +00:00
Alan Parra 2ad0c04542
Bump Go dependencies (#18267) 
Pull in dependency updates from the past few weeks.

Done using `go get -u ./...`, with some manual cherry-picking to avoid
[problematic/forked modules][1].

google-cloud-go proto migration guide:
https://github.com/googleapis/google-cloud-go/blob/main/migration.md.

[1]: https://github.com/gravitational/teleport/blob/master/.github/dependabot.yml#L7
 2022-11-08 20:31:08 +00:00
Isaiah Becker-Mayer 75373dd412
Updates clipboard docs and testplan (#17965) 2022-11-02 21:49:41 +00:00
Tiago Silva b52590fe31
Update Kubernetes Access test plan (#16998) 
* Update Kubernetes Access test plan
 2022-10-27 17:09:03 +00:00
Brian Joerger 013b87d025
Fix Hardware Key support for App Access (#17674) 2022-10-21 21:32:37 +00:00
Alex McGrath b2d1a39d2c
Update testplan for ec2 instance discovery (#17223) 2022-10-19 13:13:49 +00:00
Tobiasz Heller 4a346830c5
Update testplan with windows hello tasks (#17422) 2022-10-17 17:39:44 +00:00
Jeff Pihach 5614107997
Correct shortcut for switching terminals on mac (#17404) 
* Correct shortcut for switching terminals on mac
 2022-10-14 16:05:17 +00:00
Alan Parra 901d1280e5
Include Rust/Cargo in Dependabot updates (#17222) 
Include `/` and `rdpclient` Cargo updates in Dependabot.
 2022-10-11 16:36:31 +00:00
Noah Stride c7c16465a0
Clarify testplan for Session Recording (#17261) 2022-10-11 14:48:12 +00:00
Brian Joerger a3b788d3fb
Hardware Key Support testplan (#16960) 2022-10-11 01:54:52 +00:00
Isaiah Becker-Mayer 245866542a
Update test plan for desktop access (#17236) 2022-10-10 23:39:31 +00:00
Andrew LeFevre 237da44f6c
add test cases for Github external SSO and 'ssh_file_copy' role option (#17100) 2022-10-07 18:23:03 +00:00
Edoardo Spadolini 236b1b2f3c
Remove the SQL backend (#17057) 
* Revert "Azure AD authentication for the Postgres backend (#15757)"

This reverts commit 33c6d82dc3.

* Revert "SQL Backend (#11048)"

This reverts commit 06fef2abf1.

* Remove Postgres backend from the docs

* Remove the Postgres backend from the testplan
 2022-10-07 10:40:44 +02:00
Andrew Burke 7f512aa840
Update testplan with cloud tags and load_all_cas (#17135) 
This change adds testplan items for cloud tags and loading all host CAs.
 2022-10-06 22:30:10 +00:00
Jakub Nyckowski 85df158084 Remove OS compatibility checks from the test plan 2022-10-06 17:48:55 -04:00
Marek Smoliński 7a486ff730
Update database access test plan (#16974) 2022-10-06 06:41:53 +00:00
Philippe M. Chiasson e33baf3825
bot: Don't use a GH token to clone a public repository (gravitational/shared-workflows) (#16959) 2022-10-05 15:48:48 +00:00
Alan Parra ee5d2df565
Enable automatic updates via Dependabot (#16907) 
Let the robots do regular updates for us.

References:
* [Configure dependabot.yml][1]
* [Configure security updates][2]

[1]: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
[2]: https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates#overriding-the-default-behavior-with-a-configuration-file
 2022-10-04 14:14:20 +00:00
STeve (Xin) Huang d319ee2734
Azure Cache for Redis auto discovery (#16755) 2022-10-03 20:54:44 +00:00
Michael Wilson d6f575517b
Fix CIFuzz artifact upload (#16802) 
The CI fuzz artifacts upload will now work as expected. The artifacts produced
by oss-fuzz were (partially) chmodded 600 and owned by root, so an explicit
chmod step has been added to the cifuzz workflow.
 2022-10-03 20:25:29 +00:00
Philippe M. Chiasson 2b3c0915f7
Fixes Dismiss Stale Workflows Runs GitHub Actions (#16894) 2022-09-30 21:24:35 +00:00
Alex Fornuto 1f53a13931
Update Docs Issue Template (#16471) 2022-09-28 20:57:15 +00:00
Reed Loden 52e60dae85
ci: Don't run the Dependency Review workflow on push actions (#16700) 
The Dependency Review action only supports the `pull_request` operation
currently. Running it on `push` operations throws an error, so remove for
now until the action supports that operation.
 2022-09-24 04:58:21 +00:00
Reed Loden 0d60cfaa5e
ci: Add Dependency Review linting tool (#16640) 
Use https://github.com/actions/dependency-review-action to scan all PRs for
out-of-date dependencies and for license enforcement.

https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
 2022-09-22 21:40:57 +00:00
Philippe M. Chiasson 2657be4c1d
Fix backport bot flow (#16609) 
The backport portion of the review bot assumes its current working directory is a checkout
of teleport's master branch (see https://github.com/gravitational/shared-workflows/blob/main/bot/internal/bot/backport.go#L178)

And since `go run` needs the cwd to be right, switching to go build && exec instead

Deprecates #16608
 2022-09-21 21:27:01 +00:00
Philippe M. Chiasson bb59734edf
Move GitHub review bot to shared-workflows repository (#16226) 
* RFD 0029 : Move GitHub review bot to shared-workflows repository

Apart from relocating the code to a different location and renaming the package, this
is a no-op change

Depends-on: gravitational/shared-workflows#12

* remove mentions of the GitHub review bot from Makefile targets
 2022-09-20 14:10:31 +00:00
Reed Loden 05323821d8
ci: Swap CIFuzz and CodeQL to larger runner and improve CodeQL workflow (#16490) 
We now have access to larger runners, so move CIFuzz and CodeQL workflows to use
a runner with Ubuntu 22.04 LTS with 32 cores and 128GB RAM.

https://docs.github.com/en/actions/using-github-hosted-runners/using-larger-runners

Additionally, change CodeQL workflow to include recommendations from GitHub CodeQL team.
 2022-09-19 08:46:53 -07:00
Isaiah Becker-Mayer 122e3abe6d
Update flaky test issue template (#16296) 2022-09-12 22:20:50 +00:00
rosstimothy db9d2e57ed
update load test portion of the test plan (#15862) 2022-09-07 12:48:12 +00:00
Isaiah Becker-Mayer 4871841fb0
Adds test plan for directory sharing (#15742) 2022-08-31 21:17:23 +00:00
Roman Tkachenko fc72945125
bot: Add support for preferred reviewers (#15623) 2022-08-24 15:23:24 -06:00
Reed Loden 8a4ee05dbb
ci: Add paths/paths-ignore to GitHub Actions workflows to reduce unnecessary builds (#15636) 
We're running CIFuzz and CodeQL in many cases where it doesn't make sense. We get
charged for GitHub Actions minutes used, so let's make sure to only run them when
absolutely necessary.

For CIFuzz, only run if a *.go file has been modified.
For CodeQL, only run if a path outside of docs/* and rfd/* has been modified.
 2022-08-19 23:46:32 +00:00
Reed Loden 9bfa8dea92
ci: Reduce CodeQL max goroutines to address failed extraction (#15683) 
Ref https://github.com/github/codeql/issues/9888

CodeQL was failing intermittently due to exceeding limits when
going through the Go extraction phase. Reduce the concurrent
extractions by half (32 --> 16) in an attempt to fix this.
 2022-08-19 22:24:00 +00:00
Roman Tkachenko 960a82a81c
Fix bot's test (#15586) 2022-08-16 20:31:21 +00:00
Zac Bergquist eff38e2fa5
bot: don't treat docs reviewers as external authors (#15510) 
This fixes a corner case where a docs review who submits a PR that
touches code or examples is treated as an external author instead
of an internal employee.
 2022-08-13 20:10:31 +00:00
rosstimothy 86e84ddbca
Exclude vendor from large PR check (#15249) 2022-08-06 19:15:12 +00:00
Reed Loden d4bbb0a1ab
Run terraform linting on all release branches (not just master) (#15264) 
This is a no-op change on master, but will be useful next time we cut a release branch.
 2022-08-06 16:14:43 +00:00
Reed Loden 4cb859e554
ci: Implement CIFuzz for fuzzing pull requests and pushes (#15110) 
OSS-Fuzz provides CIFuzz as a way to fuzz individual pull requests and pushes using
code coverage data to make it more effective and provide regression testing.

https://google.github.io/oss-fuzz/getting-started/continuous-integration/
 2022-08-05 23:49:53 +00:00
Reed Loden c9ccc36efd
ci: Implement code scanning with CodeQL (#15109) 
Use CodeQL to scan all pull requests and pushes for known security issues.

https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql
 2022-08-05 22:20:51 +00:00
Lisa Kim 13cc52f70d
Add passwordless login capability to Connect (#14759) 2022-08-05 17:11:28 +00:00
Reed Loden bbeb689a15
Bump go.mod in .cloudbuild/scripts and .github/workflows/robot to use Go 1.18 (#13959) 
Missed two CI-related go.mod files in #13771, so bumping them to keep everything consistent.
 2022-08-04 02:43:29 +00:00
Reed Loden 81e8eac68c
Add linting for terraform changes (#12815) 
Use the shared workflow for linting terraform changes.
 2022-08-03 21:02:19 +00:00
Zac Bergquist 2e32065ea6
bot: delete backport branches when a backport is merged (#14068) 
The backport workflow runs when any PR is merged to any banch.
Prior to this change, the workflow was a no-op if the target branch
was a release branch.

Update the workflow so that when it runs on merged backports
it deletes the auto-generated backport branch.

Also fixes #12412
 2022-08-01 19:47:27 +00:00
Zac Bergquist 560ab638c5
bot: only comment about large PRs once (#15034) 2022-07-29 19:54:45 +00:00
Zac Bergquist 90e66fdd00
bot: only dismiss reviewers if we have 2+ internal approvals (#14440) 
This prevents an old approval from counting if the reviewer changes
their review state, and also ensures that multiple approvals from
the same author don't count as more than one approval.
 2022-07-13 18:37:04 -07:00
Noah Stride c18d914745
Machine ID CA rotation (#13231) 
* start hashing out machine id CA rotation

* filter out incoming ca events by type

* support multiple trusted certificate authorities in known_hosts

* remove redundant trace.Debug from `tbot` `main()`

* filter to only recieve relevant CA events

* add exponential backoff to renewal

* remove unnecessary `.Ping()` check with new client

* add unit test for filtering CA events

* debounce reloads

* add retry limit and backoff for CA watching

* add integration test for CA rotation

* modify CA rotation watcher loop to retry forever

Co-authored-by: Tim Buckley <tim@goteleport.com>
 2022-07-13 16:52:44 +00:00
Edoardo Spadolini 992a5d5fd4
Move the stale review dismissal to Check (#14377) 2022-07-12 16:27:41 +00:00
Zac Bergquist 376939d517
bot: dismiss unnecessary reviewers (#14100) 
Re-run the assign workflow whenever a review is submitted.
If the PR meets the required approvals and there are additional
reviewers still assigned, dismiss them.

This makes it easier on reviewers to filter PRs on
"awaiting review from me" as the list will not include PRs that
already have the required reviews.

Fixes #11855
 2022-07-12 14:04:17 +00:00
Zac Bergquist 06fd14d7c2
bot: require admin approval for large PRs (#13350) 
This check requires that PRs which add > 1500 lines of new code
require an admin approval in order to be merged.
 2022-07-02 15:51:22 +00:00
Brian Joerger 8db2a1ec0d
Test Plan - Update proxy jump tests for tls routing configurations (#13854) 2022-06-29 18:37:24 +00:00
Isaiah Becker-Mayer 215ba11562
fix flaky_test.md (#13767) 
the flaky_test.md template wasn't showing up on the "New Issue" page, I believe because it was missing these single quotes in the Title field.
 2022-06-22 17:05:58 -04:00
Lisa Kim 5a516866c1
Add tests for search based access requests in UI (#13541) 2022-06-22 17:12:53 +00:00
Rafał Cieślak dc3518829f
Update test plan for Teleport Connect (#13686) 2022-06-22 09:51:38 +00:00
Isaiah Becker-Mayer e2dac5c099
adds flaky test issue template (#13577) 2022-06-21 18:06:32 +00:00
Edoardo Spadolini 8f5382f40d
Add CA rotation flows to the test plan (#13512) 
* Add CA rotations to the test plan

* Add trusted cluster checks

* Add kube access to CA rotations

* Correct database access and CA rotation behavior
 2022-06-20 09:39:30 +00:00
Jakub Nyckowski 6586339cad
Add missing database testcases. (#13516) 2022-06-15 18:00:33 +00:00
STeve (Xin) Huang 85016a9a3e
MemoryDB support (#13069) 2022-06-14 19:09:31 +00:00
Zac Bergquist 69b06751df
Add frontmatter to the test plan (#13366) 
This is necessary for it to show up as an option when creating
a new issue.
 2022-06-13 15:30:22 +00:00
Alex McGrath 3ed5ee9af7
Add host users creation section to test plan (#13057) 2022-06-09 11:51:45 +00:00
Grzegorz Zdunek 6017eab629
Add test plan for Connect (#13282) 2022-06-08 17:57:35 +02:00
Noah Stride fc0b81bdc0
Add test plan coverage for Machine ID (#13271) 2022-06-08 08:36:45 +00:00
Alan Parra a27efbb663
Include passwordless in testplan (#13039) 
Add passwordless-related tests to testplan.

* Include passwordless in testplan
* Update .github/ISSUE_TEMPLATE/testplan.md

Co-authored-by: Lisa Kim <lisa@goteleport.com>
 2022-06-02 19:18:54 -03:00
Krzysztof Skrzętnicki a32982936e
Include tctl sso in test plan. Extend SSO guides test plan. (#13058) 2022-06-02 17:33:12 +00:00
STeve (Xin) Huang 5c6deb7d9d
ElastiCache support - the basics (#12209) 2022-05-13 15:09:20 +00:00
Russell Jones cf504afedc Updated automatic backport creation workflow. 
Removed automatic creation of backport Pull Requests due to limitations
within GitHub Actions on recursive creation of workflows not allowing
the "Check" workflow to run upon automation creation of the Pull
Request.

As a temporary workaround, prepare the backport branch and provide a
link the user can click on to create the backport Pull Request.
 2022-05-02 10:15:26 -07:00
Russell Jones 60b0267956 Added support for automatic backports. 2022-04-28 18:08:54 -07:00
Xin Ding f20087852b
Simplify issue templates (#12157) 2022-04-26 10:41:34 -07:00
Roman Tkachenko caa6915ede
Add proxy jump test case to test plan (#11274) 2022-03-18 17:35:27 -06:00
Nic Klaassen 22fe05db56
Include AWS join methods in test plan (#10704) 2022-03-18 21:44:48 +00:00
Russell Jones 94802175fa Fixed backport assignment issues. 
Added ability to detect URLs for issues and deduplicate list of
reviewers.
 2022-03-08 18:52:57 -08:00
Russell Jones 50449c27e4 Assign original reviewers for backports. 
Updated review assignment logic to assign original reviewers when a
backport PR is found.
 2022-03-07 17:19:36 -08:00
Russell Jones de42b31989 Skip COMMENTED review state after APPROVED. 2022-03-07 10:21:53 -08:00
Isaiah Becker-Mayer 896dbbbc47
desktop playback error handling (#10765) 2022-03-03 20:07:38 +00:00
Zac Bergquist ad8f0da43c
Update test plan (#10513) 
* Move test plan to an issue template

* Update test plan with new desktop access features

* Add Binaries compatibility to test plan (#10518)

* Updates clipboard support tests (#10521)

* Adds MFA tests for Desktop

* makes browser instructions more precise

Co-authored-by: Jakub Nyckowski <jakub.nyckowski@goteleport.com>
Co-authored-by: Isaiah Becker-Mayer <isaiah@goteleport.com>
 2022-02-24 10:45:22 -07:00
rosstimothy 896261acaf
Add more lint coverage (#10049) 
* Add more lint coverage

golanglint-ci doesn't pick up subdirectories with their own go.mod
which left certain directories unlinted. To get around this we can
run golanglint-ci directly against those submodules.
 2022-02-07 12:03:10 -05:00
Russell Jones 0d65746fa7 Updated assign and check logic for Cloud. 
Updated assign and check logic to assign Cloud team reviewers from Core.
 2022-02-02 15:54:53 -08:00
Russell Jones 9a8dfc35fa Cleanup of minor bot issues. 
* Don't attempt to submit an empty list of labels to GitHub.
* Be less aggressive when labeling docs.
* Use range for loop iteration.
 2022-01-20 08:10:49 -08:00
Edoardo Spadolini b9803adeb3
Revert bot changes for vendor/ (#9743) 
The bot runs code from the `master` branch even for the stable branches
that still use vendored dependencies, so we should keep ignoring the
`vendor/` directory in the bot, or we might miscategorize PRs.
 2022-01-11 20:22:40 +00:00
Zac Bergquist d0eb86191d Remove vendor 
- Remove the vendor directory
- Update bot to stop accounting for vendor
- Update linter config
- Remove update-vendor make target
 2022-01-07 02:15:11 -07:00
Zac Bergquist 041f1ea697 bot: label PRs that touch lib/events with "audit-log" 2022-01-05 13:24:07 -07:00
Russell Jones 9edf72b86f Fixed missing reviewers issue. 
In a3d85ab removed reviewers from jobs that don't require it and did not
update parsing logic. Instead pass reviewers to all jobs as it is not a
secret and will be inlined into actions/bot soon.
 2021-12-23 14:24:07 -08:00
Russell Jones a3d85ab5fe Added support for automatic labeling of PRs. 2021-12-23 11:43:56 -08:00
Russell Jones cf7696cad6 Fixed IsInternal issue in Check workflow. 
Fixed issue where IsInternal was returning false for docs reviewers in
the Check workflow.
 2021-12-14 18:26:20 -08:00
Russell Jones 821e317b3f Updated checking logic for code owners. 
Check logic will now approve with two code owner approvals along with
single code owner + code reviewer approval.
 2021-12-14 13:51:45 -08:00
quinqu 759f44c1f6 Correct Dismiss function spelling. 2021-12-09 21:58:58 -08:00
Jane Quintero 36e4570db6
Check If HEAD Branch Is A Fork (#9302) 2021-12-09 23:30:48 +00:00
Russell Jones 598e2417ad Update check.yaml 2021-12-08 17:43:59 -08:00
Jane Quintero 9b5fd64431
Check if PR is from a fork before dismissing runs. (#9300) 2021-12-08 16:12:50 -08:00
Jane Quintero 78b273f19e
Trigger Assign workflow on opened and ready_for_review events. (#9272) 2021-12-08 10:17:40 -08:00
Russell Jones 32423dd231 Added more log lines to dismiss workflow. 2021-12-07 20:11:10 -08:00
Russell Jones 675fb3dc09 Fixed error in assignment logic. 
Fixed error in assignment logic where some admin reviewers were omitted.
 2021-12-03 14:22:12 -08:00
Russell Jones 0e96258067 Added extra logging to bot assignment. 2021-12-03 12:29:06 -08:00
Russell Jones edcfccea43 Updated logic to find workflow by path. 2021-12-02 14:14:26 -08:00
Russell Jones bfbf021197 Updated code review assignment logic. 
Code reviewers are split into code owners and code reviewers. Each PR is
now randomly assigned a reviewers from the code owner and reviewer set.
Review checking makes sure that a reviewer from each set has approved
the PR.
 2021-12-02 13:54:24 -08:00
Zac Bergquist 53562aadb0
Use t.Setenv in tests (#9154) 
This new feature in Go 1.17 automatically restores the environment
variable to its previous value when a test ends, making it simpler
to set up the environment for tests and less likely that we accidentally
leave behind global state.

Also convert some of the remaining uses of check to standard Go tests.
 2021-12-01 10:43:12 -07:00
Jane Quintero 3dbbd1be2c
Don't Dismiss Dismissed Reviews (#9094) 2021-11-23 13:39:53 -08:00
Jane Quintero 65e8ff64e7
Add Bot Logging (#9099) 2021-11-23 09:36:50 -08:00
Jane Quintero e8ff0a6e2e
Keep Valid Reviews For External Contributors (#9067) 2021-11-19 15:24:39 -08:00
Roman Tkachenko e59c04e8bc
Update reviewers (#9050) 
Co-authored-by: Russell Jones <russjones@users.noreply.github.com>
 2021-11-18 10:02:24 -08:00
Jane Quintero f1ccbff523
Re-Request Reviews When Approvals Are Invalidated (#9037) 2021-11-17 15:10:30 -08:00
Russell Jones a76e05cee3 Update CODEOWNERS 2021-11-12 16:45:49 -08:00
Jane Quintero 54f000d125
Update username (#8968) 2021-11-12 11:33:31 -08:00
Jane Quintero a28bb903fb
Assign Doc Reviewers to Pull Requests with Changes to docs/ (#8938) 2021-11-12 08:37:25 -08:00
Jane Quintero 853da7716d
Bypass required reviewers (#8901) 2021-11-11 15:59:07 -08:00