* Compile binaries for access plugin tests
* Fix PD test asserts for newer Teleport versions
* Unpin role from V6 in access plugin tests
* Remove license from OSS plugins tests
We now run tests against OSS Teleport in the OSS repo,
and against Enterprise Teleport in the E repo.
So the assumption that CI always needs an enterprise license
is incorrect.
* Only compile the required binaries
* Make devbox sandbox friendly, add devbox CI.
The devbox is now sandbox friendly, and devbox CI has been added to ensure
that any changes to Devbox are properly validated.
* Install correct binary name for node protoc plugin.
* Add in zlib to support LIBFIDO compilation.
The default PR limit of 3 would prevent getting a PR per grouping
when the workflow is run weekly. Since there are only 8 groupings
we can ensure that any updates in any of them will result in a PR
when the workflow is run. The hourly PR limit is now also set to
unlimited(default was 2) to allow all PRs to be created.
* Upgrade mongodb to v1.11.6
Includes some minor code changes around how the mongodb topology is configured.
This drops support for MongoDB prior to version 3.6. For that reason unit tests don't currently pass.
* access_test: Update MongoDB supported wire versions
Removes support for MongoDB prior to version 3.6
* Fixes after rebase (more needed changes for auth implementation)
* Upgrade mongo to just release 1.11.7 tag
* include changelog for docs tests
* correct capitalization for file type
Co-authored-by: Zac Bergquist <zac.bergquist@goteleport.com>
* include CHANGELOG.md as ignored in bypass
---------
Co-authored-by: Zac Bergquist <zac.bergquist@goteleport.com>
* Edit the docs test plan
Add an item to remove version warnings for versions we no longer
support. Currently, we remove these version warnings as we encounter
them. This change makes this task a regular, predictable step when
releasing a new major Teleport version.
* Respond to stevenGravy feedback
* Build change for when go caching should be used
This commit does the following:
* Updates all `setup-go` actions to use v4 (which has caching enabled by default)
* For `shared-workflow` jobs caching is left enabled due to the presumed small size
* For `teleport` jobs caching is now disabled due to the size exceeding the cache limit
This should make all of the mentioned jobs a little faster.
* Update build-api.yaml to re-enable caching
* Update Dependabot Scheduled Config
Update Dependabot with the following:
* Add `jentfoo` to reviewers list
* Remove `crypto` ignore on `api` (no longer using forked version)
* Add configurations for missing gomod paths
* Update .github/dependabot.yml
Co-authored-by: Alan Parra <alan.parra@goteleport.com>
* Remove `examples` from Dependabot
---------
Co-authored-by: Alan Parra <alan.parra@goteleport.com>
- Add an item to define a scope for resolving the issue to avoid scope
creep and make it easier to close issues.
- Make a stronger plea for "Related Issues" items, since these are often
not included.
Test plan misses testing access when using proxy peering. Nothing should
differ from normal reverse tunnel access but it makes some assumptions
that differ from the reverse tunnel.
This PR adds K8S dependencies to the dependendabot ignore list.
We can revert this PR after
https://github.com/gravitational/teleport/pull/25136 merges to master.
`sigs.k8s.io/controller-runtime` is holding the K8S deps update because
it does not support K8S API 0.27.1. `controller-runtime` will release a
new version once `k8s.io/api@v0.27.2` is released.
* Remove our replacement for Logrus
Recently I attempted to update our Logrus fork. However this comment pointed out that our changes have been merged upstream: https://github.com/gravitational/logrus/pull/12#issuecomment-1515303744
For that reason this removes the dependency on the fork.
* Remove ignored dependabot dependencies that are no longer replaced
* Restore Kubernetes Integration tests
This PR re-enables the Kubernetes integrations tests using a KinD
(Kubernetes in Docker) cluster.
New steps have been introduced to GitHub's Integrations (Non-Root)
Action that configure the KinD cluster using
[`helm/kind-action`](https://github.com/helm/kind-action) and do some
network configurations allowing the container where tests run to connect
to the KinD control plane.
This PR also fixes some of the tests and fixes a bug that affected
joining operations when the target service was a legacy kubernetes
proxy. Some improvements will be introduced in future patches to improve
the logic and reduce the time required for the tests to run.
Fixes#25539
* fix data race in spdystream dep
* address feedback
* remove docker installation
* fix test
- Refresh out-of-date URLs for docs pages and `docs/config.json`
- Remove the step to add pages to the `/docs/older-versions` page, since
we generate this automatically from `gravitational/docs/config.json`,
and there is already a step to check that file
- Add a step to ensure that git submodule directories match those in
`.gitmodules`. This prevents unexpected deployment issues.
- Add more clarity to the changelog step
- Add a step to check on the status of documentation for relevant
features in the release
* Use the GHA base container for Lint (Docs)
This way, we can take advantage of the software the comes pre-installed
on the GHA `ubuntu-latest` container image. Otherwise, we need to find a
way to portably install Chromium on the `gravitational/docs` container
in order to run the Mermaid CLI. Currently, the docs engine exits with
an error during the "Lint (Docs)" job when attempting to build mermaid
diagrams due to not being able to locate Chromium.
For this change to work, the "Lint (Docs)" job checks out
`gravitational/docs`, removes the default git submodule configuration,
then adds a git submodule for the current `gravitational/teleport`
branch. From there, it can install dependencies via `yarn` and run our
CI scripts.
* s/GITHUB_HEAD_REF/GITHUB_SHA/
* Base the submodule branch source on the event type
Some edits I made to the CloudHSM docs while going through the v13 test
plan. The biggest change is an update to use the Client SDK 5, instead
of version 3. This has many benefits, you are not required to run a
client daemon, and it works with the kernel in FIPS mode (v3 doesn't).
I also added much more detail to the guide and added code samples where
I could, you should be able to go through this mostly without reading
the AWS docs, I link there for downloads or extra/optional information.
The AWS docs are very hard to follow.
This was copied from the original test plan template, but the
name was never changed. As a result, the GitHub UI shows an
error: "There is a problem with this template"