Commit graph

1810 commits

Author SHA1 Message Date
f83fa02193 Add allow_world_readable_secrets option to config file
Sometimes, the secret files permissions checks gets in the way. It's
by no mean complete, it doesn't take the Posix ACLs into account among
other things. Correctly checking the ACLs would be too involving (see
Deuxfleurs/garage#658 (comment))
and would likely still fail in some weird chmod settings.

We're adding a new configuration file key allowing the user to disable
this permission check altogether.

The (already existing) env variable counterpart always take precedence
to this config file option. That's useful in cases where the
configuration file is static and cannot be easily altered.

Fixes Deuxfleurs/garage#658

Co-authored-by: Florian Klink <flokli@flokli.de>
2023-10-26 18:25:13 +02:00
f4d3905d15 Merge pull request 'nix: add clang to flake.nix and shell.nix' (#664) from add-clang into main
Reviewed-on: Deuxfleurs/garage#664
2023-10-26 09:25:53 +00:00
a0fa50dfcd Merge pull request 's3 api: refactoring and bug fix in ListObjects' (#655) from fix-list-objects into main
Reviewed-on: Deuxfleurs/garage#655
2023-10-26 09:22:47 +00:00
d50fa2a562
nix: add clang to flake.nix and shell.nix 2023-10-26 11:19:22 +02:00
4b3dee2ca3 Merge pull request 's3 api: add missing CORS headers to PostObject responses (fix #609)' (#656) from fix-cors-post-object into main-0.8.x
Reviewed-on: Deuxfleurs/garage#656
2023-10-26 09:17:14 +00:00
5b1f50be65 jepsen: testing 2023-10-25 14:43:24 +02:00
9df7fa0bcd jepsen: use 7 nodes 2023-10-25 14:04:39 +02:00
fd85010a40 jepsen: failures with set2 test in --scenario r 2023-10-25 12:13:27 +02:00
cfbfa09d24 jepsen: fix set2 test omg finally this is so stupid 2023-10-25 11:50:16 +02:00
db921cc05f jepsen: reconfigure nemesis + add db nemesis 2023-10-25 11:41:34 +02:00
4fa2646a75 jepsen: got a failure with set1 2023-10-24 17:45:22 +02:00
d7ab2c639e jepsen: fix nemesis to actually generate many operations 2023-10-24 16:39:50 +02:00
d13bde5e26 jepsen: set1 and set2 don't fail anymore ?? 2023-10-24 15:44:05 +02:00
75d5d08ee1 Merge pull request 'Ensure increasing version timestamps when writing new object versions' (#543) from increasing-timestamps into main
Reviewed-on: Deuxfleurs/garage#543
2023-10-24 10:07:16 +00:00
d2c365767b jepsen: more testing 2023-10-24 11:39:45 +02:00
fb6c9a1243 jepsen: update readme 2023-10-20 15:55:09 +02:00
9030c1eef8 jepsen: code path for nemesis final generator 2023-10-20 15:53:46 +02:00
654775308e jepsen: add cluster reconfiguration nemesis 2023-10-20 15:48:37 +02:00
f5b0972781 jepsen: register crdt read-after-write is fixed with deleteobject patch 2023-10-20 15:00:10 +02:00
c82d91c6bc DeleteObject: always insert a deletion marker with a bigger timestamp than everything before 2023-10-20 13:56:35 +02:00
8686cfd0b1 s3 api: also ensure increasing timestamps for create_multipart_upload 2023-10-20 13:37:37 +02:00
d148b83d4f jepsen: reg2 failure seems to happen only with deleteobject 2023-10-20 13:36:48 +02:00
c6cde1f143 remove now-unused key parameter in check_quotas 2023-10-20 13:20:47 +02:00
4b93ce179a jepsen: errors in reg2 workload under investigation 2023-10-20 12:56:55 +02:00
4ba18ce9cc jepsen: wip checker for register-like behavior 2023-10-20 12:13:11 +02:00
ac04934dae s3 api: add missing CORS headers to PostObject responses (fix #609) 2023-10-20 10:37:48 +02:00
ef662822c9 jepsen: fix the list-objects call (?) 2023-10-19 23:40:55 +02:00
da8b170748 jepsen: investigating listobjects error 2023-10-19 16:45:24 +02:00
58b0ee1b1a list objects: prettyness and add asserts 2023-10-19 15:26:17 +02:00
158dc17a06 listobjects: fix panic if continuation token is an empty string 2023-10-19 15:08:47 +02:00
74e50edddd jepsen: refactoring 2023-10-19 14:34:19 +02:00
0215b11402 Merge pull request 'Add support for specifying rpc_secret_file, metrics_token_file and admin_token_file using environment variables' (#643) from networkException/garage:token-file-env into main-0.8.x
Reviewed-on: Deuxfleurs/garage#643
2023-10-19 09:33:12 +00:00
8599051c49
garage: support specifying token / secret as environment variables
this patch adds support for specifying the `rpc_secret_file`,
`metrics_token_file` and `admin_token_file` as environment variables.
2023-10-19 03:39:02 +02:00
4a19ee94bb
garage: fix admin-token description 2023-10-19 03:31:50 +02:00
c99cb58d71
util: move reading secret file into seperate helper
this patch moves the logic to read a secret file (and check for correct
permissions) from `secret_from_file` into a new `read_secret_file`
helper.
2023-10-19 03:29:48 +02:00
5feb6a1f64
docs: add documentation for specifying token / secret file as environment variables 2023-10-19 03:28:44 +02:00
b3bf16ee27 make jepsen test more robust: handle errors and timeouts, fixed access key 2023-10-18 17:51:34 +02:00
d146cdd5b6 cargo fmt 2023-10-18 16:38:26 +02:00
3d6ed63824 check_quotas: avoid re-fetching object from object table 2023-10-18 16:36:48 +02:00
45b0453d0f Ensure increasing version timestamps in PutObject 2023-10-18 16:31:50 +02:00
ddd3de7fce refactor jepsen code 2023-10-18 16:30:45 +02:00
84d43501ce refactor jepsen setup logic 2023-10-18 15:34:12 +02:00
012ade5d4b jepsen: update jepsen and fix garage key info 2023-10-18 14:06:32 +02:00
ef5ca86dfc jepsen: update to garage 0.9.0 2023-10-18 14:01:18 +02:00
9ec4cca334 reformatting 2023-10-18 12:03:12 +02:00
18ee8efb5f Check read-after-write property for sets 2023-10-18 12:03:12 +02:00
55eb4e87c4 set tests with independant tests together 2023-10-18 12:03:11 +02:00
0bb1577ae1 two set workloads with different checkers 2023-10-18 12:03:11 +02:00
6eb26be548 Add garage set test (this one works :p) 2023-10-18 12:03:11 +02:00
eb86eaa6d2 refactor jepsen test 2023-10-18 12:03:11 +02:00