Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump mina-sshd from 2.7.0 to 2.8.0 #11514

Closed
wants to merge 12 commits into from
Closed

Bump mina-sshd from 2.7.0 to 2.8.0 #11514

wants to merge 12 commits into from

Conversation

evansmurithi
Copy link

@evansmurithi evansmurithi commented Mar 29, 2022
edited by octavia-squidington-iii
Loading

Testing!!!## What
When creating a Postgres destination connector with SSH tunnel method 'SSH Key Authentication', one is required to provide a RSA key. Creating a rsa-sha2-256 or rsa-sha2-512 key, will result in the error SshException: KeyExchange signature verification failed for key type=ssh-rsa, if you haven't enabled ssh-rsa in the SSH server's host key algorithms.

mina-sshd in version 2.7.0 uses the wrong server key signature algorithm during DH group key exchange. https://issues.apache.org/jira/browse/SSHD-1163.

How

Bumping mina-sshd to version 2.8.0 addresses this issue. Changelog https://github.com/apache/mina-sshd/blob/master/docs/changes/2.8.0.md.

Recommended reading order

  1. https://issues.apache.org/jira/browse/SSHD-1163
  2. https://github.com/apache/mina-sshd/blob/master/docs/changes/2.8.0.md

🚨 User Impact 🚨

Are there any breaking changes? What is the end result perceived by the user? If yes, please merge this PR with the 🚨🚨 emoji so changelog authors can further highlight this if needed.

Pre-merge Checklist

Expand the relevant checklist and delete the others.

New Connector

Community member or Airbyter

  • Community member? Grant edit access to maintainers (instructions)
  • Secrets in the connector's spec are annotated with airbyte_secret
  • Unit & integration tests added and passing. Community members, please provide proof of success locally e.g: screenshot or copy-paste unit, integration, and acceptance test output. To run acceptance tests for a Python connector, follow instructions in the README. For java connectors run ./gradlew :airbyte-integrations:connectors:<name>:integrationTest.
  • Code reviews completed
  • Documentation updated
    • Connector's README.md
    • Connector's bootstrap.md. See description and examples
    • docs/SUMMARY.md
    • docs/integrations/<source or destination>/<name>.md including changelog. See changelog example
    • docs/integrations/README.md
    • airbyte-integrations/builds.md
  • PR name follows PR naming conventions

Airbyter

If this is a community PR, the Airbyte engineer reviewing this PR is responsible for the below items.

  • Create a non-forked branch based on this PR and test the below items on it
  • Build is successful
  • If new credentials are required for use in CI, add them to GSM. Instructions.
  • /test connector=connectors/<name> command is passing
  • New Connector version released on Dockerhub by running the /publish command described here
  • After the connector is published, connector added to connector index as described here
  • Seed specs have been re-generated by building the platform and committing the changes to the seed spec files, as described here
Updating a connector

Community member or Airbyter

  • Grant edit access to maintainers (instructions)
  • Secrets in the connector's spec are annotated with airbyte_secret
  • Unit & integration tests added and passing. Community members, please provide proof of success locally e.g: screenshot or copy-paste unit, integration, and acceptance test output. To run acceptance tests for a Python connector, follow instructions in the README. For java connectors run ./gradlew :airbyte-integrations:connectors:<name>:integrationTest.
  • Code reviews completed
  • Documentation updated
    • Connector's README.md
    • Connector's bootstrap.md. See description and examples
    • Changelog updated in docs/integrations/<source or destination>/<name>.md including changelog. See changelog example
  • PR name follows PR naming conventions

Airbyter

If this is a community PR, the Airbyte engineer reviewing this PR is responsible for the below items.

  • Create a non-forked branch based on this PR and test the below items on it
  • Build is successful
  • If new credentials are required for use in CI, add them to GSM. Instructions.
  • /test connector=connectors/<name> command is passing
  • New Connector version released on Dockerhub by running the /publish command described here
  • After the new connector version is published, connector version bumped in the seed directory as described here
  • Seed specs have been re-generated by building the platform and committing the changes to the seed spec files, as described here
Connector Generator
  • Issue acceptance criteria met
  • PR name follows PR naming conventions
  • If adding a new generator, add it to the list of scaffold modules being tested
  • The generator test modules (all connectors with -scaffold in their name) have been updated with the latest scaffold by running ./gradlew :airbyte-integrations:connector-templates:generator:testScaffoldTemplates then checking in your changes
  • Documentation which references the generator is updated as needed

Tests

Unit

Put your unit tests output here.

Integration

Put your integration tests output here.

Acceptance

Put your acceptance tests output here.

@CLAassistant
Copy link

CLAassistant commented Mar 29, 2022
edited
Loading

CLA assistant check
All committers have signed the CLA.

@alafanechere
Copy link
Contributor

alafanechere commented Mar 30, 2022
edited by marcosmarxm
Loading

Thank you for spotting this @evansmurithi , I'm going to try to run our test suite on your branch to check if the test passes.

@alafanechere alafanechere self-assigned this Mar 30, 2022
@marcosmarxm
Copy link
Member

@alafanechere could you raise the discussion with connector team because this could impact all destinations using Java with SSH tunnels.

supertopher
supertopher approved these changes Mar 30, 2022
View reviewed changes
Copy link
Contributor

@supertopher supertopher left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

these are the best numbers.
LGTM
image

supertopher
supertopher suggested changes Mar 30, 2022
View reviewed changes
Copy link
Contributor

@supertopher supertopher left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

forgive my taking back here. I was late to the conversation. sorry for the mixed signal :(

@supertopher
Copy link
Contributor

@evansmurithi I just wanted to explain myself here Evan, sorry for the drama. I thought this was an internal team request which I'm more trigger happy to grant. We will need to release a new version of every connector for this change, which is probably fine, but I want approval from that team before moving forward. You will hear back from us soon, I just jumped the gun. Sorry for the noise, thank you for the PR. Your contribution is welcome and appreciated.

@evansmurithi
Copy link
Author

@supertopher no worries. That makes sense 🙂

@alafanechere alafanechere mentioned this pull request Apr 1, 2022
Closed
@alafanechere
Copy link
Contributor

I confirm I was able to build and base-java locally from this branch:
./gradlew :airbyte-integrations:bases:base-java:test:
Screen Shot 2022-04-01 at 11 47 29

I also successfully ran the connector base build from this in this PR.

@alafanechere alafanechere requested a review from sherifnada April 1, 2022 09:49
sherifnada
sherifnada approved these changes Apr 1, 2022
View reviewed changes
Copy link
Contributor

@sherifnada sherifnada left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM but please make sure to publish all dependent connector versions

@alafanechere
Copy link
Contributor

alafanechere commented Apr 4, 2022
edited by github-actions bot
Loading

/test connector=connectors/destination-bigquery

🕑 connectors/destination-bigquery https://github.com/airbytehq/airbyte/actions/runs/2091622397
✅ connectors/destination-bigquery https://github.com/airbytehq/airbyte/actions/runs/2091622397
Python tests coverage:

Name                                                                                                                            Stmts   Miss  Cover
---------------------------------------------------------------------------------------------------------------------------------------------------
normalization/transform_config/__init__.py                                                                                          2      0   100%
normalization/transform_catalog/reserved_keywords.py                                                                               13      0   100%
normalization/transform_catalog/__init__.py                                                                                         2      0   100%
normalization/destination_type.py                                                                                                  13      0   100%
normalization/__init__.py                                                                                                           4      0   100%
/actions-runner/_work/airbyte/airbyte/airbyte-integrations/bases/airbyte-protocol/airbyte_protocol/models/airbyte_protocol.py     124      0   100%
/actions-runner/_work/airbyte/airbyte/airbyte-integrations/bases/airbyte-protocol/airbyte_protocol/models/__init__.py               1      0   100%
/actions-runner/_work/airbyte/airbyte/airbyte-integrations/bases/airbyte-protocol/airbyte_protocol/__init__.py                      2      0   100%
normalization/transform_catalog/destination_name_transformer.py                                                                   155      8    95%
normalization/transform_config/transform.py                                                                                       168     31    82%
normalization/transform_catalog/table_name_registry.py                                                                            174     34    80%
normalization/transform_catalog/utils.py                                                                                           33      7    79%
normalization/transform_catalog/catalog_processor.py                                                                              143     77    46%
normalization/transform_catalog/transform.py                                                                                       45     26    42%
normalization/transform_catalog/stream_processor.py                                                                               524    337    36%
---------------------------------------------------------------------------------------------------------------------------------------------------
TOTAL                                                                                                                            1403    520    63%

@github-actions github-actions bot added the area/connectors Connector related issues label Apr 4, 2022
@octavia-squidington-iii Exalate Issue Sync
Copy link
Collaborator

Marcos Marx commented: @alafanechere could you raise the discussion with connector team because this could impact all destinations using Java with SSH tunnels.

@github-actions github-actions bot added the area/documentation Improvements or additions to documentation label Apr 4, 2022
@alafanechere
Copy link
Contributor

alafanechere commented Apr 4, 2022
edited by github-actions bot
Loading

/test connector=connectors/destination-azure-blob-storage

🕑 connectors/destination-azure-blob-storage https://github.com/airbytehq/airbyte/actions/runs/2092345693
✅ connectors/destination-azure-blob-storage https://github.com/airbytehq/airbyte/actions/runs/2092345693
No Python unittests run

@alafanechere
Copy link
Contributor

alafanechere commented Apr 4, 2022
edited by github-actions bot
Loading

/test connector=connectors/destination-bigquery-denormalized

🕑 connectors/destination-bigquery-denormalized https://github.com/airbytehq/airbyte/actions/runs/2092347099
✅ connectors/destination-bigquery-denormalized https://github.com/airbytehq/airbyte/actions/runs/2092347099
Python tests coverage:

Name                                                                                                                            Stmts   Miss  Cover
---------------------------------------------------------------------------------------------------------------------------------------------------
normalization/transform_config/__init__.py                                                                                          2      0   100%
normalization/transform_catalog/reserved_keywords.py                                                                               13      0   100%
normalization/transform_catalog/__init__.py                                                                                         2      0   100%
normalization/destination_type.py                                                                                                  13      0   100%
normalization/__init__.py                                                                                                           4      0   100%
/actions-runner/_work/airbyte/airbyte/airbyte-integrations/bases/airbyte-protocol/airbyte_protocol/models/airbyte_protocol.py     124      0   100%
/actions-runner/_work/airbyte/airbyte/airbyte-integrations/bases/airbyte-protocol/airbyte_protocol/models/__init__.py               1      0   100%
/actions-runner/_work/airbyte/airbyte/airbyte-integrations/bases/airbyte-protocol/airbyte_protocol/__init__.py                      2      0   100%
normalization/transform_catalog/destination_name_transformer.py                                                                   155      8    95%
normalization/transform_config/transform.py                                                                                       168     31    82%
normalization/transform_catalog/table_name_registry.py                                                                            174     34    80%
normalization/transform_catalog/utils.py                                                                                           33      7    79%
normalization/transform_catalog/catalog_processor.py                                                                              143     77    46%
normalization/transform_catalog/transform.py                                                                                       45     26    42%
normalization/transform_catalog/stream_processor.py                                                                               524    337    36%
---------------------------------------------------------------------------------------------------------------------------------------------------
TOTAL                                                                                                                            1403    520    63%

@alafanechere
Copy link
Contributor

alafanechere commented Apr 4, 2022
edited by github-actions bot
Loading

/test connector=connectors/destination-bigquery

🕑 connectors/destination-bigquery https://github.com/airbytehq/airbyte/actions/runs/2092354556
✅ connectors/destination-bigquery https://github.com/airbytehq/airbyte/actions/runs/2092354556
Python tests coverage:

Name                                                                                                                            Stmts   Miss  Cover
---------------------------------------------------------------------------------------------------------------------------------------------------
normalization/transform_config/__init__.py                                                                                          2      0   100%
normalization/transform_catalog/reserved_keywords.py                                                                               13      0   100%
normalization/transform_catalog/__init__.py                                                                                         2      0   100%
normalization/destination_type.py                                                                                                  13      0   100%
normalization/__init__.py                                                                                                           4      0   100%
/actions-runner/_work/airbyte/airbyte/airbyte-integrations/bases/airbyte-protocol/airbyte_protocol/models/airbyte_protocol.py     124      0   100%
/actions-runner/_work/airbyte/airbyte/airbyte-integrations/bases/airbyte-protocol/airbyte_protocol/models/__init__.py               1      0   100%
/actions-runner/_work/airbyte/airbyte/airbyte-integrations/bases/airbyte-protocol/airbyte_protocol/__init__.py                      2      0   100%
normalization/transform_catalog/destination_name_transformer.py                                                                   155      8    95%
normalization/transform_config/transform.py                                                                                       168     31    82%
normalization/transform_catalog/table_name_registry.py                                                                            174     34    80%
normalization/transform_catalog/utils.py                                                                                           33      7    79%
normalization/transform_catalog/catalog_processor.py                                                                              143     77    46%
normalization/transform_catalog/transform.py                                                                                       45     26    42%
normalization/transform_catalog/stream_processor.py                                                                               524    337    36%
---------------------------------------------------------------------------------------------------------------------------------------------------
TOTAL                                                                                                                            1403    520    63%

@alafanechere
Copy link
Contributor

alafanechere commented Apr 4, 2022
edited by github-actions bot
Loading

/test connector=connectors/destination-keen

🕑 connectors/destination-keen https://github.com/airbytehq/airbyte/actions/runs/2092355795
✅ connectors/destination-keen https://github.com/airbytehq/airbyte/actions/runs/2092355795
No Python unittests run

@alafanechere
Copy link
Contributor

alafanechere commented Apr 4, 2022
edited by github-actions bot
Loading

/test connector=connectors/destination-clickhouse

🕑 connectors/destination-clickhouse https://github.com/airbytehq/airbyte/actions/runs/2092357344
✅ connectors/destination-clickhouse https://github.com/airbytehq/airbyte/actions/runs/2092357344
No Python unittests run

@alafanechere
Copy link
Contributor

alafanechere commented Apr 4, 2022
edited by github-actions bot
Loading

/test connector=connectors/destination-dynamodb

🕑 connectors/destination-dynamodb https://github.com/airbytehq/airbyte/actions/runs/2092365900
✅ connectors/destination-dynamodb https://github.com/airbytehq/airbyte/actions/runs/2092365900
No Python unittests run

@alafanechere
Copy link
Contributor

alafanechere commented Apr 4, 2022
edited by github-actions bot
Loading

/test connector=connectors/destination-e2e-test

🕑 connectors/destination-e2e-test https://github.com/airbytehq/airbyte/actions/runs/2092365822
✅ connectors/destination-e2e-test https://github.com/airbytehq/airbyte/actions/runs/2092365822
No Python unittests run

@alafanechere
Copy link
Contributor

alafanechere commented Apr 4, 2022
edited by github-actions bot
Loading

/test connector=connectors/destination-elasticsearch

🕑 connectors/destination-elasticsearch https://github.com/airbytehq/airbyte/actions/runs/2092365858
✅ connectors/destination-elasticsearch https://github.com/airbytehq/airbyte/actions/runs/2092365858
No Python unittests run

@alafanechere
Copy link
Contributor

alafanechere commented Apr 4, 2022
edited by github-actions bot
Loading

/test connector=connectors/destination-gcs

🕑 connectors/destination-gcs https://github.com/airbytehq/airbyte/actions/runs/2092366494
✅ connectors/destination-gcs https://github.com/airbytehq/airbyte/actions/runs/2092366494
No Python unittests run

@alafanechere
Copy link
Contributor

alafanechere commented Apr 4, 2022
edited by github-actions bot
Loading

/test connector=connectors/destination-pubsub

🕑 connectors/destination-pubsub https://github.com/airbytehq/airbyte/actions/runs/2092366266
❌ connectors/destination-pubsub https://github.com/airbytehq/airbyte/actions/runs/2092366266
🐛 https://gradle.com/s/xrjtnmtxz2mr4

@alafanechere
Copy link
Contributor

alafanechere commented Apr 4, 2022
edited by github-actions bot
Loading

/test connector=connectors/destination-kafka

🕑 connectors/destination-kafka https://github.com/airbytehq/airbyte/actions/runs/2092367133
✅ connectors/destination-kafka https://github.com/airbytehq/airbyte/actions/runs/2092367133
No Python unittests run

@alafanechere
Copy link
Contributor

alafanechere commented Apr 4, 2022
edited by github-actions bot
Loading

/test connector=connectors/destination-kinesis

🕑 connectors/destination-kinesis https://github.com/airbytehq/airbyte/actions/runs/2092368692
✅ connectors/destination-kinesis https://github.com/airbytehq/airbyte/actions/runs/2092368692
No Python unittests run

@github-actions github-actions bot added the area/documentation Improvements or additions to documentation label Apr 6, 2022
@alafanechere
Copy link
Contributor

alafanechere commented Apr 6, 2022
edited by github-actions bot
Loading

/publish connector=connectors/destination-clickhouse

🕑 connectors/destination-clickhouse https://github.com/airbytehq/airbyte/actions/runs/2103958470
🚀 Successfully published connectors/destination-clickhouse
❌ Couldn't auto-bump version for connectors/destination-clickhouse

@alafanechere alafanechere mentioned this pull request Apr 6, 2022
Closed
@alafanechere alafanechere temporarily deployed to more-secrets April 6, 2022 18:13 Inactive
@alafanechere alafanechere temporarily deployed to more-secrets April 6, 2022 18:13 Inactive
@alafanechere alafanechere temporarily deployed to more-secrets April 11, 2022 13:58 Inactive
@alafanechere alafanechere temporarily deployed to more-secrets April 11, 2022 13:58 Inactive
@alafanechere alafanechere mentioned this pull request Apr 11, 2022
Closed
@grishick
Copy link
Contributor

grishick commented Apr 22, 2022
edited by github-actions bot
Loading

/test connector=connectors/destination-postgres

🕑 connectors/destination-postgres https://github.com/airbytehq/airbyte/actions/runs/2210560208
✅ connectors/destination-postgres https://github.com/airbytehq/airbyte/actions/runs/2210560208
Python tests coverage:

Name                                                                                                                            Stmts   Miss  Cover
---------------------------------------------------------------------------------------------------------------------------------------------------
normalization/transform_config/__init__.py                                                                                          2      0   100%
normalization/transform_catalog/reserved_keywords.py                                                                               13      0   100%
normalization/transform_catalog/__init__.py                                                                                         2      0   100%
normalization/destination_type.py                                                                                                  13      0   100%
normalization/__init__.py                                                                                                           4      0   100%
/actions-runner/_work/airbyte/airbyte/airbyte-integrations/bases/airbyte-protocol/airbyte_protocol/models/airbyte_protocol.py     124      0   100%
/actions-runner/_work/airbyte/airbyte/airbyte-integrations/bases/airbyte-protocol/airbyte_protocol/models/__init__.py               1      0   100%
/actions-runner/_work/airbyte/airbyte/airbyte-integrations/bases/airbyte-protocol/airbyte_protocol/__init__.py                      2      0   100%
normalization/transform_catalog/destination_name_transformer.py                                                                   155      8    95%
normalization/transform_config/transform.py                                                                                       168     31    82%
normalization/transform_catalog/table_name_registry.py                                                                            174     34    80%
normalization/transform_catalog/utils.py                                                                                           33      7    79%
normalization/transform_catalog/catalog_processor.py                                                                              143     77    46%
normalization/transform_catalog/transform.py                                                                                       45     26    42%
normalization/transform_catalog/stream_processor.py                                                                               524    337    36%
---------------------------------------------------------------------------------------------------------------------------------------------------
TOTAL                                                                                                                            1403    520    63%

@grishick
Copy link
Contributor

Auto-bump is currently broken (#12276). Once that is fixed, this PR will be much easier to complete.

This was referenced Apr 23, 2022
Merged
Merged
Merged
Merged
Merged
grishick pushed a commit that referenced this pull request Apr 26, 2022
Bump mina-sshd from 2.7.0 to 2.8.0
9526dd2 
this is an attempt to merge the main change
from  #11514,
which now has multiple conflicts.

The gist of the change

When creating a Postgres destination connector with SSH tunnel method 'SSH Key Authentication', one is required to provide a RSA key. Creating a rsa-sha2-256 or rsa-sha2-512 key, will result in the error SshException: KeyExchange signature verification failed for key type=ssh-rsa, if you haven't enabled ssh-rsa in the SSH server's host key algorithms.

mina-sshd in version 2.7.0 uses the wrong server key signature algorithm during DH group key exchange. https://issues.apache.org/jira/browse/SSHD-1163.

Bumping mina-sshd to version 2.8.0 addresses this issue. Changelog https://github.com/apache/mina-sshd/blob/master/docs/changes/2.8.0.md.
@grishick grishick mentioned this pull request Apr 26, 2022
Merged
@grishick
Copy link
Contributor

@evansmurithi thank you for the change. The updated docker images have been published and versions updated in OSS platform. I am merging the main change here: #12376. Once the main change is merged, I'll close this PR.

grishick added a commit that referenced this pull request Apr 26, 2022
@grishick
Bump mina-sshd from 2.7.0 to 2.8.0 (#12376)
53e625a 
this is an attempt to merge the main change
from  #11514,
which now has multiple conflicts.

The gist of the change

When creating a Postgres destination connector with SSH tunnel method 'SSH Key Authentication', one is required to provide a RSA key. Creating a rsa-sha2-256 or rsa-sha2-512 key, will result in the error SshException: KeyExchange signature verification failed for key type=ssh-rsa, if you haven't enabled ssh-rsa in the SSH server's host key algorithms.

mina-sshd in version 2.7.0 uses the wrong server key signature algorithm during DH group key exchange. https://issues.apache.org/jira/browse/SSHD-1163.

Bumping mina-sshd to version 2.8.0 addresses this issue. Changelog https://github.com/apache/mina-sshd/blob/master/docs/changes/2.8.0.md.
@grishick grishick closed this Apr 26, 2022
suhomud pushed a commit that referenced this pull request May 23, 2022
@grishick @suhomud
Bump mina-sshd from 2.7.0 to 2.8.0 (#12376)
730fd2f 
this is an attempt to merge the main change
from  #11514,
which now has multiple conflicts.

The gist of the change

When creating a Postgres destination connector with SSH tunnel method 'SSH Key Authentication', one is required to provide a RSA key. Creating a rsa-sha2-256 or rsa-sha2-512 key, will result in the error SshException: KeyExchange signature verification failed for key type=ssh-rsa, if you haven't enabled ssh-rsa in the SSH server's host key algorithms.

mina-sshd in version 2.7.0 uses the wrong server key signature algorithm during DH group key exchange. https://issues.apache.org/jira/browse/SSHD-1163.

Bumping mina-sshd to version 2.8.0 addresses this issue. Changelog https://github.com/apache/mina-sshd/blob/master/docs/changes/2.8.0.md.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sherifnada sherifnada sherifnada approved these changes

@supertopher supertopher supertopher approved these changes

Assignees

@alafanechere alafanechere

Labels
area/connectors Connector related issues area/documentation Improvements or additions to documentation community connectors/destination/postgres
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@evansmurithi @CLAassistant @alafanechere @marcosmarxm @supertopher @octavia-squidington-iii @sherifnada @grishick @klsoper