Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Backport of fix a panic in the CLI when deleting an acl policy with an unknown name into release/1.15.x #19690

Closed
wants to merge 1,284 commits into from
Closed

Backport of fix a panic in the CLI when deleting an acl policy with an unknown name into release/1.15.x #19690

wants to merge 1,284 commits into from

Conversation

hc-github-team-consul-core
Copy link
Collaborator

Backport

This PR is auto-generated from #19679 to be assessed for backporting due to the inclusion of the label backport/1.15.

The below text is copied from the body of the original PR.

Description

This fix a panic in the CLI when deleting a policy using its name and that name do not exist on the server.

consul acl policy delete -namespace david-test -datacenter us-east-infra -name namespace-management

panic: runtime error: invalid memory address or nil pointer dereference

[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x1012db5]




goroutine 1 [running]:

github.com/hashicorp/consul/command/acl.GetPolicyIDByName(...)

/Users/dayachi/git/consul-enterprise/command/acl/acl_helpers.go:102

github.com/hashicorp/consul/command/acl/policy/delete.(*cmd).Run(0xc000d62050, {0xc000072180?, 0xffffffffffffffff?, 0x0?})

/Users/dayachi/git/consul-enterprise/command/acl/policy/delete/policy_delete.go:62 +0x155

github.com/mitchellh/cli.(*CLI).Run(0xc000fa3400)

/Users/dayachi/go/pkg/mod/github.com/mitchellh/[email protected]/cli.go:262 +0x5b8

main.realMain()

/Users/dayachi/git/consul-enterprise/main.go:48 +0x469

main.main()

/Users/dayachi/git/consul-enterprise/main.go:18 +0x13

root@hashi-i-0cb3233c55d0fe848:/opt/consul/1.15.6+debug# consul version

Consul v1.15.6+ent

Revision ba04dc46b8+CHANGES

Build Date 2023-09-19T23:47:29Z

Protocol 2 spoken by default, understands 2 to 3 (agent will automatically use protocol >2 when speaking to compatible agents)

PR Checklist

  • updated test coverage
  • external facing docs updated
  • appropriate backport labels added
  • not a security concern
Overview of commits

rboyer and others added 30 commits October 3, 2023 10:06
@rboyer
chore: fix ce/ent drift in sdk and testing/deployer submodules (#19041)
df930a5
Reduce number of ports that consul test agents take (#19047)
41e6f6c
@jmurret
NET-5590 - authorization: check for identity:write in CA certs, xds s…
d67e5c6 
…erver, and getting envoy bootstrap params (#19049)

* NET-5590 - authorization: check for identity:write in CA certs, xds server, and getting envoy bootstrap params

* gofmt file
@erichaberkorn
Fix Traffic Permissions Default Deny (#19028)
f2b7b45 
Whenver a traffic permission exists for a given workload identity, turn on default deny.

Previously, this was only working at the port level.
Add workload identity hooks (#19045)
b43cde5
Remove parallel flag (#19057)
1a9666c
@erichaberkorn
Fix Explicit Destination Integration Test (#19060)
9656fd1 
fix explicit destination integration test
Add upgrade warnings (#19061)
cf9e1b6
@valeriia-ruban
chor: update rule to run frontend github tasks when changes are made … (
344f463 
#19053)
@absolutelightning
Fixes docs of Consul Debug - Adds info about Since Flag (#19056)
af9a486 
fix docs
@trujillo-adam @boruszak @Ganeshrockz
Docs/ce 477 dataplanes on ecs (#19010)
788c586 
* updated architecture topic

* fixed type in arch diagram filenames

* fixed path to img file

* updated index page - still need to add links

* moved arch and tech specs to reference folder

* moved other ref topics to ref folder

* set up the Deploy folder and TF install topics

* merged secure conf into TF deploy instructions

* moved bind addr and route conf to their own topics

* moved arch and tech specs back to main folder

* update migrate-existing-tasks content

* merged manual deploy content; added serv conf ref

* fixed links

* added procedure for upgrading to dataplanes

* fixed linked reported by checker

* added updates to dataplanes overview page

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <[email protected]>

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <[email protected]>
Co-authored-by: Ganesh S <[email protected]>

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <[email protected]>
Co-authored-by: Ganesh S <[email protected]>

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <[email protected]>

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <[email protected]>
Co-authored-by: Ganesh S <[email protected]>

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <[email protected]>
Co-authored-by: Ganesh S <[email protected]>

* updated links and added redirects

* removed old architecture content

---------

Co-authored-by: Jeff Boruszak <[email protected]>
Co-authored-by: Ganesh S <[email protected]>
@huikang
docs: clarify the requriment for cross-partition network (#19052)
079c9d6
Bump up compatibility test runner (#19081)
ca4ff6b
[CE] Add workload bind type and templated policy (#19077)
ad26494
Retry flaky tests (#19088)
aa526db
@missylbytes
Allow connections through Terminating Gateways from peered clusters N…
342306c 
…ET-3463 (#18959)

* Add InboundPeerTrustBundle maps to Terminating Gateway

* Add notify and cancelation of watch for inbound peer trust bundles

* Pass peer trust bundles to the RBAC creation function

* Regenerate Golden Files

* add changelog, also adds another spot that needed peeredTrustBundles

* Add basic test for terminating gateway with peer trust bundle

* Add intention to cluster peered golden test

* rerun codegen

* update changelog

* really update the changelog

---------

Co-authored-by: Melisa Griffin <[email protected]>
@rboyer
mesh: ensure we add the virtual port number for L7 implicit upstreams (
754ab9a 
…#19085)
Replace hub with gh for member roles on JIRA sync checks (#19089)
677e16a 
Update jira-pr.yaml

Change from `hub` to `gh` for checking member roles
@dhiaayachi
Make raft-wal default when resource-apis is active (#19090)
ed882e2 
Make raft-wal default when v2 catalog experiment is on
@erichaberkorn
Add traffic permissions integration tests. (#19008)
ad3aab1 
Add traffic permissions integration tests.
@hashi-derek
Ensure that upstream configuration is properly normalized. (#19076)
af3439b 
This PR fixes an issue where upstreams did not correctly inherit the proper
namespace / partition from the parent service when attempting to fetch the
upstream protocol due to inconsistent normalization.

Some of the merge-service-configuration logic would normalize to default, while
some of the proxycfg logic would normalize to match the parent service. Due to
this mismatch in logic, an incorrect service-defaults configuration entry would
be fetched and have its protocol applied to the upstream.
@trujillo-adam @boruszak
Docs/ce 470 locality aware (#19071)
a9747dc 
* updated nav; renamed L7 traffic folder

* Added locality-aware routing to traffic mgmt overview

* Added route to local upstreams topic

* Updated agent configuration reference

* Added locality param to services conf ref

* Added locality param to conf entries

* mentioned traffic management in proxies overview

* added locality-aware to failover overview

* added docs for service rate limiting

* updated service defaults conf entry

* Apply suggestions from code review

Co-authored-by: Chris S. Kim <[email protected]>

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <[email protected]>
Co-authored-by: Chris S. Kim <[email protected]>

* updated links and added redirects

---------

Co-authored-by: Chris S. Kim <[email protected]>
Co-authored-by: Jeff Boruszak <[email protected]>
@mkeeler
protohcl: allow attribute syntax for all map fields (#19108)
4713317
@absolutelightning @Ganeshrockz @rboyer
NET-4135 - Fix NodeMeta filtering Catalog List Services API (#18322)
a30ccdf 
* logs for debugging

* Init

* white spaces fix

* added change log

* Fix tests

* fix typo

* using queryoptionfilter to populate args.filter

* tests

* fix test

* fix tests

* fix tests

* fix tests

* fix tests

* fix variable name

* fix tests

* fix tests

* fix tests

* Update .changelog/18322.txt

Co-authored-by: Ganesh S <[email protected]>

* fix change log

* address nits

* removed unused line

* doing join only when filter has nodemeta

* fix tests

* fix tests

* Update agent/consul/catalog_endpoint.go

Co-authored-by: R.B. Boyer <[email protected]>

* fix tests

* removed unwanted code

---------

Co-authored-by: Ganesh S <[email protected]>
Co-authored-by: R.B. Boyer <[email protected]>
@absolutelightning
Stop windows integration tests (#19118)
b9314de 
stop windows integration tests
Minor update to ratelimit wording (#19106)
d6200fa
@cthain
Update Vault CA provider namespace configuration (#19095)
dcdf2fc
Remove old build tags (#19128)
92ce814
@dhiaayachi
Activate verifier when running WAL with experimental features (#19102)
2265905 
* activate verifier when running WAL with experimental features

* only change verifier parameters if it's disabled (default value)
@analogue
v2tenancy: cluster scoped reads (#19082)
830c4ea
@hc-github-team-consul-core hc-github-team-consul-core requested review from dekimsey and claire-labry and removed request for a team November 20, 2023 14:48
@hc-github-team-consul-core hc-github-team-consul-core force-pushed the backport/dhiaayachi/fix_panic_policy_delete/logically-amazed-crow branch from 01d24e2 to 5ecf5e5 Compare November 20, 2023 14:48
github-team-consul-core-pr-approver
github-team-consul-core-pr-approver approved these changes Nov 20, 2023
View reviewed changes
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Auto approved Consul Bot automated PR

@github-actions github-actions bot added type/docs Documentation needs to be created/updated/clarified theme/api Relating to the HTTP API interface theme/acls ACL and token generation theme/cli Flags and documentation for the CLI interface theme/config Relating to Consul Agent configuration, including reloading theme/ui Anything related to the UI theme/connect Anything related to Consul Connect, Service Mesh, Side Car Proxies theme/tls Using TLS (Transport Layer Security) or mTLS (mutual TLS) to secure communication theme/telemetry Anything related to telemetry or observability type/ci Relating to continuous integration (CI) tooling for testing or releases pr/dependencies PR specifically updates dependencies of project theme/envoy/xds Related to Envoy support theme/contributing Additions and enhancements to community contributing materials theme/internals Serf, Raft, SWIM, Lifeguard, Anti-Entropy, locking topics theme/certificates Related to creating, distributing, and rotating certificates in Consul theme/agent-cache Agent Cache theme/consul-terraform-sync Relating to Consul Terraform Sync and Network Infrastructure Automation labels Nov 20, 2023
@hc-github-team-consul-core
Copy link
Collaborator Author

🤔 This PR has changes in the website/ directory but does not have a type/docs-cherrypick label. If the changes are for the next version, this can be ignored. If they are updates to current docs, attach the label to auto cherrypick to the stable-website branch after merging.

@dhiaayachi dhiaayachi disabled auto-merge November 20, 2023 14:49
@vercel vercel bot temporarily deployed to Preview – consul November 20, 2023 14:53 Inactive
@dhiaayachi dhiaayachi closed this Nov 20, 2023
@dhiaayachi dhiaayachi mentioned this pull request Nov 20, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-team-consul-core-pr-approver github-team-consul-core-pr-approver github-team-consul-core-pr-approver approved these changes

@dekimsey dekimsey Awaiting requested review from dekimsey

@claire-labry claire-labry Awaiting requested review from claire-labry

@dhiaayachi dhiaayachi Awaiting requested review from dhiaayachi

Assignees

@dhiaayachi dhiaayachi

Labels
pr/dependencies PR specifically updates dependencies of project theme/acls ACL and token generation theme/agent-cache Agent Cache theme/api Relating to the HTTP API interface theme/certificates Related to creating, distributing, and rotating certificates in Consul theme/cli Flags and documentation for the CLI interface theme/config Relating to Consul Agent configuration, including reloading theme/connect Anything related to Consul Connect, Service Mesh, Side Car Proxies theme/consul-terraform-sync Relating to Consul Terraform Sync and Network Infrastructure Automation theme/contributing Additions and enhancements to community contributing materials theme/envoy/xds Related to Envoy support theme/internals Serf, Raft, SWIM, Lifeguard, Anti-Entropy, locking topics theme/telemetry Anything related to telemetry or observability theme/tls Using TLS (Transport Layer Security) or mTLS (mutual TLS) to secure communication theme/ui Anything related to the UI type/ci Relating to continuous integration (CI) tooling for testing or releases type/docs Documentation needs to be created/updated/clarified
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.