From d9f43fc87160906cab41dd72c22e45552c0c935d Mon Sep 17 00:00:00 2001 From: Talha Bin Rizwan Date: Mon, 6 May 2024 20:27:41 +0500 Subject: [PATCH 01/64] PMM-12940 Run watchtower next to pmm server container. --- build/packer/ansible/roles/podman-setup/tasks/main.yml | 8 ++++++++ .../ansible/roles/podman-setup/templates/pmm-server.env | 4 ++++ .../roles/podman-setup/templates/pmm-server.service | 5 +++++ 3 files changed, 17 insertions(+) create mode 100644 build/packer/ansible/roles/podman-setup/templates/pmm-server.env diff --git a/build/packer/ansible/roles/podman-setup/tasks/main.yml b/build/packer/ansible/roles/podman-setup/tasks/main.yml index 7854d0b157..7de64c2ff9 100644 --- a/build/packer/ansible/roles/podman-setup/tasks/main.yml +++ b/build/packer/ansible/roles/podman-setup/tasks/main.yml @@ -33,6 +33,14 @@ group: admin mode: '0755' +- name: Copy environment file for service to user-specific directory + template: + src: pmm-server.env + dest: /home/admin/.config/systemd/user/ + owner: admin + group: admin + mode: '0644' + - name: Copy systemd service file to user-specific directory template: src: pmm-server.service diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.env b/build/packer/ansible/roles/podman-setup/templates/pmm-server.env new file mode 100644 index 0000000000..df003c93b5 --- /dev/null +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.env @@ -0,0 +1,4 @@ +PMM_WATCHTOWER_HOST="http://watchtower:8080" +PMM_WATCHTOWER_TOKEN=123 +PMM_SERVER_UPDATE_VERSION="docker.io/perconalab/pmm-server:3-dev-latest" +PMM_IMAGE="docker.io/perconalab/pmm-server:3-dev-latest" diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service index ecb10f37df..335035f860 100644 --- a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service @@ -6,10 +6,15 @@ After=nss-user-lookup.target nss-lookup.target After=time-sync.target [Service] +EnvironmentFile=/home/admin/.config/systemd/user/pmm-server.env + TimeoutStartSec=0 Restart=always ExecStart=/usr/bin/podman run --volume pmm-data:/srv/ --rm --name %N \ + -e PMM_WATCHTOWER_HOST=${PMM_WATCHTOWER_HOST} \ + -e PMM_WATCHTOWER_TOKEN=${PMM_WATCHTOWER_TOKEN} \ + -e PMM_SERVER_UPDATE_VERSION=${PMM_SERVER_UPDATE_VERSION} \ -p 443:8443/tcp --ulimit=host {{ pmm_server_image_name }} ExecStop=/usr/bin/podman stop -t 10 %N From 8faf161b22c582e13f1051f38cf0aa52dc5a4e5f Mon Sep 17 00:00:00 2001 From: Talha Bin Rizwan Date: Tue, 7 May 2024 10:32:47 +0500 Subject: [PATCH 02/64] PMM-12940 Run watchtower next to pmm server container. --- .../ansible/roles/podman-setup/tasks/main.yml | 20 ++++++++++++++-- .../podman-setup/templates/pmm-server.service | 2 +- .../podman-setup/templates/watchtower.service | 24 +++++++++++++++++++ 3 files changed, 43 insertions(+), 3 deletions(-) create mode 100644 build/packer/ansible/roles/podman-setup/templates/watchtower.service diff --git a/build/packer/ansible/roles/podman-setup/tasks/main.yml b/build/packer/ansible/roles/podman-setup/tasks/main.yml index 7de64c2ff9..bd97c6f2c4 100644 --- a/build/packer/ansible/roles/podman-setup/tasks/main.yml +++ b/build/packer/ansible/roles/podman-setup/tasks/main.yml @@ -13,12 +13,20 @@ content: ami dest: /srv/pmm-distribution +- name: Set SELinux in permissive mode for watchtower + selinux: + policy: targeted + state: permissive + - name: Pull the PMM image command: podman pull {{ pmm_server_image_name }} - name: Create a volume on the host command: podman volume create pmm-data +- name: Create a network + command: podman network create pmm_default + - name: Enable privileged port become: true sysctl: @@ -33,7 +41,7 @@ group: admin mode: '0755' -- name: Copy environment file for service to user-specific directory +- name: Copy pmm-server environment file for service to user-specific directory template: src: pmm-server.env dest: /home/admin/.config/systemd/user/ @@ -41,7 +49,7 @@ group: admin mode: '0644' -- name: Copy systemd service file to user-specific directory +- name: Copy pmm-server systemd service file to user-specific directory template: src: pmm-server.service dest: /home/admin/.config/systemd/user/ @@ -49,6 +57,14 @@ group: admin mode: '0644' +- name: Copy watchtower systemd service file to user-specific directory + template: + src: watchtower.service + dest: /home/admin/.config/systemd/user/ + owner: admin + group: admin + mode: '0644' + - name: Get user ID of admin user command: id -u admin register: admin_user_id diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service index 335035f860..71a9663fde 100644 --- a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service @@ -15,7 +15,7 @@ ExecStart=/usr/bin/podman run --volume pmm-data:/srv/ --rm --name %N \ -e PMM_WATCHTOWER_HOST=${PMM_WATCHTOWER_HOST} \ -e PMM_WATCHTOWER_TOKEN=${PMM_WATCHTOWER_TOKEN} \ -e PMM_SERVER_UPDATE_VERSION=${PMM_SERVER_UPDATE_VERSION} \ - -p 443:8443/tcp --ulimit=host {{ pmm_server_image_name }} + -p 443:8443/tcp --ulimit=host ${PMM_IMAGE} ExecStop=/usr/bin/podman stop -t 10 %N diff --git a/build/packer/ansible/roles/podman-setup/templates/watchtower.service b/build/packer/ansible/roles/podman-setup/templates/watchtower.service new file mode 100644 index 0000000000..c223091c24 --- /dev/null +++ b/build/packer/ansible/roles/podman-setup/templates/watchtower.service @@ -0,0 +1,24 @@ +[Unit] +Description=watchtower +Wants=network-online.target +After=network-online.target +After=nss-user-lookup.target nss-lookup.target +After=time-sync.target + +[Service] +TimeoutStartSec=0 +Restart=always + +Environment=WATCHTOWER_HTTP_API_UPDATE=1 +Environment=WATCHTOWER_HTTP_API_TOKEN=123 + +ExecStart=/usr/bin/podman run --rm --name %N \ + -v ${XDG_RUNTIME_DIR}/podman/podman.sock:/var/run/docker.sock \ + -e WATCHTOWER_HTTP_API_UPDATE=${WATCHTOWER_HTTP_API_UPDATE} \ + -e WATCHTOWER_HTTP_API_TOKEN=${WATCHTOWER_HTTP_API_TOKEN} \ + -p 8080:8080/tcp docker.io/perconalab/watchtower + +ExecStop=/usr/bin/podman stop -t 10 %N + +[Install] +WantedBy=default.target From 8c6e7e8581ea9f1461d39eadcf8c4052308349d2 Mon Sep 17 00:00:00 2001 From: Talha Bin Rizwan Date: Tue, 7 May 2024 11:02:16 +0500 Subject: [PATCH 03/64] PMM-12940 Run watchtower next to pmm server container. --- .../ansible/roles/podman-setup/tasks/main.yml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/build/packer/ansible/roles/podman-setup/tasks/main.yml b/build/packer/ansible/roles/podman-setup/tasks/main.yml index bd97c6f2c4..485b2248ff 100644 --- a/build/packer/ansible/roles/podman-setup/tasks/main.yml +++ b/build/packer/ansible/roles/podman-setup/tasks/main.yml @@ -78,3 +78,17 @@ become_user: admin environment: DBUS_SESSION_BUS_ADDRESS: "unix:path=/run/user/{{ admin_user_id.stdout }}/bus" + +- name: Enable socket + command: systemctl --user enable --now podman.socket + become: true + become_user: admin + environment: + DBUS_SESSION_BUS_ADDRESS: "unix:path=/run/user/{{ admin_user_id.stdout }}/bus" + +- name: Enable and start watchtower container as a user service + command: systemctl --user enable --now watchtower + become: true + become_user: admin + environment: + DBUS_SESSION_BUS_ADDRESS: "unix:path=/run/user/{{ admin_user_id.stdout }}/bus" From a6f3864620ff1e392b64a27469f065ec04b5975a Mon Sep 17 00:00:00 2001 From: Talha Bin Rizwan Date: Tue, 7 May 2024 11:53:38 +0500 Subject: [PATCH 04/64] PMM-12940 Run watchtower next to pmm server container. --- build/packer/ansible/roles/podman-setup/tasks/main.yml | 6 ++++++ .../ansible/roles/podman-setup/templates/pmm-server.service | 2 ++ .../ansible/roles/podman-setup/templates/watchtower.service | 2 ++ 3 files changed, 10 insertions(+) diff --git a/build/packer/ansible/roles/podman-setup/tasks/main.yml b/build/packer/ansible/roles/podman-setup/tasks/main.yml index 485b2248ff..5942e0c9e1 100644 --- a/build/packer/ansible/roles/podman-setup/tasks/main.yml +++ b/build/packer/ansible/roles/podman-setup/tasks/main.yml @@ -20,12 +20,18 @@ - name: Pull the PMM image command: podman pull {{ pmm_server_image_name }} + become: true + become_user: admin - name: Create a volume on the host command: podman volume create pmm-data + become: true + become_user: admin - name: Create a network command: podman network create pmm_default + become: true + become_user: admin - name: Enable privileged port become: true diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service index 71a9663fde..47125715c0 100644 --- a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service @@ -15,6 +15,8 @@ ExecStart=/usr/bin/podman run --volume pmm-data:/srv/ --rm --name %N \ -e PMM_WATCHTOWER_HOST=${PMM_WATCHTOWER_HOST} \ -e PMM_WATCHTOWER_TOKEN=${PMM_WATCHTOWER_TOKEN} \ -e PMM_SERVER_UPDATE_VERSION=${PMM_SERVER_UPDATE_VERSION} \ + --net pmm_default \ + --cap-add=net_admin,net_raw \ -p 443:8443/tcp --ulimit=host ${PMM_IMAGE} ExecStop=/usr/bin/podman stop -t 10 %N diff --git a/build/packer/ansible/roles/podman-setup/templates/watchtower.service b/build/packer/ansible/roles/podman-setup/templates/watchtower.service index c223091c24..d11339c027 100644 --- a/build/packer/ansible/roles/podman-setup/templates/watchtower.service +++ b/build/packer/ansible/roles/podman-setup/templates/watchtower.service @@ -16,6 +16,8 @@ ExecStart=/usr/bin/podman run --rm --name %N \ -v ${XDG_RUNTIME_DIR}/podman/podman.sock:/var/run/docker.sock \ -e WATCHTOWER_HTTP_API_UPDATE=${WATCHTOWER_HTTP_API_UPDATE} \ -e WATCHTOWER_HTTP_API_TOKEN=${WATCHTOWER_HTTP_API_TOKEN} \ + --net pmm_default \ + --cap-add=net_admin,net_raw \ -p 8080:8080/tcp docker.io/perconalab/watchtower ExecStop=/usr/bin/podman stop -t 10 %N From fa6cd1b0144613d0c1f35e6736cf21227a2e48ae Mon Sep 17 00:00:00 2001 From: Talha Bin Rizwan Date: Tue, 7 May 2024 12:40:19 +0500 Subject: [PATCH 05/64] PMM-12940 Run watchtower next to pmm server container. --- build/packer/ansible/roles/podman-setup/tasks/main.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/build/packer/ansible/roles/podman-setup/tasks/main.yml b/build/packer/ansible/roles/podman-setup/tasks/main.yml index 5942e0c9e1..522f6799a8 100644 --- a/build/packer/ansible/roles/podman-setup/tasks/main.yml +++ b/build/packer/ansible/roles/podman-setup/tasks/main.yml @@ -98,3 +98,7 @@ become_user: admin environment: DBUS_SESSION_BUS_ADDRESS: "unix:path=/run/user/{{ admin_user_id.stdout }}/bus" + +- name: Sleep for 1 minute + pause: + minutes: 1 From fc35c7a109f8ed670618f94e06a824989696f7de Mon Sep 17 00:00:00 2001 From: Talha Bin Rizwan Date: Tue, 7 May 2024 13:13:22 +0500 Subject: [PATCH 06/64] PMM-12940 Run watchtower next to pmm server container. --- .../ansible/roles/podman-setup/templates/pmm-server.service | 1 - .../ansible/roles/podman-setup/templates/watchtower.service | 1 - 2 files changed, 2 deletions(-) diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service index 47125715c0..cc157bb525 100644 --- a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service @@ -16,7 +16,6 @@ ExecStart=/usr/bin/podman run --volume pmm-data:/srv/ --rm --name %N \ -e PMM_WATCHTOWER_TOKEN=${PMM_WATCHTOWER_TOKEN} \ -e PMM_SERVER_UPDATE_VERSION=${PMM_SERVER_UPDATE_VERSION} \ --net pmm_default \ - --cap-add=net_admin,net_raw \ -p 443:8443/tcp --ulimit=host ${PMM_IMAGE} ExecStop=/usr/bin/podman stop -t 10 %N diff --git a/build/packer/ansible/roles/podman-setup/templates/watchtower.service b/build/packer/ansible/roles/podman-setup/templates/watchtower.service index d11339c027..a843d31792 100644 --- a/build/packer/ansible/roles/podman-setup/templates/watchtower.service +++ b/build/packer/ansible/roles/podman-setup/templates/watchtower.service @@ -17,7 +17,6 @@ ExecStart=/usr/bin/podman run --rm --name %N \ -e WATCHTOWER_HTTP_API_UPDATE=${WATCHTOWER_HTTP_API_UPDATE} \ -e WATCHTOWER_HTTP_API_TOKEN=${WATCHTOWER_HTTP_API_TOKEN} \ --net pmm_default \ - --cap-add=net_admin,net_raw \ -p 8080:8080/tcp docker.io/perconalab/watchtower ExecStop=/usr/bin/podman stop -t 10 %N From 3c626a22eba602534865d3fda402a2cf8bec2bee Mon Sep 17 00:00:00 2001 From: Talha Bin Rizwan Date: Tue, 7 May 2024 16:37:32 +0500 Subject: [PATCH 07/64] PMM-12940 Run watchtower next to pmm server container. --- .../ansible/roles/podman-setup/templates/pmm-server.service | 6 +++--- .../ansible/roles/podman-setup/templates/watchtower.service | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service index cc157bb525..77fae3f07c 100644 --- a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service @@ -8,10 +8,10 @@ After=time-sync.target [Service] EnvironmentFile=/home/admin/.config/systemd/user/pmm-server.env -TimeoutStartSec=0 -Restart=always +Restart=on-failure +RestartSec=20 -ExecStart=/usr/bin/podman run --volume pmm-data:/srv/ --rm --name %N \ +ExecStart=/usr/bin/podman run --volume pmm-data:/srv/ --rm --replace=true --name %N \ -e PMM_WATCHTOWER_HOST=${PMM_WATCHTOWER_HOST} \ -e PMM_WATCHTOWER_TOKEN=${PMM_WATCHTOWER_TOKEN} \ -e PMM_SERVER_UPDATE_VERSION=${PMM_SERVER_UPDATE_VERSION} \ diff --git a/build/packer/ansible/roles/podman-setup/templates/watchtower.service b/build/packer/ansible/roles/podman-setup/templates/watchtower.service index a843d31792..d33e1c42c7 100644 --- a/build/packer/ansible/roles/podman-setup/templates/watchtower.service +++ b/build/packer/ansible/roles/podman-setup/templates/watchtower.service @@ -6,13 +6,13 @@ After=nss-user-lookup.target nss-lookup.target After=time-sync.target [Service] -TimeoutStartSec=0 -Restart=always +Restart=on-failure +RestartSec=20 Environment=WATCHTOWER_HTTP_API_UPDATE=1 Environment=WATCHTOWER_HTTP_API_TOKEN=123 -ExecStart=/usr/bin/podman run --rm --name %N \ +ExecStart=/usr/bin/podman run --rm --replace=true --name %N \ -v ${XDG_RUNTIME_DIR}/podman/podman.sock:/var/run/docker.sock \ -e WATCHTOWER_HTTP_API_UPDATE=${WATCHTOWER_HTTP_API_UPDATE} \ -e WATCHTOWER_HTTP_API_TOKEN=${WATCHTOWER_HTTP_API_TOKEN} \ From 6a5569e81bc03dbf15158f637f318c75126e662e Mon Sep 17 00:00:00 2001 From: Talha Bin Rizwan Date: Tue, 7 May 2024 18:07:42 +0500 Subject: [PATCH 08/64] PMM-12940 Run watchtower next to pmm server container. --- .../ansible/roles/podman-setup/templates/pmm-server.service | 1 + .../ansible/roles/podman-setup/templates/watchtower.service | 1 + 2 files changed, 2 insertions(+) diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service index 77fae3f07c..98f3c900a0 100644 --- a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service @@ -16,6 +16,7 @@ ExecStart=/usr/bin/podman run --volume pmm-data:/srv/ --rm --replace=true --name -e PMM_WATCHTOWER_TOKEN=${PMM_WATCHTOWER_TOKEN} \ -e PMM_SERVER_UPDATE_VERSION=${PMM_SERVER_UPDATE_VERSION} \ --net pmm_default \ + --cap-add=net_admin,net_raw \ -p 443:8443/tcp --ulimit=host ${PMM_IMAGE} ExecStop=/usr/bin/podman stop -t 10 %N diff --git a/build/packer/ansible/roles/podman-setup/templates/watchtower.service b/build/packer/ansible/roles/podman-setup/templates/watchtower.service index d33e1c42c7..7861da7c7d 100644 --- a/build/packer/ansible/roles/podman-setup/templates/watchtower.service +++ b/build/packer/ansible/roles/podman-setup/templates/watchtower.service @@ -17,6 +17,7 @@ ExecStart=/usr/bin/podman run --rm --replace=true --name %N \ -e WATCHTOWER_HTTP_API_UPDATE=${WATCHTOWER_HTTP_API_UPDATE} \ -e WATCHTOWER_HTTP_API_TOKEN=${WATCHTOWER_HTTP_API_TOKEN} \ --net pmm_default \ + --cap-add=net_admin,net_raw \ -p 8080:8080/tcp docker.io/perconalab/watchtower ExecStop=/usr/bin/podman stop -t 10 %N From a10cf05ec287c3913e5d517788310fc49f62e8d2 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Thu, 30 May 2024 14:40:57 +0300 Subject: [PATCH 09/64] PMM-12940 No restart container. --- build/packer/ansible/roles/podman-setup/tasks/main.yml | 8 ++++++++ .../ansible/roles/podman-setup/templates/pmm-server.env | 2 +- .../roles/podman-setup/templates/watchtower.service | 4 ++++ 3 files changed, 13 insertions(+), 1 deletion(-) diff --git a/build/packer/ansible/roles/podman-setup/tasks/main.yml b/build/packer/ansible/roles/podman-setup/tasks/main.yml index 522f6799a8..5ed2e9370d 100644 --- a/build/packer/ansible/roles/podman-setup/tasks/main.yml +++ b/build/packer/ansible/roles/podman-setup/tasks/main.yml @@ -13,6 +13,14 @@ content: ami dest: /srv/pmm-distribution +- name: Change file owner + when: ansible_virtualization_type == "virtualbox" or + ( (ansible_virtualization_type == "xen" or ansible_virtualization_type == "kvm") and ansible_system_vendor != "DigitalOcean" ) + file: + path: /srv/pmm-distribution + owner: admin + state: file + - name: Set SELinux in permissive mode for watchtower selinux: policy: targeted diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.env b/build/packer/ansible/roles/podman-setup/templates/pmm-server.env index df003c93b5..bb0851de50 100644 --- a/build/packer/ansible/roles/podman-setup/templates/pmm-server.env +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.env @@ -1,4 +1,4 @@ PMM_WATCHTOWER_HOST="http://watchtower:8080" PMM_WATCHTOWER_TOKEN=123 -PMM_SERVER_UPDATE_VERSION="docker.io/perconalab/pmm-server:3-dev-latest" +PMM_SERVER_UPDATE_VERSION="docker.io/perconalab/pmm-server:3-dev-container" PMM_IMAGE="docker.io/perconalab/pmm-server:3-dev-latest" diff --git a/build/packer/ansible/roles/podman-setup/templates/watchtower.service b/build/packer/ansible/roles/podman-setup/templates/watchtower.service index 7861da7c7d..96c1e93202 100644 --- a/build/packer/ansible/roles/podman-setup/templates/watchtower.service +++ b/build/packer/ansible/roles/podman-setup/templates/watchtower.service @@ -11,11 +11,15 @@ RestartSec=20 Environment=WATCHTOWER_HTTP_API_UPDATE=1 Environment=WATCHTOWER_HTTP_API_TOKEN=123 +Environment=WATCHTOWER_NO_RESTART=1 +Environment=WATCHTOWER_DEBUG=1 ExecStart=/usr/bin/podman run --rm --replace=true --name %N \ -v ${XDG_RUNTIME_DIR}/podman/podman.sock:/var/run/docker.sock \ -e WATCHTOWER_HTTP_API_UPDATE=${WATCHTOWER_HTTP_API_UPDATE} \ -e WATCHTOWER_HTTP_API_TOKEN=${WATCHTOWER_HTTP_API_TOKEN} \ + -e WATCHTOWER_NO_RESTART=${WATCHTOWER_NO_RESTART} \ + -e WATCHTOWER_DEBUG=${WATCHTOWER_DEBUG} \ --net pmm_default \ --cap-add=net_admin,net_raw \ -p 8080:8080/tcp docker.io/perconalab/watchtower From 0da8b60828c48fb2a0cdb1dfc5159f6a0ba2e2d1 Mon Sep 17 00:00:00 2001 From: Talha Bin Rizwan Date: Fri, 31 May 2024 12:35:22 +0500 Subject: [PATCH 10/64] PMM-12940 Increase disk space. --- build/packer/pmm.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/packer/pmm.json b/build/packer/pmm.json index 3262b48916..5fd2f79a43 100644 --- a/build/packer/pmm.json +++ b/build/packer/pmm.json @@ -12,7 +12,7 @@ { "delete_on_termination": true, "device_name": "/dev/sda1", - "volume_size": 10, + "volume_size": 20, "volume_type": "gp3" }, { From 15a45112c3edec42f26daab344ba1375a8689a3b Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Tue, 16 Jul 2024 11:49:07 +0300 Subject: [PATCH 11/64] PMM-12940 AMI Improvements. --- .../podman-setup/templates/pmm-server.service | 6 +++++- managed/cmd/pmm-managed/main.go | 8 ++++++- managed/services/server/server.go | 21 +++++++------------ managed/services/server/updater.go | 1 - managed/services/telemetry/deps.go | 2 +- managed/services/telemetry/telemetry.go | 11 ++++------ managed/services/telemetry/telemetry_test.go | 5 +++-- .../distribution}/distribution_util.go | 12 +++++------ .../distribution}/distribution_util_test.go | 16 +++++++------- 9 files changed, 42 insertions(+), 40 deletions(-) rename managed/{services/telemetry => utils/distribution}/distribution_util.go (87%) rename managed/{services/telemetry => utils/distribution}/distribution_util_test.go (93%) diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service index 98f3c900a0..09543ca77d 100644 --- a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service @@ -11,7 +11,11 @@ EnvironmentFile=/home/admin/.config/systemd/user/pmm-server.env Restart=on-failure RestartSec=20 -ExecStart=/usr/bin/podman run --volume pmm-data:/srv/ --rm --replace=true --name %N \ +ExecStart=/usr/bin/podman run \ + --volume /srv/:/srv/ \ + --volume /home/admin/.ssh/:/home/pmm/.ssh/ \ + --volume /home/admin/.config/:/home/pmm/config/ \ + --rm --replace=true --name %N \ -e PMM_WATCHTOWER_HOST=${PMM_WATCHTOWER_HOST} \ -e PMM_WATCHTOWER_TOKEN=${PMM_WATCHTOWER_TOKEN} \ -e PMM_SERVER_UPDATE_VERSION=${PMM_SERVER_UPDATE_VERSION} \ diff --git a/managed/cmd/pmm-managed/main.go b/managed/cmd/pmm-managed/main.go index ff4ef420dd..840caca956 100644 --- a/managed/cmd/pmm-managed/main.go +++ b/managed/cmd/pmm-managed/main.go @@ -21,6 +21,7 @@ import ( "database/sql" _ "expvar" // register /debug/vars "fmt" + "github.com/percona/pmm/managed/utils/distribution" "html/template" "log" "net" @@ -133,6 +134,9 @@ const ( clickhouseMaxIdleConns = 5 clickhouseMaxOpenConns = 10 + + distributionInfoFilePath = "/srv/pmm-distribution" + osInfoFilePath = "/proc/version" ) var pprofSemaphore = semaphore.NewWeighted(1) @@ -935,7 +939,8 @@ func main() { //nolint:cyclop,maintidx telemetry.UIEventsExtension: uieventsService, } - telemetry, err := telemetry.NewService(db, platformClient, version.Version, cfg.Config.Services.Telemetry, telemetryExtensions) + dus := distribution.NewService(distributionInfoFilePath, osInfoFilePath, l) + telemetry, err := telemetry.NewService(db, platformClient, version.Version, dus, cfg.Config.Services.Telemetry, telemetryExtensions) if err != nil { l.Fatalf("Could not create telemetry service: %s", err) } @@ -995,6 +1000,7 @@ func main() { //nolint:cyclop,maintidx GrafanaClient: grafanaClient, VMAlertExternalRules: externalRules, Updater: updater, + Dus: dus, } server, err := server.NewServer(serverParams) diff --git a/managed/services/server/server.go b/managed/services/server/server.go index fecbe93660..36f4f325f6 100644 --- a/managed/services/server/server.go +++ b/managed/services/server/server.go @@ -21,6 +21,7 @@ import ( "crypto/subtle" "encoding/json" "fmt" + "github.com/percona/pmm/managed/utils/distribution" "os" "os/user" "path" @@ -93,6 +94,7 @@ type Params struct { AwsInstanceChecker *AWSInstanceChecker GrafanaClient grafanaClient Updater *Updater + Dus *distribution.Service } // NewServer returns new server for Server service. @@ -679,6 +681,11 @@ func (s *Server) writeSSHKey(sshKey string) error { s.sshKeyM.Lock() defer s.sshKeyM.Unlock() + distributionMethod := s.telemetryService.DistributionMethod() + if distributionMethod != serverpb.DistributionMethod_AMI && distributionMethod != serverpb.DistributionMethod_OVF { + return errors.New("SSH key can be set only on AMI and OVF distributions") + } + username := "pmm" usr, err := user.Lookup(username) if err != nil { @@ -689,24 +696,10 @@ func (s *Server) writeSSHKey(sshKey string) error { return errors.WithStack(err) } - uid, err := strconv.Atoi(usr.Uid) - if err != nil { - return errors.WithStack(err) - } - gid, err := strconv.Atoi(usr.Gid) - if err != nil { - return errors.WithStack(err) - } - if err = os.Chown(sshDirPath, uid, gid); err != nil { - return errors.WithStack(err) - } keysPath := path.Join(sshDirPath, "authorized_keys") if err = os.WriteFile(keysPath, []byte(sshKey), 0o600); err != nil { return errors.WithStack(err) } - if err = os.Chown(keysPath, uid, gid); err != nil { - return errors.WithStack(err) - } return nil } diff --git a/managed/services/server/updater.go b/managed/services/server/updater.go index 0240536e19..62683a7643 100644 --- a/managed/services/server/updater.go +++ b/managed/services/server/updater.go @@ -147,7 +147,6 @@ func (up *Updater) StartUpdate(ctx context.Context, newImageName string) error { return errors.New("update already in progress") } up.running = true - up.performM.Unlock() if newImageName == "" { return errors.New("newImageName is empty") } diff --git a/managed/services/telemetry/deps.go b/managed/services/telemetry/deps.go index 92a9d0007d..628967be58 100644 --- a/managed/services/telemetry/deps.go +++ b/managed/services/telemetry/deps.go @@ -26,7 +26,7 @@ import ( // distributionUtilService service to get info about OS on which pmm server is running. type distributionUtilService interface { - getDistributionMethodAndOS() (serverpb.DistributionMethod, pmmv1.DistributionMethod, string) + GetDistributionMethodAndOS() (serverpb.DistributionMethod, pmmv1.DistributionMethod, string) } // sender is interface which defines method for client which sends report with metrics. diff --git a/managed/services/telemetry/telemetry.go b/managed/services/telemetry/telemetry.go index 4106cee802..fbb3766d18 100644 --- a/managed/services/telemetry/telemetry.go +++ b/managed/services/telemetry/telemetry.go @@ -38,9 +38,7 @@ import ( ) const ( - distributionInfoFilePath = "/srv/pmm-distribution" - osInfoFilePath = "/proc/version" - sendChSize = 10 + sendChSize = 10 ) // Service reports telemetry. @@ -69,7 +67,7 @@ var ( ) // NewService creates a new service. -func NewService(db *reform.DB, portalClient *platform.Client, pmmVersion string, config ServiceConfig, extensions map[ExtensionType]Extension) (*Service, error) { +func NewService(db *reform.DB, portalClient *platform.Client, pmmVersion string, dus distributionUtilService, config ServiceConfig, extensions map[ExtensionType]Extension) (*Service, error) { if config.SaasHostname == "" { return nil, errors.New("empty host") } @@ -80,7 +78,6 @@ func NewService(db *reform.DB, portalClient *platform.Client, pmmVersion string, if err != nil { return nil, err } - dus := newDistributionUtilServiceImpl(distributionInfoFilePath, osInfoFilePath, l) s := &Service{ db: db, l: l, @@ -94,7 +91,7 @@ func NewService(db *reform.DB, portalClient *platform.Client, pmmVersion string, extensions: extensions, } - s.sDistributionMethod, s.tDistributionMethod, s.os = dus.getDistributionMethodAndOS() + s.sDistributionMethod, s.tDistributionMethod, s.os = dus.GetDistributionMethodAndOS() s.dataSourcesMap = s.locateDataSources(config.telemetry) return s, nil @@ -360,7 +357,7 @@ func (s *Service) makeMetric(ctx context.Context) (*pmmv1.ServerMetric, error) { if err != nil { return nil, errors.Wrapf(err, "failed to decode UUID %s", serverIDToUse) } - _, distMethod, _ := s.dus.getDistributionMethodAndOS() + _, distMethod, _ := s.dus.GetDistributionMethodAndOS() eventID := uuid.New() return &pmmv1.ServerMetric{ diff --git a/managed/services/telemetry/telemetry_test.go b/managed/services/telemetry/telemetry_test.go index 4de3244245..85cd24158a 100644 --- a/managed/services/telemetry/telemetry_test.go +++ b/managed/services/telemetry/telemetry_test.go @@ -34,6 +34,7 @@ import ( "github.com/percona/pmm/api/serverpb" "github.com/percona/pmm/managed/models" + "github.com/percona/pmm/managed/utils/distribution" "github.com/percona/pmm/managed/utils/testdb" ) @@ -258,7 +259,7 @@ func getServiceConfig(pgPortHost string, qanDSN string, vmDSN string) ServiceCon return serviceConfig } -func getDistributionUtilService(t *testing.T, l *logrus.Entry) *distributionUtilServiceImpl { +func getDistributionUtilService(t *testing.T, l *logrus.Entry) distributionUtilService { t.Helper() const ( tmpDistributionFile = "/tmp/distribution" @@ -269,7 +270,7 @@ func getDistributionUtilService(t *testing.T, l *logrus.Entry) *distributionUtil assert.Fail(t, "cannot write to file: ", err) return nil } - dus := newDistributionUtilServiceImpl(tmpDistributionFile, osInfoFilePath, l) + dus := distribution.NewService(tmpDistributionFile, "/proc/version", l) return dus } diff --git a/managed/services/telemetry/distribution_util.go b/managed/utils/distribution/distribution_util.go similarity index 87% rename from managed/services/telemetry/distribution_util.go rename to managed/utils/distribution/distribution_util.go index 7c27be9d3e..41d17f44a6 100644 --- a/managed/services/telemetry/distribution_util.go +++ b/managed/utils/distribution/distribution_util.go @@ -13,7 +13,7 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . -package telemetry +package distribution import ( "bytes" @@ -26,22 +26,22 @@ import ( "github.com/percona/pmm/api/serverpb" ) -type distributionUtilServiceImpl struct { +type Service struct { distributionInfoFilePath string osInfoFilePath string l *logrus.Entry } -func newDistributionUtilServiceImpl(distributionFilePath, osInfoFilePath string, l *logrus.Entry) *distributionUtilServiceImpl { - return &distributionUtilServiceImpl{ +func NewService(distributionFilePath, osInfoFilePath string, l *logrus.Entry) *Service { + return &Service{ distributionInfoFilePath: distributionFilePath, osInfoFilePath: osInfoFilePath, l: l, } } -func (d distributionUtilServiceImpl) getDistributionMethodAndOS() (serverpb.DistributionMethod, pmmv1.DistributionMethod, string) { +func (d Service) GetDistributionMethodAndOS() (serverpb.DistributionMethod, pmmv1.DistributionMethod, string) { b, err := os.ReadFile(d.distributionInfoFilePath) if err != nil { d.l.Debugf("Failed to read %s: %s", d.distributionInfoFilePath, err) @@ -85,7 +85,7 @@ var procVersionRegexps = []pair{ } // getLinuxDistribution detects Linux distribution and version from /proc/version information. -func (d distributionUtilServiceImpl) getLinuxDistribution(procVersion string) string { +func (d Service) getLinuxDistribution(procVersion string) string { for _, p := range procVersionRegexps { match := p.re.FindStringSubmatchIndex(procVersion) if match != nil { diff --git a/managed/services/telemetry/distribution_util_test.go b/managed/utils/distribution/distribution_util_test.go similarity index 93% rename from managed/services/telemetry/distribution_util_test.go rename to managed/utils/distribution/distribution_util_test.go index 8d9247dc1a..de559f6946 100644 --- a/managed/services/telemetry/distribution_util_test.go +++ b/managed/utils/distribution/distribution_util_test.go @@ -13,7 +13,7 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . -package telemetry +package distribution import ( "os" @@ -132,11 +132,13 @@ func Test_distributionUtilServiceImpl_getDistributionMethodAndOS(t *testing.T) { tmpOsInfoFilePath = f2.Name() } - d := newDistributionUtilServiceImpl(tmpDistributionFilePath, tmpOsInfoFilePath, logEntry) - got, got1, got2 := d.getDistributionMethodAndOS() - assert.Equalf(t, tt.want, got, "getDistributionMethodAndOS() serverpb.DistributionMethod") - assert.Equalf(t, tt.want1, got1, "getDistributionMethodAndOS() pmmv1.DistributionMethod") - assert.Equalf(t, tt.want2, got2, "getDistributionMethodAndOS() name") + d := NewService(logEntry) + d.distributionInfoFilePath = tmpDistributionFilePath + d.osInfoFilePath = tmpOsInfoFilePath + got, got1, got2 := d.GetDistributionMethodAndOS() + assert.Equalf(t, tt.want, got, "GetDistributionMethodAndOS() serverpb.DistributionMethod") + assert.Equalf(t, tt.want1, got1, "GetDistributionMethodAndOS() pmmv1.DistributionMethod") + assert.Equalf(t, tt.want2, got2, "GetDistributionMethodAndOS() name") }) } } @@ -228,7 +230,7 @@ func Test_distributionUtilServiceImpl_getLinuxDistribution(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() - d := distributionUtilServiceImpl{ + d := Service{ distributionInfoFilePath: tmpDistributionFile, osInfoFilePath: tmpOsInfoFilePath, l: logEntry, From 9a952684c65951631e2655b77c8d4d8adb83845a Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Wed, 17 Jul 2024 00:48:43 +0300 Subject: [PATCH 12/64] PMM-13053 Set instance ID as password. --- build/packer/ansible/pmm.yml | 3 ++- .../roles/init-admin-password/tasks/main.yml | 26 +++++++++++++++++++ .../templates/init-admin-password | 24 +++++++++++++++++ .../templates/init-admin-password.service | 18 +++++++++++++ .../ansible/roles/lvm-init/vars/main.yml | 2 +- .../ansible/roles/podman-setup/tasks/main.yml | 5 ++++ .../podman-setup/templates/pmm-server.service | 2 +- 7 files changed, 77 insertions(+), 3 deletions(-) create mode 100644 build/packer/ansible/roles/init-admin-password/tasks/main.yml create mode 100644 build/packer/ansible/roles/init-admin-password/templates/init-admin-password create mode 100644 build/packer/ansible/roles/init-admin-password/templates/init-admin-password.service diff --git a/build/packer/ansible/pmm.yml b/build/packer/ansible/pmm.yml index 572aa65feb..2f341ed27b 100644 --- a/build/packer/ansible/pmm.yml +++ b/build/packer/ansible/pmm.yml @@ -4,7 +4,8 @@ become: yes become_user: root roles: - - cloud-node - lvm-init + - cloud-node - podman-setup - ami-ovf + - init-admin-password diff --git a/build/packer/ansible/roles/init-admin-password/tasks/main.yml b/build/packer/ansible/roles/init-admin-password/tasks/main.yml new file mode 100644 index 0000000000..4e7bff7a36 --- /dev/null +++ b/build/packer/ansible/roles/init-admin-password/tasks/main.yml @@ -0,0 +1,26 @@ +- name: Copy watchtower systemd service file to user-specific directory + template: + src: init-admin-password + dest: /home/admin/init-admin-password + owner: admin + group: admin + mode: '0755' + +- name: Copy change-admin-password systemd service file to user-specific directory + template: + src: init-admin-password.service + dest: /home/admin/.config/systemd/user/ + owner: admin + group: admin + mode: '0644' + +- name: Enable and start watchtower container as a user service + command: systemctl --user enable --now change-admin-password + become: true + become_user: admin + environment: + DBUS_SESSION_BUS_ADDRESS: "unix:path=/run/user/{{ admin_user_id.stdout }}/bus" + +- name: Sleep for 1 minute + pause: + minutes: 1 diff --git a/build/packer/ansible/roles/init-admin-password/templates/init-admin-password b/build/packer/ansible/roles/init-admin-password/templates/init-admin-password new file mode 100644 index 0000000000..6b06a52b17 --- /dev/null +++ b/build/packer/ansible/roles/init-admin-password/templates/init-admin-password @@ -0,0 +1,24 @@ +#!/bin/sh + +PATH=/bin:/sbin +SOURCE= + +if [ -f /srv/firstboot ]; then + return 0 +fi + +if [ -f /var/lib/cloud/data/status.json ]; then + SOURCE=$( + cat /var/lib/cloud/data/status.json 2>/dev/null \ + | python -c 'import json, sys; print json.load(sys.stdin)["v1"]["datasource"];' 2>/dev/null + ) +fi + +if [ "x$SOURCE" = "xDataSourceEc2" ]; then + INSTANCE_ID=$(curl --connect-timeout 5 -s http://169.254.169.254/latest/meta-data/instance-id) + podman exec pmm-server change-admin-password $INSTANCE_ID +fi + +# Create the marker file +touch /srv/firstboot + diff --git a/build/packer/ansible/roles/init-admin-password/templates/init-admin-password.service b/build/packer/ansible/roles/init-admin-password/templates/init-admin-password.service new file mode 100644 index 0000000000..7382a88b4c --- /dev/null +++ b/build/packer/ansible/roles/init-admin-password/templates/init-admin-password.service @@ -0,0 +1,18 @@ +[Unit] +Description=init-admin-password +Wants=network-online.target +After=network-online.target +After=nss-user-lookup.target nss-lookup.target +After=time-sync.target +After=pmm-server.target + +[Service] +Restart=on-failure +RestartSec=20 +RemainAfterExit=true +Type=oneshot + +ExecStart=/home/admin/init-admin-password + +[Install] +WantedBy=default.target diff --git a/build/packer/ansible/roles/lvm-init/vars/main.yml b/build/packer/ansible/roles/lvm-init/vars/main.yml index 3568493682..fdcc103bf3 100644 --- a/build/packer/ansible/roles/lvm-init/vars/main.yml +++ b/build/packer/ansible/roles/lvm-init/vars/main.yml @@ -1,5 +1,5 @@ --- -data_partition: "/srv" +data_partition: "/home" create_admin: "true" enable_lvm: "true" single_disk: "false" diff --git a/build/packer/ansible/roles/podman-setup/tasks/main.yml b/build/packer/ansible/roles/podman-setup/tasks/main.yml index 5ed2e9370d..d79e3350f8 100644 --- a/build/packer/ansible/roles/podman-setup/tasks/main.yml +++ b/build/packer/ansible/roles/podman-setup/tasks/main.yml @@ -110,3 +110,8 @@ - name: Sleep for 1 minute pause: minutes: 1 + +- name: Copy distribution method into the container + command: podman cp /srv/pmm-distribution pmm-server:/srv/pmm-distribution + become: true + become_user: admin diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service index 09543ca77d..d33cd3d674 100644 --- a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service @@ -12,7 +12,7 @@ Restart=on-failure RestartSec=20 ExecStart=/usr/bin/podman run \ - --volume /srv/:/srv/ \ + --volume pmm-data:/srv/ \ --volume /home/admin/.ssh/:/home/pmm/.ssh/ \ --volume /home/admin/.config/:/home/pmm/config/ \ --rm --replace=true --name %N \ From 3e22b47d5670ec1ec8107de885c617c1bd8c8a52 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Wed, 17 Jul 2024 11:01:49 +0300 Subject: [PATCH 13/64] PMM-13053 Add role. --- build/packer/pmm.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/build/packer/pmm.json b/build/packer/pmm.json index 5fd2f79a43..29daa9a631 100644 --- a/build/packer/pmm.json +++ b/build/packer/pmm.json @@ -130,7 +130,8 @@ "packer/ansible/roles/lvm-init", "packer/ansible/roles/cloud-node", "packer/ansible/roles/podman-setup", - "packer/ansible/roles/ami-ovf" + "packer/ansible/roles/ami-ovf", + "packer/ansible/roles/init-admin-password" ] }, { From 4587acd3de9431d6c3dffa39393171b67d2a8c0d Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Wed, 17 Jul 2024 15:16:39 +0300 Subject: [PATCH 14/64] PMM-12940 volume mount. --- build/packer/ansible/roles/lvm-init/vars/main.yml | 2 +- .../ansible/roles/podman-setup/templates/pmm-server.service | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/build/packer/ansible/roles/lvm-init/vars/main.yml b/build/packer/ansible/roles/lvm-init/vars/main.yml index fdcc103bf3..8934b62d03 100644 --- a/build/packer/ansible/roles/lvm-init/vars/main.yml +++ b/build/packer/ansible/roles/lvm-init/vars/main.yml @@ -1,5 +1,5 @@ --- -data_partition: "/home" +data_partition: "/home/admin/volume" create_admin: "true" enable_lvm: "true" single_disk: "false" diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service index d33cd3d674..ce9f2891e6 100644 --- a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service @@ -12,7 +12,7 @@ Restart=on-failure RestartSec=20 ExecStart=/usr/bin/podman run \ - --volume pmm-data:/srv/ \ + --volume /home/admin/volume/srv:/srv \ --volume /home/admin/.ssh/:/home/pmm/.ssh/ \ --volume /home/admin/.config/:/home/pmm/config/ \ --rm --replace=true --name %N \ From 417fd7a43da5dbfce93c4d91d37f4bc44d6184b0 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Wed, 17 Jul 2024 16:28:00 +0300 Subject: [PATCH 15/64] PMM-12940 user mapping. --- .../ansible/roles/podman-setup/templates/pmm-server.service | 1 + 1 file changed, 1 insertion(+) diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service index ce9f2891e6..3851ee0e59 100644 --- a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service @@ -21,6 +21,7 @@ ExecStart=/usr/bin/podman run \ -e PMM_SERVER_UPDATE_VERSION=${PMM_SERVER_UPDATE_VERSION} \ --net pmm_default \ --cap-add=net_admin,net_raw \ + --userns=keep-id:uid=1000,gid=1000 \ -p 443:8443/tcp --ulimit=host ${PMM_IMAGE} ExecStop=/usr/bin/podman stop -t 10 %N From 8859127b75de3eb8066dd7f4c4825d6f4a4de216 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Wed, 17 Jul 2024 18:11:13 +0300 Subject: [PATCH 16/64] PMM-12940 fix init-admin-password script. --- build/packer/ansible/roles/init-admin-password/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/build/packer/ansible/roles/init-admin-password/tasks/main.yml b/build/packer/ansible/roles/init-admin-password/tasks/main.yml index 4e7bff7a36..098a644d59 100644 --- a/build/packer/ansible/roles/init-admin-password/tasks/main.yml +++ b/build/packer/ansible/roles/init-admin-password/tasks/main.yml @@ -14,8 +14,8 @@ group: admin mode: '0644' -- name: Enable and start watchtower container as a user service - command: systemctl --user enable --now change-admin-password +- name: Enable and start init-admin-password as a user service + command: systemctl --user enable --now init-admin-password become: true become_user: admin environment: From 284fab0b67e4cae674b0ed8bdafeb55b802396e1 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Wed, 17 Jul 2024 18:14:57 +0300 Subject: [PATCH 17/64] PMM-12940 fix roles init order. --- build/packer/ansible/pmm.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/packer/ansible/pmm.yml b/build/packer/ansible/pmm.yml index 2f341ed27b..d16325549e 100644 --- a/build/packer/ansible/pmm.yml +++ b/build/packer/ansible/pmm.yml @@ -6,6 +6,6 @@ roles: - lvm-init - cloud-node - - podman-setup - ami-ovf + - podman-setup - init-admin-password From 40852eb883f5bbac3629f4293b78440d2f08aa3e Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Wed, 17 Jul 2024 23:16:54 +0300 Subject: [PATCH 18/64] PMM-12940 fix roles init order. --- build/packer/ansible/pmm.yml | 2 +- .../packer/ansible/roles/{lvm-init => cloud-node}/vars/main.yml | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename build/packer/ansible/roles/{lvm-init => cloud-node}/vars/main.yml (100%) diff --git a/build/packer/ansible/pmm.yml b/build/packer/ansible/pmm.yml index d16325549e..e1be31ecfc 100644 --- a/build/packer/ansible/pmm.yml +++ b/build/packer/ansible/pmm.yml @@ -4,8 +4,8 @@ become: yes become_user: root roles: - - lvm-init - cloud-node + - lvm-init - ami-ovf - podman-setup - init-admin-password diff --git a/build/packer/ansible/roles/lvm-init/vars/main.yml b/build/packer/ansible/roles/cloud-node/vars/main.yml similarity index 100% rename from build/packer/ansible/roles/lvm-init/vars/main.yml rename to build/packer/ansible/roles/cloud-node/vars/main.yml From 1ed471fa0c6c45d78616d14af9cc4aaeb83b8cf0 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Wed, 17 Jul 2024 23:47:13 +0300 Subject: [PATCH 19/64] PMM-12940 Distribution method. --- .../ansible/roles/podman-setup/tasks/main.yml | 5 ----- .../podman-setup/templates/pmm-server.env | 1 + .../podman-setup/templates/pmm-server.service | 1 + managed/cmd/pmm-managed/main.go | 4 ++-- managed/services/server/server.go | 2 +- .../mock_distribution_util_service_test.go | 6 +++--- .../utils/distribution/distribution_util.go | 19 ++++++++++++------- managed/utils/envvars/parser.go | 2 +- 8 files changed, 21 insertions(+), 19 deletions(-) diff --git a/build/packer/ansible/roles/podman-setup/tasks/main.yml b/build/packer/ansible/roles/podman-setup/tasks/main.yml index d79e3350f8..5ed2e9370d 100644 --- a/build/packer/ansible/roles/podman-setup/tasks/main.yml +++ b/build/packer/ansible/roles/podman-setup/tasks/main.yml @@ -110,8 +110,3 @@ - name: Sleep for 1 minute pause: minutes: 1 - -- name: Copy distribution method into the container - command: podman cp /srv/pmm-distribution pmm-server:/srv/pmm-distribution - become: true - become_user: admin diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.env b/build/packer/ansible/roles/podman-setup/templates/pmm-server.env index bb0851de50..ce1d07d92d 100644 --- a/build/packer/ansible/roles/podman-setup/templates/pmm-server.env +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.env @@ -2,3 +2,4 @@ PMM_WATCHTOWER_HOST="http://watchtower:8080" PMM_WATCHTOWER_TOKEN=123 PMM_SERVER_UPDATE_VERSION="docker.io/perconalab/pmm-server:3-dev-container" PMM_IMAGE="docker.io/perconalab/pmm-server:3-dev-latest" +PMM_DISTRIBUTION_METHOD="ami" \ No newline at end of file diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service index 3851ee0e59..9f43b7ec4a 100644 --- a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service @@ -19,6 +19,7 @@ ExecStart=/usr/bin/podman run \ -e PMM_WATCHTOWER_HOST=${PMM_WATCHTOWER_HOST} \ -e PMM_WATCHTOWER_TOKEN=${PMM_WATCHTOWER_TOKEN} \ -e PMM_SERVER_UPDATE_VERSION=${PMM_SERVER_UPDATE_VERSION} \ + -e PMM_DISTRIBUTION_METHOD=${PMM_DISTRIBUTION_METHOD} \ --net pmm_default \ --cap-add=net_admin,net_raw \ --userns=keep-id:uid=1000,gid=1000 \ diff --git a/managed/cmd/pmm-managed/main.go b/managed/cmd/pmm-managed/main.go index 840caca956..c7a4eaec78 100644 --- a/managed/cmd/pmm-managed/main.go +++ b/managed/cmd/pmm-managed/main.go @@ -21,12 +21,11 @@ import ( "database/sql" _ "expvar" // register /debug/vars "fmt" - "github.com/percona/pmm/managed/utils/distribution" "html/template" "log" "net" "net/http" - _ "net/http/pprof" //nolint:gosec // register /debug/pprof + _ "net/http/pprof" "net/url" "os" "os/signal" @@ -105,6 +104,7 @@ import ( "github.com/percona/pmm/managed/services/victoriametrics" "github.com/percona/pmm/managed/services/vmalert" "github.com/percona/pmm/managed/utils/clean" + "github.com/percona/pmm/managed/utils/distribution" "github.com/percona/pmm/managed/utils/envvars" "github.com/percona/pmm/managed/utils/interceptors" platformClient "github.com/percona/pmm/managed/utils/platform" diff --git a/managed/services/server/server.go b/managed/services/server/server.go index 36f4f325f6..4b4ffb936c 100644 --- a/managed/services/server/server.go +++ b/managed/services/server/server.go @@ -21,7 +21,6 @@ import ( "crypto/subtle" "encoding/json" "fmt" - "github.com/percona/pmm/managed/utils/distribution" "os" "os/user" "path" @@ -43,6 +42,7 @@ import ( "github.com/percona/pmm/api/serverpb" "github.com/percona/pmm/managed/models" + "github.com/percona/pmm/managed/utils/distribution" "github.com/percona/pmm/managed/utils/envvars" "github.com/percona/pmm/version" ) diff --git a/managed/services/telemetry/mock_distribution_util_service_test.go b/managed/services/telemetry/mock_distribution_util_service_test.go index a98e31648d..4b2635038c 100644 --- a/managed/services/telemetry/mock_distribution_util_service_test.go +++ b/managed/services/telemetry/mock_distribution_util_service_test.go @@ -14,12 +14,12 @@ type mockDistributionUtilService struct { mock.Mock } -// getDistributionMethodAndOS provides a mock function with given fields: -func (_m *mockDistributionUtilService) getDistributionMethodAndOS() (serverpb.DistributionMethod, pmmv1.DistributionMethod, string) { +// GetDistributionMethodAndOS provides a mock function with given fields: +func (_m *mockDistributionUtilService) GetDistributionMethodAndOS() (serverpb.DistributionMethod, pmmv1.DistributionMethod, string) { ret := _m.Called() if len(ret) == 0 { - panic("no return value specified for getDistributionMethodAndOS") + panic("no return value specified for GetDistributionMethodAndOS") } var r0 serverpb.DistributionMethod diff --git a/managed/utils/distribution/distribution_util.go b/managed/utils/distribution/distribution_util.go index 41d17f44a6..1af35edc35 100644 --- a/managed/utils/distribution/distribution_util.go +++ b/managed/utils/distribution/distribution_util.go @@ -42,13 +42,17 @@ func NewService(distributionFilePath, osInfoFilePath string, l *logrus.Entry) *S } func (d Service) GetDistributionMethodAndOS() (serverpb.DistributionMethod, pmmv1.DistributionMethod, string) { - b, err := os.ReadFile(d.distributionInfoFilePath) - if err != nil { - d.l.Debugf("Failed to read %s: %s", d.distributionInfoFilePath, err) - } + dm := os.Getenv("PMM_DISTRIBUTION_METHOD") + if dm == "" { + b, err := os.ReadFile(d.distributionInfoFilePath) + if err != nil { + d.l.Debugf("Failed to read %s: %s", d.distributionInfoFilePath, err) + } - b = bytes.ToLower(bytes.TrimSpace(b)) - switch string(b) { + b = bytes.ToLower(bytes.TrimSpace(b)) + dm = string(b) + } + switch dm { case "ovf": return serverpb.DistributionMethod_OVF, pmmv1.DistributionMethod_OVF, "ovf" case "ami": @@ -58,7 +62,8 @@ func (d Service) GetDistributionMethodAndOS() (serverpb.DistributionMethod, pmmv case "digitalocean": return serverpb.DistributionMethod_DO, pmmv1.DistributionMethod_DO, "digitalocean" case "docker", "": // /srv/pmm-distribution does not exist in PMM 2.0. - if b, err = os.ReadFile(d.osInfoFilePath); err != nil { + b, err := os.ReadFile(d.osInfoFilePath) + if err != nil { d.l.Debugf("Failed to read %s: %s", d.osInfoFilePath, err) } return serverpb.DistributionMethod_DOCKER, pmmv1.DistributionMethod_DOCKER, d.getLinuxDistribution(string(b)) diff --git a/managed/utils/envvars/parser.go b/managed/utils/envvars/parser.go index 7868117eed..35c7db5387 100644 --- a/managed/utils/envvars/parser.go +++ b/managed/utils/envvars/parser.go @@ -161,7 +161,7 @@ func ParseEnvVars(envs []string) (*models.ChangeSettingsParams, []error, []strin err = fmt.Errorf("invalid value %q for environment variable %q", v, k) } - case "PMM_INSTALL_METHOD": + case "PMM_INSTALL_METHOD", "PMM_DISTRIBUTION_METHOD": continue case envEnableAccessControl: From 43c402440404f413c04065ecd2adc493f8b95490 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Thu, 18 Jul 2024 00:20:51 +0300 Subject: [PATCH 20/64] PMM-12940 Make init-admin-password work. --- .../ansible/roles/cloud-node/files/show-url | 3 +-- .../templates/init-admin-password | 27 ++++++++++++++----- 2 files changed, 22 insertions(+), 8 deletions(-) diff --git a/build/packer/ansible/roles/cloud-node/files/show-url b/build/packer/ansible/roles/cloud-node/files/show-url index a72488a9b0..c7f3f13410 100644 --- a/build/packer/ansible/roles/cloud-node/files/show-url +++ b/build/packer/ansible/roles/cloud-node/files/show-url @@ -5,8 +5,7 @@ SOURCE= if [ -f /var/lib/cloud/data/status.json ]; then SOURCE=$( - cat /var/lib/cloud/data/status.json 2>/dev/null \ - | python -c 'import json, sys; print json.load(sys.stdin)["v1"]["datasource"];' 2>/dev/null + cat /var/lib/cloud/data/status.json 2>/dev/null | jq -r '.v1.datasource' 2>/dev/null ) fi diff --git a/build/packer/ansible/roles/init-admin-password/templates/init-admin-password b/build/packer/ansible/roles/init-admin-password/templates/init-admin-password index 6b06a52b17..e510ae6426 100644 --- a/build/packer/ansible/roles/init-admin-password/templates/init-admin-password +++ b/build/packer/ansible/roles/init-admin-password/templates/init-admin-password @@ -2,23 +2,38 @@ PATH=/bin:/sbin SOURCE= +# Name of the container to check +CONTAINER_NAME="pmm-server" -if [ -f /srv/firstboot ]; then - return 0 +# Function to check if the container is running +is_container_running() { + podman inspect -f '{{.State.Running}}' "$CONTAINER_NAME" 2>/dev/null +} + +if [ -f /home/admin/firstboot ]; then + echo "exiting, already was executed" + exit fi if [ -f /var/lib/cloud/data/status.json ]; then SOURCE=$( - cat /var/lib/cloud/data/status.json 2>/dev/null \ - | python -c 'import json, sys; print json.load(sys.stdin)["v1"]["datasource"];' 2>/dev/null + cat /var/lib/cloud/data/status.json 2>/dev/null | jq -r '.v1.datasource' 2>/dev/null ) fi -if [ "x$SOURCE" = "xDataSourceEc2" ]; then +if [ "x$SOURCE" = "xDataSourceEc2Local" ]; then + # Loop until the container is running + echo "Waiting for container '$CONTAINER_NAME' to start..." + while [ "$(is_container_running)" != "true" ]; do + sleep 1 + done + + echo "Container '$CONTAINER_NAME' is now running." + INSTANCE_ID=$(curl --connect-timeout 5 -s http://169.254.169.254/latest/meta-data/instance-id) podman exec pmm-server change-admin-password $INSTANCE_ID fi # Create the marker file -touch /srv/firstboot +touch /home/admin/firstboot From c99534aff479f032a6e02def07451d66a80f0eb0 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Thu, 18 Jul 2024 00:30:33 +0300 Subject: [PATCH 21/64] PMM-12940 Make init-admin-password wait until container is healthy. --- .../templates/init-admin-password | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/build/packer/ansible/roles/init-admin-password/templates/init-admin-password b/build/packer/ansible/roles/init-admin-password/templates/init-admin-password index e510ae6426..19f7e2af5b 100644 --- a/build/packer/ansible/roles/init-admin-password/templates/init-admin-password +++ b/build/packer/ansible/roles/init-admin-password/templates/init-admin-password @@ -10,6 +10,11 @@ is_container_running() { podman inspect -f '{{.State.Running}}' "$CONTAINER_NAME" 2>/dev/null } +# Function to check container health status +container_health_status() { + podman inspect -f '{{.State.Health.Status}}' "$CONTAINER_NAME" 2>/dev/null +} + if [ -f /home/admin/firstboot ]; then echo "exiting, already was executed" exit @@ -30,6 +35,14 @@ if [ "x$SOURCE" = "xDataSourceEc2Local" ]; then echo "Container '$CONTAINER_NAME' is now running." + # Loop until the container is healthy + echo "Waiting for container '$CONTAINER_NAME' to become healthy..." + while [ "$(container_health_status)" != "healthy" ]; do + sleep 1 + done + + echo "Container '$CONTAINER_NAME' is now healthy." + INSTANCE_ID=$(curl --connect-timeout 5 -s http://169.254.169.254/latest/meta-data/instance-id) podman exec pmm-server change-admin-password $INSTANCE_ID fi From cd74ec908d63f52533dbda8ef1b319d33cbc2eb1 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Thu, 18 Jul 2024 00:54:32 +0300 Subject: [PATCH 22/64] PMM-12940 PMM init order. --- build/packer/ansible/pmm.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/packer/ansible/pmm.yml b/build/packer/ansible/pmm.yml index e1be31ecfc..4c09161ba8 100644 --- a/build/packer/ansible/pmm.yml +++ b/build/packer/ansible/pmm.yml @@ -6,6 +6,6 @@ roles: - cloud-node - lvm-init - - ami-ovf - podman-setup + - ami-ovf - init-admin-password From 0a305568df24075d906fb783ee9fd95940913715 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Thu, 18 Jul 2024 01:09:57 +0300 Subject: [PATCH 23/64] PMM-12940 fix init-admin-password ansible job. --- .../{templates => files}/init-admin-password | 0 .../{templates => files}/init-admin-password.service | 0 build/packer/ansible/roles/init-admin-password/tasks/main.yml | 4 ++-- 3 files changed, 2 insertions(+), 2 deletions(-) rename build/packer/ansible/roles/init-admin-password/{templates => files}/init-admin-password (100%) rename build/packer/ansible/roles/init-admin-password/{templates => files}/init-admin-password.service (100%) diff --git a/build/packer/ansible/roles/init-admin-password/templates/init-admin-password b/build/packer/ansible/roles/init-admin-password/files/init-admin-password similarity index 100% rename from build/packer/ansible/roles/init-admin-password/templates/init-admin-password rename to build/packer/ansible/roles/init-admin-password/files/init-admin-password diff --git a/build/packer/ansible/roles/init-admin-password/templates/init-admin-password.service b/build/packer/ansible/roles/init-admin-password/files/init-admin-password.service similarity index 100% rename from build/packer/ansible/roles/init-admin-password/templates/init-admin-password.service rename to build/packer/ansible/roles/init-admin-password/files/init-admin-password.service diff --git a/build/packer/ansible/roles/init-admin-password/tasks/main.yml b/build/packer/ansible/roles/init-admin-password/tasks/main.yml index 098a644d59..826d4c50ef 100644 --- a/build/packer/ansible/roles/init-admin-password/tasks/main.yml +++ b/build/packer/ansible/roles/init-admin-password/tasks/main.yml @@ -1,5 +1,5 @@ - name: Copy watchtower systemd service file to user-specific directory - template: + copy: src: init-admin-password dest: /home/admin/init-admin-password owner: admin @@ -7,7 +7,7 @@ mode: '0755' - name: Copy change-admin-password systemd service file to user-specific directory - template: + copy: src: init-admin-password.service dest: /home/admin/.config/systemd/user/ owner: admin From 9747740d15489c7b3e1672cdf8a4813240276665 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Thu, 18 Jul 2024 01:37:14 +0300 Subject: [PATCH 24/64] PMM-12940 revert moving of lvm-init. --- build/packer/ansible/roles/{cloud-node => lvm-init}/vars/main.yml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename build/packer/ansible/roles/{cloud-node => lvm-init}/vars/main.yml (100%) diff --git a/build/packer/ansible/roles/cloud-node/vars/main.yml b/build/packer/ansible/roles/lvm-init/vars/main.yml similarity index 100% rename from build/packer/ansible/roles/cloud-node/vars/main.yml rename to build/packer/ansible/roles/lvm-init/vars/main.yml From e7450cc9817f45aef254dea3115b57543e29e2d0 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Thu, 18 Jul 2024 03:08:46 +0300 Subject: [PATCH 25/64] PMM-12940 home directory and initialization. --- build/docker/server/entrypoint.sh | 12 ++++++++---- .../ansible/roles/podman-setup/tasks/main.yml | 14 +++++++++++--- .../roles/podman-setup/templates/pmm-server.env | 1 - .../podman-setup/templates/pmm-server.service | 1 - 4 files changed, 19 insertions(+), 9 deletions(-) diff --git a/build/docker/server/entrypoint.sh b/build/docker/server/entrypoint.sh index 51f79746dd..df4d994154 100755 --- a/build/docker/server/entrypoint.sh +++ b/build/docker/server/entrypoint.sh @@ -9,10 +9,9 @@ if [ ! -w /srv ]; then fi # Initialize /srv if empty -DIST_FILE=/srv/pmm-distribution -if [ ! -f $DIST_FILE ]; then - echo "File $DIST_FILE doesn't exist. Initializing /srv..." - echo docker > $DIST_FILE +INIT_FILE=/srv/initialized +if [ ! -f INIT_FILE ]; then + echo "Initializing /srv..." mkdir -p /srv/{backup,clickhouse,grafana,logs,nginx,postgres14,prometheus,victoriametrics} echo "Copying grafana plugins and the VERSION file..." cp -r /usr/share/percona-dashboards/panels/* /srv/grafana/plugins @@ -30,6 +29,11 @@ if [ ! -f $DIST_FILE ]; then /usr/pgsql-14/bin/createuser --echo --superuser --host=/run/postgresql --no-password postgres /usr/bin/psql postgres postgres -c 'CREATE EXTENSION pg_stat_statements SCHEMA public' /usr/pgsql-14/bin/pg_ctl stop -D /srv/postgres14 + touch $INIT_FILE +fi +DIST_FILE=/srv/pmm-distribution +if [ ! -f $DIST_FILE ]; then + echo "docker" > $DIST_FILE fi # pmm-managed-init validates environment variables. diff --git a/build/packer/ansible/roles/podman-setup/tasks/main.yml b/build/packer/ansible/roles/podman-setup/tasks/main.yml index 5ed2e9370d..0f4389ae6c 100644 --- a/build/packer/ansible/roles/podman-setup/tasks/main.yml +++ b/build/packer/ansible/roles/podman-setup/tasks/main.yml @@ -1,8 +1,16 @@ +- name: Create user-specific volume directory + file: + path: /home/admin/volume/srv/ + state: directory + owner: admin + group: admin + mode: '0755' + - name: Set distribution for OVF when: ansible_virtualization_type == "virtualbox" copy: content: ovf - dest: /srv/pmm-distribution + dest: /home/admin/volume/srv/pmm-distribution - name: Set distribution for AMI when: > @@ -11,13 +19,13 @@ and ansible_system_vendor != "DigitalOcean" copy: content: ami - dest: /srv/pmm-distribution + dest: /home/admin/volume/srv/pmm-distribution - name: Change file owner when: ansible_virtualization_type == "virtualbox" or ( (ansible_virtualization_type == "xen" or ansible_virtualization_type == "kvm") and ansible_system_vendor != "DigitalOcean" ) file: - path: /srv/pmm-distribution + path: /home/admin/volume/srv/pmm-distribution owner: admin state: file diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.env b/build/packer/ansible/roles/podman-setup/templates/pmm-server.env index ce1d07d92d..bb0851de50 100644 --- a/build/packer/ansible/roles/podman-setup/templates/pmm-server.env +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.env @@ -2,4 +2,3 @@ PMM_WATCHTOWER_HOST="http://watchtower:8080" PMM_WATCHTOWER_TOKEN=123 PMM_SERVER_UPDATE_VERSION="docker.io/perconalab/pmm-server:3-dev-container" PMM_IMAGE="docker.io/perconalab/pmm-server:3-dev-latest" -PMM_DISTRIBUTION_METHOD="ami" \ No newline at end of file diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service index 9f43b7ec4a..3851ee0e59 100644 --- a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service @@ -19,7 +19,6 @@ ExecStart=/usr/bin/podman run \ -e PMM_WATCHTOWER_HOST=${PMM_WATCHTOWER_HOST} \ -e PMM_WATCHTOWER_TOKEN=${PMM_WATCHTOWER_TOKEN} \ -e PMM_SERVER_UPDATE_VERSION=${PMM_SERVER_UPDATE_VERSION} \ - -e PMM_DISTRIBUTION_METHOD=${PMM_DISTRIBUTION_METHOD} \ --net pmm_default \ --cap-add=net_admin,net_raw \ --userns=keep-id:uid=1000,gid=1000 \ From 14406bb11cae73b38c5ff1433a196ebdd0371983 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Thu, 18 Jul 2024 04:34:29 +0300 Subject: [PATCH 26/64] PMM-12940 home directory and initialization. --- .../roles/initialization/tasks/main.yml | 119 +++++++++++------- build/docker/server/entrypoint.sh | 2 - .../podman-setup/templates/pmm-server.env | 1 + .../podman-setup/templates/pmm-server.service | 1 + 4 files changed, 74 insertions(+), 49 deletions(-) diff --git a/build/ansible/roles/initialization/tasks/main.yml b/build/ansible/roles/initialization/tasks/main.yml index 4cb85312f7..42854c7575 100644 --- a/build/ansible/roles/initialization/tasks/main.yml +++ b/build/ansible/roles/initialization/tasks/main.yml @@ -36,52 +36,77 @@ - name: Print need_upgrade fact debug: msg: "Need upgrade: {{ need_upgrade }}" +- name: Initialization needed + set_fact: + initialization_needed: "{{ pmm_current_version == '0.0' }}" -- name: Perform upgrade tasks +- name: Perform upgrade & init tasks block: - - name: Enable maintenance mode before upgrade - copy: - src: maintenance.html - dest: /usr/share/pmm-server/maintenance/ - owner: pmm - group: pmm - mode: 0644 - - - name: Upgrade dashboards - include_role: - name: dashboards - - - name: Copy file with image version - copy: - src: /usr/share/percona-dashboards/VERSION - dest: /srv/grafana/PERCONA_DASHBOARDS_VERSION - owner: pmm - group: pmm - mode: 0644 - remote_src: yes - - - name: Create a backup directory - file: - path: /srv/backup - state: directory - owner: pmm - group: pmm - mode: 0775 - - # Note: we want to leave this for some time until we achieve stable builds - - name: Output pmm-managed logs - shell: sleep 10 && tail -n 300 /srv/logs/pmm-managed.log - - - name: Wait for PMM to be ready - ansible.builtin.uri: - url: "http://127.0.0.1:7772/v1/readyz" - status_code: 200 - method: GET - retries: 20 - delay: 5 - - - name: Disable maintenance mode - file: - state: absent - path: /usr/share/pmm-server/maintenance/maintenance.html - when: need_upgrade + - name: Enable maintenance mode before upgrade + copy: + src: maintenance.html + dest: /usr/share/pmm-server/maintenance/ + owner: pmm + group: pmm + mode: 0644 + + - name: Create grafana DB + block: + - name: Create grafana database in postgres + postgresql_db: + name: grafana + login_user: postgres + state: present + when: initialization_needed + + - name: Create grafana user in postgres + postgresql_user: + db: grafana + name: grafana + password: grafana + priv: 'ALL' + expires: infinity + login_user: postgres + state: present + when: not ansible_check_mode + when: lookup('env','GF_DATABASE_URL') == '' and lookup('env','GF_DATABASE_HOST') == '' and initialization_needed + + - name: Upgrade/Install dashboards + include_role: + name: dashboards + + - name: Copy file with image version + copy: + src: /usr/share/percona-dashboards/VERSION + dest: /srv/grafana/PERCONA_DASHBOARDS_VERSION + owner: pmm + group: pmm + mode: 0644 + remote_src: yes + + - name: Create a backup directory + file: + path: /srv/backup + state: directory + owner: pmm + group: pmm + mode: 0775 + when: upgrade_needed + + # Note: we want to leave this for some time until we achieve stable builds + - name: Output pmm-managed logs + shell: sleep 10 && tail -n 300 /srv/logs/pmm-managed.log + + - name: Wait for PMM to be ready + ansible.builtin.uri: + url: "http://127.0.0.1:7772/v1/readyz" + status_code: 200 + method: GET + retries: 20 + delay: 5 + + - name: Disable maintenance mode + file: + state: absent + path: /usr/share/pmm-server/maintenance/maintenance.html + when: initialization_needed or need_upgrade diff --git a/build/docker/server/entrypoint.sh b/build/docker/server/entrypoint.sh index df4d994154..f7d9582e1b 100755 --- a/build/docker/server/entrypoint.sh +++ b/build/docker/server/entrypoint.sh @@ -25,8 +25,6 @@ if [ ! -f INIT_FILE ]; then echo "Enabling pg_stat_statements extension for PostgreSQL..." /usr/pgsql-14/bin/pg_ctl start -D /srv/postgres14 -o '-c logging_collector=off' - # We create the postgres user with superuser privileges to not break the code that connects pmm-managed to postgres. - /usr/pgsql-14/bin/createuser --echo --superuser --host=/run/postgresql --no-password postgres /usr/bin/psql postgres postgres -c 'CREATE EXTENSION pg_stat_statements SCHEMA public' /usr/pgsql-14/bin/pg_ctl stop -D /srv/postgres14 touch $INIT_FILE diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.env b/build/packer/ansible/roles/podman-setup/templates/pmm-server.env index bb0851de50..ce1d07d92d 100644 --- a/build/packer/ansible/roles/podman-setup/templates/pmm-server.env +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.env @@ -2,3 +2,4 @@ PMM_WATCHTOWER_HOST="http://watchtower:8080" PMM_WATCHTOWER_TOKEN=123 PMM_SERVER_UPDATE_VERSION="docker.io/perconalab/pmm-server:3-dev-container" PMM_IMAGE="docker.io/perconalab/pmm-server:3-dev-latest" +PMM_DISTRIBUTION_METHOD="ami" \ No newline at end of file diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service index 3851ee0e59..9f43b7ec4a 100644 --- a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service @@ -19,6 +19,7 @@ ExecStart=/usr/bin/podman run \ -e PMM_WATCHTOWER_HOST=${PMM_WATCHTOWER_HOST} \ -e PMM_WATCHTOWER_TOKEN=${PMM_WATCHTOWER_TOKEN} \ -e PMM_SERVER_UPDATE_VERSION=${PMM_SERVER_UPDATE_VERSION} \ + -e PMM_DISTRIBUTION_METHOD=${PMM_DISTRIBUTION_METHOD} \ --net pmm_default \ --cap-add=net_admin,net_raw \ --userns=keep-id:uid=1000,gid=1000 \ From 83c4801f1003c67e9a6ff77f7cb4cf9e1a315a07 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Thu, 18 Jul 2024 04:36:12 +0300 Subject: [PATCH 27/64] PMM-12940 Fix test. --- managed/utils/distribution/distribution_util_test.go | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/managed/utils/distribution/distribution_util_test.go b/managed/utils/distribution/distribution_util_test.go index de559f6946..725b7565cc 100644 --- a/managed/utils/distribution/distribution_util_test.go +++ b/managed/utils/distribution/distribution_util_test.go @@ -132,9 +132,7 @@ func Test_distributionUtilServiceImpl_getDistributionMethodAndOS(t *testing.T) { tmpOsInfoFilePath = f2.Name() } - d := NewService(logEntry) - d.distributionInfoFilePath = tmpDistributionFilePath - d.osInfoFilePath = tmpOsInfoFilePath + d := NewService(tmpDistributionFilePath, tmpOsInfoFilePath, logEntry) got, got1, got2 := d.GetDistributionMethodAndOS() assert.Equalf(t, tt.want, got, "GetDistributionMethodAndOS() serverpb.DistributionMethod") assert.Equalf(t, tt.want1, got1, "GetDistributionMethodAndOS() pmmv1.DistributionMethod") From 1d877807d30c0b38e297d2e7567b226a0249753d Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Thu, 18 Jul 2024 18:08:39 +0300 Subject: [PATCH 28/64] PMM-12940 Fix initizalization. --- build/ansible/roles/initialization/tasks/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/build/ansible/roles/initialization/tasks/main.yml b/build/ansible/roles/initialization/tasks/main.yml index 65c52bb709..28705d0b41 100644 --- a/build/ansible/roles/initialization/tasks/main.yml +++ b/build/ansible/roles/initialization/tasks/main.yml @@ -38,7 +38,7 @@ msg: "Need upgrade: {{ need_upgrade }}" - name: Initialization needed set_fact: - initialization_needed: "{{ pmm_current_version == '0.0' }}" + need_initialization: "{{ pmm_current_version == '0.0' }}" - name: Perform upgrade & init tasks block: @@ -69,7 +69,7 @@ login_user: postgres state: present when: not ansible_check_mode - when: lookup('env','GF_DATABASE_URL') == '' and lookup('env','GF_DATABASE_HOST') == '' and initialization_needed + when: lookup('env','GF_DATABASE_URL') == '' and lookup('env','GF_DATABASE_HOST') == '' and need_initialization - name: Upgrade/Install dashboards include_role: @@ -91,7 +91,7 @@ owner: pmm group: pmm mode: 0775 - when: upgrade_needed + when: need_upgrade # Note: we want to leave this for some time until we achieve stable builds - name: Output pmm-managed logs @@ -109,4 +109,4 @@ file: state: absent path: /usr/share/pmm-server/maintenance/maintenance.html - when: initialization_needed or need_upgrade + when: need_initialization or need_upgrade From 723c04425ee15842439a4aa80fe70258628af2d2 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Thu, 18 Jul 2024 22:28:40 +0300 Subject: [PATCH 29/64] PMM-12940 Fix build. --- managed/services/server/server.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/managed/services/server/server.go b/managed/services/server/server.go index b5a886a306..16d53f8f7c 100644 --- a/managed/services/server/server.go +++ b/managed/services/server/server.go @@ -669,7 +669,7 @@ func (s *Server) writeSSHKey(sshKey string) error { defer s.sshKeyM.Unlock() distributionMethod := s.telemetryService.DistributionMethod() - if distributionMethod != serverpb.DistributionMethod_AMI && distributionMethod != serverpb.DistributionMethod_OVF { + if distributionMethod != serverv1.DistributionMethod_DISTRIBUTION_METHOD_AMI && distributionMethod != serverv1.DistributionMethod_DISTRIBUTION_METHOD_OVF { return errors.New("SSH key can be set only on AMI and OVF distributions") } From 04a05e6867b0fca516e1ec9a54c192e5f1cef857 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Thu, 18 Jul 2024 22:53:14 +0300 Subject: [PATCH 30/64] PMM-12940 Fix build. --- build/ansible/roles/initialization/tasks/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/build/ansible/roles/initialization/tasks/main.yml b/build/ansible/roles/initialization/tasks/main.yml index 28705d0b41..58318319a6 100644 --- a/build/ansible/roles/initialization/tasks/main.yml +++ b/build/ansible/roles/initialization/tasks/main.yml @@ -57,7 +57,6 @@ name: grafana login_user: postgres state: present - when: initialization_needed - name: Create grafana user in postgres postgresql_user: From e62a1486696cccf96a7902617b3b02c7c80dfd6d Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Thu, 18 Jul 2024 23:15:50 +0300 Subject: [PATCH 31/64] PMM-12940 Fix linters. --- managed/cmd/pmm-managed/main.go | 2 +- managed/utils/distribution/distribution_util.go | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/managed/cmd/pmm-managed/main.go b/managed/cmd/pmm-managed/main.go index b9b12591f9..5bdc4faa9f 100644 --- a/managed/cmd/pmm-managed/main.go +++ b/managed/cmd/pmm-managed/main.go @@ -25,7 +25,7 @@ import ( "log" "net" "net/http" - _ "net/http/pprof" + _ "net/http/pprof" //nolint:gosec // register /debug/pprof "net/url" "os" "os/signal" diff --git a/managed/utils/distribution/distribution_util.go b/managed/utils/distribution/distribution_util.go index 526b76dcd2..e25f21b3b5 100644 --- a/managed/utils/distribution/distribution_util.go +++ b/managed/utils/distribution/distribution_util.go @@ -13,6 +13,7 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see . +// Package distribution provides structures and methods to determine the distribution method and OS of the PMM Server. package distribution import ( @@ -26,6 +27,7 @@ import ( serverv1 "github.com/percona/pmm/api/server/v1" ) +// Service provides methods to determine the distribution method and OS of the PMM Server. type Service struct { distributionInfoFilePath string osInfoFilePath string @@ -33,6 +35,7 @@ type Service struct { l *logrus.Entry } +// NewService creates a new Distribution Service. func NewService(distributionFilePath, osInfoFilePath string, l *logrus.Entry) *Service { return &Service{ distributionInfoFilePath: distributionFilePath, @@ -41,6 +44,7 @@ func NewService(distributionFilePath, osInfoFilePath string, l *logrus.Entry) *S } } +// GetDistributionMethodAndOS returns the distribution method and OS of the PMM Server. func (d Service) GetDistributionMethodAndOS() (serverv1.DistributionMethod, pmmv1.DistributionMethod, string) { dm := os.Getenv("PMM_DISTRIBUTION_METHOD") if dm == "" { From 3604514f16c3758e468199db8075081c101673c6 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Thu, 18 Jul 2024 23:28:30 +0300 Subject: [PATCH 32/64] PMM-12940 Fix linters. --- managed/services/telemetry/telemetry.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/managed/services/telemetry/telemetry.go b/managed/services/telemetry/telemetry.go index f257e4eb71..1a64c5f96c 100644 --- a/managed/services/telemetry/telemetry.go +++ b/managed/services/telemetry/telemetry.go @@ -67,7 +67,8 @@ var ( ) // NewService creates a new service. -func NewService(db *reform.DB, portalClient *platform.Client, pmmVersion string, dus distributionUtilService, config ServiceConfig, extensions map[ExtensionType]Extension) (*Service, error) { +func NewService(db *reform.DB, portalClient *platform.Client, pmmVersion string, + dus distributionUtilService, config ServiceConfig, extensions map[ExtensionType]Extension) (*Service, error) { if config.SaasHostname == "" { return nil, errors.New("empty host") } From 45a6fdde3e305b8c6a9fc4e1f63dc58c41e97e9a Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Fri, 19 Jul 2024 00:10:50 +0300 Subject: [PATCH 33/64] PMM-12940 Fix linters. --- managed/services/telemetry/telemetry.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/managed/services/telemetry/telemetry.go b/managed/services/telemetry/telemetry.go index 1a64c5f96c..966ee5ec27 100644 --- a/managed/services/telemetry/telemetry.go +++ b/managed/services/telemetry/telemetry.go @@ -68,7 +68,8 @@ var ( // NewService creates a new service. func NewService(db *reform.DB, portalClient *platform.Client, pmmVersion string, - dus distributionUtilService, config ServiceConfig, extensions map[ExtensionType]Extension) (*Service, error) { + dus distributionUtilService, config ServiceConfig, extensions map[ExtensionType]Extension, +) (*Service, error) { if config.SaasHostname == "" { return nil, errors.New("empty host") } From 0b3a2d40a23882049e33d46dcda2dce9720cbfdd Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Fri, 19 Jul 2024 01:15:48 +0300 Subject: [PATCH 34/64] PMM-12940 Set need_initialization correctly. --- build/ansible/roles/initialization/tasks/main.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/build/ansible/roles/initialization/tasks/main.yml b/build/ansible/roles/initialization/tasks/main.yml index 58318319a6..4aac9985ad 100644 --- a/build/ansible/roles/initialization/tasks/main.yml +++ b/build/ansible/roles/initialization/tasks/main.yml @@ -11,6 +11,10 @@ src: /usr/share/percona-dashboards/VERSION register: image_version_file +- name: Initialization needed + set_fact: + need_initialization: "{{ current_version_file['failed'] == true }}" + - name: Set current version if VERSION doesn't exist set_fact: pmm_current_version: "0.0" @@ -36,9 +40,6 @@ - name: Print need_upgrade fact debug: msg: "Need upgrade: {{ need_upgrade }}" -- name: Initialization needed - set_fact: - need_initialization: "{{ pmm_current_version == '0.0' }}" - name: Perform upgrade & init tasks block: From 565672690b235e68ef588dfcbb5c3ced85032261 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Fri, 19 Jul 2024 01:47:24 +0300 Subject: [PATCH 35/64] PMM-12940 remove must setup. --- .../ansible/roles/nginx/files/conf.d/pmm.conf | 18 +----- managed/services/grafana/auth_server.go | 62 +------------------ 2 files changed, 2 insertions(+), 78 deletions(-) diff --git a/build/ansible/roles/nginx/files/conf.d/pmm.conf b/build/ansible/roles/nginx/files/conf.d/pmm.conf index ec646a1672..1ac2365a9d 100644 --- a/build/ansible/roles/nginx/files/conf.d/pmm.conf +++ b/build/ansible/roles/nginx/files/conf.d/pmm.conf @@ -73,13 +73,9 @@ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # Enable auth_request for all locations, including root - # (but excluding /auth_request and /setup below). + # (but excluding /auth_request). auth_request /auth_request; - # Store the value of X-Must-Setup header of auth_request subrequest response in the variable. - # It is used below in /auth_request. - auth_request_set $auth_request_must_setup $upstream_http_x_must_setup; - # Store the value of X-Proxy-Filter header of auth_request subrequest response in the variable. auth_request_set $auth_request_proxy_filter $upstream_http_x_proxy_filter; proxy_set_header X-Proxy-Filter $auth_request_proxy_filter; @@ -109,23 +105,11 @@ proxy_http_version 1.1; proxy_set_header Connection ""; - # This header is set only for to the second request, not for the first subrequest. - # That variable is set above. - proxy_set_header X-Must-Setup $auth_request_must_setup; - # Those headers are set for both subrequest and normal request. proxy_set_header X-Original-Uri $request_uri; proxy_set_header X-Original-Method $request_method; } - # AWS setup wizard - location /setup { - auth_request off; - - alias /usr/share/percona-dashboards/setup-page; - try_files $uri /index.html break; - } - # Grafana rewrite ^/$ $scheme://$http_host/graph/; rewrite ^/graph$ /graph/; diff --git a/managed/services/grafana/auth_server.go b/managed/services/grafana/auth_server.go index 4379d23ad0..da0c5ab9d9 100644 --- a/managed/services/grafana/auth_server.go +++ b/managed/services/grafana/auth_server.go @@ -94,14 +94,13 @@ var rules = map[string]role{ "/v1/qan": viewer, "/v1/qan:": viewer, - // mustSetupRules group "/prometheus": admin, "/victoriametrics": admin, "/graph": none, "/swagger": none, "/v1/server/logs.zip": admin, - // "/auth_request" and "/setup" have auth_request disabled in nginx config + // "/auth_request" has auth_request disabled in nginx config // "/" is a special case in this code } @@ -115,16 +114,6 @@ var vmProxyPrefixes = []string{ const vmProxyHeaderName = "X-Proxy-Filter" -// Only UI is blocked by setup wizard; APIs can be used. -// Critically, AWSInstanceCheck must be available for the setup wizard itself to work; -// and /agent.v1.AgentService/Connect and Management APIs should be available for pmm-agent on PMM Server registration. -var mustSetupRules = []string{ - "/prometheus", - "/victoriametrics", - "/graph", - "/swagger", -} - // nginx auth_request directive supports only 401 and 403 - every other code results in 500. // Our APIs can return codes.PermissionDenied which maps to 403 / http.StatusForbidden. // Our APIs MUST NOT return codes.Unauthenticated which maps to 401 / http.StatusUnauthorized @@ -227,10 +216,6 @@ func (s *AuthServer) ServeHTTP(rw http.ResponseWriter, req *http.Request) { l := s.l.WithField("req", fmt.Sprintf("%s %s", req.Method, req.URL.Path)) // TODO l := logger.Get(ctx) once we have it after https://jira.percona.com/browse/PMM-4326 - if s.mustSetup(rw, req, l) { - return - } - // fail-safe ctx, cancel := context.WithTimeout(req.Context(), 3*time.Second) defer cancel() @@ -404,51 +389,6 @@ func extractOriginalRequest(req *http.Request) error { return nil } -// mustSetup returns true if AWS instance ID must be checked. -func (s *AuthServer) mustSetup(rw http.ResponseWriter, req *http.Request, l *logrus.Entry) bool { - // Only UI is blocked by setup wizard; APIs can be used. - var found bool - for _, r := range mustSetupRules { - if strings.HasPrefix(req.URL.Path, r) { - found = true - break - } - } - if !found { - return false - } - - // This header is used to pass information that setup is required from auth_request subrequest - // to normal request to return redirect with location - something that auth_request can't do. - const mustSetupHeader = "X-Must-Setup" - - // Redirect to /setup page. - if req.Header.Get(mustSetupHeader) != "" { - const redirectCode = 303 // temporary, not cacheable, always GET - l.Warnf("AWS instance ID must be checked, returning %d with Location.", redirectCode) - rw.Header().Set("Location", "/setup") - rw.WriteHeader(redirectCode) - return true - } - - // Use X-Test-Must-Setup header for testing. - // There is no way to skip check, only to enforce it. - mustCheck := s.checker.MustCheck() - if req.Header.Get("X-Test-Must-Setup") != "" { - l.Debug("X-Test-Must-Setup is present, enforcing AWS instance ID check.") - mustCheck = true - } - - if mustCheck { - l.Warnf("AWS instance ID must be checked, returning %d with %s.", authenticationErrorCode, mustSetupHeader) - rw.Header().Set(mustSetupHeader, "1") // any non-empty value is ok - rw.WriteHeader(authenticationErrorCode) - return true - } - - return false -} - // nextPrefix returns path's prefix, stopping on slashes, dots, and colons, e.g.: // /inventory.Nodes/ListNodes -> /inventory.Nodes/ -> /inventory.Nodes -> /inventory. -> /inventory -> / // /v1/inventory/Nodes/List -> /v1/inventory/Nodes/ -> /v1/inventory/Nodes -> /v1/inventory/ -> /v1/inventory -> /v1/ -> /v1 -> / From 1a7fac99519beca3eb995e88e148b1f27c102382 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Fri, 19 Jul 2024 13:50:17 +0300 Subject: [PATCH 36/64] PMM-12940 use FB(should be reverted). --- .../packer/ansible/roles/podman-setup/templates/pmm-server.env | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.env b/build/packer/ansible/roles/podman-setup/templates/pmm-server.env index ce1d07d92d..96b84700b9 100644 --- a/build/packer/ansible/roles/podman-setup/templates/pmm-server.env +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.env @@ -1,5 +1,5 @@ PMM_WATCHTOWER_HOST="http://watchtower:8080" PMM_WATCHTOWER_TOKEN=123 PMM_SERVER_UPDATE_VERSION="docker.io/perconalab/pmm-server:3-dev-container" -PMM_IMAGE="docker.io/perconalab/pmm-server:3-dev-latest" +PMM_IMAGE="docker.io/perconalab/pmm-server-fb:PR-3664-cc4153b" PMM_DISTRIBUTION_METHOD="ami" \ No newline at end of file From 2dec2034926b6c85990b93ac8ed7711eec351269 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Fri, 19 Jul 2024 15:49:58 +0300 Subject: [PATCH 37/64] PMM-12940 improve entrypoint. --- build/docker/server/entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/docker/server/entrypoint.sh b/build/docker/server/entrypoint.sh index 8f786c8daa..e35c92f882 100755 --- a/build/docker/server/entrypoint.sh +++ b/build/docker/server/entrypoint.sh @@ -14,8 +14,8 @@ if [ ! -f INIT_FILE ]; then echo "Initializing /srv..." mkdir -p /srv/{backup,clickhouse,grafana,logs,nginx,postgres14,prometheus,victoriametrics} echo "Copying grafana plugins and the VERSION file..." + mkdir -p /srv/grafana/plugins cp -r /usr/share/percona-dashboards/panels/* /srv/grafana/plugins - cp /usr/share/percona-dashboards/VERSION /srv/grafana/PERCONA_DASHBOARDS_VERSION echo "Generating self-signed certificates for nginx..." bash /var/lib/cloud/scripts/per-boot/generate-ssl-certificate From 918f747c9027eac1883e6bb362a177fc7ed538c9 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Fri, 19 Jul 2024 18:35:26 +0300 Subject: [PATCH 38/64] PMM-12940 use new PMM Image. --- .../ansible/roles/podman-setup/templates/pmm-server.env | 2 +- .../ansible/roles/podman-setup/templates/pmm-server.service | 5 +---- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.env b/build/packer/ansible/roles/podman-setup/templates/pmm-server.env index 96b84700b9..df577b1e11 100644 --- a/build/packer/ansible/roles/podman-setup/templates/pmm-server.env +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.env @@ -1,5 +1,5 @@ PMM_WATCHTOWER_HOST="http://watchtower:8080" PMM_WATCHTOWER_TOKEN=123 PMM_SERVER_UPDATE_VERSION="docker.io/perconalab/pmm-server:3-dev-container" -PMM_IMAGE="docker.io/perconalab/pmm-server-fb:PR-3664-cc4153b" +PMM_IMAGE="docker.io/perconalab/pmm-server-fb:PR-3664-08efb3a" PMM_DISTRIBUTION_METHOD="ami" \ No newline at end of file diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service index 9f43b7ec4a..dc862129e3 100644 --- a/build/packer/ansible/roles/podman-setup/templates/pmm-server.service +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.service @@ -16,10 +16,7 @@ ExecStart=/usr/bin/podman run \ --volume /home/admin/.ssh/:/home/pmm/.ssh/ \ --volume /home/admin/.config/:/home/pmm/config/ \ --rm --replace=true --name %N \ - -e PMM_WATCHTOWER_HOST=${PMM_WATCHTOWER_HOST} \ - -e PMM_WATCHTOWER_TOKEN=${PMM_WATCHTOWER_TOKEN} \ - -e PMM_SERVER_UPDATE_VERSION=${PMM_SERVER_UPDATE_VERSION} \ - -e PMM_DISTRIBUTION_METHOD=${PMM_DISTRIBUTION_METHOD} \ + --env-file=/home/admin/.config/systemd/user/pmm-server.env \ --net pmm_default \ --cap-add=net_admin,net_raw \ --userns=keep-id:uid=1000,gid=1000 \ From ae84f4829f50b3f55b791563603c3af8bd095132 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Fri, 19 Jul 2024 21:34:39 +0300 Subject: [PATCH 39/64] PMM-12940 move init admin password into container. --- .../files/init-admin-password | 10 +------ .../init-admin-password-ami/tasks/main.yml | 10 +++++++ .../roles/initialization/tasks/main.yml | 11 ++++++++ build/packer/ansible/pmm.yml | 1 - .../files/init-admin-password.service | 18 ------------- .../roles/init-admin-password/tasks/main.yml | 26 ------------------- .../podman-setup/templates/pmm-server.env | 8 +++--- build/packer/pmm.json | 1 - 8 files changed, 26 insertions(+), 59 deletions(-) rename build/{packer/ansible/roles/init-admin-password => ansible/roles/init-admin-password-ami}/files/init-admin-password (85%) create mode 100644 build/ansible/roles/init-admin-password-ami/tasks/main.yml delete mode 100644 build/packer/ansible/roles/init-admin-password/files/init-admin-password.service delete mode 100644 build/packer/ansible/roles/init-admin-password/tasks/main.yml diff --git a/build/packer/ansible/roles/init-admin-password/files/init-admin-password b/build/ansible/roles/init-admin-password-ami/files/init-admin-password similarity index 85% rename from build/packer/ansible/roles/init-admin-password/files/init-admin-password rename to build/ansible/roles/init-admin-password-ami/files/init-admin-password index 19f7e2af5b..665eeb890d 100644 --- a/build/packer/ansible/roles/init-admin-password/files/init-admin-password +++ b/build/ansible/roles/init-admin-password-ami/files/init-admin-password @@ -15,11 +15,6 @@ container_health_status() { podman inspect -f '{{.State.Health.Status}}' "$CONTAINER_NAME" 2>/dev/null } -if [ -f /home/admin/firstboot ]; then - echo "exiting, already was executed" - exit -fi - if [ -f /var/lib/cloud/data/status.json ]; then SOURCE=$( cat /var/lib/cloud/data/status.json 2>/dev/null | jq -r '.v1.datasource' 2>/dev/null @@ -44,9 +39,6 @@ if [ "x$SOURCE" = "xDataSourceEc2Local" ]; then echo "Container '$CONTAINER_NAME' is now healthy." INSTANCE_ID=$(curl --connect-timeout 5 -s http://169.254.169.254/latest/meta-data/instance-id) - podman exec pmm-server change-admin-password $INSTANCE_ID + change-admin-password $INSTANCE_ID fi -# Create the marker file -touch /home/admin/firstboot - diff --git a/build/ansible/roles/init-admin-password-ami/tasks/main.yml b/build/ansible/roles/init-admin-password-ami/tasks/main.yml new file mode 100644 index 0000000000..c02673851f --- /dev/null +++ b/build/ansible/roles/init-admin-password-ami/tasks/main.yml @@ -0,0 +1,10 @@ +- name: Copy watchtower systemd service file to user-specific directory + copy: + src: init-admin-password + dest: /home/pmm/init-admin-password + owner: admin + group: admin + mode: '0755' + +- name: start init-admin-password + command: /home/pmm/init-admin-password diff --git a/build/ansible/roles/initialization/tasks/main.yml b/build/ansible/roles/initialization/tasks/main.yml index 4aac9985ad..e39efdea19 100644 --- a/build/ansible/roles/initialization/tasks/main.yml +++ b/build/ansible/roles/initialization/tasks/main.yml @@ -1,5 +1,11 @@ --- # This role contains tasks executed during initialization of PMM Server +- name: detect /srv/pmm-distribution + stat: + path: /srv/pmm-distribution + no_log: yes + register: srv_pmm_distribution + - name: Get current version slurp: src: /srv/grafana/PERCONA_DASHBOARDS_VERSION @@ -105,6 +111,11 @@ retries: 20 delay: 5 + - name: init admin password on AMI + include_role: + name: init-admin-password-ami + when: need_initialization and srv_pmm_distribution == "ami" + - name: Disable maintenance mode file: state: absent diff --git a/build/packer/ansible/pmm.yml b/build/packer/ansible/pmm.yml index 4c09161ba8..572aa65feb 100644 --- a/build/packer/ansible/pmm.yml +++ b/build/packer/ansible/pmm.yml @@ -8,4 +8,3 @@ - lvm-init - podman-setup - ami-ovf - - init-admin-password diff --git a/build/packer/ansible/roles/init-admin-password/files/init-admin-password.service b/build/packer/ansible/roles/init-admin-password/files/init-admin-password.service deleted file mode 100644 index 7382a88b4c..0000000000 --- a/build/packer/ansible/roles/init-admin-password/files/init-admin-password.service +++ /dev/null @@ -1,18 +0,0 @@ -[Unit] -Description=init-admin-password -Wants=network-online.target -After=network-online.target -After=nss-user-lookup.target nss-lookup.target -After=time-sync.target -After=pmm-server.target - -[Service] -Restart=on-failure -RestartSec=20 -RemainAfterExit=true -Type=oneshot - -ExecStart=/home/admin/init-admin-password - -[Install] -WantedBy=default.target diff --git a/build/packer/ansible/roles/init-admin-password/tasks/main.yml b/build/packer/ansible/roles/init-admin-password/tasks/main.yml deleted file mode 100644 index 826d4c50ef..0000000000 --- a/build/packer/ansible/roles/init-admin-password/tasks/main.yml +++ /dev/null @@ -1,26 +0,0 @@ -- name: Copy watchtower systemd service file to user-specific directory - copy: - src: init-admin-password - dest: /home/admin/init-admin-password - owner: admin - group: admin - mode: '0755' - -- name: Copy change-admin-password systemd service file to user-specific directory - copy: - src: init-admin-password.service - dest: /home/admin/.config/systemd/user/ - owner: admin - group: admin - mode: '0644' - -- name: Enable and start init-admin-password as a user service - command: systemctl --user enable --now init-admin-password - become: true - become_user: admin - environment: - DBUS_SESSION_BUS_ADDRESS: "unix:path=/run/user/{{ admin_user_id.stdout }}/bus" - -- name: Sleep for 1 minute - pause: - minutes: 1 diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.env b/build/packer/ansible/roles/podman-setup/templates/pmm-server.env index df577b1e11..17de9cc2ca 100644 --- a/build/packer/ansible/roles/podman-setup/templates/pmm-server.env +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.env @@ -1,5 +1,5 @@ -PMM_WATCHTOWER_HOST="http://watchtower:8080" +PMM_WATCHTOWER_HOST=http://watchtower:8080 PMM_WATCHTOWER_TOKEN=123 -PMM_SERVER_UPDATE_VERSION="docker.io/perconalab/pmm-server:3-dev-container" -PMM_IMAGE="docker.io/perconalab/pmm-server-fb:PR-3664-08efb3a" -PMM_DISTRIBUTION_METHOD="ami" \ No newline at end of file +PMM_SERVER_UPDATE_VERSION=docker.io/perconalab/pmm-server:3-dev-container +PMM_IMAGE={{ pmm_server_image_name }} +PMM_DISTRIBUTION_METHOD=ami \ No newline at end of file diff --git a/build/packer/pmm.json b/build/packer/pmm.json index 29daa9a631..e4b1181e10 100644 --- a/build/packer/pmm.json +++ b/build/packer/pmm.json @@ -131,7 +131,6 @@ "packer/ansible/roles/cloud-node", "packer/ansible/roles/podman-setup", "packer/ansible/roles/ami-ovf", - "packer/ansible/roles/init-admin-password" ] }, { From 61a8fcd2ea9809377df663a49195006cadaa1663 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Sat, 20 Jul 2024 00:47:51 +0300 Subject: [PATCH 40/64] PMM-12940 detect AMI distribution. --- build/Makefile | 3 ++- .../roles/initialization/tasks/main.yml | 18 +++++++++++++----- 2 files changed, 15 insertions(+), 6 deletions(-) diff --git a/build/Makefile b/build/Makefile index 66da3fddb0..c43ca1f964 100644 --- a/build/Makefile +++ b/build/Makefile @@ -1,5 +1,6 @@ export PACKER_CACHE_DIR := .cache export PACKER_VERSION := 1.9.4 +export PMM_SERVER_IMAGE := docker.io/percona/pmm-server:3-dev-latest ## ----------------- PACKER ------------------ fetch: @@ -32,7 +33,7 @@ pmm-azure: pmm-ami: docker run --rm -v ${HOME}/.aws:/root/.aws -v `pwd`:/build -w /build \hashicorp/packer:${PACKER_VERSION} \ - build -only amazon-ebs -color=false packer/pmm.json | tee build.log + build -var 'pmm_server_image_name=${PMM_SERVER_IMAGE}' -only amazon-ebs -color=false packer/pmm.json | tee build.log ## ----------------- PACKER ------------------ check: ## Run required checks and linters diff --git a/build/ansible/roles/initialization/tasks/main.yml b/build/ansible/roles/initialization/tasks/main.yml index e39efdea19..655c1fd034 100644 --- a/build/ansible/roles/initialization/tasks/main.yml +++ b/build/ansible/roles/initialization/tasks/main.yml @@ -17,10 +17,6 @@ src: /usr/share/percona-dashboards/VERSION register: image_version_file -- name: Initialization needed - set_fact: - need_initialization: "{{ current_version_file['failed'] == true }}" - - name: Set current version if VERSION doesn't exist set_fact: pmm_current_version: "0.0" @@ -35,14 +31,26 @@ set_fact: pmm_image_version: "{{ image_version_file['content'] | b64decode | trim }}" +- name: Set need_initialization fact + set_fact: + need_initialization: "{{ current_version_file['failed'] == true }}" + - name: Set need_upgrade fact set_fact: need_upgrade: "{{ pmm_current_version is version(pmm_image_version, '<') }}" +- name: Print PMM distribution + debug: + msg: "PMM distribution: {{ srv_pmm_distribution }}" + - name: Print current PMM and image versions debug: msg: "Current version: {{ pmm_current_version }} Image Version: {{ pmm_image_version }}" +- name: Print need_initialization fact + debug: + msg: "Need initialization: {{ need_initialization }}" + - name: Print need_upgrade fact debug: msg: "Need upgrade: {{ need_upgrade }}" @@ -114,7 +122,7 @@ - name: init admin password on AMI include_role: name: init-admin-password-ami - when: need_initialization and srv_pmm_distribution == "ami" + when: need_initialization and srv_pmm_distribution == 'ami' - name: Disable maintenance mode file: From 23f906e5055ef8853892391715ed8a6bc47eace1 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Sat, 20 Jul 2024 00:51:32 +0300 Subject: [PATCH 41/64] PMM-12940 default env var for PMM Server Image. --- build/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/Makefile b/build/Makefile index c43ca1f964..c81f4eeb76 100644 --- a/build/Makefile +++ b/build/Makefile @@ -1,6 +1,6 @@ export PACKER_CACHE_DIR := .cache export PACKER_VERSION := 1.9.4 -export PMM_SERVER_IMAGE := docker.io/percona/pmm-server:3-dev-latest +export PMM_SERVER_IMAGE ?= docker.io/percona/pmm-server:3-dev-latest ## ----------------- PACKER ------------------ fetch: From 78e6f31c56c334438f5fb5516e74d3faecbff3c1 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Sat, 20 Jul 2024 01:30:49 +0300 Subject: [PATCH 42/64] PMM-12940 use new FB. --- build/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/Makefile b/build/Makefile index c81f4eeb76..9dcc49925d 100644 --- a/build/Makefile +++ b/build/Makefile @@ -1,6 +1,6 @@ export PACKER_CACHE_DIR := .cache export PACKER_VERSION := 1.9.4 -export PMM_SERVER_IMAGE ?= docker.io/percona/pmm-server:3-dev-latest +export PMM_SERVER_IMAGE ?= docker.io/perconalab/pmm-server-fb:PR-3664-e536f77 ## ----------------- PACKER ------------------ fetch: From 2d5ff846ad0b33430768ed010a23e68d3927f47f Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Sat, 20 Jul 2024 01:43:00 +0300 Subject: [PATCH 43/64] PMM-12940 Fix build. --- build/packer/pmm.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/packer/pmm.json b/build/packer/pmm.json index e4b1181e10..5fd2f79a43 100644 --- a/build/packer/pmm.json +++ b/build/packer/pmm.json @@ -130,7 +130,7 @@ "packer/ansible/roles/lvm-init", "packer/ansible/roles/cloud-node", "packer/ansible/roles/podman-setup", - "packer/ansible/roles/ami-ovf", + "packer/ansible/roles/ami-ovf" ] }, { From c288afc119300e13ae283f40073f8c24c2badb90 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Sat, 20 Jul 2024 02:32:55 +0300 Subject: [PATCH 44/64] PMM-12940 print environment file content. --- build/packer/ansible/roles/podman-setup/tasks/main.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/build/packer/ansible/roles/podman-setup/tasks/main.yml b/build/packer/ansible/roles/podman-setup/tasks/main.yml index 0f4389ae6c..1516e9c07d 100644 --- a/build/packer/ansible/roles/podman-setup/tasks/main.yml +++ b/build/packer/ansible/roles/podman-setup/tasks/main.yml @@ -71,6 +71,14 @@ group: admin mode: '0644' +- name: Display the contents of the environment file + command: cat /home/admin/.config/systemd/user/pmm-server.env + register: command_output + +- name: Print to console + debug: + msg: "{{command_output.stdout}}" + - name: Copy pmm-server systemd service file to user-specific directory template: src: pmm-server.service From 6124e4fcdc959e84e5551b3d50ab24e64ecb011f Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Sat, 20 Jul 2024 03:50:40 +0300 Subject: [PATCH 45/64] PMM-12940 fix entrypoint. --- build/docker/server/entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/docker/server/entrypoint.sh b/build/docker/server/entrypoint.sh index e35c92f882..8b3a5f2b4d 100755 --- a/build/docker/server/entrypoint.sh +++ b/build/docker/server/entrypoint.sh @@ -10,7 +10,7 @@ fi # Initialize /srv if empty INIT_FILE=/srv/initialized -if [ ! -f INIT_FILE ]; then +if [ ! -f $INIT_FILE ]; then echo "Initializing /srv..." mkdir -p /srv/{backup,clickhouse,grafana,logs,nginx,postgres14,prometheus,victoriametrics} echo "Copying grafana plugins and the VERSION file..." From f5f931ba4ce57024b01eb521793967c2dcaea94a Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Sat, 20 Jul 2024 03:55:35 +0300 Subject: [PATCH 46/64] PMM-12940 fix pmm distribution detection. --- build/ansible/roles/initialization/tasks/main.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/build/ansible/roles/initialization/tasks/main.yml b/build/ansible/roles/initialization/tasks/main.yml index 655c1fd034..71f4e9907e 100644 --- a/build/ansible/roles/initialization/tasks/main.yml +++ b/build/ansible/roles/initialization/tasks/main.yml @@ -1,10 +1,10 @@ --- # This role contains tasks executed during initialization of PMM Server - name: detect /srv/pmm-distribution - stat: + slurp: path: /srv/pmm-distribution - no_log: yes - register: srv_pmm_distribution + register: pmm_distribution + ignore_errors: True - name: Get current version slurp: @@ -41,7 +41,7 @@ - name: Print PMM distribution debug: - msg: "PMM distribution: {{ srv_pmm_distribution }}" + msg: "PMM distribution: {{ pmm_distribution }}" - name: Print current PMM and image versions debug: @@ -122,7 +122,7 @@ - name: init admin password on AMI include_role: name: init-admin-password-ami - when: need_initialization and srv_pmm_distribution == 'ami' + when: need_initialization and pmm_distribution == 'ami' - name: Disable maintenance mode file: From 44eee41e21dd51d42b784e4a9073e866b28e5b80 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Sat, 20 Jul 2024 12:20:16 +0300 Subject: [PATCH 47/64] PMM-12940 fix AMI detection. --- build/ansible/roles/initialization/tasks/main.yml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/build/ansible/roles/initialization/tasks/main.yml b/build/ansible/roles/initialization/tasks/main.yml index 71f4e9907e..76b7a208ee 100644 --- a/build/ansible/roles/initialization/tasks/main.yml +++ b/build/ansible/roles/initialization/tasks/main.yml @@ -6,6 +6,11 @@ register: pmm_distribution ignore_errors: True +- name: detect AMI + set_fact: + is_ami: '{{ lookup("file", "/srv/pmm-distribution") == "ami" }}' + no_log: yes + - name: Get current version slurp: src: /srv/grafana/PERCONA_DASHBOARDS_VERSION @@ -41,7 +46,7 @@ - name: Print PMM distribution debug: - msg: "PMM distribution: {{ pmm_distribution }}" + msg: "PMM distribution: {{ pmm_distribution }}, Is AMI: {{ is_ami }}" - name: Print current PMM and image versions debug: @@ -122,7 +127,7 @@ - name: init admin password on AMI include_role: name: init-admin-password-ami - when: need_initialization and pmm_distribution == 'ami' + when: need_initialization and is_ami - name: Disable maintenance mode file: From 0b6f872d540a8bb9628e88dcd4bb9c606b981e75 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Sun, 21 Jul 2024 00:15:00 +0300 Subject: [PATCH 48/64] PMM-12940 fix AMI detection. --- build/ansible/roles/initialization/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/ansible/roles/initialization/tasks/main.yml b/build/ansible/roles/initialization/tasks/main.yml index 76b7a208ee..0304e3fc47 100644 --- a/build/ansible/roles/initialization/tasks/main.yml +++ b/build/ansible/roles/initialization/tasks/main.yml @@ -8,7 +8,7 @@ - name: detect AMI set_fact: - is_ami: '{{ lookup("file", "/srv/pmm-distribution") == "ami" }}' + is_ami: "{{ pmm_distribution['content'] | b64decode | trim == 'ami' }}" no_log: yes - name: Get current version From 87db6e0106e8932c977b23fc1d00950648961891 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Sun, 21 Jul 2024 12:06:22 +0300 Subject: [PATCH 49/64] PMM-12940 fix AMI detection. --- build/ansible/roles/initialization/tasks/main.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/build/ansible/roles/initialization/tasks/main.yml b/build/ansible/roles/initialization/tasks/main.yml index 0304e3fc47..b7b2e2b061 100644 --- a/build/ansible/roles/initialization/tasks/main.yml +++ b/build/ansible/roles/initialization/tasks/main.yml @@ -9,7 +9,12 @@ - name: detect AMI set_fact: is_ami: "{{ pmm_distribution['content'] | b64decode | trim == 'ami' }}" - no_log: yes + when: pmm_distribution['failed'] == false + +- name: Set PMM distribution + set_fact: + is_ami: "False" + when: pmm_distribution['failed'] == true - name: Get current version slurp: From 013f10874bf6328f465a8bd32bc19534aff60ebf Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Sun, 21 Jul 2024 13:44:52 +0300 Subject: [PATCH 50/64] PMM-12940 change order on AMI build. --- build/packer/ansible/roles/podman-setup/tasks/main.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/build/packer/ansible/roles/podman-setup/tasks/main.yml b/build/packer/ansible/roles/podman-setup/tasks/main.yml index 1516e9c07d..9b13eecab4 100644 --- a/build/packer/ansible/roles/podman-setup/tasks/main.yml +++ b/build/packer/ansible/roles/podman-setup/tasks/main.yml @@ -34,11 +34,6 @@ policy: targeted state: permissive -- name: Pull the PMM image - command: podman pull {{ pmm_server_image_name }} - become: true - become_user: admin - - name: Create a volume on the host command: podman volume create pmm-data become: true @@ -102,6 +97,11 @@ - name: Enable linger for the admin user command: loginctl enable-linger {{ admin_user_id.stdout }} +- name: Pull the PMM image + command: podman pull {{ pmm_server_image_name }} + become: true + become_user: admin + - name: Enable and start PMM container as a user service command: systemctl --user enable --now pmm-server become: true From 469303efd4d682ff16e3d8a237b0b06dbff671d0 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Sun, 21 Jul 2024 19:54:06 +0300 Subject: [PATCH 51/64] PMM-12940 change admin user to pmm user in ansible. --- build/ansible/roles/init-admin-password-ami/tasks/main.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/build/ansible/roles/init-admin-password-ami/tasks/main.yml b/build/ansible/roles/init-admin-password-ami/tasks/main.yml index c02673851f..5fca0a7ba5 100644 --- a/build/ansible/roles/init-admin-password-ami/tasks/main.yml +++ b/build/ansible/roles/init-admin-password-ami/tasks/main.yml @@ -2,8 +2,6 @@ copy: src: init-admin-password dest: /home/pmm/init-admin-password - owner: admin - group: admin mode: '0755' - name: start init-admin-password From 41a5b12b04c512f08220980734172ffd20e28497 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Sun, 21 Jul 2024 23:57:40 +0300 Subject: [PATCH 52/64] PMM-12940 fix logic of change admin password. --- .../files/init-admin-password | 44 ------------------- .../init-admin-password-ami/tasks/main.yml | 16 ++++--- 2 files changed, 9 insertions(+), 51 deletions(-) delete mode 100644 build/ansible/roles/init-admin-password-ami/files/init-admin-password diff --git a/build/ansible/roles/init-admin-password-ami/files/init-admin-password b/build/ansible/roles/init-admin-password-ami/files/init-admin-password deleted file mode 100644 index 665eeb890d..0000000000 --- a/build/ansible/roles/init-admin-password-ami/files/init-admin-password +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/sh - -PATH=/bin:/sbin -SOURCE= -# Name of the container to check -CONTAINER_NAME="pmm-server" - -# Function to check if the container is running -is_container_running() { - podman inspect -f '{{.State.Running}}' "$CONTAINER_NAME" 2>/dev/null -} - -# Function to check container health status -container_health_status() { - podman inspect -f '{{.State.Health.Status}}' "$CONTAINER_NAME" 2>/dev/null -} - -if [ -f /var/lib/cloud/data/status.json ]; then - SOURCE=$( - cat /var/lib/cloud/data/status.json 2>/dev/null | jq -r '.v1.datasource' 2>/dev/null - ) -fi - -if [ "x$SOURCE" = "xDataSourceEc2Local" ]; then - # Loop until the container is running - echo "Waiting for container '$CONTAINER_NAME' to start..." - while [ "$(is_container_running)" != "true" ]; do - sleep 1 - done - - echo "Container '$CONTAINER_NAME' is now running." - - # Loop until the container is healthy - echo "Waiting for container '$CONTAINER_NAME' to become healthy..." - while [ "$(container_health_status)" != "healthy" ]; do - sleep 1 - done - - echo "Container '$CONTAINER_NAME' is now healthy." - - INSTANCE_ID=$(curl --connect-timeout 5 -s http://169.254.169.254/latest/meta-data/instance-id) - change-admin-password $INSTANCE_ID -fi - diff --git a/build/ansible/roles/init-admin-password-ami/tasks/main.yml b/build/ansible/roles/init-admin-password-ami/tasks/main.yml index 5fca0a7ba5..9275e0dd56 100644 --- a/build/ansible/roles/init-admin-password-ami/tasks/main.yml +++ b/build/ansible/roles/init-admin-password-ami/tasks/main.yml @@ -1,8 +1,10 @@ -- name: Copy watchtower systemd service file to user-specific directory - copy: - src: init-admin-password - dest: /home/pmm/init-admin-password - mode: '0755' +- name: Fetch instance metadata + uri: + url: http://169.254.169.254/latest/meta-data/instance-id + return_content: yes + register: jsondata -- name: start init-admin-password - command: /home/pmm/init-admin-password +- debug: msg="Instance ID {{ jsondata['content'] }}" + +- name: change admin password + command: change-admin-password {{ jsondata['content'] }} From 84cd01cf2538d119e6f41b9685010890ff866e1a Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Mon, 22 Jul 2024 02:29:40 +0300 Subject: [PATCH 53/64] PMM-12940 Drop additional file. --- build/docker/server/entrypoint.sh | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/build/docker/server/entrypoint.sh b/build/docker/server/entrypoint.sh index 8b3a5f2b4d..4b7b0b7f93 100755 --- a/build/docker/server/entrypoint.sh +++ b/build/docker/server/entrypoint.sh @@ -1,6 +1,8 @@ #!/bin/bash set -o errexit +PMM_DISTRIBUTION_METHOD="${PMM_DISTRIBUTION_METHOD:-docker}" + if [ ! -w /srv ]; then echo "FATAL: /srv is not writable for $(whoami) user." >&2 echo "Please make sure that /srv is owned by uid $(id -u) and gid $(id -g) and try again." >&2 @@ -9,8 +11,9 @@ if [ ! -w /srv ]; then fi # Initialize /srv if empty -INIT_FILE=/srv/initialized -if [ ! -f $INIT_FILE ]; then +DIST_FILE=/srv/pmm-distribution +if [ ! -f $DIST_FILE ]; then + echo $PMM_DISTRIBUTION_METHOD > $DIST_FILE echo "Initializing /srv..." mkdir -p /srv/{backup,clickhouse,grafana,logs,nginx,postgres14,prometheus,victoriametrics} echo "Copying grafana plugins and the VERSION file..." @@ -27,11 +30,6 @@ if [ ! -f $INIT_FILE ]; then /usr/pgsql-14/bin/pg_ctl start -D /srv/postgres14 -o '-c logging_collector=off' /usr/bin/psql postgres postgres -c 'CREATE EXTENSION pg_stat_statements SCHEMA public' /usr/pgsql-14/bin/pg_ctl stop -D /srv/postgres14 - touch $INIT_FILE -fi -DIST_FILE=/srv/pmm-distribution -if [ ! -f $DIST_FILE ]; then - echo "docker" > $DIST_FILE fi # pmm-managed-init validates environment variables. From 00ec7575b74fc33a7bdb927a5372570aefd82b59 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Mon, 22 Jul 2024 11:56:40 +0300 Subject: [PATCH 54/64] PMM-12940 use ENV instead of file for AMI distribution. --- build/packer/ansible/roles/podman-setup/tasks/main.yml | 10 ++++------ .../roles/podman-setup/templates/pmm-server.env | 2 +- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/build/packer/ansible/roles/podman-setup/tasks/main.yml b/build/packer/ansible/roles/podman-setup/tasks/main.yml index 9b13eecab4..630de3910e 100644 --- a/build/packer/ansible/roles/podman-setup/tasks/main.yml +++ b/build/packer/ansible/roles/podman-setup/tasks/main.yml @@ -8,18 +8,16 @@ - name: Set distribution for OVF when: ansible_virtualization_type == "virtualbox" - copy: - content: ovf - dest: /home/admin/volume/srv/pmm-distribution + set_fact: + pmm_distribution_method: ovf - name: Set distribution for AMI when: > ( ansible_virtualization_type == "xen" or ansible_virtualization_type == "kvm" ) and ansible_system_vendor != "DigitalOcean" - copy: - content: ami - dest: /home/admin/volume/srv/pmm-distribution + set_fact: + pmm_distribution_method: ami - name: Change file owner when: ansible_virtualization_type == "virtualbox" or diff --git a/build/packer/ansible/roles/podman-setup/templates/pmm-server.env b/build/packer/ansible/roles/podman-setup/templates/pmm-server.env index 17de9cc2ca..88936af0a7 100644 --- a/build/packer/ansible/roles/podman-setup/templates/pmm-server.env +++ b/build/packer/ansible/roles/podman-setup/templates/pmm-server.env @@ -2,4 +2,4 @@ PMM_WATCHTOWER_HOST=http://watchtower:8080 PMM_WATCHTOWER_TOKEN=123 PMM_SERVER_UPDATE_VERSION=docker.io/perconalab/pmm-server:3-dev-container PMM_IMAGE={{ pmm_server_image_name }} -PMM_DISTRIBUTION_METHOD=ami \ No newline at end of file +PMM_DISTRIBUTION_METHOD={{ pmm_distribution_method }} \ No newline at end of file From 7e8013a02ac56633df96e0cf452b7d7c8020f383 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Mon, 22 Jul 2024 15:48:54 +0300 Subject: [PATCH 55/64] PMM-13053 Cleanup. --- api-tests/server/auth_test.go | 91 ---- .../aws_instance_check_parameters.go | 160 ------- .../aws_instance_check_responses.go | 369 --------------- .../server_service/server_service_client.go | 41 -- api/server/v1/json/v1.json | 59 --- api/server/v1/server.pb.go | 421 ++++++------------ api/server/v1/server.pb.gw.go | 81 ---- api/server/v1/server.pb.validate.go | 215 --------- api/server/v1/server.proto | 15 - api/server/v1/server_grpc.pb.go | 40 -- api/swagger/swagger-dev.json | 59 --- api/swagger/swagger.json | 59 --- descriptor.bin | Bin 699751 -> 699050 bytes managed/cmd/pmm-managed/main.go | 4 +- managed/services/grafana/auth_server.go | 18 +- managed/services/grafana/auth_server_test.go | 101 ----- managed/services/grafana/deps.go | 6 - .../grafana/mock_aws_instance_checker_test.go | 43 -- .../services/server/aws_instance_checker.go | 121 ----- .../server/aws_instance_checker_test.go | 95 ---- managed/services/server/server.go | 11 - 21 files changed, 154 insertions(+), 1855 deletions(-) delete mode 100644 api/server/v1/json/client/server_service/aws_instance_check_parameters.go delete mode 100644 api/server/v1/json/client/server_service/aws_instance_check_responses.go delete mode 100644 managed/services/grafana/mock_aws_instance_checker_test.go delete mode 100644 managed/services/server/aws_instance_checker.go delete mode 100644 managed/services/server/aws_instance_checker_test.go diff --git a/api-tests/server/auth_test.go b/api-tests/server/auth_test.go index 0430f11d1e..a51d60b3dd 100644 --- a/api-tests/server/auth_test.go +++ b/api-tests/server/auth_test.go @@ -24,7 +24,6 @@ import ( "net/http/httputil" "net/url" "strconv" - "strings" "testing" "time" @@ -98,96 +97,6 @@ func TestAuth(t *testing.T) { }) } -func TestSetup(t *testing.T) { - t.Parallel() - // make a BaseURL without authentication - baseURL, err := url.Parse(pmmapitests.BaseURL.String()) - require.NoError(t, err) - baseURL.User = nil - - // make client that does not follow redirects - client := &http.Client{ - CheckRedirect: func(req *http.Request, via []*http.Request) error { - return http.ErrUseLastResponse - }, - } - - t.Run("WebPage", func(t *testing.T) { - t.Parallel() - - uri := baseURL.ResolveReference(&url.URL{ - Path: "/setup", - }) - t.Logf("URI: %s", uri) - req, err := http.NewRequestWithContext(pmmapitests.Context, http.MethodGet, uri.String(), nil) - require.NoError(t, err) - req.Header.Set("X-Test-Must-Setup", "1") - - resp, b := doRequest(t, client, req) //nolint:bodyclose - - assert.Equal(t, 200, resp.StatusCode, "response:\n%s", b) - assert.True(t, strings.HasPrefix(string(b), ``), string(b)) - }) - - t.Run("Redirect", func(t *testing.T) { - t.Parallel() - paths := map[string]int{ - "graph": 303, - "graph/": 303, - "prometheus": 303, - "prometheus/": 303, - "swagger": 200, - "swagger/": 301, - - "v1/server/readyz": 200, - "v1/server/AWSInstance": 400, // It must accept a parameter - "v1/server/version": 401, // Grafana authentication required - } - for path, code := range paths { - path, code := path, code - t.Run(fmt.Sprintf("%s=%d", path, code), func(t *testing.T) { - t.Parallel() - - uri := baseURL.ResolveReference(&url.URL{ - Path: path, - }) - t.Logf("URI: %s", uri) - req, err := http.NewRequestWithContext(pmmapitests.Context, http.MethodGet, uri.String(), nil) - require.NoError(t, err) - req.Header.Set("X-Test-Must-Setup", "1") - - resp, b := doRequest(t, client, req) //nolint:bodyclose - - assert.Equal(t, code, resp.StatusCode, "response:\n%s", b) - if code == 303 { - assert.Equal(t, "/setup", resp.Header.Get("Location")) - } - }) - } - }) - - t.Run("API", func(t *testing.T) { - t.Parallel() - - q := make(url.Values) - q.Set("instance_id", "123") - uri := baseURL.ResolveReference(&url.URL{ - Path: "v1/server/AWSInstance", - RawQuery: q.Encode(), - }) - t.Logf("URI: %s", uri) - require.NoError(t, err) - req, err := http.NewRequestWithContext(pmmapitests.Context, http.MethodGet, uri.String(), nil) - require.NoError(t, err) - req.Header.Set("X-Test-Must-Setup", "1") - - resp, b := doRequest(t, client, req) //nolint:bodyclose - - assert.Equal(t, 200, resp.StatusCode, "response:\n%s", b) - assert.Equal(t, "{}", string(b), "response:\n%s", b) - }) -} - func TestSwagger(t *testing.T) { t.Parallel() for _, path := range []string{ diff --git a/api/server/v1/json/client/server_service/aws_instance_check_parameters.go b/api/server/v1/json/client/server_service/aws_instance_check_parameters.go deleted file mode 100644 index 87f36dd758..0000000000 --- a/api/server/v1/json/client/server_service/aws_instance_check_parameters.go +++ /dev/null @@ -1,160 +0,0 @@ -// Code generated by go-swagger; DO NOT EDIT. - -package server_service - -// This file was generated by the swagger tool. -// Editing this file might prove futile when you re-run the swagger generate command - -import ( - "context" - "net/http" - "time" - - "github.com/go-openapi/errors" - "github.com/go-openapi/runtime" - cr "github.com/go-openapi/runtime/client" - "github.com/go-openapi/strfmt" -) - -// NewAWSInstanceCheckParams creates a new AWSInstanceCheckParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. -func NewAWSInstanceCheckParams() *AWSInstanceCheckParams { - return &AWSInstanceCheckParams{ - timeout: cr.DefaultTimeout, - } -} - -// NewAWSInstanceCheckParamsWithTimeout creates a new AWSInstanceCheckParams object -// with the ability to set a timeout on a request. -func NewAWSInstanceCheckParamsWithTimeout(timeout time.Duration) *AWSInstanceCheckParams { - return &AWSInstanceCheckParams{ - timeout: timeout, - } -} - -// NewAWSInstanceCheckParamsWithContext creates a new AWSInstanceCheckParams object -// with the ability to set a context for a request. -func NewAWSInstanceCheckParamsWithContext(ctx context.Context) *AWSInstanceCheckParams { - return &AWSInstanceCheckParams{ - Context: ctx, - } -} - -// NewAWSInstanceCheckParamsWithHTTPClient creates a new AWSInstanceCheckParams object -// with the ability to set a custom HTTPClient for a request. -func NewAWSInstanceCheckParamsWithHTTPClient(client *http.Client) *AWSInstanceCheckParams { - return &AWSInstanceCheckParams{ - HTTPClient: client, - } -} - -/* -AWSInstanceCheckParams contains all the parameters to send to the API endpoint - - for the AWS instance check operation. - - Typically these are written to a http.Request. -*/ -type AWSInstanceCheckParams struct { - /* InstanceID. - - AWS EC2 instance ID (i-1234567890abcdef0). - */ - InstanceID *string - - timeout time.Duration - Context context.Context - HTTPClient *http.Client -} - -// WithDefaults hydrates default values in the AWS instance check params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *AWSInstanceCheckParams) WithDefaults() *AWSInstanceCheckParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the AWS instance check params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *AWSInstanceCheckParams) SetDefaults() { - // no default values defined for this parameter -} - -// WithTimeout adds the timeout to the AWS instance check params -func (o *AWSInstanceCheckParams) WithTimeout(timeout time.Duration) *AWSInstanceCheckParams { - o.SetTimeout(timeout) - return o -} - -// SetTimeout adds the timeout to the AWS instance check params -func (o *AWSInstanceCheckParams) SetTimeout(timeout time.Duration) { - o.timeout = timeout -} - -// WithContext adds the context to the AWS instance check params -func (o *AWSInstanceCheckParams) WithContext(ctx context.Context) *AWSInstanceCheckParams { - o.SetContext(ctx) - return o -} - -// SetContext adds the context to the AWS instance check params -func (o *AWSInstanceCheckParams) SetContext(ctx context.Context) { - o.Context = ctx -} - -// WithHTTPClient adds the HTTPClient to the AWS instance check params -func (o *AWSInstanceCheckParams) WithHTTPClient(client *http.Client) *AWSInstanceCheckParams { - o.SetHTTPClient(client) - return o -} - -// SetHTTPClient adds the HTTPClient to the AWS instance check params -func (o *AWSInstanceCheckParams) SetHTTPClient(client *http.Client) { - o.HTTPClient = client -} - -// WithInstanceID adds the instanceID to the AWS instance check params -func (o *AWSInstanceCheckParams) WithInstanceID(instanceID *string) *AWSInstanceCheckParams { - o.SetInstanceID(instanceID) - return o -} - -// SetInstanceID adds the instanceId to the AWS instance check params -func (o *AWSInstanceCheckParams) SetInstanceID(instanceID *string) { - o.InstanceID = instanceID -} - -// WriteToRequest writes these params to a swagger request -func (o *AWSInstanceCheckParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error { - if err := r.SetTimeout(o.timeout); err != nil { - return err - } - var res []error - - if o.InstanceID != nil { - - // query param instance_id - var qrInstanceID string - - if o.InstanceID != nil { - qrInstanceID = *o.InstanceID - } - qInstanceID := qrInstanceID - if qInstanceID != "" { - if err := r.SetQueryParam("instance_id", qInstanceID); err != nil { - return err - } - } - } - - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} diff --git a/api/server/v1/json/client/server_service/aws_instance_check_responses.go b/api/server/v1/json/client/server_service/aws_instance_check_responses.go deleted file mode 100644 index ed42e91f41..0000000000 --- a/api/server/v1/json/client/server_service/aws_instance_check_responses.go +++ /dev/null @@ -1,369 +0,0 @@ -// Code generated by go-swagger; DO NOT EDIT. - -package server_service - -// This file was generated by the swagger tool. -// Editing this file might prove futile when you re-run the swagger generate command - -import ( - "context" - "fmt" - "io" - "strconv" - - "github.com/go-openapi/errors" - "github.com/go-openapi/runtime" - "github.com/go-openapi/strfmt" - "github.com/go-openapi/swag" -) - -// AWSInstanceCheckReader is a Reader for the AWSInstanceCheck structure. -type AWSInstanceCheckReader struct { - formats strfmt.Registry -} - -// ReadResponse reads a server response into the received o. -func (o *AWSInstanceCheckReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) { - switch response.Code() { - case 200: - result := NewAWSInstanceCheckOK() - if err := result.readResponse(response, consumer, o.formats); err != nil { - return nil, err - } - return result, nil - default: - result := NewAWSInstanceCheckDefault(response.Code()) - if err := result.readResponse(response, consumer, o.formats); err != nil { - return nil, err - } - if response.Code()/100 == 2 { - return result, nil - } - return nil, result - } -} - -// NewAWSInstanceCheckOK creates a AWSInstanceCheckOK with default headers values -func NewAWSInstanceCheckOK() *AWSInstanceCheckOK { - return &AWSInstanceCheckOK{} -} - -/* -AWSInstanceCheckOK describes a response with status code 200, with default header values. - -A successful response. -*/ -type AWSInstanceCheckOK struct { - Payload interface{} -} - -func (o *AWSInstanceCheckOK) Error() string { - return fmt.Sprintf("[GET /v1/server/AWSInstance][%d] awsInstanceCheckOk %+v", 200, o.Payload) -} - -func (o *AWSInstanceCheckOK) GetPayload() interface{} { - return o.Payload -} - -func (o *AWSInstanceCheckOK) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { - // response payload - if err := consumer.Consume(response.Body(), &o.Payload); err != nil && err != io.EOF { - return err - } - - return nil -} - -// NewAWSInstanceCheckDefault creates a AWSInstanceCheckDefault with default headers values -func NewAWSInstanceCheckDefault(code int) *AWSInstanceCheckDefault { - return &AWSInstanceCheckDefault{ - _statusCode: code, - } -} - -/* -AWSInstanceCheckDefault describes a response with status code -1, with default header values. - -An unexpected error response. -*/ -type AWSInstanceCheckDefault struct { - _statusCode int - - Payload *AWSInstanceCheckDefaultBody -} - -// Code gets the status code for the AWS instance check default response -func (o *AWSInstanceCheckDefault) Code() int { - return o._statusCode -} - -func (o *AWSInstanceCheckDefault) Error() string { - return fmt.Sprintf("[GET /v1/server/AWSInstance][%d] AWSInstanceCheck default %+v", o._statusCode, o.Payload) -} - -func (o *AWSInstanceCheckDefault) GetPayload() *AWSInstanceCheckDefaultBody { - return o.Payload -} - -func (o *AWSInstanceCheckDefault) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { - o.Payload = new(AWSInstanceCheckDefaultBody) - - // response payload - if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { - return err - } - - return nil -} - -/* -AWSInstanceCheckDefaultBody AWS instance check default body -swagger:model AWSInstanceCheckDefaultBody -*/ -type AWSInstanceCheckDefaultBody struct { - // code - Code int32 `json:"code,omitempty"` - - // message - Message string `json:"message,omitempty"` - - // details - Details []*AWSInstanceCheckDefaultBodyDetailsItems0 `json:"details"` -} - -// Validate validates this AWS instance check default body -func (o *AWSInstanceCheckDefaultBody) Validate(formats strfmt.Registry) error { - var res []error - - if err := o.validateDetails(formats); err != nil { - res = append(res, err) - } - - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} - -func (o *AWSInstanceCheckDefaultBody) validateDetails(formats strfmt.Registry) error { - if swag.IsZero(o.Details) { // not required - return nil - } - - for i := 0; i < len(o.Details); i++ { - if swag.IsZero(o.Details[i]) { // not required - continue - } - - if o.Details[i] != nil { - if err := o.Details[i].Validate(formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("AWSInstanceCheck default" + "." + "details" + "." + strconv.Itoa(i)) - } else if ce, ok := err.(*errors.CompositeError); ok { - return ce.ValidateName("AWSInstanceCheck default" + "." + "details" + "." + strconv.Itoa(i)) - } - return err - } - } - - } - - return nil -} - -// ContextValidate validate this AWS instance check default body based on the context it is used -func (o *AWSInstanceCheckDefaultBody) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - var res []error - - if err := o.contextValidateDetails(ctx, formats); err != nil { - res = append(res, err) - } - - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} - -func (o *AWSInstanceCheckDefaultBody) contextValidateDetails(ctx context.Context, formats strfmt.Registry) error { - for i := 0; i < len(o.Details); i++ { - if o.Details[i] != nil { - if err := o.Details[i].ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("AWSInstanceCheck default" + "." + "details" + "." + strconv.Itoa(i)) - } else if ce, ok := err.(*errors.CompositeError); ok { - return ce.ValidateName("AWSInstanceCheck default" + "." + "details" + "." + strconv.Itoa(i)) - } - return err - } - } - } - - return nil -} - -// MarshalBinary interface implementation -func (o *AWSInstanceCheckDefaultBody) MarshalBinary() ([]byte, error) { - if o == nil { - return nil, nil - } - return swag.WriteJSON(o) -} - -// UnmarshalBinary interface implementation -func (o *AWSInstanceCheckDefaultBody) UnmarshalBinary(b []byte) error { - var res AWSInstanceCheckDefaultBody - if err := swag.ReadJSON(b, &res); err != nil { - return err - } - *o = res - return nil -} - -/* -AWSInstanceCheckDefaultBodyDetailsItems0 `Any` contains an arbitrary serialized protocol buffer message along with a -// URL that describes the type of the serialized message. -// -// Protobuf library provides support to pack/unpack Any values in the form -// of utility functions or additional generated methods of the Any type. -// -// Example 1: Pack and unpack a message in C++. -// -// Foo foo = ...; -// Any any; -// any.PackFrom(foo); -// ... -// if (any.UnpackTo(&foo)) { -// ... -// } -// -// Example 2: Pack and unpack a message in Java. -// -// Foo foo = ...; -// Any any = Any.pack(foo); -// ... -// if (any.is(Foo.class)) { -// foo = any.unpack(Foo.class); -// } -// // or ... -// if (any.isSameTypeAs(Foo.getDefaultInstance())) { -// foo = any.unpack(Foo.getDefaultInstance()); -// } -// -// Example 3: Pack and unpack a message in Python. -// -// foo = Foo(...) -// any = Any() -// any.Pack(foo) -// ... -// if any.Is(Foo.DESCRIPTOR): -// any.Unpack(foo) -// ... -// -// Example 4: Pack and unpack a message in Go -// -// foo := &pb.Foo{...} -// any, err := anypb.New(foo) -// if err != nil { -// ... -// } -// ... -// foo := &pb.Foo{} -// if err := any.UnmarshalTo(foo); err != nil { -// ... -// } -// -// The pack methods provided by protobuf library will by default use -// 'type.googleapis.com/full.type.name' as the type URL and the unpack -// methods only use the fully qualified type name after the last '/' -// in the type URL, for example "foo.bar.com/x/y.z" will yield type -// name "y.z". -// -// JSON -// ==== -// The JSON representation of an `Any` value uses the regular -// representation of the deserialized, embedded message, with an -// additional field `@type` which contains the type URL. Example: -// -// package google.profile; -// message Person { -// string first_name = 1; -// string last_name = 2; -// } -// -// { -// "@type": "type.googleapis.com/google.profile.Person", -// "firstName": , -// "lastName": -// } -// -// If the embedded message type is well-known and has a custom JSON -// representation, that representation will be embedded adding a field -// `value` which holds the custom JSON in addition to the `@type` -// field. Example (for message [google.protobuf.Duration][]): -// -// { -// "@type": "type.googleapis.com/google.protobuf.Duration", -// "value": "1.212s" -// } -swagger:model AWSInstanceCheckDefaultBodyDetailsItems0 -*/ -type AWSInstanceCheckDefaultBodyDetailsItems0 struct { - // A URL/resource name that uniquely identifies the type of the serialized - // protocol buffer message. This string must contain at least - // one "/" character. The last segment of the URL's path must represent - // the fully qualified name of the type (as in - // `path/google.protobuf.Duration`). The name should be in a canonical form - // (e.g., leading "." is not accepted). - // - // In practice, teams usually precompile into the binary all types that they - // expect it to use in the context of Any. However, for URLs which use the - // scheme `http`, `https`, or no scheme, one can optionally set up a type - // server that maps type URLs to message definitions as follows: - // - // * If no scheme is provided, `https` is assumed. - // * An HTTP GET on the URL must yield a [google.protobuf.Type][] - // value in binary format, or produce an error. - // * Applications are allowed to cache lookup results based on the - // URL, or have them precompiled into a binary to avoid any - // lookup. Therefore, binary compatibility needs to be preserved - // on changes to types. (Use versioned type names to manage - // breaking changes.) - // - // Note: this functionality is not currently available in the official - // protobuf release, and it is not used for type URLs beginning with - // type.googleapis.com. As of May 2023, there are no widely used type server - // implementations and no plans to implement one. - // - // Schemes other than `http`, `https` (or the empty scheme) might be - // used with implementation specific semantics. - AtType string `json:"@type,omitempty"` -} - -// Validate validates this AWS instance check default body details items0 -func (o *AWSInstanceCheckDefaultBodyDetailsItems0) Validate(formats strfmt.Registry) error { - return nil -} - -// ContextValidate validates this AWS instance check default body details items0 based on context it is used -func (o *AWSInstanceCheckDefaultBodyDetailsItems0) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - -// MarshalBinary interface implementation -func (o *AWSInstanceCheckDefaultBodyDetailsItems0) MarshalBinary() ([]byte, error) { - if o == nil { - return nil, nil - } - return swag.WriteJSON(o) -} - -// UnmarshalBinary interface implementation -func (o *AWSInstanceCheckDefaultBodyDetailsItems0) UnmarshalBinary(b []byte) error { - var res AWSInstanceCheckDefaultBodyDetailsItems0 - if err := swag.ReadJSON(b, &res); err != nil { - return err - } - *o = res - return nil -} diff --git a/api/server/v1/json/client/server_service/server_service_client.go b/api/server/v1/json/client/server_service/server_service_client.go index 11343140a9..4d1cd044ff 100644 --- a/api/server/v1/json/client/server_service/server_service_client.go +++ b/api/server/v1/json/client/server_service/server_service_client.go @@ -30,8 +30,6 @@ type ClientOption func(*runtime.ClientOperation) // ClientService is the interface for Client methods type ClientService interface { - AWSInstanceCheck(params *AWSInstanceCheckParams, opts ...ClientOption) (*AWSInstanceCheckOK, error) - ChangeSettings(params *ChangeSettingsParams, opts ...ClientOption) (*ChangeSettingsOK, error) CheckUpdates(params *CheckUpdatesParams, opts ...ClientOption) (*CheckUpdatesOK, error) @@ -53,45 +51,6 @@ type ClientService interface { SetTransport(transport runtime.ClientTransport) } -/* -AWSInstanceCheck AWSs instance check - -Checks AWS EC2 instance ID. -*/ -func (a *Client) AWSInstanceCheck(params *AWSInstanceCheckParams, opts ...ClientOption) (*AWSInstanceCheckOK, error) { - // TODO: Validate the params before sending - if params == nil { - params = NewAWSInstanceCheckParams() - } - op := &runtime.ClientOperation{ - ID: "AWSInstanceCheck", - Method: "GET", - PathPattern: "/v1/server/AWSInstance", - ProducesMediaTypes: []string{"application/json"}, - ConsumesMediaTypes: []string{"application/json"}, - Schemes: []string{"http", "https"}, - Params: params, - Reader: &AWSInstanceCheckReader{formats: a.formats}, - Context: params.Context, - Client: params.HTTPClient, - } - for _, opt := range opts { - opt(op) - } - - result, err := a.transport.Submit(op) - if err != nil { - return nil, err - } - success, ok := result.(*AWSInstanceCheckOK) - if ok { - return success, nil - } - // unexpected success response - unexpectedSuccess := result.(*AWSInstanceCheckDefault) - return nil, runtime.NewAPIError("unexpected success response: content available as default response in error", unexpectedSuccess, unexpectedSuccess.Code()) -} - /* ChangeSettings changes settings diff --git a/api/server/v1/json/v1.json b/api/server/v1/json/v1.json index 7831e9a4fa..a47880959b 100644 --- a/api/server/v1/json/v1.json +++ b/api/server/v1/json/v1.json @@ -15,65 +15,6 @@ "version": "v1" }, "paths": { - "/v1/server/AWSInstance": { - "get": { - "description": "Checks AWS EC2 instance ID.", - "tags": [ - "ServerService" - ], - "summary": "AWS instance check", - "operationId": "AWSInstanceCheck", - "parameters": [ - { - "type": "string", - "description": "AWS EC2 instance ID (i-1234567890abcdef0).", - "name": "instance_id", - "in": "query" - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "type": "object" - } - }, - "default": { - "description": "An unexpected error response.", - "schema": { - "type": "object", - "properties": { - "code": { - "type": "integer", - "format": "int32", - "x-order": 0 - }, - "details": { - "type": "array", - "items": { - "description": "`Any` contains an arbitrary serialized protocol buffer message along with a\nURL that describes the type of the serialized message.\n\nProtobuf library provides support to pack/unpack Any values in the form\nof utility functions or additional generated methods of the Any type.\n\nExample 1: Pack and unpack a message in C++.\n\n Foo foo = ...;\n Any any;\n any.PackFrom(foo);\n ...\n if (any.UnpackTo(\u0026foo)) {\n ...\n }\n\nExample 2: Pack and unpack a message in Java.\n\n Foo foo = ...;\n Any any = Any.pack(foo);\n ...\n if (any.is(Foo.class)) {\n foo = any.unpack(Foo.class);\n }\n // or ...\n if (any.isSameTypeAs(Foo.getDefaultInstance())) {\n foo = any.unpack(Foo.getDefaultInstance());\n }\n\n Example 3: Pack and unpack a message in Python.\n\n foo = Foo(...)\n any = Any()\n any.Pack(foo)\n ...\n if any.Is(Foo.DESCRIPTOR):\n any.Unpack(foo)\n ...\n\n Example 4: Pack and unpack a message in Go\n\n foo := \u0026pb.Foo{...}\n any, err := anypb.New(foo)\n if err != nil {\n ...\n }\n ...\n foo := \u0026pb.Foo{}\n if err := any.UnmarshalTo(foo); err != nil {\n ...\n }\n\nThe pack methods provided by protobuf library will by default use\n'type.googleapis.com/full.type.name' as the type URL and the unpack\nmethods only use the fully qualified type name after the last '/'\nin the type URL, for example \"foo.bar.com/x/y.z\" will yield type\nname \"y.z\".\n\nJSON\n====\nThe JSON representation of an `Any` value uses the regular\nrepresentation of the deserialized, embedded message, with an\nadditional field `@type` which contains the type URL. Example:\n\n package google.profile;\n message Person {\n string first_name = 1;\n string last_name = 2;\n }\n\n {\n \"@type\": \"type.googleapis.com/google.profile.Person\",\n \"firstName\": \u003cstring\u003e,\n \"lastName\": \u003cstring\u003e\n }\n\nIf the embedded message type is well-known and has a custom JSON\nrepresentation, that representation will be embedded adding a field\n`value` which holds the custom JSON in addition to the `@type`\nfield. Example (for message [google.protobuf.Duration][]):\n\n {\n \"@type\": \"type.googleapis.com/google.protobuf.Duration\",\n \"value\": \"1.212s\"\n }", - "type": "object", - "properties": { - "@type": { - "description": "A URL/resource name that uniquely identifies the type of the serialized\nprotocol buffer message. This string must contain at least\none \"/\" character. The last segment of the URL's path must represent\nthe fully qualified name of the type (as in\n`path/google.protobuf.Duration`). The name should be in a canonical form\n(e.g., leading \".\" is not accepted).\n\nIn practice, teams usually precompile into the binary all types that they\nexpect it to use in the context of Any. However, for URLs which use the\nscheme `http`, `https`, or no scheme, one can optionally set up a type\nserver that maps type URLs to message definitions as follows:\n\n* If no scheme is provided, `https` is assumed.\n* An HTTP GET on the URL must yield a [google.protobuf.Type][]\n value in binary format, or produce an error.\n* Applications are allowed to cache lookup results based on the\n URL, or have them precompiled into a binary to avoid any\n lookup. Therefore, binary compatibility needs to be preserved\n on changes to types. (Use versioned type names to manage\n breaking changes.)\n\nNote: this functionality is not currently available in the official\nprotobuf release, and it is not used for type URLs beginning with\ntype.googleapis.com. As of May 2023, there are no widely used type server\nimplementations and no plans to implement one.\n\nSchemes other than `http`, `https` (or the empty scheme) might be\nused with implementation specific semantics.", - "type": "string", - "x-order": 0 - } - }, - "additionalProperties": false - }, - "x-order": 2 - }, - "message": { - "type": "string", - "x-order": 1 - } - } - } - } - } - } - }, "/v1/server/leaderHealthCheck": { "get": { "description": "Checks if the instance is the leader in a cluster. Returns an error if the instance isn't the leader.", diff --git a/api/server/v1/server.pb.go b/api/server/v1/server.pb.go index ff671a9f28..fd1eccccee 100644 --- a/api/server/v1/server.pb.go +++ b/api/server/v1/server.pb.go @@ -1469,92 +1469,6 @@ func (x *ChangeSettingsResponse) GetSettings() *Settings { return nil } -type AWSInstanceCheckRequest struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // AWS EC2 instance ID (i-1234567890abcdef0). - InstanceId string `protobuf:"bytes,1,opt,name=instance_id,json=instanceId,proto3" json:"instance_id,omitempty"` -} - -func (x *AWSInstanceCheckRequest) Reset() { - *x = AWSInstanceCheckRequest{} - if protoimpl.UnsafeEnabled { - mi := &file_server_v1_server_proto_msgTypes[21] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *AWSInstanceCheckRequest) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*AWSInstanceCheckRequest) ProtoMessage() {} - -func (x *AWSInstanceCheckRequest) ProtoReflect() protoreflect.Message { - mi := &file_server_v1_server_proto_msgTypes[21] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use AWSInstanceCheckRequest.ProtoReflect.Descriptor instead. -func (*AWSInstanceCheckRequest) Descriptor() ([]byte, []int) { - return file_server_v1_server_proto_rawDescGZIP(), []int{21} -} - -func (x *AWSInstanceCheckRequest) GetInstanceId() string { - if x != nil { - return x.InstanceId - } - return "" -} - -type AWSInstanceCheckResponse struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields -} - -func (x *AWSInstanceCheckResponse) Reset() { - *x = AWSInstanceCheckResponse{} - if protoimpl.UnsafeEnabled { - mi := &file_server_v1_server_proto_msgTypes[22] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *AWSInstanceCheckResponse) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*AWSInstanceCheckResponse) ProtoMessage() {} - -func (x *AWSInstanceCheckResponse) ProtoReflect() protoreflect.Message { - mi := &file_server_v1_server_proto_msgTypes[22] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use AWSInstanceCheckResponse.ProtoReflect.Descriptor instead. -func (*AWSInstanceCheckResponse) Descriptor() ([]byte, []int) { - return file_server_v1_server_proto_rawDescGZIP(), []int{22} -} - var File_server_v1_server_proto protoreflect.FileDescriptor var file_server_v1_server_proto_rawDesc = []byte{ @@ -1804,144 +1718,127 @@ var file_server_v1_server_proto_rawDesc = []byte{ 0x12, 0x2f, 0x0a, 0x08, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x52, 0x08, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, - 0x73, 0x22, 0x43, 0x0a, 0x17, 0x41, 0x57, 0x53, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, - 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x28, 0x0a, 0x0b, - 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, - 0x09, 0x42, 0x07, 0xfa, 0x42, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x0a, 0x69, 0x6e, 0x73, 0x74, - 0x61, 0x6e, 0x63, 0x65, 0x49, 0x64, 0x22, 0x1a, 0x0a, 0x18, 0x41, 0x57, 0x53, 0x49, 0x6e, 0x73, - 0x74, 0x61, 0x6e, 0x63, 0x65, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, - 0x73, 0x65, 0x2a, 0xce, 0x01, 0x0a, 0x12, 0x44, 0x69, 0x73, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, - 0x69, 0x6f, 0x6e, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, 0x23, 0x0a, 0x1f, 0x44, 0x49, 0x53, - 0x54, 0x52, 0x49, 0x42, 0x55, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x4d, 0x45, 0x54, 0x48, 0x4f, 0x44, - 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x1e, - 0x0a, 0x1a, 0x44, 0x49, 0x53, 0x54, 0x52, 0x49, 0x42, 0x55, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x4d, - 0x45, 0x54, 0x48, 0x4f, 0x44, 0x5f, 0x44, 0x4f, 0x43, 0x4b, 0x45, 0x52, 0x10, 0x01, 0x12, 0x1b, - 0x0a, 0x17, 0x44, 0x49, 0x53, 0x54, 0x52, 0x49, 0x42, 0x55, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x4d, - 0x45, 0x54, 0x48, 0x4f, 0x44, 0x5f, 0x4f, 0x56, 0x46, 0x10, 0x02, 0x12, 0x1b, 0x0a, 0x17, 0x44, - 0x49, 0x53, 0x54, 0x52, 0x49, 0x42, 0x55, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x4d, 0x45, 0x54, 0x48, - 0x4f, 0x44, 0x5f, 0x41, 0x4d, 0x49, 0x10, 0x03, 0x12, 0x1d, 0x0a, 0x19, 0x44, 0x49, 0x53, 0x54, + 0x73, 0x2a, 0xce, 0x01, 0x0a, 0x12, 0x44, 0x69, 0x73, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x69, + 0x6f, 0x6e, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, 0x23, 0x0a, 0x1f, 0x44, 0x49, 0x53, 0x54, 0x52, 0x49, 0x42, 0x55, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x4d, 0x45, 0x54, 0x48, 0x4f, 0x44, 0x5f, - 0x41, 0x5a, 0x55, 0x52, 0x45, 0x10, 0x04, 0x12, 0x1a, 0x0a, 0x16, 0x44, 0x49, 0x53, 0x54, 0x52, - 0x49, 0x42, 0x55, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x4d, 0x45, 0x54, 0x48, 0x4f, 0x44, 0x5f, 0x44, - 0x4f, 0x10, 0x05, 0x32, 0xc3, 0x0d, 0x0a, 0x0d, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x53, 0x65, - 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x86, 0x01, 0x0a, 0x07, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, - 0x6e, 0x12, 0x19, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x56, 0x65, - 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1a, 0x2e, 0x73, - 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, - 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x44, 0x92, 0x41, 0x27, 0x12, 0x07, 0x56, - 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x1a, 0x1c, 0x52, 0x65, 0x74, 0x75, 0x72, 0x6e, 0x73, 0x20, - 0x50, 0x4d, 0x4d, 0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x76, 0x65, 0x72, 0x73, 0x69, - 0x6f, 0x6e, 0x73, 0x2e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x14, 0x12, 0x12, 0x2f, 0x76, 0x31, 0x2f, - 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0xab, - 0x02, 0x0a, 0x09, 0x52, 0x65, 0x61, 0x64, 0x69, 0x6e, 0x65, 0x73, 0x73, 0x12, 0x1b, 0x2e, 0x73, - 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x61, 0x64, 0x69, 0x6e, 0x65, - 0x73, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1c, 0x2e, 0x73, 0x65, 0x72, 0x76, - 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x61, 0x64, 0x69, 0x6e, 0x65, 0x73, 0x73, 0x52, - 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0xe2, 0x01, 0x92, 0x41, 0xc5, 0x01, 0x12, 0x16, - 0x43, 0x68, 0x65, 0x63, 0x6b, 0x20, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x72, 0x65, 0x61, - 0x64, 0x69, 0x6e, 0x65, 0x73, 0x73, 0x1a, 0xaa, 0x01, 0x52, 0x65, 0x74, 0x75, 0x72, 0x6e, 0x73, - 0x20, 0x61, 0x6e, 0x20, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x20, 0x77, 0x68, 0x65, 0x6e, 0x20, 0x53, - 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x63, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, - 0x20, 0x62, 0x65, 0x69, 0x6e, 0x67, 0x20, 0x72, 0x65, 0x73, 0x74, 0x61, 0x72, 0x74, 0x65, 0x64, - 0x20, 0x61, 0x72, 0x65, 0x20, 0x6e, 0x6f, 0x74, 0x20, 0x72, 0x65, 0x61, 0x64, 0x79, 0x20, 0x79, - 0x65, 0x74, 0x2e, 0x20, 0x55, 0x73, 0x65, 0x20, 0x74, 0x68, 0x69, 0x73, 0x20, 0x41, 0x50, 0x49, - 0x20, 0x66, 0x6f, 0x72, 0x20, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x69, 0x6e, 0x67, 0x20, 0x74, 0x68, - 0x65, 0x20, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x20, 0x6f, 0x66, 0x20, 0x44, 0x6f, 0x63, 0x6b, - 0x65, 0x72, 0x20, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x73, 0x20, 0x61, 0x6e, - 0x64, 0x20, 0x66, 0x6f, 0x72, 0x20, 0x70, 0x72, 0x6f, 0x62, 0x69, 0x6e, 0x67, 0x20, 0x4b, 0x75, - 0x62, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x20, 0x72, 0x65, 0x61, 0x64, 0x69, 0x6e, 0x65, - 0x73, 0x73, 0x2e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x13, 0x12, 0x11, 0x2f, 0x76, 0x31, 0x2f, 0x73, - 0x65, 0x72, 0x76, 0x65, 0x72, 0x2f, 0x72, 0x65, 0x61, 0x64, 0x79, 0x7a, 0x12, 0x81, 0x02, 0x0a, - 0x11, 0x4c, 0x65, 0x61, 0x64, 0x65, 0x72, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, - 0x63, 0x6b, 0x12, 0x23, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x4c, - 0x65, 0x61, 0x64, 0x65, 0x72, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, - 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x24, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, - 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x65, 0x61, 0x64, 0x65, 0x72, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, - 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0xa0, 0x01, - 0x92, 0x41, 0x79, 0x12, 0x10, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x20, 0x4c, 0x65, 0x61, 0x64, 0x65, - 0x72, 0x73, 0x68, 0x69, 0x70, 0x1a, 0x65, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x73, 0x20, 0x69, 0x66, - 0x20, 0x74, 0x68, 0x65, 0x20, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x20, 0x69, 0x73, - 0x20, 0x74, 0x68, 0x65, 0x20, 0x6c, 0x65, 0x61, 0x64, 0x65, 0x72, 0x20, 0x69, 0x6e, 0x20, 0x61, - 0x20, 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x20, 0x52, 0x65, 0x74, 0x75, 0x72, 0x6e, - 0x73, 0x20, 0x61, 0x6e, 0x20, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x20, 0x69, 0x66, 0x20, 0x74, 0x68, - 0x65, 0x20, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x20, 0x69, 0x73, 0x6e, 0x27, 0x74, - 0x20, 0x74, 0x68, 0x65, 0x20, 0x6c, 0x65, 0x61, 0x64, 0x65, 0x72, 0x2e, 0x82, 0xd3, 0xe4, 0x93, - 0x02, 0x1e, 0x12, 0x1c, 0x2f, 0x76, 0x31, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2f, 0x6c, - 0x65, 0x61, 0x64, 0x65, 0x72, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, - 0x12, 0xa7, 0x01, 0x0a, 0x0c, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, - 0x73, 0x12, 0x1e, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x68, - 0x65, 0x63, 0x6b, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, - 0x74, 0x1a, 0x1f, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x68, - 0x65, 0x63, 0x6b, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, - 0x73, 0x65, 0x22, 0x56, 0x92, 0x41, 0x39, 0x12, 0x0d, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x20, 0x75, - 0x70, 0x64, 0x61, 0x74, 0x65, 0x73, 0x1a, 0x28, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x73, 0x20, 0x66, - 0x6f, 0x72, 0x20, 0x61, 0x76, 0x61, 0x69, 0x6c, 0x61, 0x62, 0x6c, 0x65, 0x20, 0x50, 0x4d, 0x4d, - 0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x73, 0x2e, - 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x14, 0x12, 0x12, 0x2f, 0x76, 0x31, 0x2f, 0x73, 0x65, 0x72, 0x76, - 0x65, 0x72, 0x2f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x73, 0x12, 0x9d, 0x01, 0x0a, 0x0b, 0x53, - 0x74, 0x61, 0x72, 0x74, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x12, 0x1d, 0x2e, 0x73, 0x65, 0x72, - 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x74, 0x61, 0x72, 0x74, 0x55, 0x70, 0x64, 0x61, - 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x73, 0x65, 0x72, 0x76, + 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x1e, 0x0a, + 0x1a, 0x44, 0x49, 0x53, 0x54, 0x52, 0x49, 0x42, 0x55, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x4d, 0x45, + 0x54, 0x48, 0x4f, 0x44, 0x5f, 0x44, 0x4f, 0x43, 0x4b, 0x45, 0x52, 0x10, 0x01, 0x12, 0x1b, 0x0a, + 0x17, 0x44, 0x49, 0x53, 0x54, 0x52, 0x49, 0x42, 0x55, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x4d, 0x45, + 0x54, 0x48, 0x4f, 0x44, 0x5f, 0x4f, 0x56, 0x46, 0x10, 0x02, 0x12, 0x1b, 0x0a, 0x17, 0x44, 0x49, + 0x53, 0x54, 0x52, 0x49, 0x42, 0x55, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x4d, 0x45, 0x54, 0x48, 0x4f, + 0x44, 0x5f, 0x41, 0x4d, 0x49, 0x10, 0x03, 0x12, 0x1d, 0x0a, 0x19, 0x44, 0x49, 0x53, 0x54, 0x52, + 0x49, 0x42, 0x55, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x4d, 0x45, 0x54, 0x48, 0x4f, 0x44, 0x5f, 0x41, + 0x5a, 0x55, 0x52, 0x45, 0x10, 0x04, 0x12, 0x1a, 0x0a, 0x16, 0x44, 0x49, 0x53, 0x54, 0x52, 0x49, + 0x42, 0x55, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x4d, 0x45, 0x54, 0x48, 0x4f, 0x44, 0x5f, 0x44, 0x4f, + 0x10, 0x05, 0x32, 0x91, 0x0c, 0x0a, 0x0d, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x53, 0x65, 0x72, + 0x76, 0x69, 0x63, 0x65, 0x12, 0x86, 0x01, 0x0a, 0x07, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, + 0x12, 0x19, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x56, 0x65, 0x72, + 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1a, 0x2e, 0x73, 0x65, + 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x52, + 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x44, 0x92, 0x41, 0x27, 0x12, 0x07, 0x56, 0x65, + 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x1a, 0x1c, 0x52, 0x65, 0x74, 0x75, 0x72, 0x6e, 0x73, 0x20, 0x50, + 0x4d, 0x4d, 0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, + 0x6e, 0x73, 0x2e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x14, 0x12, 0x12, 0x2f, 0x76, 0x31, 0x2f, 0x73, + 0x65, 0x72, 0x76, 0x65, 0x72, 0x2f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0xab, 0x02, + 0x0a, 0x09, 0x52, 0x65, 0x61, 0x64, 0x69, 0x6e, 0x65, 0x73, 0x73, 0x12, 0x1b, 0x2e, 0x73, 0x65, + 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x61, 0x64, 0x69, 0x6e, 0x65, 0x73, + 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1c, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, + 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x61, 0x64, 0x69, 0x6e, 0x65, 0x73, 0x73, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0xe2, 0x01, 0x92, 0x41, 0xc5, 0x01, 0x12, 0x16, 0x43, + 0x68, 0x65, 0x63, 0x6b, 0x20, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x72, 0x65, 0x61, 0x64, + 0x69, 0x6e, 0x65, 0x73, 0x73, 0x1a, 0xaa, 0x01, 0x52, 0x65, 0x74, 0x75, 0x72, 0x6e, 0x73, 0x20, + 0x61, 0x6e, 0x20, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x20, 0x77, 0x68, 0x65, 0x6e, 0x20, 0x53, 0x65, + 0x72, 0x76, 0x65, 0x72, 0x20, 0x63, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x73, 0x20, + 0x62, 0x65, 0x69, 0x6e, 0x67, 0x20, 0x72, 0x65, 0x73, 0x74, 0x61, 0x72, 0x74, 0x65, 0x64, 0x20, + 0x61, 0x72, 0x65, 0x20, 0x6e, 0x6f, 0x74, 0x20, 0x72, 0x65, 0x61, 0x64, 0x79, 0x20, 0x79, 0x65, + 0x74, 0x2e, 0x20, 0x55, 0x73, 0x65, 0x20, 0x74, 0x68, 0x69, 0x73, 0x20, 0x41, 0x50, 0x49, 0x20, + 0x66, 0x6f, 0x72, 0x20, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x69, 0x6e, 0x67, 0x20, 0x74, 0x68, 0x65, + 0x20, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x20, 0x6f, 0x66, 0x20, 0x44, 0x6f, 0x63, 0x6b, 0x65, + 0x72, 0x20, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x73, 0x20, 0x61, 0x6e, 0x64, + 0x20, 0x66, 0x6f, 0x72, 0x20, 0x70, 0x72, 0x6f, 0x62, 0x69, 0x6e, 0x67, 0x20, 0x4b, 0x75, 0x62, + 0x65, 0x72, 0x6e, 0x65, 0x74, 0x65, 0x73, 0x20, 0x72, 0x65, 0x61, 0x64, 0x69, 0x6e, 0x65, 0x73, + 0x73, 0x2e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x13, 0x12, 0x11, 0x2f, 0x76, 0x31, 0x2f, 0x73, 0x65, + 0x72, 0x76, 0x65, 0x72, 0x2f, 0x72, 0x65, 0x61, 0x64, 0x79, 0x7a, 0x12, 0x81, 0x02, 0x0a, 0x11, + 0x4c, 0x65, 0x61, 0x64, 0x65, 0x72, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, + 0x6b, 0x12, 0x23, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x65, + 0x61, 0x64, 0x65, 0x72, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x24, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, + 0x76, 0x31, 0x2e, 0x4c, 0x65, 0x61, 0x64, 0x65, 0x72, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, + 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0xa0, 0x01, 0x92, + 0x41, 0x79, 0x12, 0x10, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x20, 0x4c, 0x65, 0x61, 0x64, 0x65, 0x72, + 0x73, 0x68, 0x69, 0x70, 0x1a, 0x65, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x73, 0x20, 0x69, 0x66, 0x20, + 0x74, 0x68, 0x65, 0x20, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x20, 0x69, 0x73, 0x20, + 0x74, 0x68, 0x65, 0x20, 0x6c, 0x65, 0x61, 0x64, 0x65, 0x72, 0x20, 0x69, 0x6e, 0x20, 0x61, 0x20, + 0x63, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x2e, 0x20, 0x52, 0x65, 0x74, 0x75, 0x72, 0x6e, 0x73, + 0x20, 0x61, 0x6e, 0x20, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x20, 0x69, 0x66, 0x20, 0x74, 0x68, 0x65, + 0x20, 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x20, 0x69, 0x73, 0x6e, 0x27, 0x74, 0x20, + 0x74, 0x68, 0x65, 0x20, 0x6c, 0x65, 0x61, 0x64, 0x65, 0x72, 0x2e, 0x82, 0xd3, 0xe4, 0x93, 0x02, + 0x1e, 0x12, 0x1c, 0x2f, 0x76, 0x31, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2f, 0x6c, 0x65, + 0x61, 0x64, 0x65, 0x72, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12, + 0xa7, 0x01, 0x0a, 0x0c, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x73, + 0x12, 0x1e, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x68, 0x65, + 0x63, 0x6b, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x1a, 0x1f, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x68, 0x65, + 0x63, 0x6b, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, + 0x65, 0x22, 0x56, 0x92, 0x41, 0x39, 0x12, 0x0d, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x20, 0x75, 0x70, + 0x64, 0x61, 0x74, 0x65, 0x73, 0x1a, 0x28, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x73, 0x20, 0x66, 0x6f, + 0x72, 0x20, 0x61, 0x76, 0x61, 0x69, 0x6c, 0x61, 0x62, 0x6c, 0x65, 0x20, 0x50, 0x4d, 0x4d, 0x20, + 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x73, 0x2e, 0x82, + 0xd3, 0xe4, 0x93, 0x02, 0x14, 0x12, 0x12, 0x2f, 0x76, 0x31, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x65, + 0x72, 0x2f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x73, 0x12, 0x9d, 0x01, 0x0a, 0x0b, 0x53, 0x74, + 0x61, 0x72, 0x74, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x12, 0x1d, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x74, 0x61, 0x72, 0x74, 0x55, 0x70, 0x64, 0x61, 0x74, - 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x4f, 0x92, 0x41, 0x29, 0x12, 0x0c, - 0x53, 0x74, 0x61, 0x72, 0x74, 0x20, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x1a, 0x19, 0x53, 0x74, - 0x61, 0x72, 0x74, 0x73, 0x20, 0x50, 0x4d, 0x4d, 0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, - 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1d, 0x3a, 0x01, 0x2a, - 0x22, 0x18, 0x2f, 0x76, 0x31, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2f, 0x75, 0x70, 0x64, - 0x61, 0x74, 0x65, 0x73, 0x3a, 0x73, 0x74, 0x61, 0x72, 0x74, 0x12, 0xad, 0x01, 0x0a, 0x0c, 0x55, - 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x1e, 0x2e, 0x73, 0x65, - 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x74, - 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x73, 0x65, - 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x74, - 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x5c, 0x92, 0x41, - 0x32, 0x12, 0x0d, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x20, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, - 0x1a, 0x21, 0x52, 0x65, 0x74, 0x75, 0x72, 0x6e, 0x73, 0x20, 0x50, 0x4d, 0x4d, 0x20, 0x53, 0x65, - 0x72, 0x76, 0x65, 0x72, 0x20, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x20, 0x73, 0x74, 0x61, 0x74, - 0x75, 0x73, 0x2e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x21, 0x3a, 0x01, 0x2a, 0x22, 0x1c, 0x2f, 0x76, - 0x31, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x73, - 0x3a, 0x67, 0x65, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0xa0, 0x01, 0x0a, 0x0b, 0x47, - 0x65, 0x74, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x1d, 0x2e, 0x73, 0x65, 0x72, - 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, - 0x67, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x73, 0x65, 0x72, 0x76, + 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, + 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x74, 0x61, 0x72, 0x74, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, + 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x4f, 0x92, 0x41, 0x29, 0x12, 0x0c, 0x53, + 0x74, 0x61, 0x72, 0x74, 0x20, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x1a, 0x19, 0x53, 0x74, 0x61, + 0x72, 0x74, 0x73, 0x20, 0x50, 0x4d, 0x4d, 0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x75, + 0x70, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1d, 0x3a, 0x01, 0x2a, 0x22, + 0x18, 0x2f, 0x76, 0x31, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2f, 0x75, 0x70, 0x64, 0x61, + 0x74, 0x65, 0x73, 0x3a, 0x73, 0x74, 0x61, 0x72, 0x74, 0x12, 0xad, 0x01, 0x0a, 0x0c, 0x55, 0x70, + 0x64, 0x61, 0x74, 0x65, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x1e, 0x2e, 0x73, 0x65, 0x72, + 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x74, 0x61, + 0x74, 0x75, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x73, 0x65, 0x72, + 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x74, 0x61, + 0x74, 0x75, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x5c, 0x92, 0x41, 0x32, + 0x12, 0x0d, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x20, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x1a, + 0x21, 0x52, 0x65, 0x74, 0x75, 0x72, 0x6e, 0x73, 0x20, 0x50, 0x4d, 0x4d, 0x20, 0x53, 0x65, 0x72, + 0x76, 0x65, 0x72, 0x20, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x20, 0x73, 0x74, 0x61, 0x74, 0x75, + 0x73, 0x2e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x21, 0x3a, 0x01, 0x2a, 0x22, 0x1c, 0x2f, 0x76, 0x31, + 0x2f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x73, 0x3a, + 0x67, 0x65, 0x74, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0xa0, 0x01, 0x0a, 0x0b, 0x47, 0x65, + 0x74, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x1d, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, - 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x52, 0x92, 0x41, 0x34, 0x12, 0x0c, - 0x47, 0x65, 0x74, 0x20, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x1a, 0x24, 0x52, 0x65, - 0x74, 0x75, 0x72, 0x6e, 0x73, 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x74, 0x20, 0x50, 0x4d, - 0x4d, 0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, - 0x73, 0x2e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x15, 0x12, 0x13, 0x2f, 0x76, 0x31, 0x2f, 0x73, 0x65, - 0x72, 0x76, 0x65, 0x72, 0x2f, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0xa7, 0x01, - 0x0a, 0x0e, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, - 0x12, 0x20, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x68, 0x61, - 0x6e, 0x67, 0x65, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, - 0x73, 0x74, 0x1a, 0x21, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x43, - 0x68, 0x61, 0x6e, 0x67, 0x65, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x52, 0x65, 0x73, - 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x50, 0x92, 0x41, 0x2f, 0x12, 0x0f, 0x43, 0x68, 0x61, 0x6e, - 0x67, 0x65, 0x20, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x1a, 0x1c, 0x43, 0x68, 0x61, - 0x6e, 0x67, 0x65, 0x73, 0x20, 0x50, 0x4d, 0x4d, 0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, - 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x2e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x18, 0x3a, - 0x01, 0x2a, 0x1a, 0x13, 0x2f, 0x76, 0x31, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2f, 0x73, - 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0xaf, 0x01, 0x0a, 0x10, 0x41, 0x57, 0x53, 0x49, - 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x12, 0x22, 0x2e, 0x73, - 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x57, 0x53, 0x49, 0x6e, 0x73, 0x74, - 0x61, 0x6e, 0x63, 0x65, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, - 0x1a, 0x23, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x57, 0x53, - 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x73, - 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x52, 0x92, 0x41, 0x31, 0x12, 0x12, 0x41, 0x57, 0x53, 0x20, - 0x69, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x20, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x1a, 0x1b, - 0x43, 0x68, 0x65, 0x63, 0x6b, 0x73, 0x20, 0x41, 0x57, 0x53, 0x20, 0x45, 0x43, 0x32, 0x20, 0x69, - 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x20, 0x49, 0x44, 0x2e, 0x82, 0xd3, 0xe4, 0x93, 0x02, - 0x18, 0x12, 0x16, 0x2f, 0x76, 0x31, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2f, 0x41, 0x57, - 0x53, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x42, 0x90, 0x01, 0x0a, 0x0d, 0x63, 0x6f, - 0x6d, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x42, 0x0b, 0x53, 0x65, 0x72, - 0x76, 0x65, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x2d, 0x67, 0x69, 0x74, 0x68, - 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x65, 0x72, 0x63, 0x6f, 0x6e, 0x61, 0x2f, 0x70, - 0x6d, 0x6d, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2f, 0x76, 0x31, - 0x3b, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x76, 0x31, 0xa2, 0x02, 0x03, 0x53, 0x58, 0x58, 0xaa, - 0x02, 0x09, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x56, 0x31, 0xca, 0x02, 0x09, 0x53, 0x65, - 0x72, 0x76, 0x65, 0x72, 0x5c, 0x56, 0x31, 0xe2, 0x02, 0x15, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, - 0x5c, 0x56, 0x31, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, - 0x02, 0x0a, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, - 0x6f, 0x74, 0x6f, 0x33, + 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, + 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, + 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x52, 0x92, 0x41, 0x34, 0x12, 0x0c, 0x47, + 0x65, 0x74, 0x20, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x1a, 0x24, 0x52, 0x65, 0x74, + 0x75, 0x72, 0x6e, 0x73, 0x20, 0x63, 0x75, 0x72, 0x72, 0x65, 0x6e, 0x74, 0x20, 0x50, 0x4d, 0x4d, + 0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, + 0x2e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x15, 0x12, 0x13, 0x2f, 0x76, 0x31, 0x2f, 0x73, 0x65, 0x72, + 0x76, 0x65, 0x72, 0x2f, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0xa7, 0x01, 0x0a, + 0x0e, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, + 0x20, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x68, 0x61, 0x6e, + 0x67, 0x65, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x1a, 0x21, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x68, + 0x61, 0x6e, 0x67, 0x65, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x52, 0x65, 0x73, 0x70, + 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x50, 0x92, 0x41, 0x2f, 0x12, 0x0f, 0x43, 0x68, 0x61, 0x6e, 0x67, + 0x65, 0x20, 0x73, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x1a, 0x1c, 0x43, 0x68, 0x61, 0x6e, + 0x67, 0x65, 0x73, 0x20, 0x50, 0x4d, 0x4d, 0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x73, + 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x2e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x18, 0x3a, 0x01, + 0x2a, 0x1a, 0x13, 0x2f, 0x76, 0x31, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2f, 0x73, 0x65, + 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x42, 0x90, 0x01, 0x0a, 0x0d, 0x63, 0x6f, 0x6d, 0x2e, 0x73, + 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x42, 0x0b, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, + 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x2d, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, + 0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x65, 0x72, 0x63, 0x6f, 0x6e, 0x61, 0x2f, 0x70, 0x6d, 0x6d, 0x2f, + 0x61, 0x70, 0x69, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x3b, 0x73, 0x65, + 0x72, 0x76, 0x65, 0x72, 0x76, 0x31, 0xa2, 0x02, 0x03, 0x53, 0x58, 0x58, 0xaa, 0x02, 0x09, 0x53, + 0x65, 0x72, 0x76, 0x65, 0x72, 0x2e, 0x56, 0x31, 0xca, 0x02, 0x09, 0x53, 0x65, 0x72, 0x76, 0x65, + 0x72, 0x5c, 0x56, 0x31, 0xe2, 0x02, 0x15, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x5c, 0x56, 0x31, + 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x0a, 0x53, + 0x65, 0x72, 0x76, 0x65, 0x72, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x33, } var ( @@ -1958,7 +1855,7 @@ func file_server_v1_server_proto_rawDescGZIP() []byte { var ( file_server_v1_server_proto_enumTypes = make([]protoimpl.EnumInfo, 1) - file_server_v1_server_proto_msgTypes = make([]protoimpl.MessageInfo, 23) + file_server_v1_server_proto_msgTypes = make([]protoimpl.MessageInfo, 21) file_server_v1_server_proto_goTypes = []any{ (DistributionMethod)(0), // 0: server.v1.DistributionMethod (*VersionInfo)(nil), // 1: server.v1.VersionInfo @@ -1982,36 +1879,34 @@ var ( (*GetSettingsResponse)(nil), // 19: server.v1.GetSettingsResponse (*ChangeSettingsRequest)(nil), // 20: server.v1.ChangeSettingsRequest (*ChangeSettingsResponse)(nil), // 21: server.v1.ChangeSettingsResponse - (*AWSInstanceCheckRequest)(nil), // 22: server.v1.AWSInstanceCheckRequest - (*AWSInstanceCheckResponse)(nil), // 23: server.v1.AWSInstanceCheckResponse - (*timestamppb.Timestamp)(nil), // 24: google.protobuf.Timestamp - (*durationpb.Duration)(nil), // 25: google.protobuf.Duration - (*common.StringArray)(nil), // 26: common.StringArray + (*timestamppb.Timestamp)(nil), // 22: google.protobuf.Timestamp + (*durationpb.Duration)(nil), // 23: google.protobuf.Duration + (*common.StringArray)(nil), // 24: common.StringArray } ) var file_server_v1_server_proto_depIdxs = []int32{ - 24, // 0: server.v1.VersionInfo.timestamp:type_name -> google.protobuf.Timestamp + 22, // 0: server.v1.VersionInfo.timestamp:type_name -> google.protobuf.Timestamp 1, // 1: server.v1.VersionResponse.server:type_name -> server.v1.VersionInfo 1, // 2: server.v1.VersionResponse.managed:type_name -> server.v1.VersionInfo 0, // 3: server.v1.VersionResponse.distribution_method:type_name -> server.v1.DistributionMethod - 24, // 4: server.v1.DockerVersionInfo.timestamp:type_name -> google.protobuf.Timestamp + 22, // 4: server.v1.DockerVersionInfo.timestamp:type_name -> google.protobuf.Timestamp 1, // 5: server.v1.CheckUpdatesResponse.installed:type_name -> server.v1.VersionInfo 9, // 6: server.v1.CheckUpdatesResponse.latest:type_name -> server.v1.DockerVersionInfo - 24, // 7: server.v1.CheckUpdatesResponse.last_check:type_name -> google.protobuf.Timestamp - 25, // 8: server.v1.MetricsResolutions.hr:type_name -> google.protobuf.Duration - 25, // 9: server.v1.MetricsResolutions.mr:type_name -> google.protobuf.Duration - 25, // 10: server.v1.MetricsResolutions.lr:type_name -> google.protobuf.Duration - 25, // 11: server.v1.AdvisorRunIntervals.standard_interval:type_name -> google.protobuf.Duration - 25, // 12: server.v1.AdvisorRunIntervals.rare_interval:type_name -> google.protobuf.Duration - 25, // 13: server.v1.AdvisorRunIntervals.frequent_interval:type_name -> google.protobuf.Duration + 22, // 7: server.v1.CheckUpdatesResponse.last_check:type_name -> google.protobuf.Timestamp + 23, // 8: server.v1.MetricsResolutions.hr:type_name -> google.protobuf.Duration + 23, // 9: server.v1.MetricsResolutions.mr:type_name -> google.protobuf.Duration + 23, // 10: server.v1.MetricsResolutions.lr:type_name -> google.protobuf.Duration + 23, // 11: server.v1.AdvisorRunIntervals.standard_interval:type_name -> google.protobuf.Duration + 23, // 12: server.v1.AdvisorRunIntervals.rare_interval:type_name -> google.protobuf.Duration + 23, // 13: server.v1.AdvisorRunIntervals.frequent_interval:type_name -> google.protobuf.Duration 15, // 14: server.v1.Settings.metrics_resolutions:type_name -> server.v1.MetricsResolutions - 25, // 15: server.v1.Settings.data_retention:type_name -> google.protobuf.Duration + 23, // 15: server.v1.Settings.data_retention:type_name -> google.protobuf.Duration 16, // 16: server.v1.Settings.advisor_run_intervals:type_name -> server.v1.AdvisorRunIntervals 17, // 17: server.v1.GetSettingsResponse.settings:type_name -> server.v1.Settings 15, // 18: server.v1.ChangeSettingsRequest.metrics_resolutions:type_name -> server.v1.MetricsResolutions - 25, // 19: server.v1.ChangeSettingsRequest.data_retention:type_name -> google.protobuf.Duration - 26, // 20: server.v1.ChangeSettingsRequest.aws_partitions:type_name -> common.StringArray + 23, // 19: server.v1.ChangeSettingsRequest.data_retention:type_name -> google.protobuf.Duration + 24, // 20: server.v1.ChangeSettingsRequest.aws_partitions:type_name -> common.StringArray 16, // 21: server.v1.ChangeSettingsRequest.advisor_run_intervals:type_name -> server.v1.AdvisorRunIntervals 17, // 22: server.v1.ChangeSettingsResponse.settings:type_name -> server.v1.Settings 2, // 23: server.v1.ServerService.Version:input_type -> server.v1.VersionRequest @@ -2022,18 +1917,16 @@ var file_server_v1_server_proto_depIdxs = []int32{ 13, // 28: server.v1.ServerService.UpdateStatus:input_type -> server.v1.UpdateStatusRequest 18, // 29: server.v1.ServerService.GetSettings:input_type -> server.v1.GetSettingsRequest 20, // 30: server.v1.ServerService.ChangeSettings:input_type -> server.v1.ChangeSettingsRequest - 22, // 31: server.v1.ServerService.AWSInstanceCheck:input_type -> server.v1.AWSInstanceCheckRequest - 3, // 32: server.v1.ServerService.Version:output_type -> server.v1.VersionResponse - 5, // 33: server.v1.ServerService.Readiness:output_type -> server.v1.ReadinessResponse - 7, // 34: server.v1.ServerService.LeaderHealthCheck:output_type -> server.v1.LeaderHealthCheckResponse - 10, // 35: server.v1.ServerService.CheckUpdates:output_type -> server.v1.CheckUpdatesResponse - 12, // 36: server.v1.ServerService.StartUpdate:output_type -> server.v1.StartUpdateResponse - 14, // 37: server.v1.ServerService.UpdateStatus:output_type -> server.v1.UpdateStatusResponse - 19, // 38: server.v1.ServerService.GetSettings:output_type -> server.v1.GetSettingsResponse - 21, // 39: server.v1.ServerService.ChangeSettings:output_type -> server.v1.ChangeSettingsResponse - 23, // 40: server.v1.ServerService.AWSInstanceCheck:output_type -> server.v1.AWSInstanceCheckResponse - 32, // [32:41] is the sub-list for method output_type - 23, // [23:32] is the sub-list for method input_type + 3, // 31: server.v1.ServerService.Version:output_type -> server.v1.VersionResponse + 5, // 32: server.v1.ServerService.Readiness:output_type -> server.v1.ReadinessResponse + 7, // 33: server.v1.ServerService.LeaderHealthCheck:output_type -> server.v1.LeaderHealthCheckResponse + 10, // 34: server.v1.ServerService.CheckUpdates:output_type -> server.v1.CheckUpdatesResponse + 12, // 35: server.v1.ServerService.StartUpdate:output_type -> server.v1.StartUpdateResponse + 14, // 36: server.v1.ServerService.UpdateStatus:output_type -> server.v1.UpdateStatusResponse + 19, // 37: server.v1.ServerService.GetSettings:output_type -> server.v1.GetSettingsResponse + 21, // 38: server.v1.ServerService.ChangeSettings:output_type -> server.v1.ChangeSettingsResponse + 31, // [31:39] is the sub-list for method output_type + 23, // [23:31] is the sub-list for method input_type 23, // [23:23] is the sub-list for extension type_name 23, // [23:23] is the sub-list for extension extendee 0, // [0:23] is the sub-list for field type_name @@ -2297,30 +2190,6 @@ func file_server_v1_server_proto_init() { return nil } } - file_server_v1_server_proto_msgTypes[21].Exporter = func(v any, i int) any { - switch v := v.(*AWSInstanceCheckRequest); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_server_v1_server_proto_msgTypes[22].Exporter = func(v any, i int) any { - switch v := v.(*AWSInstanceCheckResponse); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } } file_server_v1_server_proto_msgTypes[19].OneofWrappers = []any{} type x struct{} @@ -2329,7 +2198,7 @@ func file_server_v1_server_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: file_server_v1_server_proto_rawDesc, NumEnums: 1, - NumMessages: 23, + NumMessages: 21, NumExtensions: 0, NumServices: 1, }, diff --git a/api/server/v1/server.pb.gw.go b/api/server/v1/server.pb.gw.go index d8ac837054..1793c1103c 100644 --- a/api/server/v1/server.pb.gw.go +++ b/api/server/v1/server.pb.gw.go @@ -217,38 +217,6 @@ func local_request_ServerService_ChangeSettings_0(ctx context.Context, marshaler return msg, metadata, err } -var filter_ServerService_AWSInstanceCheck_0 = &utilities.DoubleArray{Encoding: map[string]int{}, Base: []int(nil), Check: []int(nil)} - -func request_ServerService_AWSInstanceCheck_0(ctx context.Context, marshaler runtime.Marshaler, client ServerServiceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) { - var protoReq AWSInstanceCheckRequest - var metadata runtime.ServerMetadata - - if err := req.ParseForm(); err != nil { - return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err) - } - if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_ServerService_AWSInstanceCheck_0); err != nil { - return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err) - } - - msg, err := client.AWSInstanceCheck(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD)) - return msg, metadata, err -} - -func local_request_ServerService_AWSInstanceCheck_0(ctx context.Context, marshaler runtime.Marshaler, server ServerServiceServer, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) { - var protoReq AWSInstanceCheckRequest - var metadata runtime.ServerMetadata - - if err := req.ParseForm(); err != nil { - return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err) - } - if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_ServerService_AWSInstanceCheck_0); err != nil { - return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err) - } - - msg, err := server.AWSInstanceCheck(ctx, &protoReq) - return msg, metadata, err -} - // RegisterServerServiceHandlerServer registers the http handlers for service ServerService to "mux". // UnaryRPC :call ServerServiceServer directly. // StreamingRPC :currently unsupported pending https://github.com/grpc/grpc-go/issues/906. @@ -446,30 +414,6 @@ func RegisterServerServiceHandlerServer(ctx context.Context, mux *runtime.ServeM forward_ServerService_ChangeSettings_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) - mux.Handle("GET", pattern_ServerService_AWSInstanceCheck_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) { - ctx, cancel := context.WithCancel(req.Context()) - defer cancel() - var stream runtime.ServerTransportStream - ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) - inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - var err error - var annotatedContext context.Context - annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/server.v1.ServerService/AWSInstanceCheck", runtime.WithHTTPPathPattern("/v1/server/AWSInstance")) - if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) - return - } - resp, md, err := local_request_ServerService_AWSInstanceCheck_0(annotatedContext, inboundMarshaler, server, req, pathParams) - md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) - if err != nil { - runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) - return - } - - forward_ServerService_AWSInstanceCheck_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) - }) - return nil } @@ -678,27 +622,6 @@ func RegisterServerServiceHandlerClient(ctx context.Context, mux *runtime.ServeM forward_ServerService_ChangeSettings_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) - mux.Handle("GET", pattern_ServerService_AWSInstanceCheck_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) { - ctx, cancel := context.WithCancel(req.Context()) - defer cancel() - inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - var err error - var annotatedContext context.Context - annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/server.v1.ServerService/AWSInstanceCheck", runtime.WithHTTPPathPattern("/v1/server/AWSInstance")) - if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) - return - } - resp, md, err := request_ServerService_AWSInstanceCheck_0(annotatedContext, inboundMarshaler, client, req, pathParams) - annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) - if err != nil { - runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) - return - } - - forward_ServerService_AWSInstanceCheck_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) - }) - return nil } @@ -718,8 +641,6 @@ var ( pattern_ServerService_GetSettings_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2}, []string{"v1", "server", "settings"}, "")) pattern_ServerService_ChangeSettings_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2}, []string{"v1", "server", "settings"}, "")) - - pattern_ServerService_AWSInstanceCheck_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2}, []string{"v1", "server", "AWSInstance"}, "")) ) var ( @@ -738,6 +659,4 @@ var ( forward_ServerService_GetSettings_0 = runtime.ForwardResponseMessage forward_ServerService_ChangeSettings_0 = runtime.ForwardResponseMessage - - forward_ServerService_AWSInstanceCheck_0 = runtime.ForwardResponseMessage ) diff --git a/api/server/v1/server.pb.validate.go b/api/server/v1/server.pb.validate.go index 42336b9c6d..39897b8317 100644 --- a/api/server/v1/server.pb.validate.go +++ b/api/server/v1/server.pb.validate.go @@ -2900,218 +2900,3 @@ var _ interface { Cause() error ErrorName() string } = ChangeSettingsResponseValidationError{} - -// Validate checks the field values on AWSInstanceCheckRequest with the rules -// defined in the proto definition for this message. If any rules are -// violated, the first error encountered is returned, or nil if there are no violations. -func (m *AWSInstanceCheckRequest) Validate() error { - return m.validate(false) -} - -// ValidateAll checks the field values on AWSInstanceCheckRequest with the -// rules defined in the proto definition for this message. If any rules are -// violated, the result is a list of violation errors wrapped in -// AWSInstanceCheckRequestMultiError, or nil if none found. -func (m *AWSInstanceCheckRequest) ValidateAll() error { - return m.validate(true) -} - -func (m *AWSInstanceCheckRequest) validate(all bool) error { - if m == nil { - return nil - } - - var errors []error - - if utf8.RuneCountInString(m.GetInstanceId()) < 1 { - err := AWSInstanceCheckRequestValidationError{ - field: "InstanceId", - reason: "value length must be at least 1 runes", - } - if !all { - return err - } - errors = append(errors, err) - } - - if len(errors) > 0 { - return AWSInstanceCheckRequestMultiError(errors) - } - - return nil -} - -// AWSInstanceCheckRequestMultiError is an error wrapping multiple validation -// errors returned by AWSInstanceCheckRequest.ValidateAll() if the designated -// constraints aren't met. -type AWSInstanceCheckRequestMultiError []error - -// Error returns a concatenation of all the error messages it wraps. -func (m AWSInstanceCheckRequestMultiError) Error() string { - var msgs []string - for _, err := range m { - msgs = append(msgs, err.Error()) - } - return strings.Join(msgs, "; ") -} - -// AllErrors returns a list of validation violation errors. -func (m AWSInstanceCheckRequestMultiError) AllErrors() []error { return m } - -// AWSInstanceCheckRequestValidationError is the validation error returned by -// AWSInstanceCheckRequest.Validate if the designated constraints aren't met. -type AWSInstanceCheckRequestValidationError struct { - field string - reason string - cause error - key bool -} - -// Field function returns field value. -func (e AWSInstanceCheckRequestValidationError) Field() string { return e.field } - -// Reason function returns reason value. -func (e AWSInstanceCheckRequestValidationError) Reason() string { return e.reason } - -// Cause function returns cause value. -func (e AWSInstanceCheckRequestValidationError) Cause() error { return e.cause } - -// Key function returns key value. -func (e AWSInstanceCheckRequestValidationError) Key() bool { return e.key } - -// ErrorName returns error name. -func (e AWSInstanceCheckRequestValidationError) ErrorName() string { - return "AWSInstanceCheckRequestValidationError" -} - -// Error satisfies the builtin error interface -func (e AWSInstanceCheckRequestValidationError) Error() string { - cause := "" - if e.cause != nil { - cause = fmt.Sprintf(" | caused by: %v", e.cause) - } - - key := "" - if e.key { - key = "key for " - } - - return fmt.Sprintf( - "invalid %sAWSInstanceCheckRequest.%s: %s%s", - key, - e.field, - e.reason, - cause) -} - -var _ error = AWSInstanceCheckRequestValidationError{} - -var _ interface { - Field() string - Reason() string - Key() bool - Cause() error - ErrorName() string -} = AWSInstanceCheckRequestValidationError{} - -// Validate checks the field values on AWSInstanceCheckResponse with the rules -// defined in the proto definition for this message. If any rules are -// violated, the first error encountered is returned, or nil if there are no violations. -func (m *AWSInstanceCheckResponse) Validate() error { - return m.validate(false) -} - -// ValidateAll checks the field values on AWSInstanceCheckResponse with the -// rules defined in the proto definition for this message. If any rules are -// violated, the result is a list of violation errors wrapped in -// AWSInstanceCheckResponseMultiError, or nil if none found. -func (m *AWSInstanceCheckResponse) ValidateAll() error { - return m.validate(true) -} - -func (m *AWSInstanceCheckResponse) validate(all bool) error { - if m == nil { - return nil - } - - var errors []error - - if len(errors) > 0 { - return AWSInstanceCheckResponseMultiError(errors) - } - - return nil -} - -// AWSInstanceCheckResponseMultiError is an error wrapping multiple validation -// errors returned by AWSInstanceCheckResponse.ValidateAll() if the designated -// constraints aren't met. -type AWSInstanceCheckResponseMultiError []error - -// Error returns a concatenation of all the error messages it wraps. -func (m AWSInstanceCheckResponseMultiError) Error() string { - var msgs []string - for _, err := range m { - msgs = append(msgs, err.Error()) - } - return strings.Join(msgs, "; ") -} - -// AllErrors returns a list of validation violation errors. -func (m AWSInstanceCheckResponseMultiError) AllErrors() []error { return m } - -// AWSInstanceCheckResponseValidationError is the validation error returned by -// AWSInstanceCheckResponse.Validate if the designated constraints aren't met. -type AWSInstanceCheckResponseValidationError struct { - field string - reason string - cause error - key bool -} - -// Field function returns field value. -func (e AWSInstanceCheckResponseValidationError) Field() string { return e.field } - -// Reason function returns reason value. -func (e AWSInstanceCheckResponseValidationError) Reason() string { return e.reason } - -// Cause function returns cause value. -func (e AWSInstanceCheckResponseValidationError) Cause() error { return e.cause } - -// Key function returns key value. -func (e AWSInstanceCheckResponseValidationError) Key() bool { return e.key } - -// ErrorName returns error name. -func (e AWSInstanceCheckResponseValidationError) ErrorName() string { - return "AWSInstanceCheckResponseValidationError" -} - -// Error satisfies the builtin error interface -func (e AWSInstanceCheckResponseValidationError) Error() string { - cause := "" - if e.cause != nil { - cause = fmt.Sprintf(" | caused by: %v", e.cause) - } - - key := "" - if e.key { - key = "key for " - } - - return fmt.Sprintf( - "invalid %sAWSInstanceCheckResponse.%s: %s%s", - key, - e.field, - e.reason, - cause) -} - -var _ error = AWSInstanceCheckResponseValidationError{} - -var _ interface { - Field() string - Reason() string - Key() bool - Cause() error - ErrorName() string -} = AWSInstanceCheckResponseValidationError{} diff --git a/api/server/v1/server.proto b/api/server/v1/server.proto index c65d7c3a65..527ff71a27 100644 --- a/api/server/v1/server.proto +++ b/api/server/v1/server.proto @@ -202,13 +202,6 @@ message ChangeSettingsResponse { Settings settings = 1; } -message AWSInstanceCheckRequest { - // AWS EC2 instance ID (i-1234567890abcdef0). - string instance_id = 1 [(validate.rules).string.min_len = 1]; -} - -message AWSInstanceCheckResponse {} - // Server service provides generic PMM Server public APIs. service ServerService { // Version returns PMM Server versions. @@ -285,12 +278,4 @@ service ServerService { description: "Changes PMM Server settings." }; } - // AWSInstanceCheck checks AWS EC2 instance ID. - rpc AWSInstanceCheck(AWSInstanceCheckRequest) returns (AWSInstanceCheckResponse) { - option (google.api.http) = {get: "/v1/server/AWSInstance"}; - option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { - summary: "AWS instance check" - description: "Checks AWS EC2 instance ID." - }; - } } diff --git a/api/server/v1/server_grpc.pb.go b/api/server/v1/server_grpc.pb.go index 4f2478952e..b25895176e 100644 --- a/api/server/v1/server_grpc.pb.go +++ b/api/server/v1/server_grpc.pb.go @@ -28,7 +28,6 @@ const ( ServerService_UpdateStatus_FullMethodName = "/server.v1.ServerService/UpdateStatus" ServerService_GetSettings_FullMethodName = "/server.v1.ServerService/GetSettings" ServerService_ChangeSettings_FullMethodName = "/server.v1.ServerService/ChangeSettings" - ServerService_AWSInstanceCheck_FullMethodName = "/server.v1.ServerService/AWSInstanceCheck" ) // ServerServiceClient is the client API for ServerService service. @@ -52,8 +51,6 @@ type ServerServiceClient interface { GetSettings(ctx context.Context, in *GetSettingsRequest, opts ...grpc.CallOption) (*GetSettingsResponse, error) // ChangeSettings changes PMM Server settings. ChangeSettings(ctx context.Context, in *ChangeSettingsRequest, opts ...grpc.CallOption) (*ChangeSettingsResponse, error) - // AWSInstanceCheck checks AWS EC2 instance ID. - AWSInstanceCheck(ctx context.Context, in *AWSInstanceCheckRequest, opts ...grpc.CallOption) (*AWSInstanceCheckResponse, error) } type serverServiceClient struct { @@ -136,15 +133,6 @@ func (c *serverServiceClient) ChangeSettings(ctx context.Context, in *ChangeSett return out, nil } -func (c *serverServiceClient) AWSInstanceCheck(ctx context.Context, in *AWSInstanceCheckRequest, opts ...grpc.CallOption) (*AWSInstanceCheckResponse, error) { - out := new(AWSInstanceCheckResponse) - err := c.cc.Invoke(ctx, ServerService_AWSInstanceCheck_FullMethodName, in, out, opts...) - if err != nil { - return nil, err - } - return out, nil -} - // ServerServiceServer is the server API for ServerService service. // All implementations must embed UnimplementedServerServiceServer // for forward compatibility @@ -166,8 +154,6 @@ type ServerServiceServer interface { GetSettings(context.Context, *GetSettingsRequest) (*GetSettingsResponse, error) // ChangeSettings changes PMM Server settings. ChangeSettings(context.Context, *ChangeSettingsRequest) (*ChangeSettingsResponse, error) - // AWSInstanceCheck checks AWS EC2 instance ID. - AWSInstanceCheck(context.Context, *AWSInstanceCheckRequest) (*AWSInstanceCheckResponse, error) mustEmbedUnimplementedServerServiceServer() } @@ -205,10 +191,6 @@ func (UnimplementedServerServiceServer) GetSettings(context.Context, *GetSetting func (UnimplementedServerServiceServer) ChangeSettings(context.Context, *ChangeSettingsRequest) (*ChangeSettingsResponse, error) { return nil, status.Errorf(codes.Unimplemented, "method ChangeSettings not implemented") } - -func (UnimplementedServerServiceServer) AWSInstanceCheck(context.Context, *AWSInstanceCheckRequest) (*AWSInstanceCheckResponse, error) { - return nil, status.Errorf(codes.Unimplemented, "method AWSInstanceCheck not implemented") -} func (UnimplementedServerServiceServer) mustEmbedUnimplementedServerServiceServer() {} // UnsafeServerServiceServer may be embedded to opt out of forward compatibility for this service. @@ -366,24 +348,6 @@ func _ServerService_ChangeSettings_Handler(srv interface{}, ctx context.Context, return interceptor(ctx, in, info, handler) } -func _ServerService_AWSInstanceCheck_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { - in := new(AWSInstanceCheckRequest) - if err := dec(in); err != nil { - return nil, err - } - if interceptor == nil { - return srv.(ServerServiceServer).AWSInstanceCheck(ctx, in) - } - info := &grpc.UnaryServerInfo{ - Server: srv, - FullMethod: ServerService_AWSInstanceCheck_FullMethodName, - } - handler := func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.(ServerServiceServer).AWSInstanceCheck(ctx, req.(*AWSInstanceCheckRequest)) - } - return interceptor(ctx, in, info, handler) -} - // ServerService_ServiceDesc is the grpc.ServiceDesc for ServerService service. // It's only intended for direct use with grpc.RegisterService, // and not to be introspected or modified (even as a copy) @@ -423,10 +387,6 @@ var ServerService_ServiceDesc = grpc.ServiceDesc{ MethodName: "ChangeSettings", Handler: _ServerService_ChangeSettings_Handler, }, - { - MethodName: "AWSInstanceCheck", - Handler: _ServerService_AWSInstanceCheck_Handler, - }, }, Streams: []grpc.StreamDesc{}, Metadata: "server/v1/server.proto", diff --git a/api/swagger/swagger-dev.json b/api/swagger/swagger-dev.json index d6ad4bffd8..79141e404c 100644 --- a/api/swagger/swagger-dev.json +++ b/api/swagger/swagger-dev.json @@ -26617,65 +26617,6 @@ } } }, - "/v1/server/AWSInstance": { - "get": { - "description": "Checks AWS EC2 instance ID.", - "tags": [ - "ServerService" - ], - "summary": "AWS instance check", - "operationId": "AWSInstanceCheck", - "parameters": [ - { - "type": "string", - "description": "AWS EC2 instance ID (i-1234567890abcdef0).", - "name": "instance_id", - "in": "query" - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "type": "object" - } - }, - "default": { - "description": "An unexpected error response.", - "schema": { - "type": "object", - "properties": { - "code": { - "type": "integer", - "format": "int32", - "x-order": 0 - }, - "message": { - "type": "string", - "x-order": 1 - }, - "details": { - "type": "array", - "items": { - "description": "`Any` contains an arbitrary serialized protocol buffer message along with a\nURL that describes the type of the serialized message.\n\nProtobuf library provides support to pack/unpack Any values in the form\nof utility functions or additional generated methods of the Any type.\n\nExample 1: Pack and unpack a message in C++.\n\n Foo foo = ...;\n Any any;\n any.PackFrom(foo);\n ...\n if (any.UnpackTo(\u0026foo)) {\n ...\n }\n\nExample 2: Pack and unpack a message in Java.\n\n Foo foo = ...;\n Any any = Any.pack(foo);\n ...\n if (any.is(Foo.class)) {\n foo = any.unpack(Foo.class);\n }\n // or ...\n if (any.isSameTypeAs(Foo.getDefaultInstance())) {\n foo = any.unpack(Foo.getDefaultInstance());\n }\n\n Example 3: Pack and unpack a message in Python.\n\n foo = Foo(...)\n any = Any()\n any.Pack(foo)\n ...\n if any.Is(Foo.DESCRIPTOR):\n any.Unpack(foo)\n ...\n\n Example 4: Pack and unpack a message in Go\n\n foo := \u0026pb.Foo{...}\n any, err := anypb.New(foo)\n if err != nil {\n ...\n }\n ...\n foo := \u0026pb.Foo{}\n if err := any.UnmarshalTo(foo); err != nil {\n ...\n }\n\nThe pack methods provided by protobuf library will by default use\n'type.googleapis.com/full.type.name' as the type URL and the unpack\nmethods only use the fully qualified type name after the last '/'\nin the type URL, for example \"foo.bar.com/x/y.z\" will yield type\nname \"y.z\".\n\nJSON\n====\nThe JSON representation of an `Any` value uses the regular\nrepresentation of the deserialized, embedded message, with an\nadditional field `@type` which contains the type URL. Example:\n\n package google.profile;\n message Person {\n string first_name = 1;\n string last_name = 2;\n }\n\n {\n \"@type\": \"type.googleapis.com/google.profile.Person\",\n \"firstName\": \u003cstring\u003e,\n \"lastName\": \u003cstring\u003e\n }\n\nIf the embedded message type is well-known and has a custom JSON\nrepresentation, that representation will be embedded adding a field\n`value` which holds the custom JSON in addition to the `@type`\nfield. Example (for message [google.protobuf.Duration][]):\n\n {\n \"@type\": \"type.googleapis.com/google.protobuf.Duration\",\n \"value\": \"1.212s\"\n }", - "type": "object", - "properties": { - "@type": { - "description": "A URL/resource name that uniquely identifies the type of the serialized\nprotocol buffer message. This string must contain at least\none \"/\" character. The last segment of the URL's path must represent\nthe fully qualified name of the type (as in\n`path/google.protobuf.Duration`). The name should be in a canonical form\n(e.g., leading \".\" is not accepted).\n\nIn practice, teams usually precompile into the binary all types that they\nexpect it to use in the context of Any. However, for URLs which use the\nscheme `http`, `https`, or no scheme, one can optionally set up a type\nserver that maps type URLs to message definitions as follows:\n\n* If no scheme is provided, `https` is assumed.\n* An HTTP GET on the URL must yield a [google.protobuf.Type][]\n value in binary format, or produce an error.\n* Applications are allowed to cache lookup results based on the\n URL, or have them precompiled into a binary to avoid any\n lookup. Therefore, binary compatibility needs to be preserved\n on changes to types. (Use versioned type names to manage\n breaking changes.)\n\nNote: this functionality is not currently available in the official\nprotobuf release, and it is not used for type URLs beginning with\ntype.googleapis.com. As of May 2023, there are no widely used type server\nimplementations and no plans to implement one.\n\nSchemes other than `http`, `https` (or the empty scheme) might be\nused with implementation specific semantics.", - "type": "string", - "x-order": 0 - } - }, - "additionalProperties": false - }, - "x-order": 2 - } - } - } - } - } - } - }, "/v1/server/leaderHealthCheck": { "get": { "description": "Checks if the instance is the leader in a cluster. Returns an error if the instance isn't the leader.", diff --git a/api/swagger/swagger.json b/api/swagger/swagger.json index ebe48ccf78..b7a9f8fe07 100644 --- a/api/swagger/swagger.json +++ b/api/swagger/swagger.json @@ -25659,65 +25659,6 @@ } } }, - "/v1/server/AWSInstance": { - "get": { - "description": "Checks AWS EC2 instance ID.", - "tags": [ - "ServerService" - ], - "summary": "AWS instance check", - "operationId": "AWSInstanceCheck", - "parameters": [ - { - "type": "string", - "description": "AWS EC2 instance ID (i-1234567890abcdef0).", - "name": "instance_id", - "in": "query" - } - ], - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "type": "object" - } - }, - "default": { - "description": "An unexpected error response.", - "schema": { - "type": "object", - "properties": { - "code": { - "type": "integer", - "format": "int32", - "x-order": 0 - }, - "message": { - "type": "string", - "x-order": 1 - }, - "details": { - "type": "array", - "items": { - "description": "`Any` contains an arbitrary serialized protocol buffer message along with a\nURL that describes the type of the serialized message.\n\nProtobuf library provides support to pack/unpack Any values in the form\nof utility functions or additional generated methods of the Any type.\n\nExample 1: Pack and unpack a message in C++.\n\n Foo foo = ...;\n Any any;\n any.PackFrom(foo);\n ...\n if (any.UnpackTo(\u0026foo)) {\n ...\n }\n\nExample 2: Pack and unpack a message in Java.\n\n Foo foo = ...;\n Any any = Any.pack(foo);\n ...\n if (any.is(Foo.class)) {\n foo = any.unpack(Foo.class);\n }\n // or ...\n if (any.isSameTypeAs(Foo.getDefaultInstance())) {\n foo = any.unpack(Foo.getDefaultInstance());\n }\n\n Example 3: Pack and unpack a message in Python.\n\n foo = Foo(...)\n any = Any()\n any.Pack(foo)\n ...\n if any.Is(Foo.DESCRIPTOR):\n any.Unpack(foo)\n ...\n\n Example 4: Pack and unpack a message in Go\n\n foo := \u0026pb.Foo{...}\n any, err := anypb.New(foo)\n if err != nil {\n ...\n }\n ...\n foo := \u0026pb.Foo{}\n if err := any.UnmarshalTo(foo); err != nil {\n ...\n }\n\nThe pack methods provided by protobuf library will by default use\n'type.googleapis.com/full.type.name' as the type URL and the unpack\nmethods only use the fully qualified type name after the last '/'\nin the type URL, for example \"foo.bar.com/x/y.z\" will yield type\nname \"y.z\".\n\nJSON\n====\nThe JSON representation of an `Any` value uses the regular\nrepresentation of the deserialized, embedded message, with an\nadditional field `@type` which contains the type URL. Example:\n\n package google.profile;\n message Person {\n string first_name = 1;\n string last_name = 2;\n }\n\n {\n \"@type\": \"type.googleapis.com/google.profile.Person\",\n \"firstName\": \u003cstring\u003e,\n \"lastName\": \u003cstring\u003e\n }\n\nIf the embedded message type is well-known and has a custom JSON\nrepresentation, that representation will be embedded adding a field\n`value` which holds the custom JSON in addition to the `@type`\nfield. Example (for message [google.protobuf.Duration][]):\n\n {\n \"@type\": \"type.googleapis.com/google.protobuf.Duration\",\n \"value\": \"1.212s\"\n }", - "type": "object", - "properties": { - "@type": { - "description": "A URL/resource name that uniquely identifies the type of the serialized\nprotocol buffer message. This string must contain at least\none \"/\" character. The last segment of the URL's path must represent\nthe fully qualified name of the type (as in\n`path/google.protobuf.Duration`). The name should be in a canonical form\n(e.g., leading \".\" is not accepted).\n\nIn practice, teams usually precompile into the binary all types that they\nexpect it to use in the context of Any. However, for URLs which use the\nscheme `http`, `https`, or no scheme, one can optionally set up a type\nserver that maps type URLs to message definitions as follows:\n\n* If no scheme is provided, `https` is assumed.\n* An HTTP GET on the URL must yield a [google.protobuf.Type][]\n value in binary format, or produce an error.\n* Applications are allowed to cache lookup results based on the\n URL, or have them precompiled into a binary to avoid any\n lookup. Therefore, binary compatibility needs to be preserved\n on changes to types. (Use versioned type names to manage\n breaking changes.)\n\nNote: this functionality is not currently available in the official\nprotobuf release, and it is not used for type URLs beginning with\ntype.googleapis.com. As of May 2023, there are no widely used type server\nimplementations and no plans to implement one.\n\nSchemes other than `http`, `https` (or the empty scheme) might be\nused with implementation specific semantics.", - "type": "string", - "x-order": 0 - } - }, - "additionalProperties": false - }, - "x-order": 2 - } - } - } - } - } - } - }, "/v1/server/leaderHealthCheck": { "get": { "description": "Checks if the instance is the leader in a cluster. Returns an error if the instance isn't the leader.", diff --git a/descriptor.bin b/descriptor.bin index db1b8ee1995a9e86f088f83c43d7929390643616..f212419416b5fb827ea6339f0ad0a9c7ab9d4812 100644 GIT binary patch delta 1635 zcmYk6O=wkD5XUp~&Yhc#A4yIcb)oVUF%Y39f@z}>HKG9vf}q*E(OtHJATMn%No(SZ zQPV59aVaf=3n8F_xM~q3)>cU32Z^6at0mP|E2&NAoHO@6m-FNP=ltf*x%b6n^Y{0f zdlN`7DI_L|5=!EvI;pwBAG-1C(b0u&K2)3DJj{1-c=71S5w0iRJG+--8&y@EOZP)f zV|wX$yeNHsEm}5uu7}UAT-3!#RhDjpJn(ja_t@J|-N%@{0QnUw`sHnnA?vE~k#tz6GF?qPHJ*7dcDEOU;e$sH)Rb8YBpEd31TS0Ks7 z{-M*=IjZB9YGo3;3$%jkI3sfWFF>vQ6L@Q|G!FPE-E@+FER6%zsuxId9O{Z$DY0?b z(2E+cKvs(NG??9LjcV;tuntI?Oha*(TBBG$ z2J;`Alvt8qlMzCvo_PCpD;>O&k%FP!F`r9R9zLlW%6d^04eK9tRb-w}yn zKbj8x2uSafM`4hFq)9&(x9BU76n%qcAa^G3tVlls$0YVG<{NNCjz59a&fC0nY^jWx zrbB1Aqf|!vM73fGma(xpD=KOIobDZ4nABEw$9rAc+a6_zKoVi4l~=J{ZiB zy55Q{(54*kDP9v2gC-_@(fHtlmynujErKSkiYeYwyrrTd&VMr-s<^hhzSfG=&a=32@Ft3@SS0eQzY%hZ{MR0g=Z@^WhmMqI zE+G^}N*;sAM*x&dQBed+90TtPY9b+uFrvgLU~Abm7wel?y8YVvW!EiV(Xet=W8K!< zyY5JBtGg;mlt(e08#BpX5OU>F$XOJGQ6)BvLP=>5d-~@~*H9tl=w$Dxw*WONYawFI zVkO2PQfVZMxzreV3F;)25hcfgXIs)s>(n@SMbtn-Mp#`=0Dj@`>7^B!36OcZk>*@= z0v419A$v?fbwdyeC60qwtu^$;;`I;Ts&GgVg@}tBheRXg+nPej&p><*lJnx`q5&^N z1ytub#%U)&mQn!)gxjA4Sx@hSu?8h40l)FL?4$QGlOXe*7jWhz6eNO>(HXCbH zavJbQf8q(cH8Tye#CaiSPD5#35VG|&tiB}(+4?ky4rh(d+8}Ff5f?cPiFRj=Z2c{W zA3|$1)(#a=t#;Im)4l_FrMuUfaQp8;KETIDACRb$Gl0MOC;DhzW(K5kT2W4%frV8; z$XPQ`-w}i?eP-@}M4hxjR@x#ia%S#;L|OVL5Wj}fQ6ue;yVaU;+Rq>_chZ`0`(Hq| z&`KlCb!GwgqCeWt$9fiIq4N@)ISXn@5OUfq)UI_mO>o}tApYe33(dh6);oaK+(I7k zEXXRF&*Dn_p%0@y?z-AvAkKG&;|Md3W{m9N)`*?Xfm}R~u-4xolXShACZ=Q$;y(X_ z{nVQ2!EgmJPVB*O1u@R*L0*AvALI59p?Cy?VPb9=2d%h;JWLj4jT^=?9_C>Thtbs@ zMbX>I7Gs9@c$PS|sJ3WTsYBXW3$5A%WS~HAPvJY|4A3Z>AnLZ3RBRR1T!_7#} z>O_^e;9s=pklR->ZN91F+xG^u@ko_KPJW8T9zWGK{j=O|2UaV@Wayx!W){ZVW=+++h^0ZgZa7 zoI&;mSj0sRW1_{~I**5a0maMVte%-wqpEON%{c8vl$CB+O}PC_DC. package grafana - -// checker is a subset of methods of server.AWSInstanceChecker used by this package. -// We use it instead of real type for testing and to avoid dependency cycle. -type awsInstanceChecker interface { - MustCheck() bool -} diff --git a/managed/services/grafana/mock_aws_instance_checker_test.go b/managed/services/grafana/mock_aws_instance_checker_test.go deleted file mode 100644 index f502ba06d3..0000000000 --- a/managed/services/grafana/mock_aws_instance_checker_test.go +++ /dev/null @@ -1,43 +0,0 @@ -// Code generated by mockery. DO NOT EDIT. - -package grafana - -import mock "github.com/stretchr/testify/mock" - -// mockAwsInstanceChecker is an autogenerated mock type for the awsInstanceChecker type -type mockAwsInstanceChecker struct { - mock.Mock -} - -// MustCheck provides a mock function with given fields: -func (_m *mockAwsInstanceChecker) MustCheck() bool { - ret := _m.Called() - - if len(ret) == 0 { - panic("no return value specified for MustCheck") - } - - var r0 bool - if rf, ok := ret.Get(0).(func() bool); ok { - r0 = rf() - } else { - r0 = ret.Get(0).(bool) - } - - return r0 -} - -// newMockAwsInstanceChecker creates a new instance of mockAwsInstanceChecker. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations. -// The first argument is typically a *testing.T value. -func newMockAwsInstanceChecker(t interface { - mock.TestingT - Cleanup(func()) -}, -) *mockAwsInstanceChecker { - mock := &mockAwsInstanceChecker{} - mock.Mock.Test(t) - - t.Cleanup(func() { mock.AssertExpectations(t) }) - - return mock -} diff --git a/managed/services/server/aws_instance_checker.go b/managed/services/server/aws_instance_checker.go deleted file mode 100644 index b4b047f1cb..0000000000 --- a/managed/services/server/aws_instance_checker.go +++ /dev/null @@ -1,121 +0,0 @@ -// Copyright (C) 2023 Percona LLC -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU Affero General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU Affero General Public License for more details. -// -// You should have received a copy of the GNU Affero General Public License -// along with this program. If not, see . - -package server - -import ( - "crypto/subtle" - "sync" - - "github.com/aws/aws-sdk-go/aws/ec2metadata" - "github.com/aws/aws-sdk-go/aws/session" - "github.com/pkg/errors" - "github.com/sirupsen/logrus" - "google.golang.org/grpc/codes" - "google.golang.org/grpc/status" - "gopkg.in/reform.v1" - - serverv1 "github.com/percona/pmm/api/server/v1" - "github.com/percona/pmm/managed/models" -) - -// AWSInstanceChecker checks AWS EC2 instance ID for AMI. -type AWSInstanceChecker struct { - db *reform.DB - telemetryService telemetryService - l *logrus.Entry - - rw sync.RWMutex - checked bool -} - -// NewAWSInstanceChecker creates a new AWSInstanceChecker. -func NewAWSInstanceChecker(db *reform.DB, telemetryService telemetryService) *AWSInstanceChecker { - return &AWSInstanceChecker{ - db: db, - telemetryService: telemetryService, - l: logrus.WithField("component", "server/awsInstanceChecker"), - } -} - -// MustCheck returns true if instance ID must be checked: this is AMI, and it wasn't checked already. -func (c *AWSInstanceChecker) MustCheck() bool { - // fast-path without hitting database - c.rw.RLock() - checked := c.checked - c.rw.RUnlock() - if checked { - return false - } - - c.rw.Lock() - defer c.rw.Unlock() - - if c.telemetryService.DistributionMethod() != serverv1.DistributionMethod_DISTRIBUTION_METHOD_AMI { - c.checked = true - return false - } - - settings, err := models.GetSettings(c.db.Querier) - if err != nil { - c.l.Error(err) - return true - } - if settings.AWSInstanceChecked { - c.checked = true - return false - } - - return true -} - -// check performs instance ID check and stores successful result flag in settings. -func (c *AWSInstanceChecker) check(instanceID string) error { - // do not allow more AWS API calls if instance is already checked - if !c.MustCheck() { - return nil - } - - sess, err := session.NewSession() - if err != nil { - return errors.Wrap(err, "cannot create AWS session") - } - doc, err := ec2metadata.New(sess).GetInstanceIdentityDocument() - if err != nil { - c.l.Error(err) - return status.Error(codes.Unavailable, "cannot get instance metadata") - } - if subtle.ConstantTimeCompare([]byte(instanceID), []byte(doc.InstanceID)) == 0 { - return status.Error(codes.InvalidArgument, "invalid instance ID") - } - - if e := c.db.InTransaction(func(tx *reform.TX) error { - settings, err := models.GetSettings(tx.Querier) - if err != nil { - return err - } - - settings.AWSInstanceChecked = true - return models.SaveSettings(tx.Querier, settings) - }); e != nil { - return e - } - - c.rw.Lock() - c.checked = true - c.rw.Unlock() - - return nil -} diff --git a/managed/services/server/aws_instance_checker_test.go b/managed/services/server/aws_instance_checker_test.go deleted file mode 100644 index f82d0a8b63..0000000000 --- a/managed/services/server/aws_instance_checker_test.go +++ /dev/null @@ -1,95 +0,0 @@ -// Copyright (C) 2023 Percona LLC -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU Affero General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU Affero General Public License for more details. -// -// You should have received a copy of the GNU Affero General Public License -// along with this program. If not, see . - -package server - -import ( - "testing" - - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" - "google.golang.org/grpc/codes" - "google.golang.org/grpc/status" - "gopkg.in/reform.v1" - "gopkg.in/reform.v1/dialects/postgresql" - - serverv1 "github.com/percona/pmm/api/server/v1" - "github.com/percona/pmm/managed/models" - "github.com/percona/pmm/managed/utils/testdb" - "github.com/percona/pmm/managed/utils/tests" -) - -func TestAWSInstanceChecker(t *testing.T) { - setup := func(t *testing.T) (db *reform.DB, teardown func()) { - t.Helper() - sqlDB := testdb.Open(t, models.SkipFixtures, nil) - db = reform.NewDB(sqlDB, postgresql.Dialect, reform.NewPrintfLogger(t.Logf)) - - teardown = func() { - t.Helper() - require.NoError(t, sqlDB.Close()) - } - - return - } - - t.Run("Docker", func(t *testing.T) { - db, teardown := setup(t) - defer teardown() - - telemetry := &mockTelemetryService{} - telemetry.Test(t) - telemetry.On("DistributionMethod").Return(serverv1.DistributionMethod_DISTRIBUTION_METHOD_DOCKER) - defer telemetry.AssertExpectations(t) - - checker := NewAWSInstanceChecker(db, telemetry) - assert.False(t, checker.MustCheck()) - assert.NoError(t, checker.check("foo")) - }) - - t.Run("AMI", func(t *testing.T) { - db, teardown := setup(t) - defer teardown() - - telemetry := &mockTelemetryService{} - telemetry.Test(t) - telemetry.On("DistributionMethod").Return(serverv1.DistributionMethod_DISTRIBUTION_METHOD_AMI) - defer telemetry.AssertExpectations(t) - - checker := NewAWSInstanceChecker(db, telemetry) - assert.True(t, checker.MustCheck()) - tests.AssertGRPCError(t, status.New(codes.Unavailable, `cannot get instance metadata`), checker.check("foo")) - }) - - t.Run("AMI/Checked", func(t *testing.T) { - db, teardown := setup(t) - defer teardown() - - settings, err := models.GetSettings(db.Querier) - require.NoError(t, err) - settings.AWSInstanceChecked = true - err = models.SaveSettings(db.Querier, settings) - require.NoError(t, err) - - telemetry := &mockTelemetryService{} - telemetry.Test(t) - telemetry.On("DistributionMethod").Return(serverv1.DistributionMethod_DISTRIBUTION_METHOD_AMI) - defer telemetry.AssertExpectations(t) - - checker := NewAWSInstanceChecker(db, telemetry) - assert.False(t, checker.MustCheck()) - assert.NoError(t, checker.check("foo")) - }) -} diff --git a/managed/services/server/server.go b/managed/services/server/server.go index 16d53f8f7c..051214bf8c 100644 --- a/managed/services/server/server.go +++ b/managed/services/server/server.go @@ -59,7 +59,6 @@ type Server struct { templatesService templatesService supervisord supervisordService telemetryService telemetryService - awsInstanceChecker *AWSInstanceChecker grafanaClient grafanaClient haService haService updater *Updater @@ -92,7 +91,6 @@ type Params struct { VMAlertExternalRules vmAlertExternalRules Supervisord supervisordService TelemetryService telemetryService - AwsInstanceChecker *AWSInstanceChecker GrafanaClient grafanaClient Updater *Updater Dus *distribution.Service @@ -116,7 +114,6 @@ func NewServer(params *Params) (*Server, error) { vmalertExternalRules: params.VMAlertExternalRules, supervisord: params.Supervisord, telemetryService: params.TelemetryService, - awsInstanceChecker: params.AwsInstanceChecker, grafanaClient: params.GrafanaClient, updater: params.Updater, l: logrus.WithField("component", "server"), @@ -690,14 +687,6 @@ func (s *Server) writeSSHKey(sshKey string) error { return nil } -// AWSInstanceCheck checks AWS EC2 instance ID. -func (s *Server) AWSInstanceCheck(ctx context.Context, req *serverv1.AWSInstanceCheckRequest) (*serverv1.AWSInstanceCheckResponse, error) { //nolint:revive - if err := s.awsInstanceChecker.check(req.InstanceId); err != nil { - return nil, err - } - return &serverv1.AWSInstanceCheckResponse{}, nil -} - // isAgentsStateUpdateNeeded - checks metrics resolution changes, // if it was changed, agents state must be updated. func isAgentsStateUpdateNeeded(mr *serverv1.MetricsResolutions) bool { From 2861fefd8c1f9ac8577100d5b1de189f8a9aa1d4 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Tue, 23 Jul 2024 01:29:00 +0300 Subject: [PATCH 56/64] PMM-13053 fix tests. --- .../rpm/server/SPECS/percona-dashboards.spec | 4 +--- managed/services/grafana/auth_server_test.go | 14 +++----------- 2 files changed, 4 insertions(+), 14 deletions(-) diff --git a/build/packages/rpm/server/SPECS/percona-dashboards.spec b/build/packages/rpm/server/SPECS/percona-dashboards.spec index 5a1a895ed3..314e8c1dbd 100644 --- a/build/packages/rpm/server/SPECS/percona-dashboards.spec +++ b/build/packages/rpm/server/SPECS/percona-dashboards.spec @@ -7,7 +7,7 @@ %global commit ad4af6808bcd361284e8eb8cd1f36b1e98e32bce %global shortcommit %(c=%{commit}; echo ${c:0:7}) %define build_timestamp %(date -u +"%y%m%d%H%M") -%define release 21 +%define release 22 %define rpm_release %{release}.%{build_timestamp}.%{shortcommit}%{?dist} Name: percona-dashboards @@ -42,11 +42,9 @@ make release %install install -d %{buildroot}%{_datadir}/%{name} install -d %{buildroot}%{_datadir}/%{name}/panels/pmm-app -install -d %{buildroot}%{_datadir}/%{name}/setup-page cp -a ./panels %{buildroot}%{_datadir}/%{name} cp -a ./pmm-app/dist %{buildroot}%{_datadir}/%{name}/panels/pmm-app -cp -ra ./setup-page/build/* %{buildroot}%{_datadir}/%{name}/setup-page echo %{version} > %{buildroot}%{_datadir}/%{name}/VERSION diff --git a/managed/services/grafana/auth_server_test.go b/managed/services/grafana/auth_server_test.go index 759deac27f..42aa225fac 100644 --- a/managed/services/grafana/auth_server_test.go +++ b/managed/services/grafana/auth_server_test.go @@ -69,7 +69,7 @@ func TestAuthServerAuthenticate(t *testing.T) { ctx := context.Background() c := NewClient("127.0.0.1:3000") - s := NewAuthServer(c, checker, nil) + s := NewAuthServer(c, nil) req, err := http.NewRequestWithContext(ctx, http.MethodGet, "/dummy", nil) require.NoError(t, err) @@ -182,13 +182,9 @@ func TestAuthServerAuthenticate(t *testing.T) { func TestServerClientConnection(t *testing.T) { t.Parallel() - checker := &mockAwsInstanceChecker{} - checker.Test(t) - t.Cleanup(func() { checker.AssertExpectations(t) }) - ctx := context.Background() c := NewClient("127.0.0.1:3000") - s := NewAuthServer(c, checker, nil) + s := NewAuthServer(c, nil) t.Run("Basic auth - success", func(t *testing.T) { t.Parallel() @@ -264,12 +260,8 @@ func TestAuthServerAddVMGatewayToken(t *testing.T) { require.NoError(t, sqlDB.Close()) }(t) - var checker mockAwsInstanceChecker - checker.Test(t) - defer checker.AssertExpectations(t) - c := NewClient("127.0.0.1:3000") - s := NewAuthServer(c, &checker, db) + s := NewAuthServer(c, db) roleA := models.Role{ Title: "Role A", From 809e6fbfa02985e9c173ca2c11a9499000fa5f62 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Tue, 23 Jul 2024 02:44:34 +0300 Subject: [PATCH 57/64] PMM-13053 Add changelog. --- build/packages/rpm/server/SPECS/percona-dashboards.spec | 3 +++ 1 file changed, 3 insertions(+) diff --git a/build/packages/rpm/server/SPECS/percona-dashboards.spec b/build/packages/rpm/server/SPECS/percona-dashboards.spec index 314e8c1dbd..eb964ce17f 100644 --- a/build/packages/rpm/server/SPECS/percona-dashboards.spec +++ b/build/packages/rpm/server/SPECS/percona-dashboards.spec @@ -55,6 +55,9 @@ echo %{version} > %{buildroot}%{_datadir}/%{name}/VERSION %changelog +* Tue Jul 23 2024 Nurlan Moldomurov - 3.0.0-22 +- PMM-13053 Remove /setup page + * Wed Nov 29 2023 Alex Demidoff - 3.0.0-21 - PMM-12693 Run Grafana as non-root user From 3d181b01b3ff34ffe9afc99e55e04db7be9467c0 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Tue, 23 Jul 2024 14:47:35 +0300 Subject: [PATCH 58/64] PMM-13063 remove unnecessary ansible step. --- build/packer/ansible/roles/podman-setup/tasks/main.yml | 8 -------- 1 file changed, 8 deletions(-) diff --git a/build/packer/ansible/roles/podman-setup/tasks/main.yml b/build/packer/ansible/roles/podman-setup/tasks/main.yml index 630de3910e..5c53c631cb 100644 --- a/build/packer/ansible/roles/podman-setup/tasks/main.yml +++ b/build/packer/ansible/roles/podman-setup/tasks/main.yml @@ -19,14 +19,6 @@ set_fact: pmm_distribution_method: ami -- name: Change file owner - when: ansible_virtualization_type == "virtualbox" or - ( (ansible_virtualization_type == "xen" or ansible_virtualization_type == "kvm") and ansible_system_vendor != "DigitalOcean" ) - file: - path: /home/admin/volume/srv/pmm-distribution - owner: admin - state: file - - name: Set SELinux in permissive mode for watchtower selinux: policy: targeted From d2752d56aea84656949325ee5ad648d88eb98096 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Tue, 23 Jul 2024 14:49:25 +0300 Subject: [PATCH 59/64] PMM-13063 use 3-dev-latest instead of FB in makefile. --- build/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/Makefile b/build/Makefile index 9dcc49925d..ea2b4cb89d 100644 --- a/build/Makefile +++ b/build/Makefile @@ -1,6 +1,6 @@ export PACKER_CACHE_DIR := .cache export PACKER_VERSION := 1.9.4 -export PMM_SERVER_IMAGE ?= docker.io/perconalab/pmm-server-fb:PR-3664-e536f77 +export PMM_SERVER_IMAGE ?= docker.io/perconalab/pmm-server:3-dev-latest ## ----------------- PACKER ------------------ fetch: From 10e3dcd68b9650b8ea06887fc5f75dc30daab93c Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Tue, 23 Jul 2024 15:26:59 +0300 Subject: [PATCH 60/64] PMM-12940 use custom docker image for OVF. --- build/Makefile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/build/Makefile b/build/Makefile index ea2b4cb89d..8640220610 100644 --- a/build/Makefile +++ b/build/Makefile @@ -22,8 +22,7 @@ deps: unzip -o ${PACKER_CACHE_DIR}/packer.zip -d ~/bin pmm-ovf: fetch - /usr/bin/packer build \ - -only virtualbox-ovf -color=false packer/pmm.json | tee build.log + /usr/bin/packer build -var 'pmm_server_image_name=${PMM_SERVER_IMAGE}' -only virtualbox-ovf -color=false packer/pmm.json | tee build.log pmm-digitalocean: packer build -only digitalocean -var 'single_disk=true' packer/pmm.json From 65cd0a41288ef464470095cef11513399a76f25b Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Mon, 29 Jul 2024 16:42:59 +0300 Subject: [PATCH 61/64] PMM-13280 create .ssh directory on OVF. --- build/packer/ansible/roles/cloud-node/tasks/ovf.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/build/packer/ansible/roles/cloud-node/tasks/ovf.yml b/build/packer/ansible/roles/cloud-node/tasks/ovf.yml index db520b2959..e6ccdd5cc9 100644 --- a/build/packer/ansible/roles/cloud-node/tasks/ovf.yml +++ b/build/packer/ansible/roles/cloud-node/tasks/ovf.yml @@ -13,3 +13,12 @@ retries: 2 dest: /etc/cloud/cloud.cfg.d/90_disable-cloud.cfg mode: 0644 + +- name: Create user-specific .ssh directory + when: ansible_virtualization_type == "virtualbox" + file: + path: /home/admin/.ssh + state: directory + owner: admin + group: admin + mode: '0700' \ No newline at end of file From e6a19f12331c86dd99b78f514ab2738ebb9e07be Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Wed, 31 Jul 2024 02:10:00 +0300 Subject: [PATCH 62/64] PMM-12940 ignore PMM ready errors. --- build/ansible/roles/initialization/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/build/ansible/roles/initialization/tasks/main.yml b/build/ansible/roles/initialization/tasks/main.yml index b7b2e2b061..8715815ad3 100644 --- a/build/ansible/roles/initialization/tasks/main.yml +++ b/build/ansible/roles/initialization/tasks/main.yml @@ -128,6 +128,7 @@ method: GET retries: 20 delay: 5 + ignore_errors: yes - name: init admin password on AMI include_role: From 1823d22e8d0357fa7d3fe827f6f594027c0e67dc Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Wed, 31 Jul 2024 13:47:41 +0300 Subject: [PATCH 63/64] PMM-12940 create empty authorized_keys file. --- build/packer/ansible/roles/cloud-node/tasks/ovf.yml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/build/packer/ansible/roles/cloud-node/tasks/ovf.yml b/build/packer/ansible/roles/cloud-node/tasks/ovf.yml index e6ccdd5cc9..786d521d9e 100644 --- a/build/packer/ansible/roles/cloud-node/tasks/ovf.yml +++ b/build/packer/ansible/roles/cloud-node/tasks/ovf.yml @@ -21,4 +21,13 @@ state: directory owner: admin group: admin - mode: '0700' \ No newline at end of file + mode: '0700' + +- name: create authorized_keys file + when: ansible_virtualization_type == "virtualbox" + file: + path: /home/admin/.ssh/authorized_keys + state: touch + owner: admin + group: admin + mode: '0600' \ No newline at end of file From ff98d8e03bc934e203c756126fa334c2462e2887 Mon Sep 17 00:00:00 2001 From: Nurlan Moldomurov Date: Sat, 3 Aug 2024 10:37:47 +0300 Subject: [PATCH 64/64] PMM-12940 update descriptors. --- descriptor.bin | Bin 704686 -> 703985 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/descriptor.bin b/descriptor.bin index a588614ad11cd3c8bbf11aa78f21133ccccd60ba..b6d43848715709a2fac2d22b535e79564fab075a 100644 GIT binary patch delta 1611 zcmYk6%}-rb5Wtyv=gxhd+5!g&U7&e34I~f+7NE2c3tC9(w(X`1(=Gpik!r?3W-UggpxQZCc8f2rzh~!=jO*I_*7$BoaC!G{lNV4BsUWu-8{;%jT#!>O`m-< zYMuYQ!gKAr#~G=?(q#}lJi}x5G89{RfDJXE@CCqc)3Y<&UtR#(!+SV#9IaV^z3o|8 zaAD^_78+}=fH}m?yvzOAT)6bvenpl!M^fYplm@vm)HIg90`m=!ndO#~OHg`3ML|TbgSnZDf^njXf|Wzk?FLY%)N`JW6l}B%^abzMMvOu~uI} zBw01Lg3vya_J4!%+Ker_sDPj@joL`C%Lr6ozp~ zoGO^F#u3qa0cn6o{V-%{3h}jc{X-rpPhq|plEf*@H$##&g|eCO2Sj3c2F;Lu1f=)m zQ5Ym3DRKr&2lWXgi(W$WYVJ(lS&@DOj!D|fm~X%lY5xk+AP;-#*iscSO|N~#L***c zgQ^uvVijAvvQV+vPa7diqcBR5j9FgK@k^1K6KIWaa{{gL({?Gsb delta 2339 zcmaKuTWl0%6vy|R{r21GDVO$xZR=WaXiY)TZ5M5!g@UC(gCr)R;xpDY0!dL8Nko&y zx?aE(6;cN;B`p`5_#i$Q`(omQ4;n)-C@J2OB4Ub)DR@aiyq)hd(~88$^WXWO^ZU>F zW@ay5ng7<43w9Qvh{bqO6ca^ROcuRj$vd=i6OKPIw0aY5m|j=YPL*x<-MywOzimTT zXRiIBT<7L>xknz&<+rJMRJzgX!JL)e%wYE!ue7=*O;!IjFZ63 z{4!tvwyJ&M#P4fXX1YH+yAP{WMg8_{y#=YCL~+NyJ1MCWvDhF6*&&)4^zBNP4!ygR z-mET6ArvVkk3sAc04k-pNP!Z^z`KE3NQe~1lsFE!Jbm-E2K)0i-jZE->urrqixxLG zY`DMkf!u=)H)V*XQbKzZ#_WY9cRmg!Gs7~j#M>c%{p_bCE zM2uOX#0iMi8psN6bpkw}ItXP<$&(Np3^w=C>e(m3OHmUE8Dn%g4EQy~({=v(+}8ZY zEnUH!L!AG@4k`)G_tBKXFvzKTyuO-e4a2nRuw=SnnA;SVLWxr#mS{MAv3UFA_iCJ^ zh$4xboC3d@rrVxE$LaOORRm2uv1Gas=?Z zVDJEaSQr60-EjdsN1)6POSX-`f~8@})TcqTIBIazMzYja;wGoTU+k!XslNenHlhZh zsh#AgwZ^tHAm?&-O|6x8xXFcy0}^NG ziy(fDpyLMGN$yr_jcq@Job8~s!sCAd*-DEHH1`=bmq1+M`7_MH7M42{Ex8pr;AN0?G+9e3@w+~Z_PFbAe}MSABZ?zT9Idfr z54V<>=}(ZeCMk^d7sw3VZqg)_>_&V(C_6;U3*8v4Ai>6Nj8>3fS2yws?Dzzae+tDj z7=}r>Fiy1KR^%{6l=EE}t8tj8F$$x*J&R&@2e-2iZ^DGp8cQ~emYC@|j8>x+#@dCl ziB^~}Qpp~~eL?ClwH10W+Kgml4@R4j?CL?@jC~zRCftK!se1^dJ5NTkL9E10_MqS5 zZUMXG3w)#_W@(t6