Skip to content

OCPBUGS-82497: Rebase 4.22 v3.6.12#391

Open
dusk125 wants to merge 126 commits into
openshift:openshift-4.22from
dusk125:rebase-4.22-v3.6.12
Open

OCPBUGS-82497: Rebase 4.22 v3.6.12#391
dusk125 wants to merge 126 commits into
openshift:openshift-4.22from
dusk125:rebase-4.22-v3.6.12

Conversation

@dusk125

@dusk125 dusk125 commented Jun 29, 2026

Copy link
Copy Markdown

No description provided.

serathius and others added 30 commits September 23, 2025 17:47
@serathius
Reject watch request with -1 revision and make rangeEvents safe again…
3bb4470 
…st negative revision

Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
@serathius
Merge pull request etcd-io#20707 from k8s-infra-cherrypick-robot/cher…
4790130 
…ry-pick-20693-to-release-3.6

[release-3.6] Reject watch request with -1 revision to prevent invalid resync behavior on uncompacted etcd and make rangeEvents safe against negative revision.
@tchap
server/embed: Log EOF on DEBUG in TLS handshake
ee85ed3 
When EOF is encountered during TLS handshake, it is still logged as a
warning. This seems excessive and not really useful.

This patch ensures EOF is logged on debug only.

Signed-off-by: Ondra Kupka <okupka@redhat.com>
@ahrtr
Merge pull request etcd-io#20749 from k8s-infra-cherrypick-robot/cher…
3bbdd68 
…ry-pick-20568-to-release-3.6

[release-3.6] server/embed: Log EOF on DEBUG in TLS handshake
@ahrtr
Fix endpoint status not retuning the correct storage quota
4973fd4 
Signed-off-by: Benjamin Wang <benjamin.ahrtr@gmail.com>
@fuweid
Merge pull request etcd-io#20790 from ahrtr/20251012_quota_3.6
4dfe6c1
@hwdef
Bump go to 1.24.9
1e02301 
Signed-off-by: hwdef <hwdefcom@outlook.com>
@ahrtr
Merge pull request etcd-io#20801 from hwdef/release-36-bump-go1249
9d7222c 
[release-3.6] Bump go to 1.24.9
@xUser5000
test: add promote with auth e2e tests
e88e142 
Adds two test cases for the member promote operation when auth is
enabled. In the first case, the member promote request is submitted to
the leader, and in the second case it's submitted to the follower. The
leader case succeeds. In the other case, the follower forwards the
promote request to the leader. But, the forwarded request fails due to
a bug. The logs on the leader include this message:

```
failed to promote a member
```

as well as the error:

```
auth: user name is empty
```

Signed-off-by: xUser5000 <abdallahar1974@gmail.com>
@xUser5000
etcdserver: fix cannot promote with auth from follower
5377bb9 
When auth is enabled, sending a promotion request to a follower node was failing because
the auth token was not being propagated when the follower forwards the request to the leader.

Signed-off-by: xUser5000 <abdallahar1974@gmail.com>
@xUser5000
etcdserver: follow convention to extract auth token in cluster_util.go
76ee0bc 
Signed-off-by: xUser5000 <abdallahar1974@gmail.com>
@xUser5000
tests: use WaitLeader() in memberPromoteWithAuth()
db6be4c 
Signed-off-by: xUser5000 <abdallahar1974@gmail.com>
@ahrtr
Merge pull request etcd-io#20874 from k8s-infra-cherrypick-robot/cher…
52b2948 
…ry-pick-20792-to-release-3.6

[release-3.6] etcdserver: Fix: cannot promote member from follower when auth is enabled
@ahrtr
Add an e2e test cases to reproduce the '--force-new-cluster' can't re…
7d3fc02 
…move learner issue

Signed-off-by: Benjamin Wang <benjamin.ahrtr@gmail.com>
@ahrtr
Fix the '--force-new-cluster' can't clean up learners issue
523100b 
Signed-off-by: Benjamin Wang <benjamin.ahrtr@gmail.com>
@ahrtr
Merge pull request etcd-io#20896 from k8s-infra-cherrypick-robot/cher…
d1a3bee 
…ry-pick-20894-to-release-3.6

[release-3.6] Fix the issue that `--force-new-cluster` can't clean up learner after creating v2 snapshot
@ronaldngounou
Bump from go1.24.9 to go1.24.10
2c0db32 
Signed-off-by: ronaldngounou <ronald.ngounou@yahoo.com>
@ahrtr
Merge pull request etcd-io#20901 from ronaldngounou/release36-bump-go…
88b9794 
…12410

[release-3.6] Bump from go1.24.9 to go1.24.10
@mingl1
v3rpc: add and use getServerMetrics() with global metricsServerCached
145d927 
Signed-off-by: mingl1 <minglin.me@gmail.com>
@ahrtr
Merge pull request etcd-io#20905 from k8s-infra-cherrypick-robot/cher…
0745315 
…ry-pick-20887-to-release-3.6

[release-3.6] fix duplicate metrics collector registration attempted
@ivanvc
version: bump up to 3.6.6
d2809cf 
Signed-off-by: Ivan Valdes <iv@a.ki>
@ahrtr
Print token fingerprint instead of the original tokens in log messages
554dc70 
Signed-off-by: Benjamin Wang <benjamin.ahrtr@gmail.com>
@ahrtr
Merge pull request etcd-io#20941 from ahrtr/20251117_tokens_3.6
f185ce6 
[release-3.6] Print token fingerprint instead of the original tokens in log messages
@hwdef
Bump go to 1.24.11
97141e1 
Signed-off-by: hwdef <hwdefcom@outlook.com>
@ahrtr
Merge pull request etcd-io#20998 from hwdef/release36-bump-go-12411
dbaf5cf 
[release-3.6] Bump go to 1.24.11
@ivanvc
dependency: Bump golang.org/x/net from 0.38.0 to 0.45.0
61af088 
Addresses CVE-2025-47914, CVE-2025-58181.

Signed-off-by: Ivan Valdes <ivan@vald.es>
@ahrtr
Merge pull request etcd-io#21024 from ivanvc/release-3.6-x-net-0.45.0
6bfd01c 
[release-3.6] dependency: Bump golang.org/x/crypto from 0.36.0 to 0.45.0
@joshjms
version: bump up to 3.6.7
e838ef1 
Signed-off-by: joshjms <joshjms1607@gmail.com>
@ivanvc
dependency: Bump golang.org/x/crypto from 0.42.0 to 0.45.0
f767aa2 
Addresses CVE-2025-47914, CVE-2025-58181.

Signed-off-by: Ivan Valdes <ivan@vald.es>
@ivanvc
tools: explicitly require golang.org/x/tools/cmd/goimports
81c32a4 
Running genproto fails with:

% (cd tools/mod && 'go' 'install' 'golang.org/x/tools/cmd/goimports')
stderr: /home/prow/go/pkg/mod/golang.org/x/tools@v0.38.0/cmd/goimports/goimports.go:23:2: missing go.sum entry for module providing package golang.org/x/telemetry/counter (imported by golang.org/x/tools/cmd/goimports); to add:
stderr: go get golang.org/x/tools/cmd/goimports@v0.38.0
FAIL: (code:1):
  % (cd tools/mod && 'go' 'install' 'golang.org/x/tools/cmd/goimports')
Failed to install tool 'golang.org/x/tools/cmd/goimports'

Signed-off-by: Ivan Valdes <ivan@vald.es>
ahrtr and others added 19 commits April 29, 2026 10:05
@ahrtr
Add an integration test case to reproduce the read via PrevKv bypass …
3fe5746 
…rbac check issue

Signed-off-by: Benjamin Wang <benjamin.ahrtr@gmail.com>
@ahrtr
Add an integration test to reproduce the issue of PutWithLease in a T…
fbbd0a1 
…XN bypass RBAC check

Signed-off-by: Benjamin Wang <benjamin.ahrtr@gmail.com>
@ahrtr
Fix the 'read via PrevKv' and 'Put with lease' in TXN bypass rbac che…
633de82 
…ck issue

Signed-off-by: Benjamin Wang <benjamin.ahrtr@gmail.com>
@ahrtr
Merge pull request etcd-io#21685 from ahrtr/20260429_auth_3.6
d671fd0 
[release-3.6] Fix read access via PrevKv or lease attachment in a Put request in etcd transactions bypass RBAC authorization checks
@ivanvc
version: bump up to 3.6.11
ec166e2 
Signed-off-by: Ivan Valdes <iv@a.ki>
@silentred
Bump Go to 1.25.10
e7f96b0 
Signed-off-by: shenmu.wy <shenmu.wy@antfin.com>
@ahrtr
Merge pull request etcd-io#21727 from silentred/release-3.6-bump-go-1…
9bbe31b 
….25.10

[release-3.6] Bump Go to 1.25.10
@silentred
bugfix: MemberUpdate implicitly and unexpectedly promotes a learner
49cd4a4 
Signed-off-by: shenmu.wy <shenmu.wy@antfin.com>
@ahrtr
Merge pull request etcd-io#21736 from silentred/release-3.6-bugfix-me…
00e1b15 
…mberupdate-learner

[release-3.6] bugfix: MemberUpdate implicitly and unexpectedly promotes a learner
@silentred
etcdutl: validate data file path and return consistent errors instead…
449e34b 
… of panic when given non-existent paths

Signed-off-by: shenmu.wy <shenmu.wy@antfin.com>
@fuweid
Merge pull request etcd-io#21768 from silentred/release-3.6-etcdutl-i…
aaf38f8 
…nvalid-datadir

[release-3.6] etcdutl: validate data file path instead of panic
@vivekpatani
client/pkg/fileutil: use os.Getuid() to skip TestIsDirWriteable as root
e1468c8 
- replace user.Current().Name == "root" with os.Getuid() == 0.
- drop os/user import and user.Current() error path.
- backport of etcd-io#21788
- address: etcd-io#21787

Signed-off-by: vivekpatani <9080894+vivekpatani@users.noreply.github.com>
@ahrtr
Merge pull request etcd-io#21794 from vivekpatani/cherry-pick-21788-r…
2286051 
…elease-3.6

[release-3.6] client/pkg/fileutil: use os.Getuid() to skip TestIsDirWriteable as root
@Deln0r
server: allow non-admin maintenance status
576a6a0 
Signed-off-by: kunal.behbudzade <kunal.behbudzade@btsgrp.com>
Signed-off-by: Ian Chechin <ian00chechin@gmail.com>
@ahrtr
Merge pull request etcd-io#21811 from Deln0r/release-3.6-backport-21666
8b95963 
[release-3.6] server: allow non-admin maintenance status
@ivanvc
version: bump up to 3.6.12
90b034a 
Signed-off-by: Ivan Valdes <iv@a.ki>
@dusk125
Merge branch 'openshift-4.22' into HEAD
eca9c4a
@dusk125
UPSTREAM: <drop>: manually resolve conflicts
71acb4f
@dusk125
UPSTREAM: <drop>: go mod tidy
8def996
@openshift-ci-robot openshift-ci-robot added jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. labels Jun 29, 2026
@dusk125 dusk125 mentioned this pull request Jun 29, 2026
Open
@openshift-ci-robot

openshift-ci-robot commented Jun 29, 2026

Copy link
Copy Markdown

@dusk125: This pull request references Jira Issue OCPBUGS-82497, which is invalid:

  • expected dependent Jira Issue OCPBUGS-94014 to be in one of the following states: MODIFIED, ON_QA, VERIFIED, but it is POST instead

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@coderabbitai

coderabbitai Bot commented Jun 29, 2026
edited
Loading

Copy link
Copy Markdown

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 6ead2258-5a63-42f2-8e33-31f84670e2d9

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Comment @coderabbitai help to get the list of available commands.

@openshift-ci openshift-ci Bot requested review from deads2k and hasbro17 June 29, 2026 18:25
@openshift-ci

openshift-ci Bot commented Jun 29, 2026

Copy link
Copy Markdown

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dusk125

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci Bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jun 29, 2026
@openshift-ci

openshift-ci Bot commented Jun 30, 2026

Copy link
Copy Markdown

@dusk125: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/upstream-integration bb23027 link false /test upstream-integration

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@deads2k deads2k Awaiting requested review from deads2k
@hasbro17 hasbro17 Awaiting requested review from hasbro17

Assignees

No one assigned

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.