Comments (12)
etcd v3.5.14 is now public https://github.com/etcd-io/etcd/releases/tag/v3.5.14
Thanks to everyone who contributed to the release.
I will leave this issue open for now as there are two release process improvement we would like to pursue following this release:
- Consider switching to a shallow
git
clone inscripts/release.sh
by appending--depth=1
to save time. - Explore if the
gsutil
command to set public ACL can be run on a subdirectory rather than entire bucket to prevent error message spam at conclusion ofscripts/release.sh
.
from etcd.
Consider switching to a shallow
git
clone inscripts/release.sh
by appending--depth=1
to save time.
I'm currently testing this.
from etcd.
Consider switching to a shallow
git
clone inscripts/release.sh
by appending--depth=1
to save time.I'm currently testing this.
I tried with --single-branch
, but because a shallow clone works fine (--depth=1
), single branch is not required. Also per git's documentation:
--depth <depth>
Create a shallow clone with a history truncated to the specified number of commits. Implies --single-branch unless --no-single-branch is given to fetch the histories near the tips of all branches.
from etcd.
I did a sweep of issues and pull requests from the main branch since v3.5.13, and couldn't find any other possible candidates for being backported.
from etcd.
So there are two instances where gsutil
is being used in scripts/release.sh
to set bucket ACL's:
Line 246 in bf51a53
The above reference is ok as this is already limited to the specific etcd version being uploaded.
Line 285 in bf51a53
This is the one causing log spam, as there are just over 3,000
objects in the bucket and the command is targeting the entire bucket recursively.
This gs://artifacts.etcd-development.appspot.com
bucket relates to the current etcd container image hosting we have in gcr. Based on this post I believe the only way we can avoid this log spam would be to have ACL's set at the bucket level marking the entire bucket as public.
Doing some more checking, one interesting thing is that the entire bucket seems to be already marked as fully public:
I confirmed this with gsutil
by verifying the allUsers
member was present at the bucket level:
james ~
➜ gsutil iam get gs://artifacts.etcd-development.appspot.com --format=json \
| jq '.bindings[].members[]' | grep allUsers
"allUsers"
Based on my findings above I believe there is no point running this command every release and we can just remove that problematic line from the release script without consequence. Or at very least gate it behind a check for allUsers
as mentioned above, so the line only runs if for some reason the bucket wasn't already public.
We would need consensus from @ahrtr and @serathius on this.
from etcd.
Using links like v3.5.13...release-3.5 is nice, but please note that they are not static, they update as the branch is moved. In previous releases I listed each issues explicitly to make sure that we have concrete list that can inspected after the release.
from etcd.
Using links like v3.5.13...release-3.5 is nice, but please note that they are not static, they update as the branch is moved. In previous releases I listed each issues explicitly to make sure that we have concrete list that can inspected after the release.
Thanks yeah they are mutable until tag is published, once tag is published we can compare actual immutable list of commits, i.e. v3.5.12...v3.5.13
I have link to draft changelog and also the header for proposed issues still needing backport which I will add to shortly:
Work in progress CHANGELOG is: https://github.com/etcd-io/etcd/blob/main/CHANGELOG/CHANGELOG-3.5.md#v3514-tbd
List of items we still need to backport from main to release-3.5 before the patch release is issued:
TBC
from etcd.
Updated planning for this release below:
Release team
Github handle | Role |
---|---|
@serathius | Release advisor |
@jmhbnz | Release lead |
@ivanvc | Release shadow |
Backports
I have identified one required backport this morning and added to the list above. @ivanvc will also review and suggest any. @serathius are there any recent robustness related merges to main
you would suggest we backport for 3.5.14
?
Required backports will be discussed at triage tomorrow so we can invite the community to help get these completed in advance of the release date.
Release date
Discussed with @ivanvc today. We are both available 11:00 Pacific Time next Tuesday 28th or Wednesday 29th. @serathius would one of those options work for you for the call to cut the release? If so I will send the calendar invite.
from etcd.
@jmhbnz, @serathius, have we agreed on a date for the release?
from etcd.
Please reach out to me on Slack to setup the meeting.
from etcd.
2. Explore if the
gsutil
command to set public ACL can be run on a subdirectory rather than entire bucket to prevent error message spam at conclusion ofscripts/release.sh
.
I don't have a way to test this. So, I don't want to raise the PR. But, from the documentation it seems like it should be possible to pass a path.
Refer to: https://cloud.google.com/storage/docs/gsutil/commands/acl#set-options
The "set" sub-command has the following options
-R, -r
Performs "acl set" request recursively, to all objects under the specified URL.
And https://cloud.google.com/storage/docs/gsutil/commands/acl#ch-examples
Grant the user [email protected] READ access to all objects in example-bucket that begin with folder/:
gsutil acl ch -r -u [email protected]:R gs://example-bucket/folder/
from etcd.
Thanks for driving the improvement!
Based on my findings above I believe there is no point running this command every release and we can just remove that problematic line from the release script without consequence.
Sounds good, but please manually verify it. e.g.
- Manually push an image gcr.io/etcd-development/etcd:v3.5.99
- Remove your local image;
- try to pull it;
- finally remove it.
Also what if we transition from gcr.io to Artifact Registry?
from etcd.
Related Issues (20)
- Server-level feature gate gRPC endpoints HOT 1
- When the long TCP connection between two nodes in the cluster is not disconnected, but data transmission is no longer possible through the connection, etcd will not perform a quick reconnection. HOT 9
- etcd watcher doesn't read older events HOT 2
- [Robustness tests] Etcd v3.6 can panic due to missing snapshot HOT 3
- Robustness test doesn't recover if etcd panics HOT 1
- Find a replacement for marker (markdown linter) HOT 7
- Add multiarch builds to prow build presubmit HOT 1
- Add integration tests to prow presubmit
- Performance Issue: CPU usage of the leader node increased by 20% HOT 13
- How to disable the /debug/vars feature in a Docker environment HOT 10
- invoke the Lock function in concurrency package will get stuck in when etcd servers are not available
- Missing nil check HOT 1
- Memory leak HOT 1
- etcd memory raise rapidly and never decline after exec get --prefix/range HOT 4
- Watch dropping an event when compacting on delete HOT 34
- Panic: index out of range[0] with length 0 at v3.5.11 go.etcd.io/etcd/client/v3/client.go:302 HOT 1
- Unable to register Arm64 runners HOT 8
- etcd panic: assertion failed: Page expected to be: 36312, but self identifies as 0 HOT 3
- The database file size of etcd has exceeded the configured quota HOT 2
- Make linearizable renew lease configurable HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from etcd.