From 06337c266623442433fa5b3300cd35bbc12ff6f9 Mon Sep 17 00:00:00 2001 From: Albert <26584478+albertteoh@users.noreply.github.com> Date: Fri, 5 Feb 2021 17:33:35 +1100 Subject: [PATCH] Remove deprecated TLS flags (#2790) * Remove deprecated TLS flags Signed-off-by: albertteoh * Add PR ref to changelog Signed-off-by: albertteoh * Fix integration test Signed-off-by: albertteoh * Add changelog deprecate entry for --es.tls Signed-off-by: albertteoh * Add changelog deprecate entries for other storage types Signed-off-by: albertteoh * Add remaining deprecated flags as identified by @yurishkuro Signed-off-by: albertteoh --- CHANGELOG.md | 11 +++++++++++ pkg/config/tlscfg/flags.go | 17 ----------------- pkg/config/tlscfg/flags_test.go | 9 +-------- plugin/storage/es/mappings/gen_assets.go | 14 +++++++------- scripts/travis/es-integration-test.sh | 2 +- 5 files changed, 20 insertions(+), 33 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5ceded5b5c5..bc148a07721 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,17 @@ Changes by Version #### Breaking Changes +* Remove deprecated TLS flags ([#2790](https://github.com/jaegertracing/jaeger/issues/2790), [@albertteoh](https://github.com/albertteoh)): + * `--cassandra.tls` is replaced by `--cassandra.tls.enabled` + * `--cassandra-archive.tls` is replaced by `--cassandra-archive.tls.enabled` + * `--collector.grpc.tls` is replaced by `--collector.grpc.tls.enabled` + * `--collector.grpc.tls.client.ca` is replaced by `--collector.grpc.tls.client-ca` + * `--es.tls` is replaced by `--es.tls.enabled` + * `--es-archive.tls` is replaced by `--es-archive.tls.enabled` + * `--kafka.consumer.tls` is replaced by `--kafka.consumer.tls.enabled` + * `--kafka.producer.tls` is replaced by `--kafka.producer.tls.enabled` + * `--reporter.grpc.tls` is replaced by `--reporter.grpc.tls.enabled` + * Remove deprecated flags of Query Server `--query.port` and `--query.host-port`, please use dedicated HTTP `--query.http-server.host-port` (defaults to `:16686`) and gRPC `--query.grpc-server.host-port` (defaults to `:16685`) host-ports flags instead ([#2772](https://github.com/jaegertracing/jaeger/pull/2772), [@rjs211](https://github.com/rjs211)) * By default, if no flags are set, the query server starts on the dedicated ports. To use common port for gRPC and HTTP endpoints, the host-port flags have to be explicitly set diff --git a/pkg/config/tlscfg/flags.go b/pkg/config/tlscfg/flags.go index 8ea42fc0105..54b8f8a933d 100644 --- a/pkg/config/tlscfg/flags.go +++ b/pkg/config/tlscfg/flags.go @@ -22,14 +22,12 @@ import ( const ( tlsPrefix = ".tls" - tlsEnabledOld = tlsPrefix tlsEnabled = tlsPrefix + ".enabled" tlsCA = tlsPrefix + ".ca" tlsCert = tlsPrefix + ".cert" tlsKey = tlsPrefix + ".key" tlsServerName = tlsPrefix + ".server-name" tlsClientCA = tlsPrefix + ".client-ca" - tlsClientCAOld = tlsPrefix + ".client.ca" tlsSkipHostVerify = tlsPrefix + ".skip-host-verify" ) @@ -51,7 +49,6 @@ type ServerFlagsConfig struct { func (c ClientFlagsConfig) AddFlags(flags *flag.FlagSet) { if c.ShowEnabled { flags.Bool(c.Prefix+tlsEnabled, false, "Enable TLS when talking to the remote server(s)") - flags.Bool(c.Prefix+tlsEnabledOld, false, "(deprecated) see --"+c.Prefix+tlsEnabled) } flags.String(c.Prefix+tlsCA, "", "Path to a TLS CA (Certification Authority) file used to verify the remote server(s) (by default will use the system truststore)") flags.String(c.Prefix+tlsCert, "", "Path to a TLS Certificate file, used to identify this process to the remote server(s)") @@ -66,12 +63,10 @@ func (c ClientFlagsConfig) AddFlags(flags *flag.FlagSet) { func (c ServerFlagsConfig) AddFlags(flags *flag.FlagSet) { if c.ShowEnabled { flags.Bool(c.Prefix+tlsEnabled, false, "Enable TLS on the server") - flags.Bool(c.Prefix+tlsEnabledOld, false, "(deprecated) see --"+c.Prefix+tlsEnabled) } flags.String(c.Prefix+tlsCert, "", "Path to a TLS Certificate file, used to identify this server to clients") flags.String(c.Prefix+tlsKey, "", "Path to a TLS Private Key file, used to identify this server to clients") flags.String(c.Prefix+tlsClientCA, "", "Path to a TLS CA (Certification Authority) file used to verify certificates presented by clients (if unset, all clients are permitted)") - flags.String(c.Prefix+tlsClientCAOld, "", "(deprecated) see --"+c.Prefix+tlsClientCA) } // InitFromViper creates tls.Config populated with values retrieved from Viper. @@ -79,10 +74,6 @@ func (c ClientFlagsConfig) InitFromViper(v *viper.Viper) Options { var p Options if c.ShowEnabled { p.Enabled = v.GetBool(c.Prefix + tlsEnabled) - - if !p.Enabled { - p.Enabled = v.GetBool(c.Prefix + tlsEnabledOld) - } } p.CAPath = v.GetString(c.Prefix + tlsCA) p.CertPath = v.GetString(c.Prefix + tlsCert) @@ -99,19 +90,11 @@ func (c ServerFlagsConfig) InitFromViper(v *viper.Viper) Options { var p Options if c.ShowEnabled { p.Enabled = v.GetBool(c.Prefix + tlsEnabled) - - if !p.Enabled { - p.Enabled = v.GetBool(c.Prefix + tlsEnabledOld) - } } p.CertPath = v.GetString(c.Prefix + tlsCert) p.KeyPath = v.GetString(c.Prefix + tlsKey) if c.ShowClientCA { p.ClientCAPath = v.GetString(c.Prefix + tlsClientCA) - if s := v.GetString(c.Prefix + tlsClientCAOld); s != "" { - // using legacy flag - p.ClientCAPath = s - } } return p } diff --git a/pkg/config/tlscfg/flags_test.go b/pkg/config/tlscfg/flags_test.go index f55ecbd819f..6bd5d3b357c 100644 --- a/pkg/config/tlscfg/flags_test.go +++ b/pkg/config/tlscfg/flags_test.go @@ -36,9 +36,6 @@ func TestClientFlags(t *testing.T) { tests := []struct { option string }{ - { - option: "--prefix.tls=true", - }, { option: "--prefix.tls.enabled=true", }, @@ -76,7 +73,7 @@ func TestClientFlags(t *testing.T) { func TestServerFlags(t *testing.T) { cmdLine := []string{ "##placeholder##", // replaced in each test below - "--prefix.tls=true", + "--prefix.tls.enabled=true", "--prefix.tls.cert=cert-file", "--prefix.tls.key=key-file", } @@ -89,10 +86,6 @@ func TestServerFlags(t *testing.T) { option: "--prefix.tls.client-ca=client-ca-file", file: "client-ca-file", }, - { - option: "--prefix.tls.client.ca=legacy-client-ca-file", - file: "legacy-client-ca-file", - }, } for _, test := range tests { diff --git a/plugin/storage/es/mappings/gen_assets.go b/plugin/storage/es/mappings/gen_assets.go index 77195053de8..88b6e1ae9b4 100644 --- a/plugin/storage/es/mappings/gen_assets.go +++ b/plugin/storage/es/mappings/gen_assets.go @@ -213,7 +213,7 @@ var _escData = map[string]*_escFile{ name: ".nocover", local: "plugin/storage/es/mappings/.nocover", size: 43, - modtime: 1597437395, + modtime: 1612002346, compressed: ` H4sIAAAAAAAC/youSSzJzFYoSEzOTkxPVcjILy4pVkgsLcnXTU/NSy1KLElNUUjLzEkt1uMCBAAA//8y IKK1KwAAAA== @@ -224,7 +224,7 @@ IKK1KwAAAA== name: "jaeger-dependencies-7.json", local: "plugin/storage/es/mappings/jaeger-dependencies-7.json", size: 283, - modtime: 1597437395, + modtime: 1612134474, compressed: ` H4sIAAAAAAAC/2zPz0vDQBDF8Xv+imXxVNrFi5fcqlYU/EWK52GbfU1HknHdmYBQ8r9LRA/S3t/nC+9Y OedZEr4oRzMUUV87v3iP6FBWCRmSIC1DVwu/nNcKM5ZOfT3jPx5kHHYo9LEnPcSS5szFkej57el609DL @@ -237,7 +237,7 @@ rYyonPvp+t/efGyqpuo7AAD//66cHf8bAQAA name: "jaeger-dependencies.json", local: "plugin/storage/es/mappings/jaeger-dependencies.json", size: 277, - modtime: 1597437395, + modtime: 1612134474, compressed: ` H4sIAAAAAAAC/2zPzUoDMRTF8f08Rbi4Km1w4ya7qhUFv5ji+pJOTqeRTIy5d0Ao8+4y4kbG/fn94Zwb Y0gxlOQV5Ayt3j161E1AQQ7IXYRsVrSedwLVmHshNzNjKOaAL5vH4YDKH0eWk69ByJmLM/Pz29P1ruWX @@ -250,7 +250,7 @@ tI5ojPnp0m9vPjY1U/MdAAD//5ZQx/QVAQAA name: "jaeger-service-7.json", local: "plugin/storage/es/mappings/jaeger-service-7.json", size: 878, - modtime: 1597437395, + modtime: 1612134474, compressed: ` H4sIAAAAAAAC/8ySwW7aQBCG736K1agnBFZViR72RluqVmppBcopikaDPdibeNeb3YEEIb97ZGTAhHDL IReP5H++35/t3SVKgXE5P6MnEQ4uglYwuCcuOIwih43JeDSAYbsYWcS4IoJuuQOZurVdcsB6hbGkkLcN @@ -265,7 +265,7 @@ FMjWM2h44O1THXIYnqemcHVgpGW9YdBfxl97cdPfBU9SoiXJStAgVKQDOMZN8oroOftQZxzjh9DuXNJr name: "jaeger-service.json", local: "plugin/storage/es/mappings/jaeger-service.json", size: 1060, - modtime: 1597437395, + modtime: 1612134474, compressed: ` H4sIAAAAAAAC/8yTT2/UMBDF7/kU1ojTamshpHLwrUARSFDQVpwQGs3Gs1mD7RjbKayqfHfk4pKkW+2J Q3PIn/F78/xz7NtGCMjsgqXMoASsvhN3HM8SxxvT8tkK1kWSOGfjuwSqOIQA4zX/ln5wW47Y7zDtKeoE @@ -281,7 +281,7 @@ TmGdQJrhQAmkbHr//7o382e5j83Y/AkAAP//qd2MzCQEAAA= name: "jaeger-span-7.json", local: "plugin/storage/es/mappings/jaeger-span-7.json", size: 3420, - modtime: 1597437395, + modtime: 1612134474, compressed: ` H4sIAAAAAAAC/+xWXW+UQBR951eQG5+aLTEm9YG3amtsYqtp65Mxk7twYaedL2fuVjcN/93A0hYKbE2k xhhflix3zuHcmXsO3EZxDNLk9EM4ZCZvAqQx7F0hleT3g0OzvweLuF4WiFmaMkBao+5wiVnrJXlhCxFW @@ -300,7 +300,7 @@ s/IPX+q/S7/jOB55dNyfveXPdm4jPpxtT0d9N2fQzT1xE5+s9W8VVdHPAAAA//+SuQbQXA0AAA== name: "jaeger-span.json", local: "plugin/storage/es/mappings/jaeger-span.json", size: 3830, - modtime: 1597437395, + modtime: 1612134474, compressed: ` H4sIAAAAAAAC/+xW0W/TPhB+z18RnX5PUxf9hDQe8jbYEJPYQNt4Qsi6JpfUm2Mb+zqopv7vKE1Lm9ZJ QGoQEvShbWx/391n333xcxTHwFRZhUyQxnDygFSSO/UW9ekJTOp5T8xSlx7Senkcg9Q5fUv0vJqSE6YQ diff --git a/scripts/travis/es-integration-test.sh b/scripts/travis/es-integration-test.sh index 6ff5575410d..ae83878aa6b 100755 --- a/scripts/travis/es-integration-test.sh +++ b/scripts/travis/es-integration-test.sh @@ -33,7 +33,7 @@ setup_es() { setup_query() { local arch=$(go env GOARCH) local params=( - --es.tls=false + --es.tls.enabled=false --es.version=7 --es.server-urls=http://127.0.0.1:9200 --query.bearer-token-propagation=true