Unverified Commit b5d39df9 authored by Derek Nola's avatar Derek Nola Committed by GitHub

Deprecation of `etcd-snapshot` command in v1.26 (#6575)

* Consolidate etcd snapshot commands * Consolidate secrets encryption commands * Move etcd-snapshot to fatal error stage. Signed-off-by: 's avatarDerek Nola <derek.nola@suse.com>
parent d7237757
......@@ -15,14 +15,13 @@ import (
func main() {
app := cmds.NewApp()
app.Commands = []cli.Command{
cmds.NewSecretsEncryptCommand(cli.ShowAppHelp,
cmds.NewSecretsEncryptSubcommands(
cmds.NewSecretsEncryptCommands(
secretsencrypt.Status,
secretsencrypt.Enable,
secretsencrypt.Disable,
secretsencrypt.Prepare,
secretsencrypt.Rotate,
secretsencrypt.Reencrypt),
secretsencrypt.Reencrypt,
),
}
......
......@@ -15,12 +15,12 @@ import (
func main() {
app := cmds.NewApp()
app.Commands = []cli.Command{
cmds.NewEtcdSnapshotCommand(etcdsnapshot.Save,
cmds.NewEtcdSnapshotSubcommands(
cmds.NewEtcdSnapshotCommands(
etcdsnapshot.Run,
etcdsnapshot.Delete,
etcdsnapshot.List,
etcdsnapshot.Prune,
etcdsnapshot.Save),
etcdsnapshot.Save,
),
}
......
......@@ -51,21 +51,20 @@ func main() {
cmds.NewCRICTL(externalCLIAction("crictl", dataDir)),
cmds.NewCtrCommand(externalCLIAction("ctr", dataDir)),
cmds.NewCheckConfigCommand(externalCLIAction("check-config", dataDir)),
cmds.NewEtcdSnapshotCommand(etcdsnapshotCommand,
cmds.NewEtcdSnapshotSubcommands(
cmds.NewEtcdSnapshotCommands(
etcdsnapshotCommand,
etcdsnapshotCommand,
etcdsnapshotCommand,
etcdsnapshotCommand,
etcdsnapshotCommand,
etcdsnapshotCommand),
),
cmds.NewSecretsEncryptCommand(secretsencryptCommand,
cmds.NewSecretsEncryptSubcommands(
cmds.NewSecretsEncryptCommands(
secretsencryptCommand,
secretsencryptCommand,
secretsencryptCommand,
secretsencryptCommand,
secretsencryptCommand,
secretsencryptCommand,
secretsencryptCommand),
),
cmds.NewCertCommand(
cmds.NewCertSubcommands(
......
......@@ -48,21 +48,20 @@ func main() {
cmds.NewKubectlCommand(kubectl.Run),
cmds.NewCRICTL(crictl.Run),
cmds.NewCtrCommand(ctr.Run),
cmds.NewEtcdSnapshotCommand(etcdsnapshot.Save,
cmds.NewEtcdSnapshotSubcommands(
cmds.NewEtcdSnapshotCommands(
etcdsnapshot.Run,
etcdsnapshot.Delete,
etcdsnapshot.List,
etcdsnapshot.Prune,
etcdsnapshot.Save),
etcdsnapshot.Save,
),
cmds.NewSecretsEncryptCommand(cli.ShowAppHelp,
cmds.NewSecretsEncryptSubcommands(
cmds.NewSecretsEncryptCommands(
secretsencrypt.Status,
secretsencrypt.Enable,
secretsencrypt.Disable,
secretsencrypt.Prepare,
secretsencrypt.Rotate,
secretsencrypt.Reencrypt),
secretsencrypt.Reencrypt,
),
cmds.NewCertCommand(
cmds.NewCertSubcommands(
......
......@@ -32,21 +32,20 @@ func main() {
cmds.NewAgentCommand(agent.Run),
cmds.NewKubectlCommand(kubectl.Run),
cmds.NewCRICTL(crictl.Run),
cmds.NewEtcdSnapshotCommand(etcdsnapshot.Save,
cmds.NewEtcdSnapshotSubcommands(
cmds.NewEtcdSnapshotCommands(
etcdsnapshot.Run,
etcdsnapshot.Delete,
etcdsnapshot.List,
etcdsnapshot.Prune,
etcdsnapshot.Save),
etcdsnapshot.Save,
),
cmds.NewSecretsEncryptCommand(cli.ShowAppHelp,
cmds.NewSecretsEncryptSubcommands(
cmds.NewSecretsEncryptCommands(
secretsencrypt.Status,
secretsencrypt.Enable,
secretsencrypt.Disable,
secretsencrypt.Prepare,
secretsencrypt.Rotate,
secretsencrypt.Reencrypt),
secretsencrypt.Reencrypt,
),
cmds.NewCertCommand(
cmds.NewCertSubcommands(
......
......@@ -99,20 +99,14 @@ var EtcdSnapshotFlags = []cli.Flag{
},
}
func NewEtcdSnapshotCommand(action func(*cli.Context) error, subcommands []cli.Command) cli.Command {
func NewEtcdSnapshotCommands(run, delete, list, prune, save func(ctx *cli.Context) error) cli.Command {
return cli.Command{
Name: EtcdSnapshotCommand,
Usage: "Trigger an immediate etcd snapshot",
SkipFlagParsing: false,
SkipArgReorder: true,
Action: action,
Subcommands: subcommands,
Flags: EtcdSnapshotFlags,
}
}
func NewEtcdSnapshotSubcommands(delete, list, prune, save func(ctx *cli.Context) error) []cli.Command {
return []cli.Command{
Action: run,
Subcommands: []cli.Command{
{
Name: "delete",
Usage: "Delete given snapshot(s)",
......@@ -155,5 +149,7 @@ func NewEtcdSnapshotSubcommands(delete, list, prune, save func(ctx *cli.Context)
Action: save,
Flags: EtcdSnapshotFlags,
},
},
Flags: EtcdSnapshotFlags,
}
}
......@@ -7,7 +7,13 @@ import (
const SecretsEncryptCommand = "secrets-encrypt"
var EncryptFlags = []cli.Flag{
var (
forceFlag = cli.BoolFlag{
Name: "f,force",
Usage: "Force this stage.",
Destination: &ServerConfig.EncryptForce,
}
EncryptFlags = []cli.Flag{
DataDirFlag,
ServerToken,
cli.StringFlag{
......@@ -17,25 +23,18 @@ var EncryptFlags = []cli.Flag{
Value: "https://127.0.0.1:6443",
Destination: &ServerConfig.ServerURL,
},
}
}
)
func NewSecretsEncryptCommand(action func(*cli.Context) error, subcommands []cli.Command) cli.Command {
func NewSecretsEncryptCommands(status, enable, disable, prepare, rotate, reencrypt func(ctx *cli.Context) error) cli.Command {
return cli.Command{
Name: SecretsEncryptCommand,
Usage: "Control secrets encryption and keys rotation",
SkipFlagParsing: false,
SkipArgReorder: true,
Action: action,
Subcommands: subcommands,
}
}
func NewSecretsEncryptSubcommands(status, enable, disable, prepare, rotate, reencrypt func(ctx *cli.Context) error) []cli.Command {
return []cli.Command{
Subcommands: []cli.Command{
{
Name: "status",
Usage: "Print current status of secrets encryption",
SkipFlagParsing: false,
SkipArgReorder: true,
Action: status,
Flags: append(EncryptFlags, &cli.StringFlag{
......@@ -47,7 +46,6 @@ func NewSecretsEncryptSubcommands(status, enable, disable, prepare, rotate, reen
{
Name: "enable",
Usage: "Enable secrets encryption",
SkipFlagParsing: false,
SkipArgReorder: true,
Action: enable,
Flags: EncryptFlags,
......@@ -55,7 +53,6 @@ func NewSecretsEncryptSubcommands(status, enable, disable, prepare, rotate, reen
{
Name: "disable",
Usage: "Disable secrets encryption",
SkipFlagParsing: false,
SkipArgReorder: true,
Action: disable,
Flags: EncryptFlags,
......@@ -63,44 +60,30 @@ func NewSecretsEncryptSubcommands(status, enable, disable, prepare, rotate, reen
{
Name: "prepare",
Usage: "Prepare for encryption keys rotation",
SkipFlagParsing: false,
SkipArgReorder: true,
Action: prepare,
Flags: append(EncryptFlags, &cli.BoolFlag{
Name: "f,force",
Usage: "Force preparation.",
Destination: &ServerConfig.EncryptForce,
}),
Flags: append(EncryptFlags, &forceFlag),
},
{
Name: "rotate",
Usage: "Rotate secrets encryption keys",
SkipFlagParsing: false,
SkipArgReorder: true,
Action: rotate,
Flags: append(EncryptFlags, &cli.BoolFlag{
Name: "f,force",
Usage: "Force key rotation.",
Destination: &ServerConfig.EncryptForce,
}),
Flags: append(EncryptFlags, &forceFlag),
},
{
Name: "reencrypt",
Usage: "Reencrypt all data with new encryption key",
SkipFlagParsing: false,
SkipArgReorder: true,
Action: reencrypt,
Flags: append(EncryptFlags,
&cli.BoolFlag{
Name: "f,force",
Usage: "Force secrets reencryption.",
Destination: &ServerConfig.EncryptForce,
},
&forceFlag,
&cli.BoolFlag{
Name: "skip",
Usage: "Skip removing old key",
Destination: &ServerConfig.EncryptSkip,
}),
},
},
}
}
......@@ -69,9 +69,10 @@ func commandSetup(app *cli.Context, cfg *cmds.Server, sc *server.Config) error {
return nil
}
// Run is an alias for Save, retained for compatibility reasons.
// Run was an alias for Save
func Run(app *cli.Context) error {
return Save(app)
cli.ShowAppHelp(app)
return fmt.Errorf("saving with etcd-snapshot was deprecated in v1.26, use \"etcd-snapshot save\" instead")
}
// Save triggers an on-demand etcd snapshot operation
......
......@@ -101,11 +101,12 @@ var _ = Describe("Verify Create", Ordered, func() {
It("Verifies Snapshot is created", func() {
Eventually(func(g Gomega) {
cmd := "sudo k3s etcd-snapshot"
cmd := "sudo k3s etcd-snapshot save"
_, err := e2e.RunCmdOnNode(cmd, "server-0")
g.Expect(err).NotTo(HaveOccurred())
cmd = "sudo ls /var/lib/rancher/k3s/server/db/snapshots/"
snapshotname, err = e2e.RunCmdOnNode(cmd, "server-0")
g.Expect(err).NotTo(HaveOccurred())
fmt.Println("Snapshot Name", snapshotname)
g.Expect(snapshotname).Should(ContainSubstring("on-demand-server-0"))
}, "420s", "10s").Should(Succeed())
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment