mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-27 18:18:55 +00:00
c6ec7ab2db6985b735a75b91f6a6fc0f4de00a0a
2582 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Andrew Dryga
|
c6ec7ab2db | Drop healthcheck traces | ||
|
dependabot[bot]
|
5e63ce0015 |
build(deps): Bump domain from 0.8.0 to 0.8.1 in /rust (#2110)
Bumps [domain](https://github.com/nlnetlabs/domain) from 0.8.0 to 0.8.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nlnetlabs/domain/releases">domain's releases</a>.</em></p> <blockquote> <h2>0.8.1</h2> <p>New</p> <ul> <li>Added a new method <code>FoundSrvs::into_srvs</code> that converts the value into an iterator over the found SRV records without resolving them further. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/174">#174</a>, <a href="https://redirect.github.com/nlnetlabs/domain/issues/214">#214</a> by [<a href="https://github.com/WhyNotHugo"><code>@WhyNotHugo</code></a>]); this was added in 0.7.2 but missing in 0.8.0)</li> <li>Added impl of <code>Borrow<Dname<[u8]>></code> and <code>AsRef<Dname<[u8]>></code> for <code>Dname<_></code>. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/219">#219</a> by [<a href="https://github.com/iximeow"><code>@iximeow</code></a>}], <a href="https://redirect.github.com/nlnetlabs/domain/issues/225">#225</a>)</li> <li>Added <code>Dname::fmt_with_dot</code> that can be used when wanting to display a domain name with a dot at the end. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/210">#210</a>)</li> </ul> <p>Bug Fixes</p> <ul> <li>Fixed trait bounds on <code>FoundSrvs::into_stream</code> to make it usable again. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/174">#174</a>, [#214 by [<a href="https://github.com/WhyNotHugo"><code>@WhyNotHugo</code></a>]]; this was fixed in 0.7.2 but missing in 0.8.0)</li> <li>Fixed scanning of domain names that are just the root label. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/210">#210</a>)</li> <li>Fixed <code>util::base64::SymbolConverter</code> to also include the final group in the output if there is padding. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/212">#212</a>)</li> </ul> <p><a href="https://redirect.github.com/nlnetlabs/domain/issues/174">#174</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/174">NLnetLabs/domain#174</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/210">#210</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/210">NLnetLabs/domain#210</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/212">#212</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/212">NLnetLabs/domain#212</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/214">#214</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/214">NLnetLabs/domain#214</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/219">#219</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/219">NLnetLabs/domain#219</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/225">#225</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/225">NLnetLabs/domain#225</a> [<a href="https://github.com/iximeow"><code>@iximeow</code></a>]: <a href="https://github.com/iximeow">https://github.com/iximeow</a> [<a href="https://github.com/WhyNotHugo"><code>@WhyNotHugo</code></a>]: <a href="https://github.com/WhyNotHugo">https://github.com/WhyNotHugo</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/NLnetLabs/domain/blob/main/Changelog.md">domain's changelog</a>.</em></p> <blockquote> <h2>0.8.1</h2> <p>Released 2023-09-18</p> <p>New</p> <ul> <li>Added a new method <code>FoundSrvs::into_srvs</code> that converts the value into an iterator over the found SRV records without resolving them further. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/174">#174</a>, <a href="https://redirect.github.com/nlnetlabs/domain/issues/214">#214</a> by [<a href="https://github.com/WhyNotHugo"><code>@WhyNotHugo</code></a>]); this was added in 0.7.2 but missing in 0.8.0)</li> <li>Added impl of <code>Borrow<Dname<[u8]>></code> and <code>AsRef<Dname<[u8]>></code> for <code>Dname<_></code>. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/219">#219</a> by [<a href="https://github.com/iximeow"><code>@iximeow</code></a>}], <a href="https://redirect.github.com/nlnetlabs/domain/issues/225">#225</a>)</li> <li>Added <code>Dname::fmt_with_dot</code> that can be used when wanting to display a domain name with a dot at the end. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/210">#210</a>)</li> </ul> <p>Bug Fixes</p> <ul> <li>Fixed trait bounds on <code>FoundSrvs::into_stream</code> to make it usable again. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/174">#174</a>, [#214 by [<a href="https://github.com/WhyNotHugo"><code>@WhyNotHugo</code></a>]]; this was fixed in 0.7.2 but missing in 0.8.0)</li> <li>Fixed scanning of domain names that are just the root label. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/210">#210</a>)</li> <li>Fixed <code>util::base64::SymbolConverter</code> to also include the final group in the output if there is padding. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/212">#212</a>)</li> </ul> <p><a href="https://redirect.github.com/nlnetlabs/domain/issues/174">#174</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/174">NLnetLabs/domain#174</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/210">#210</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/210">NLnetLabs/domain#210</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/212">#212</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/212">NLnetLabs/domain#212</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/214">#214</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/214">NLnetLabs/domain#214</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/219">#219</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/219">NLnetLabs/domain#219</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/225">#225</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/225">NLnetLabs/domain#225</a> [<a href="https://github.com/iximeow"><code>@iximeow</code></a>]: <a href="https://github.com/iximeow">https://github.com/iximeow</a> [<a href="https://github.com/WhyNotHugo"><code>@WhyNotHugo</code></a>]: <a href="https://github.com/WhyNotHugo">https://github.com/WhyNotHugo</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
2c70d54a3c |
build(deps): Bump serde_json from 1.0.106 to 1.0.107 in /rust (#2109)
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.106 to 1.0.107. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p> <blockquote> <h2>v1.0.107</h2> <ul> <li>impl IntoDeserializer for &RawValue (<a href="https://redirect.github.com/serde-rs/json/issues/1071">#1071</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
caa9984b29 |
build(deps): Bump libc from 0.2.147 to 0.2.148 in /rust (#2108)
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.147 to 0.2.148. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
616cabab78 |
build(deps): Bump clap from 4.4.2 to 4.4.4 in /rust (#2107)
Bumps [clap](https://github.com/clap-rs/clap) from 4.4.2 to 4.4.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/releases">clap's releases</a>.</em></p> <blockquote> <h2>v4.4.4</h2> <h2>[4.4.4] - 2023-09-18</h2> <h3>Internal</h3> <ul> <li>Update <code>terminal_size</code> to 0.3</li> </ul> <h2>v4.4.3</h2> <h2>[4.4.3] - 2023-09-12</h2> <h3>Documentation</h3> <ul> <li><em>(derive)</em> Clarify use of attributes within the tutorial</li> <li>Split sections in the builder and derive tutorials into separate modules</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's changelog</a>.</em></p> <blockquote> <h2>[4.4.4] - 2023-09-18</h2> <h3>Internal</h3> <ul> <li>Update <code>terminal_size</code> to 0.3</li> </ul> <h2>[4.4.3] - 2023-09-12</h2> <h3>Documentation</h3> <ul> <li><em>(derive)</em> Clarify use of attributes within the tutorial</li> <li>Split sections in the builder and derive tutorials into separate modules</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Andrew Dryga
|
93cb8a0699 | Replace trace events with spans (#2112) | ||
|
Thomas Eizinger
|
32d6a55b01 |
ci: lint cloud-init config for elixir-app (#2105)
|
||
|
Thomas Eizinger
|
2e3171bbf8 |
fix(relay): only listen for traces & metrics on localhost (#2102)
This fixes two warnings in our logs that tell us to not listen on `0.0.0.0`. See https://github.com/open-telemetry/opentelemetry-collector/blob/main/docs/security-best-practices.md#safeguards-against-denial-of-service-attacks. I don't use the HTTP receiver for sending traces or metrics so that one can safely be disabled. |
||
|
Thomas Eizinger
|
ad4184fe58 |
deps(rust): instruct dependabot to group all opentelemetry dependencies (#2100)
In case of new semver-minor releases, these dependencies need to be bumped together, otherwise things don't compile |
||
|
Thomas Eizinger
|
635a5d4091 |
feat(relay): enable debug logs for otel collector (#2099)
The `debug` exporter prints statements like the following to stdout:
> 2023-09-07T09:57:43.468-0700 info TracesExporter {"kind": "exporter",
"data_type": "traces", "name": "debug", "resource spans": 1, "spans": 2}
Activating debug logs should give us overall more insight into what this
thing is doing.
|
||
|
Thomas Eizinger
|
9d93d02b48 |
deps(relay): bump to stun-codec 0.3.3 (#2088)
I've opened several PRs upstream for code that was missing in `stun-codec` for our purposes. Those have been accepted and released, so we can bump to that version now and remove that code. Related: https://github.com/sile/stun_codec/pull/14. Related: https://github.com/sile/stun_codec/pull/15. Related: https://github.com/sile/stun_codec/pull/16. Related: https://github.com/sile/stun_codec/pull/17. A big thanks to @sile for the crate and being responsive maintainer 🥳 |
||
|
Andrew Dryga
|
e635ee3774 | Properly set parent span ids for phoenix channels (#2101) | ||
|
Thomas Eizinger
|
5ed3601231 |
ci(terraform): ensure relay cloud-init config is valid (#2097)
I found the following in the serial port logs on GC: > [ 24.279297] cloud-init[742]: 2023-09-20 19:34:00,095 - schema.py[WARNING]: Invalid cloud-config provided: Please run 'sudo cloud-init schema --system' to see the schema errors. Not sure if it causes any problems at the moment because the spans seem to import fine but I figured it cannot hurt to add a linter to our CI. |
||
|
Andrew Dryga
|
0d9b5f368a | Fix workflow search path for migrations CI (#2096) | ||
|
Jamil
|
713c34e496 |
fix(connlib): Persist logging guard for the duration of the session (#2058)
This allows the file logger to write events as they're emitted so that
we (attempt to) capture everything for the lifetime of the session.
Sample:
```json
{"time":"2023-09-13T13:28:26.396615Z","target":"libs_common::session","logging.googleapis.com/sourceLocation":{"file":"connlib/libs/common/src/session.rs","line":"324"},"severity":"DEBUG","message":"Attempting connection to portal..."}
{"time":"2023-09-13T13:28:26.436317Z","target":"log","severity":"DEBUG","logFile":"/Users/jamil/.cargo/registry/src/index.crates.io-6f17d22bba15001f/rustls-0.21.7/src/client/hs.rs","logLine":73,"logModulePath":"rustls::client::hs","logTarget":"rustls::client::hs","message":"No cached session for DnsName(\"api.firez.one\")"}
{"time":"2023-09-13T13:28:26.43694Z","target":"log","severity":"DEBUG","logFile":"/Users/jamil/.cargo/registry/src/index.crates.io-6f17d22bba15001f/rustls-0.21.7/src/client/hs.rs","logLine":132,"logModulePath":"rustls::client::hs","logTarget":"rustls::client::hs","message":"Not resuming any session"}
{"time":"2023-09-13T13:28:26.446781Z","target":"log","severity":"DEBUG","logFile":"/Users/jamil/.cargo/registry/src/index.crates.io-6f17d22bba15001f/rustls-0.21.7/src/client/hs.rs","logLine":615,"logModulePath":"rustls::client::hs","logTarget":"rustls::client::hs","message":"Using ciphersuite TLS13_AES_256_GCM_SHA384"}
{"time":"2023-09-13T13:28:26.447046Z","target":"log","severity":"DEBUG","logFile":"/Users/jamil/.cargo/registry/src/index.crates.io-6f17d22bba15001f/rustls-0.21.7/src/client/tls13.rs","logLine":142,"logModulePath":"rustls::client::tls13","logTarget":"rustls::client::tls13","message":"Not resuming"}
{"time":"2023-09-13T13:28:26.449001Z","target":"log","severity":"DEBUG","logFile":"/Users/jamil/.cargo/registry/src/index.crates.io-6f17d22bba15001f/rustls-0.21.7/src/client/tls13.rs","logLine":381,"logModulePath":"rustls::client::tls13","logTarget":"rustls::client::tls13","message":"TLS1.3 encrypted extensions: []"}
{"time":"2023-09-13T13:28:26.449266Z","target":"log","severity":"DEBUG","logFile":"/Users/jamil/.cargo/registry/src/index.crates.io-6f17d22bba15001f/rustls-0.21.7/src/client/hs.rs","logLine":472,"logModulePath":"rustls::client::hs","logTarget":"rustls::client::hs","message":"ALPN protocol is None"}
{"time":"2023-09-13T13:28:26.544357Z","target":"libs_common::session","logging.googleapis.com/sourceLocation":{"file":"connlib/libs/common/src/session.rs","line":"327"},"severity":"WARNING","error":"PortalConnectionError(Http(Response { status: 404, version: HTTP/1.1, headers: {\"cache-control\": \"max-age=0, private, must-revalidate\", \"content-length\": \"9\", \"date\": \"Wed, 13 Sep 2023 13:28:25 GMT\", \"server\": \"Cowboy\", \"strict-transport-security\": \"max-age=63072000; includeSubDomains; preload\", \"x-request-id\": \"F4R4XmBOoVfqEVkAAAVh\", \"via\": \"1.1 google\", \"alt-svc\": \"h3=\\\":443\\\"; ma=2592000,h3-29=\\\":443\\\"; ma=2592000\", \"connection\": \"close\"}, body: Some([78, 111, 116, 32, 102, 111, 117, 110, 100]) }))","message":"Portal connection error"}
{"time":"2023-09-13T13:28:26.544838Z","target":"libs_common::session","logging.googleapis.com/sourceLocation":{"file":"connlib/libs/common/src/session.rs","line":"330"},"severity":"WARNING","message":"Error connecting to portal, retrying in 42 seconds"}
{"time":"2023-09-13T13:28:36.087416Z","target":"tunnel_state","logging.googleapis.com/sourceLocation":{"file":"connlib/libs/client/src/control.rs","line":"255"},"severity":"DEBUG","message":"TunnelStats {\n public_key: \"BQCIkQ7iNdQxEnZo6lGwR8prKJgMlJGL+UPj+C50J0s=\",\n peers_by_ip: {},\n peer_connections: [\n 7482154e-107d-4981-8f5e-4becf1a9bfd2,\n ],\n resource_gateways: {\n 2a39fb5e-f7f4-44da-9163-5675c009a2ae: 7482154e-107d-4981-8f5e-4becf1a9bfd2,\n },\n dns_resources: {},\n network_resources: {\n V4(\n Ipv4Network {\n network_address: 172.31.83.10,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 01c6a1ea-2540-4ec8-9caa-0015ddfffb55,\n address: V4(\n Ipv4Network {\n network_address: 172.31.83.10,\n netmask: 32,\n },\n ),\n name: \"TCP / UDPbin\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.92.238,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 115ab626-ac3e-4890-b613-07f90bc1afb3,\n address: V4(\n Ipv4Network {\n network_address: 172.31.92.238,\n netmask: 32,\n },\n ),\n name: \"Performance Testing\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.82.179,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 2a39fb5e-f7f4-44da-9163-5675c009a2ae,\n address: V4(\n Ipv4Network {\n network_address: 172.31.82.179,\n netmask: 32,\n },\n ),\n name: \"HTTPbin\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.93.123,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 196b9f86-0789-4c2e-8afd-3b3cd59e1462,\n address: V4(\n Ipv4Network {\n network_address: 172.31.93.123,\n netmask: 32,\n },\n ),\n name: \"IPerf3\",\n },\n ),\n },\n gateway_public_keys: {},\n awaiting_connection: {\n 2a39fb5e-f7f4-44da-9163-5675c009a2ae: AwaitingConnectionDetails {\n total_attemps: 31,\n response_received: true,\n },\n },\n gateway_awaiting_connection: {\n 7482154e-107d-4981-8f5e-4becf1a9bfd2: [],\n },\n}"}
{"time":"2023-09-13T13:28:46.087297Z","target":"tunnel_state","logging.googleapis.com/sourceLocation":{"file":"connlib/libs/client/src/control.rs","line":"255"},"severity":"DEBUG","message":"TunnelStats {\n public_key: \"BQCIkQ7iNdQxEnZo6lGwR8prKJgMlJGL+UPj+C50J0s=\",\n peers_by_ip: {},\n peer_connections: [\n 7482154e-107d-4981-8f5e-4becf1a9bfd2,\n ],\n resource_gateways: {\n 2a39fb5e-f7f4-44da-9163-5675c009a2ae: 7482154e-107d-4981-8f5e-4becf1a9bfd2,\n },\n dns_resources: {},\n network_resources: {\n V4(\n Ipv4Network {\n network_address: 172.31.82.179,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 2a39fb5e-f7f4-44da-9163-5675c009a2ae,\n address: V4(\n Ipv4Network {\n network_address: 172.31.82.179,\n netmask: 32,\n },\n ),\n name: \"HTTPbin\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.83.10,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 01c6a1ea-2540-4ec8-9caa-0015ddfffb55,\n address: V4(\n Ipv4Network {\n network_address: 172.31.83.10,\n netmask: 32,\n },\n ),\n name: \"TCP / UDPbin\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.92.238,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 115ab626-ac3e-4890-b613-07f90bc1afb3,\n address: V4(\n Ipv4Network {\n network_address: 172.31.92.238,\n netmask: 32,\n },\n ),\n name: \"Performance Testing\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.93.123,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 196b9f86-0789-4c2e-8afd-3b3cd59e1462,\n address: V4(\n Ipv4Network {\n network_address: 172.31.93.123,\n netmask: 32,\n },\n ),\n name: \"IPerf3\",\n },\n ),\n },\n gateway_public_keys: {},\n awaiting_connection: {\n 2a39fb5e-f7f4-44da-9163-5675c009a2ae: AwaitingConnectionDetails {\n total_attemps: 31,\n response_received: true,\n },\n },\n gateway_awaiting_connection: {\n 7482154e-107d-4981-8f5e-4becf1a9bfd2: [],\n },\n}"}
{"time":"2023-09-13T13:28:53.703612Z","target":"log","severity":"WARNING","logFile":"/Users/jamil/.cargo/git/checkouts/webrtc-316f277f555c12ed/672e728/mdns/src/conn/mod.rs","logLine":359,"logModulePath":"webrtc_mdns::conn","logTarget":"webrtc_mdns::conn","message":"Failed to parse mDNS packet parsing/packing of this type isn't available yet"}
{"time":"2023-09-13T13:28:54.709612Z","target":"log","severity":"WARNING","logFile":"/Users/jamil/.cargo/git/checkouts/webrtc-316f277f555c12ed/672e728/mdns/src/conn/mod.rs","logLine":359,"logModulePath":"webrtc_mdns::conn","logTarget":"webrtc_mdns::conn","message":"Failed to parse mDNS packet parsing/packing of this type isn't available yet"}
{"time":"2023-09-13T13:28:56.086942Z","target":"tunnel_state","logging.googleapis.com/sourceLocation":{"file":"connlib/libs/client/src/control.rs","line":"255"},"severity":"DEBUG","message":"TunnelStats {\n public_key: \"BQCIkQ7iNdQxEnZo6lGwR8prKJgMlJGL+UPj+C50J0s=\",\n peers_by_ip: {},\n peer_connections: [\n 7482154e-107d-4981-8f5e-4becf1a9bfd2,\n ],\n resource_gateways: {\n 2a39fb5e-f7f4-44da-9163-5675c009a2ae: 7482154e-107d-4981-8f5e-4becf1a9bfd2,\n },\n dns_resources: {},\n network_resources: {\n V4(\n Ipv4Network {\n network_address: 172.31.82.179,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 2a39fb5e-f7f4-44da-9163-5675c009a2ae,\n address: V4(\n Ipv4Network {\n network_address: 172.31.82.179,\n netmask: 32,\n },\n ),\n name: \"HTTPbin\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.93.123,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 196b9f86-0789-4c2e-8afd-3b3cd59e1462,\n address: V4(\n Ipv4Network {\n network_address: 172.31.93.123,\n netmask: 32,\n },\n ),\n name: \"IPerf3\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.83.10,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 01c6a1ea-2540-4ec8-9caa-0015ddfffb55,\n address: V4(\n Ipv4Network {\n network_address: 172.31.83.10,\n netmask: 32,\n },\n ),\n name: \"TCP / UDPbin\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.92.238,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 115ab626-ac3e-4890-b613-07f90bc1afb3,\n address: V4(\n Ipv4Network {\n network_address: 172.31.92.238,\n netmask: 32,\n },\n ),\n name: \"Performance Testing\",\n },\n ),\n },\n gateway_public_keys: {},\n awaiting_connection: {\n 2a39fb5e-f7f4-44da-9163-5675c009a2ae: AwaitingConnectionDetails {\n total_attemps: 31,\n response_received: true,\n },\n },\n gateway_awaiting_connection: {\n 7482154e-107d-4981-8f5e-4becf1a9bfd2: [],\n },\n}"}
{"time":"2023-09-13T13:28:57.52105Z","target":"firezone_tunnel::tun","logging.googleapis.com/sourceLocation":{"file":"connlib/libs/tunnel/src/tun_darwin.rs","line":"224"},"severity":"DEBUG","message":"MTU for utun7 is 1420"}
```
Sample log attached:
[connlib.log.zip](https://github.com/firezone/firezone/files/12598066/connlib.log.zip)
|
||
|
bmanifold
|
3e60079bf8 |
Update Account Settings page (#2092)
Why: * The current account settings page shows the user profile info and billing information. The billing system is not currently implemented and can be hidden for the time being. As for the user profile information, it was decided that it would probably be better to send the user to the 'Actors' show page for the currently logged in user. <img width="1148" alt="new-account-settings-page" src="https://github.com/firezone/firezone/assets/2646332/6aaabad0-038e-4b4c-8cfb-e2d669b54b53"> |
||
|
bmanifold
|
7608151f75 |
Enable Resource New/Edit forms (#1989)
Why: * Previously the New/Edit forms for Resources were not able to actually create or update Resources. This commit enables those forms to create and update a Resource. --------- Co-authored-by: Andrew Dryga <andrew@dryga.com> |
||
|
Thomas Eizinger
|
ae2fbc3364 |
feat(relay): respond to bad STUN message where possible (#2073)
Previously, we would only log an error if we failed to decode the attribute part of a STUN message. Now, if we can decode the STUN header but fail at one of the attributes, we will properly respond to the client. This could for example happen if a client requests a channel number that is out of range. |
||
|
dependabot[bot]
|
41b67b7082 |
build(deps): Bump socket2 from 0.5.3 to 0.5.4 in /rust (#2079)
Bumps [socket2](https://github.com/rust-lang/socket2) from 0.5.3 to 0.5.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/socket2/blob/master/CHANGELOG.md">socket2's changelog</a>.</em></p> <blockquote> <h1>0.5.4</h1> <ul> <li>Deprecated <code>Socket::(bind_)device_by_index</code>, replaced by <code>Socket::(bind_)device_by_index_v4</code> for IPv4 sockets (<a href="https://redirect.github.com/rust-lang/socket2/pull/432">rust-lang/socket2#432</a>).</li> <li>Added <code>Socket::(bind_)device_by_index_v6</code> (<a href="https://redirect.github.com/rust-lang/socket2/pull/432">rust-lang/socket2#432</a>).</li> <li>Added experimental support for the ESP-IDF framework (<a href="https://redirect.github.com/rust-lang/socket2/pull/452">rust-lang/socket2#452</a>)</li> <li>Added <code>Socket::{send,recv}msg</code> and <code>MsgHdr(Mut)</code> types, wrapping <code>sendmsg(2)</code> and <code>recvmsg(2)</code> (<a href="https://redirect.github.com/rust-lang/socket2/pull/447">rust-lang/socket2#447</a>).</li> <li>Added <code>Socket::(set_)reuse_port_lb</code> to retrieve or set <code>SO_REUSEPORT_LB</code> on FreeBSD (<a href="https://redirect.github.com/rust-lang/socket2/pull/442">rust-lang/socket2#442</a>).</li> <li>Added <code>Protocol::DIVERT</code> on FreeBSD and OpenBSD (<a href="https://redirect.github.com/rust-lang/socket2/pull/448">rust-lang/socket2#448</a>).</li> <li>Add <code>Socket::protocol</code> for Windows (using <code>WSAPROTOCOL_INFOW</code>) (<a href="https://redirect.github.com/rust-lang/socket2/pull/470">rust-lang/socket2#470</a>).</li> <li><code>From<SocketAddrV{4,6}></code> for <code>SockAddr </code> nows sets <code>ss_len</code> on platforms that have the fields (most BSDs) (<a href="https://redirect.github.com/rust-lang/socket2/pull/469">rust-lang/socket2#469</a>).</li> <li>Change Windows to use <code>ADDRESS_FAMILY</code> for <code>sa_family_t</code>, this shouldn't affect anything in practice (<a href="https://redirect.github.com/rust-lang/socket2/pull/463">rust-lang/socket2#463</a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/rust-lang/socket2/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
77c0c58754 |
build(deps): Bump chrono from 0.4.30 to 0.4.31 in /rust (#2078)
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.30 to 0.4.31. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/chronotope/chrono/releases">chrono's releases</a>.</em></p> <blockquote> <h2>0.4.31</h2> <p>Another maintenance release. It was not a planned effort to improve our support for UNIX timestamps, yet most PRs seem related to this.</p> <h3>Deprecations</h3> <ul> <li>Deprecate <code>timestamp_nanos</code> in favor of the non-panicking <code>timestamp_nanos_opt</code> (<a href="https://redirect.github.com/chronotope/chrono/issues/1275">#1275</a>)</li> </ul> <h3>Additions</h3> <ul> <li>Add <code>DateTime::<Utc>::from_timestamp</code> (<a href="https://redirect.github.com/chronotope/chrono/issues/1279">#1279</a>, thanks <a href="https://github.com/demurgos"><code>@demurgos</code></a>)</li> <li>Add <code>TimeZone::timestamp_micros</code> (<a href="https://redirect.github.com/chronotope/chrono/issues/1285">#1285</a>, thanks <a href="https://github.com/emikitas"><code>@emikitas</code></a>)</li> <li>Add <code>DateTime<Tz>::timestamp_nanos_opt</code> and <code>NaiveDateTime::timestamp_nanos_opt</code> (<a href="https://redirect.github.com/chronotope/chrono/issues/1275">#1275</a>)</li> <li>Add <code>UNIX_EPOCH</code> constants (<a href="https://redirect.github.com/chronotope/chrono/issues/1291">#1291</a>)</li> </ul> <h3>Fixes</h3> <ul> <li>Format day of month in RFC 2822 without padding (<a href="https://redirect.github.com/chronotope/chrono/issues/1272">#1272</a>)</li> <li>Don't allow strange leap seconds which are not on a minute boundary initialization methods (<a href="https://redirect.github.com/chronotope/chrono/issues/1283">#1283</a>) This makes many methods a little more strict: <ul> <li><code>NaiveTime::from_hms_milli</code></li> <li><code>NaiveTime::from_hms_milli_opt</code></li> <li><code>NaiveTime::from_hms_micro</code></li> <li><code>NaiveTime::from_hms_micro_opt</code></li> <li><code>NaiveTime::from_hms_nano</code></li> <li><code>NaiveTime::from_hms_nano_opt</code></li> <li><code>NaiveTime::from_num_seconds_from_midnight</code></li> <li><code>NaiveTime::from_num_seconds_from_midnight_opt</code></li> <li><code>NaiveDate::and_hms_milli</code></li> <li><code>NaiveDate::and_hms_milli_opt</code></li> <li><code>NaiveDate::and_hms_micro</code></li> <li><code>NaiveDate::and_hms_micro_opt</code></li> <li><code>NaiveDate::and_hms_nano</code></li> <li><code>NaiveDate::and_hms_nano_opt</code></li> <li><code>NaiveDateTime::from_timestamp</code></li> <li><code>NaiveDateTime::from_timestamp_opt</code></li> <li><code>TimeZone::timestamp</code></li> <li><code>TimeZone::timestamp_opt</code></li> </ul> </li> <li>Fix underflow in <code>NaiveDateTime::timestamp_nanos_opt</code> (<a href="https://redirect.github.com/chronotope/chrono/issues/1294">#1294</a>, thanks <a href="https://github.com/crepererum"><code>@crepererum</code></a>)</li> </ul> <h3>Documentation</h3> <ul> <li>Add more documentation about the RFC 2822 obsolete date format (<a href="https://redirect.github.com/chronotope/chrono/issues/1267">#1267</a>)</li> </ul> <h3>Internal</h3> <ul> <li>Remove internal <code>__doctest</code> feature and <code>doc_comment</code> dependency (<a href="https://redirect.github.com/chronotope/chrono/issues/1276">#1276</a>)</li> <li>CI: Bump <code>actions/checkout</code> from 3 to 4 (<a href="https://redirect.github.com/chronotope/chrono/issues/1280">#1280</a>)</li> <li>Optimize <code>NaiveDate::add_days</code> for small values (<a href="https://redirect.github.com/chronotope/chrono/issues/1214">#1214</a>)</li> <li>Upgrade <code>pure-rust-locales</code> to 0.7.0 (<a href="https://redirect.github.com/chronotope/chrono/issues/1288">#1288</a>, thanks <a href="https://github.com/jeremija"><code>@jeremija</code></a> wo did good improvements on <code>pure-rust-locales</code>)</li> </ul> <p>Thanks to all contributors on behalf of the chrono team, <a href="https://github.com/djc"><code>@djc</code></a> and <a href="https://github.com/pitdicker"><code>@pitdicker</code></a>!</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Pratik Velani
|
be168f4e5b |
feat(android): Tunnel lifecycle implementation (#2061)
Fixes #1970 - Implemented TunnelService and added dummy routes. - Updated service lifecycle and implemented foreground notification. - Updated TunnelManager to observe events and propagate them to its listeners. |
||
|
Andrew Dryga
|
9281b7fede |
Allow client logs and messages instrumentation (#2086)
Closes #2019 |
||
|
dependabot[bot]
|
68f2bac3a1 |
build(deps): Bump docker/setup-qemu-action from 2 to 3 (#2082)
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2 to 3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-qemu-action/releases">docker/setup-qemu-action's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <ul> <li>Node 20 as default runtime (requires <a href="https://github.com/actions/runner/releases/tag/v2.308.0">Actions Runner v2.308.0</a> or later) by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-qemu-action/pull/102">docker/setup-qemu-action#102</a></li> <li>Bump <code>@actions/core</code> from 1.10.0 to 1.10.1 in <a href="https://redirect.github.com/docker/setup-qemu-action/pull/103">docker/setup-qemu-action#103</a></li> <li>Bump semver from 6.3.0 to 6.3.1 in <a href="https://redirect.github.com/docker/setup-qemu-action/pull/89">docker/setup-qemu-action#89</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-qemu-action/compare/v2.2.0...v3.0.0">https://github.com/docker/setup-qemu-action/compare/v2.2.0...v3.0.0</a></p> <h2>v2.2.0</h2> <ul> <li>Trim off spaces in <code>platforms</code> input by <a href="https://github.com/Chocobo1"><code>@Chocobo1</code></a> in <a href="https://redirect.github.com/docker/setup-qemu-action/pull/64">docker/setup-qemu-action#64</a></li> <li>Switch to actions-toolkit implementation by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-qemu-action/pull/70">docker/setup-qemu-action#70</a> <a href="https://redirect.github.com/docker/setup-qemu-action/pull/80">docker/setup-qemu-action#80</a> <a href="https://redirect.github.com/docker/setup-qemu-action/pull/83">docker/setup-qemu-action#83</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-qemu-action/compare/v2.1.0...v2.2.0">https://github.com/docker/setup-qemu-action/compare/v2.1.0...v2.2.0</a></p> <h2>v2.1.0</h2> <ul> <li>Use context for inputs by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> (<a href="https://redirect.github.com/docker/setup-qemu-action/issues/62">#62</a>)</li> <li>Use built-in <code>getExecOutput</code> by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> (<a href="https://redirect.github.com/docker/setup-qemu-action/issues/61">#61</a>)</li> <li>Remove workaround for <code>setOutput</code> by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> (<a href="https://redirect.github.com/docker/setup-qemu-action/issues/63">#63</a>)</li> <li>Bump <code>@actions/core</code> from 1.6.0 to 1.10.0 (<a href="https://redirect.github.com/docker/setup-qemu-action/issues/54">#54</a> <a href="https://redirect.github.com/docker/setup-qemu-action/issues/58">#58</a> <a href="https://redirect.github.com/docker/setup-qemu-action/issues/59">#59</a>)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-qemu-action/compare/v2.0.0...v2.1.0">https://github.com/docker/setup-qemu-action/compare/v2.0.0...v2.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
731f3ad2c5 |
build(deps): Bump docker/setup-buildx-action from 2 to 3 (#2081)
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2 to 3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <ul> <li>Node 20 as default runtime (requires <a href="https://github.com/actions/runner/releases/tag/v2.308.0">Actions Runner v2.308.0</a> or later) by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/264">docker/setup-buildx-action#264</a></li> <li>Bump <code>@actions/core</code> from 1.10.0 to 1.10.1 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/267">docker/setup-buildx-action#267</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v2.10.0...v3.0.0">https://github.com/docker/setup-buildx-action/compare/v2.10.0...v3.0.0</a></p> <h2>v2.10.0</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.7.1 to 0.10.0 by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/258">docker/setup-buildx-action#258</a></li> <li>Bump word-wrap from 1.2.3 to 1.2.5 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/253">docker/setup-buildx-action#253</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v2.9.1...v2.10.0">https://github.com/docker/setup-buildx-action/compare/v2.9.1...v2.10.0</a></p> <h2>v2.9.1</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.7.0 to 0.7.1 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/248">docker/setup-buildx-action#248</a> <ul> <li>Fixes an issue where building Buildx does not match the local platform (<a href="https://redirect.github.com/docker/actions-toolkit/pull/135">docker/actions-toolkit#135</a>)</li> </ul> </li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v2.9.0...v2.9.1">https://github.com/docker/setup-buildx-action/compare/v2.9.0...v2.9.1</a></p> <h2>v2.9.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.6.0 to 0.7.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/246">docker/setup-buildx-action#246</a> <ul> <li>Adds support to cache Buildx binary to hosted tool cache and GHA cache backend</li> </ul> </li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v2.8.0...v2.9.0">https://github.com/docker/setup-buildx-action/compare/v2.8.0...v2.9.0</a></p> <h2>v2.8.0</h2> <ul> <li>Only set specific flags for drivers supporting them by <a href="https://github.com/nicks"><code>@nicks</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/241">docker/setup-buildx-action#241</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.5.0 to 0.6.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/242">docker/setup-buildx-action#242</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v2.7.0...v2.8.0">https://github.com/docker/setup-buildx-action/compare/v2.7.0...v2.8.0</a></p> <h2>v2.7.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.3.0 to 0.5.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/237">docker/setup-buildx-action#237</a> <a href="https://redirect.github.com/docker/setup-buildx-action/pull/238">docker/setup-buildx-action#238</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v2.6.0...v2.7.0">https://github.com/docker/setup-buildx-action/compare/v2.6.0...v2.7.0</a></p> <h2>v2.6.0</h2> <ul> <li>Set node name for k8s driver when appending nodes by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/219">docker/setup-buildx-action#219</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.1.0-beta.18 to 0.3.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/220">docker/setup-buildx-action#220</a> <a href="https://redirect.github.com/docker/setup-buildx-action/pull/229">docker/setup-buildx-action#229</a> <a href="https://redirect.github.com/docker/setup-buildx-action/pull/231">docker/setup-buildx-action#231</a> <a href="https://redirect.github.com/docker/setup-buildx-action/pull/236">docker/setup-buildx-action#236</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v2.5.0...v2.6.0">https://github.com/docker/setup-buildx-action/compare/v2.5.0...v2.6.0</a></p> <h2>v2.5.0</h2> <ul> <li><code>cleanup</code> input to remove builder and temp files by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/213">docker/setup-buildx-action#213</a></li> <li>do not remove builder using the <code>docker</code> driver by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/218">docker/setup-buildx-action#218</a></li> <li>fix current context as builder name for <code>docker</code> driver by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/209">docker/setup-buildx-action#209</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v2.4.1...v2.5.0">https://github.com/docker/setup-buildx-action/compare/v2.4.1...v2.5.0</a></p> <h2>v2.4.1</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
fa163350eb |
build(deps): Bump docker/login-action from 2 to 3 (#2083)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/login-action/releases">docker/login-action's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <ul> <li>Node 20 as default runtime (requires <a href="https://github.com/actions/runner/releases/tag/v2.308.0">Actions Runner v2.308.0</a> or later) by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/593">docker/login-action#593</a></li> <li>Bump <code>@actions/core</code> from 1.10.0 to 1.10.1 in <a href="https://redirect.github.com/docker/login-action/pull/598">docker/login-action#598</a></li> <li>Bump <code>@aws-sdk/client-ecr</code> and <code>@aws-sdk/client-ecr-public</code> to 3.410.0 in <a href="https://redirect.github.com/docker/login-action/pull/555">docker/login-action#555</a> <a href="https://redirect.github.com/docker/login-action/pull/560">docker/login-action#560</a> <a href="https://redirect.github.com/docker/login-action/pull/582">docker/login-action#582</a> <a href="https://redirect.github.com/docker/login-action/pull/599">docker/login-action#599</a></li> <li>Bump semver from 6.3.0 to 6.3.1 in <a href="https://redirect.github.com/docker/login-action/pull/556">docker/login-action#556</a></li> <li>Bump https-proxy-agent to 7.0.2 <a href="https://redirect.github.com/docker/login-action/pull/561">docker/login-action#561</a> <a href="https://redirect.github.com/docker/login-action/pull/588">docker/login-action#588</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v2.2.0...v3.0.0">https://github.com/docker/login-action/compare/v2.2.0...v3.0.0</a></p> <h2>v2.2.0</h2> <ul> <li>Switch to actions-toolkit implementation by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/409">docker/login-action#409</a> <a href="https://redirect.github.com/docker/login-action/pull/470">docker/login-action#470</a> <a href="https://redirect.github.com/docker/login-action/pull/476">docker/login-action#476</a></li> <li>Bump <code>@aws-sdk/client-ecr</code> and <code>@aws-sdk/client-ecr-public</code> to 3.347.1 in <a href="https://redirect.github.com/docker/login-action/pull/524">docker/login-action#524</a> <a href="https://redirect.github.com/docker/login-action/pull/364">docker/login-action#364</a> <a href="https://redirect.github.com/docker/login-action/pull/363">docker/login-action#363</a></li> <li>Bump minimatch from 3.0.4 to 3.1.2 in <a href="https://redirect.github.com/docker/login-action/pull/354">docker/login-action#354</a></li> <li>Bump json5 from 2.2.0 to 2.2.3 in <a href="https://redirect.github.com/docker/login-action/pull/378">docker/login-action#378</a></li> <li>Bump http-proxy-agent from 5.0.0 to 7.0.0 in <a href="https://redirect.github.com/docker/login-action/pull/509">docker/login-action#509</a></li> <li>Bump https-proxy-agent from 5.0.1 to 7.0.0 in <a href="https://redirect.github.com/docker/login-action/pull/508">docker/login-action#508</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v2.1.0...v2.2.0">https://github.com/docker/login-action/compare/v2.1.0...v2.2.0</a></p> <h2>v2.1.0</h2> <ul> <li>Ensure AWS temp credentials are redacted in workflow logs by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> (<a href="https://redirect.github.com/docker/login-action/issues/275">#275</a>)</li> <li>Bump <code>@actions/core</code> from 1.6.0 to 1.10.0 (<a href="https://redirect.github.com/docker/login-action/issues/252">#252</a> <a href="https://redirect.github.com/docker/login-action/issues/292">#292</a>)</li> <li>Bump <code>@aws-sdk/client-ecr</code> from 3.53.0 to 3.186.0 (<a href="https://redirect.github.com/docker/login-action/issues/298">#298</a>)</li> <li>Bump <code>@aws-sdk/client-ecr-public</code> from 3.53.0 to 3.186.0 (<a href="https://redirect.github.com/docker/login-action/issues/299">#299</a>)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v2.0.0...v2.1.0">https://github.com/docker/login-action/compare/v2.0.0...v2.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
9b418b3f95 |
build(deps): Bump docker/build-push-action from 4 to 5 (#2084)
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4 to 5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/build-push-action/releases">docker/build-push-action's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <ul> <li>Node 20 as default runtime (requires <a href="https://github.com/actions/runner/releases/tag/v2.308.0">Actions Runner v2.308.0</a> or later) by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/954">docker/build-push-action#954</a></li> <li>Bump <code>@actions/core</code> from 1.10.0 to 1.10.1 in <a href="https://redirect.github.com/docker/build-push-action/pull/959">docker/build-push-action#959</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v4.2.1...v5.0.0">https://github.com/docker/build-push-action/compare/v4.2.1...v5.0.0</a></p> <h2>v4.2.1</h2> <blockquote> <p><strong>Note</strong></p> <p>Buildx v0.10 enables support for a minimal <a href="https://slsa.dev/provenance/">SLSA Provenance</a> attestation, which requires support for <a href="https://github.com/opencontainers/image-spec">OCI-compliant</a> multi-platform images. This may introduce issues with registry and runtime support (e.g. <a href="https://redirect.github.com/docker/buildx/issues/1533">Google Cloud Run and AWS Lambda</a>). You can optionally disable the default provenance attestation functionality using <code>provenance: false</code>.</p> </blockquote> <ul> <li>warn if docker config can't be parsed by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/957">docker/build-push-action#957</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v4.2.0...v4.2.1">https://github.com/docker/build-push-action/compare/v4.2.0...v4.2.1</a></p> <h2>v4.2.0</h2> <blockquote> <p><strong>Note</strong></p> <p>Buildx v0.10 enables support for a minimal <a href="https://slsa.dev/provenance/">SLSA Provenance</a> attestation, which requires support for <a href="https://github.com/opencontainers/image-spec">OCI-compliant</a> multi-platform images. This may introduce issues with registry and runtime support (e.g. <a href="https://redirect.github.com/docker/buildx/issues/1533">Google Cloud Run and AWS Lambda</a>). You can optionally disable the default provenance attestation functionality using <code>provenance: false</code>.</p> </blockquote> <ul> <li>display proxy configuration by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/872">docker/build-push-action#872</a></li> <li>chore(deps): Bump <code>@docker/actions-toolkit</code> from 0.6.0 to 0.8.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/930">docker/build-push-action#930</a></li> <li>chore(deps): Bump word-wrap from 1.2.3 to 1.2.5 in <a href="https://redirect.github.com/docker/build-push-action/pull/925">docker/build-push-action#925</a></li> <li>chore(deps): Bump semver from 6.3.0 to 6.3.1 in <a href="https://redirect.github.com/docker/build-push-action/pull/902">docker/build-push-action#902</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v4.1.1...v4.2.0">https://github.com/docker/build-push-action/compare/v4.1.1...v4.2.0</a></p> <h2>v4.1.1</h2> <blockquote> <p><strong>Note</strong></p> <p>Buildx v0.10 enables support for a minimal <a href="https://slsa.dev/provenance/">SLSA Provenance</a> attestation, which requires support for <a href="https://github.com/opencontainers/image-spec">OCI-compliant</a> multi-platform images. This may introduce issues with registry and runtime support (e.g. <a href="https://redirect.github.com/docker/buildx/issues/1533">Google Cloud Run and AWS Lambda</a>). You can optionally disable the default provenance attestation functionality using <code>provenance: false</code>.</p> </blockquote> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.3.0 to 0.5.0 by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/880">docker/build-push-action#880</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v4.1.0...v4.1.1">https://github.com/docker/build-push-action/compare/v4.1.0...v4.1.1</a></p> <h2>v4.1.0</h2> <blockquote> <p><strong>Note</strong></p> <p>Buildx v0.10 enables support for a minimal <a href="https://slsa.dev/provenance/">SLSA Provenance</a> attestation, which requires support for <a href="https://github.com/opencontainers/image-spec">OCI-compliant</a> multi-platform images. This may introduce issues with registry and runtime support (e.g. <a href="https://redirect.github.com/docker/buildx/issues/1533">Google Cloud Run and AWS Lambda</a>). You can optionally disable the default provenance attestation functionality using <code>provenance: false</code>.</p> </blockquote> <ul> <li>Switch to actions-toolkit implementation by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/811">docker/build-push-action#811</a> <a href="https://redirect.github.com/docker/build-push-action/pull/838">docker/build-push-action#838</a> <a href="https://redirect.github.com/docker/build-push-action/pull/855">docker/build-push-action#855</a> <a href="https://redirect.github.com/docker/build-push-action/pull/860">docker/build-push-action#860</a> <a href="https://redirect.github.com/docker/build-push-action/pull/875">docker/build-push-action#875</a></li> <li>e2e: quay.io by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/799">docker/build-push-action#799</a> <a href="https://redirect.github.com/docker/build-push-action/pull/805">docker/build-push-action#805</a></li> <li>e2e: local harbor and nexus by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/800">docker/build-push-action#800</a></li> <li>e2e: add artifactory container registry to test against by <a href="https://github.com/jedevc"><code>@jedevc</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/804">docker/build-push-action#804</a></li> <li>e2e: add distribution tests by <a href="https://github.com/jedevc"><code>@jedevc</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/814">docker/build-push-action#814</a> <a href="https://redirect.github.com/docker/build-push-action/pull/815">docker/build-push-action#815</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v4.0.0...v4.1.0">https://github.com/docker/build-push-action/compare/v4.0.0...v4.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
24119ffba4 |
build(deps): Bump docker/bake-action from 3.1.0 to 4.0.0 (#2080)
Bumps [docker/bake-action](https://github.com/docker/bake-action) from 3.1.0 to 4.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/bake-action/releases">docker/bake-action's releases</a>.</em></p> <blockquote> <h2>v4.0.0</h2> <ul> <li>Node 20 as default runtime (requires <a href="https://github.com/actions/runner/releases/tag/v2.308.0">Actions Runner v2.308.0</a> or later) by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/bake-action/pull/160">docker/bake-action#160</a></li> <li>Display proxy configuration by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/bake-action/pull/162">docker/bake-action#162</a></li> <li>Bump <code>@actions/core</code> from 1.10.0 to 1.10.1 in <a href="https://redirect.github.com/docker/bake-action/pull/163">docker/bake-action#163</a></li> <li>Bump semver from 6.3.0 to 6.3.1 in <a href="https://redirect.github.com/docker/bake-action/pull/148">docker/bake-action#148</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/bake-action/compare/v3.1.0...v4.0.0">https://github.com/docker/bake-action/compare/v3.1.0...v4.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Thomas Eizinger
|
9cfd28f73a | fix(relay): re-label more metrics to prevent exporter from failing (#2074) | ||
|
Thomas Eizinger
|
10faffc4db |
refactor(relay): use tracing::instrument macro for spans (#2068)
|
||
|
Thomas Eizinger
|
81bc6a8f40 |
fix(relay): apply our env-filter to the trace exporter layer (#2071)
This might be the issue why we see spans that are not enabled in the `RUST_LOG` directive. |
||
|
Thomas Eizinger
|
94ded341f1 | fix(relay): heartbeats are sent to portal not the relay (#2070) | ||
|
Andrew Dryga
|
cefc7cc989 | Make sure metrics are not rejected due to reserved naming | ||
|
Andrew Dryga
|
6f2818f7c7 | Produce less state diff due to IPv6 addr formatting | ||
|
Andrew Dryga
|
db7df665c4 | Fix span name for background jobs | ||
|
Andrew Dryga
|
86f04bff63 | Trace api app and finish file renames (#2069) | ||
|
Andrew Dryga
|
6f9ec7441d | Destroy health checks after new one is created | ||
|
Thomas Eizinger
|
608488d718 | feat(relay): drastically improve usefulness of spans (#2056) | ||
|
Thomas Eizinger
|
89d7b0f5f4 |
feat(relay): replace prometheus with OTEL metrics (#1996)
To better take advantage of the OTEL ecosystem, we change our prometheus metrics to OTEL metrics. OTEL metrics are pushed to the agent via the OTEL pipeline set up in https://github.com/firezone/firezone/pull/1995 rather than pulled like prometheus. This means our `/metrics` endpoint is now gone which we previously (ab)used as a health-check. I've added a dedicated `/healthz` endpoint. |
||
|
Andrew Dryga
|
85b4aba9bc |
Rename Devices to Clients in Elixir app (#2008)
Renaming it back to clients to reflect service accounts and headless clients use cases in the terminology. Such a rename will be very painful on live data so better if we do it early on. --------- Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com> |
||
|
Thomas Eizinger
|
178b68d770 |
feat(relay): remove direct integration with Google Cloud Trace (#2054)
This exporter never worked reliably and we have since switched to running an OTLP collector as a side-car. |
||
|
Thomas Eizinger
|
0de7b3e783 |
fix(relay): assign unique span IDs (#2055)
I misunderstood something the docs around span IDs. This root span was in-fact harmful because it would group all spans under one ID. |
||
|
Andrew Dryga
|
7f7b214a8e | Include OTEL to Elixir releases | ||
|
Andrew Dryga
|
3ed9939ffd | Use GRPC to report Elixir metrics | ||
|
Thomas Eizinger
|
1b8db7e8c3 |
fix(relay): reduce log-spam from h2 and tower crates (#2053)
Those two crates log a fair amount of data on `debug` which is enabled globally. Set them to `warn` to be notified about actual problems. |
||
|
Thomas Eizinger
|
05201d9350 |
fix(relay): don't panic if waking time is in the past (#2052)
To be resource efficient, the relay's event loop suspends if there is no activity on its sockets. Certain operations however need to happen at a specified time, for example, allocations need to be freed if not renewed after a specified TTL. To achieve this, the relay implementation has a mechanism where it can request the event-loop to wake up at a specified deadline. Previously, we assumed that this deadline was always in the future. For reasons not yet known, we encountered a situation where this deadline was in the past. We fix this by: 1) Scheduling an immediate wake-up instead of panicking 2) Logging a warning to help with debugging if this ever occurs again |
||
|
Thomas Eizinger
|
bc9aec266b |
fix(relay): add config for Google Project ID when using OTLP exporter (#2051)
If we aren't configured to use the Google Cloud Trace exporter, then we currently have no way of configuring the Google Project Id for the relay. This in turn means that we cannot set span IDs for the Google Cloud logging format. Add a configuration option and also emit a warning if we are configured to emit Google Cloud logging but don't have the ID set. |
||
|
Andrew Dryga
|
16d78afc9a | Enable OTEL for Elixir nodes | ||
|
Andrew Dryga
|
73339aa424 | Deploy OTEL collectors to every instance | ||
|
Thomas Eizinger
|
fbfce585b0 |
feat(relay): allow configuration of OTLP exporter (#2050)
Allows configuration of an OTLP collector as an alternative to Google Cloud Trace. We also add a temporary logger that allows us to print things to stdout as we are setting up the more complicated tracing infrastructure. This might be prove helpful during debugging! |
||
|
Andrew Dryga
|
782bbe9417 |
Add filters list to the resource view of a Gateway (#1987)
Closes https://github.com/firezone/product/issues/654 |