Merge pull request #1867 from openziti/release-next

Release 0.34.0

.github/dependabot.yml

@@ -1,12 +1,39 @@
 version: 2
 updates:
-  - package-ecosystem: gomod
-    directory: "/"
-    schedule:
-      interval: daily
-    open-pull-requests-limit: 10
-  - package-ecosystem: github-actions
-    directory: "/"
-    schedule:
-      interval: weekly
-    open-pull-requests-limit: 10
+- package-ecosystem: gomod
+  directory: "/"
+  schedule:
+    interval: daily
+  open-pull-requests-limit: 10
+  groups:
+    openziti:
+      applies-to: version-updates
+      update-types:
+        - "minor"
+        - "patch"
+      patterns:
+        - "openziti"
+
+    third-party:
+      applies-to: version-updates
+      update-types:
+        - "minor"
+        - "patch"
+      exclude-patterns:
+        - "openziti"
+        - "rabbitmq"
+        - "blackfriday"
+        - "zitadel"
+
+- package-ecosystem: github-actions
+  directory: "/"
+  schedule:
+    interval: weekly
+  open-pull-requests-limit: 10
+  groups:
+    all:
+      applies-to: version-updates
+      update-types:
+        - "major"
+        - "minor"
+        - "patch"

ADOPTERS.md

@@ -22,6 +22,7 @@ open source that have embedded OpenZiti into the project, or use OpenZiti for se
 | Project Name | Project Link    | Source URL | Logo                                                                                           | How OpenZiti is used or why OpenZiti was chosen                                                                          |
 |-------------|-----------------|------------|------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------|
 | zrok        | https://zrok.io | https://github.com/openziti/zrok           | <img src="https://zrok.io/wp-content/uploads/2023/01/space3-1327x1536.png.webp" width="100px"> | An open source sharing solution built on OpenZiti, the zero trust networking platform. Available as SaaS or self-hosted. |
+| BlueBubbles  | https://bluebubbles.app  | https://github.com/BlueBubblesApp | <img src="https://raw.githubusercontent.com/BlueBubblesApp/bluebubbles-server/master/icons/regular/icon-256.png" width="100px"> | BlueBubbles is an open-source app ecosystem dedicated to bringing iMessage to Android, Windows, and Linux. Shock your iPhone friends by iMessaging them from nearly any platform!  |
 
 
 ## Other Adopters

CHANGELOG.md

@@ -1,3 +1,34 @@
+# Release 0.34.0
+
+## What's New
+
+* Bug fixes and performance enhancements
+* Version number is bumped as a large chunk of HA was merged up. The next version bump is likely to bring HA to alpha status.
+
+## Component Updates and Bug Fixes
+
+* github.com/openziti/channel/v2: [v2.0.119 -> v2.0.122](https://github.com/openziti/channel/compare/v2.0.119...v2.0.122)
+* github.com/openziti/edge-api: [v0.26.12 -> v0.26.14](https://github.com/openziti/edge-api/compare/v0.26.12...v0.26.14)
+* github.com/openziti/foundation/v2: [v2.0.37 -> v2.0.40](https://github.com/openziti/foundation/compare/v2.0.37...v2.0.40)
+* github.com/openziti/identity: [v1.0.70 -> v1.0.73](https://github.com/openziti/identity/compare/v1.0.70...v1.0.73)
+* github.com/openziti/metrics: [v1.2.45 -> v1.2.48](https://github.com/openziti/metrics/compare/v1.2.45...v1.2.48)
+* github.com/openziti/runzmd: [v1.0.38 -> v1.0.41](https://github.com/openziti/runzmd/compare/v1.0.38...v1.0.41)
+* github.com/openziti/sdk-golang: [v0.22.28 -> v0.23.14](https://github.com/openziti/sdk-golang/compare/v0.22.28...v0.23.14)
+    * [Issue #524](https://github.com/openziti/sdk-golang/issues/524) - Add circuit id to edge.Conn, so sdk connections can be correlated with network traffic
+    * [Issue #515](https://github.com/openziti/sdk-golang/issues/515) - Service hosting improvements
+    * [Issue #501](https://github.com/openziti/sdk-golang/issues/501) - Improve hosting session management
+
+* github.com/openziti/secretstream: [v0.1.16 -> v0.1.17](https://github.com/openziti/secretstream/compare/v0.1.16...v0.1.17)
+* github.com/openziti/storage: [v0.2.30 -> v0.2.33](https://github.com/openziti/storage/compare/v0.2.30...v0.2.33)
+* github.com/openziti/transport/v2: [v2.0.122 -> v2.0.125](https://github.com/openziti/transport/compare/v2.0.122...v2.0.125)
+* github.com/openziti/ziti: [v0.33.1 -> v0.34.0](https://github.com/openziti/ziti/compare/v0.33.1...v0.34.0)
+    * [Issue #1858](https://github.com/openziti/ziti/issues/1858) - add option to create a generic env file instead of a BASH script
+    * [Issue #1428](https://github.com/openziti/ziti/issues/1428) - Investigate policy integrity performance
+    * [Issue #1854](https://github.com/openziti/ziti/issues/1854) - Controller can try to send unroute to router which has since disconnected, causing panic
+    * [Issue #1576](https://github.com/openziti/ziti/issues/1576) - Don't scan for posture checks if there are no posture checks 
+    * [Issue #1849](https://github.com/openziti/ziti/issues/1849) - Session Sync shouldn't be able to block the control channel
+    * [Issue #1846](https://github.com/openziti/ziti/issues/1846) - Looking up api session certs for api sessions is inefficient
+
 # Release 0.33.1
 
 ## What's New
@@ -8,7 +39,6 @@
 * github.com/openziti/ziti: [v0.33.0 -> v0.33.1](https://github.com/openziti/ziti/compare/v0.33.0...v0.33.1)
     * [Issue #1826](https://github.com/openziti/ziti/issues/1826) - 0.33.+ routers can cause panic in pre-0.33 controller with new metric
 
-
 # Release 0.33.0
 
 ## What's New

common/ctrl_msg/messages.go

@@ -87,12 +87,17 @@ func NewRouteResultFailedMessage(sessionId string, attempt int, rerr string) *ch
 }
 
 type CreateCircuitRequest struct {
+	ApiSessionToken      string
 	SessionToken         string
 	Fingerprints         []string
 	TerminatorInstanceId string
 	PeerData             map[uint32][]byte
 }
 
+func (self *CreateCircuitRequest) GetApiSessionToken() string {
+	return self.ApiSessionToken
+}
+
 func (self *CreateCircuitRequest) GetSessionToken() string {
 	return self.SessionToken
 }

common/event_cache.go

@@ -0,0 +1,240 @@
+package common
+
+import (
+	"fmt"
+	"github.com/openziti/ziti/common/pb/edge_ctrl_pb"
+	"sync"
+)
+
+type OnStoreSuccess func(index uint64, event *edge_ctrl_pb.DataState_Event)
+
+type EventCache interface {
+	// Store allows storage of an event and execution of an onSuccess callback while the event cache remains locked.
+	// onSuccess may be nil. This function is blocking.
+	Store(event *edge_ctrl_pb.DataState_Event, onSuccess OnStoreSuccess) error
+
+	// CurrentIndex returns the latest event index applied. This function is blocking.
+	CurrentIndex() (uint64, bool)
+
+	// ReplayFrom returns an array of events from startIndex and true if the replay may be facilitated.
+	// An empty slice and true is returned in cases where the requested startIndex is the current index.
+	// An empty slice and false is returned in cases where the replay cannot be facilitated.
+	// This function is blocking.
+	ReplayFrom(startIndex uint64) ([]*edge_ctrl_pb.DataState_Event, bool)
+
+	// WhileLocked allows the execution of arbitrary functionality while the event cache is locked. This function
+	// is blocking.
+	WhileLocked(func(uint64, bool))
+
+	// SetCurrentIndex sets the current index to the supplied value. All event log history may be lost.
+	SetCurrentIndex(uint64)
+}
+
+// ForgetfulEventCache does not store events or support replaying. It tracks
+// the event index and that is it. It is a stand in for LoggingEventCache
+// when replaying events is not expected (i.e. in routers)
+type ForgetfulEventCache struct {
+	lock  sync.Mutex
+	index *uint64
+}
+
+func NewForgetfulEventCache() *ForgetfulEventCache {
+	return &ForgetfulEventCache{}
+}
+
+func (cache *ForgetfulEventCache) SetCurrentIndex(index uint64) {
+	cache.lock.Lock()
+	defer cache.lock.Unlock()
+	cache.index = &index
+}
+
+func (cache *ForgetfulEventCache) WhileLocked(callback func(uint64, bool)) {
+	cache.lock.Lock()
+	defer cache.lock.Unlock()
+
+	callback(cache.currentIndex())
+}
+
+func (cache *ForgetfulEventCache) Store(event *edge_ctrl_pb.DataState_Event, onSuccess OnStoreSuccess) error {
+	cache.lock.Lock()
+	defer cache.lock.Unlock()
+
+	// Synthetic events are not backed by any kind of data store that provides and index. They are not stored and
+	// trigger the on success callback immediately.
+	if event.IsSynthetic {
+		onSuccess(event.Index, event)
+		return nil
+	}
+
+	if cache.index != nil {
+		if *cache.index >= event.Index {
+			return fmt.Errorf("out of order event detected, currentIndex: %d, recievedIndex: %d, type :%T", *cache.index, event.Index, cache)
+		}
+	}
+
+	cache.index = &event.Index
+
+	if onSuccess != nil {
+		onSuccess(*cache.index, event)
+	}
+
+	return nil
+}
+
+func (cache *ForgetfulEventCache) ReplayFrom(_ uint64) ([]*edge_ctrl_pb.DataState_Event, bool) {
+	return nil, false
+}
+
+func (cache *ForgetfulEventCache) CurrentIndex() (uint64, bool) {
+	cache.lock.Lock()
+	defer cache.lock.Unlock()
+
+	return cache.currentIndex()
+}
+
+func (cache *ForgetfulEventCache) currentIndex() (uint64, bool) {
+	if cache.index == nil {
+		return 0, false
+	}
+
+	return *cache.index, true
+}
+
+// LoggingEventCache stores events in order to support replaying (i.e. in controllers).
+type LoggingEventCache struct {
+	lock         sync.Mutex
+	HeadLogIndex uint64
+	LogSize      uint64
+	Log          []uint64
+	Events       map[uint64]*edge_ctrl_pb.DataState_Event
+}
+
+func NewLoggingEventCache(logSize uint64) *LoggingEventCache {
+	return &LoggingEventCache{
+		HeadLogIndex: 0,
+		LogSize:      logSize,
+		Log:          make([]uint64, logSize),
+		Events:       map[uint64]*edge_ctrl_pb.DataState_Event{},
+	}
+}
+
+func (cache *LoggingEventCache) SetCurrentIndex(index uint64) {
+	cache.lock.Lock()
+	defer cache.lock.Unlock()
+
+	cache.HeadLogIndex = 0
+	cache.Log = make([]uint64, cache.LogSize)
+	cache.Log[0] = index
+	cache.Events = map[uint64]*edge_ctrl_pb.DataState_Event{}
+}
+
+func (cache *LoggingEventCache) WhileLocked(callback func(uint64, bool)) {
+	cache.lock.Lock()
+	defer cache.lock.Unlock()
+
+	callback(cache.currentIndex())
+}
+
+func (cache *LoggingEventCache) Store(event *edge_ctrl_pb.DataState_Event, onSuccess OnStoreSuccess) error {
+	cache.lock.Lock()
+	defer cache.lock.Unlock()
+
+	// Synthetic events are not backed by any kind of data store that provides and index. They are not stored and
+	// trigger the on success callback immediately.
+	if event.IsSynthetic {
+		onSuccess(event.Index, event)
+		return nil
+	}
+
+	currentIndex, ok := cache.currentIndex()
+
+	if ok && currentIndex >= event.Index {
+		return fmt.Errorf("out of order event detected, currentIndex: %d, recievedIndex: %d, type :%T", currentIndex, event.Index, cache)
+	}
+
+	targetLogIndex := uint64(0)
+	targetLogIndex = (cache.HeadLogIndex + 1) % cache.LogSize
+
+	// delete old value if we have looped
+	prevKey := cache.Log[targetLogIndex]
+
+	if prevKey != 0 {
+		delete(cache.Events, prevKey)
+	}
+
+	// add new values
+	cache.Log[targetLogIndex] = event.Index
+	cache.Events[event.Index] = event
+
+	//update head
+	cache.HeadLogIndex = targetLogIndex
+
+	onSuccess(event.Index, event)
+	return nil
+}
+
+func (cache *LoggingEventCache) CurrentIndex() (uint64, bool) {
+	cache.lock.Lock()
+	defer cache.lock.Unlock()
+
+	return cache.currentIndex()
+}
+
+func (cache *LoggingEventCache) currentIndex() (uint64, bool) {
+	if len(cache.Log) == 0 {
+		return 0, false
+	}
+
+	return cache.Log[cache.HeadLogIndex], true
+}
+
+func (cache *LoggingEventCache) ReplayFrom(startIndex uint64) ([]*edge_ctrl_pb.DataState_Event, bool) {
+	cache.lock.Lock()
+	defer cache.lock.Unlock()
+
+	_, eventFound := cache.Events[startIndex]
+
+	if !eventFound {
+		return nil, false
+	}
+
+	var startLogIndex *uint64
+
+	for logIndex, eventIndex := range cache.Log {
+		if eventIndex == startIndex {
+			tmp := uint64(logIndex)
+			startLogIndex = &tmp
+			break
+		}
+	}
+
+	if startLogIndex == nil {
+		return nil, false
+	}
+
+	// no replay
+	if *startLogIndex == cache.HeadLogIndex {
+		return nil, true
+	}
+
+	// ez replay
+	if *startLogIndex < cache.HeadLogIndex {
+		var result []*edge_ctrl_pb.DataState_Event
+		for _, key := range cache.Log[*startLogIndex:cache.HeadLogIndex] {
+			result = append(result, cache.Events[key])
+		}
+		return result, true
+	}
+
+	//looping replay
+	var result []*edge_ctrl_pb.DataState_Event
+	for _, key := range cache.Log[*startLogIndex:] {
+		result = append(result, cache.Events[key])
+	}
+
+	for _, key := range cache.Log[0:cache.HeadLogIndex] {
+		result = append(result, cache.Events[key])
+	}
+
+	return result, true
+}