[cherry-pick release-1.5 ]Capture endpoint hash for global plugins telemetry #846
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…or APT/RPM packages and new Public Key (#816) * Update documentation to use new `tanzu-cli-installer-packages` repo for APT/RPM packages and new Public Key * Update repo location and key in apt/rpm packages and plugin templates
Signed-off-by: Anuj Chaudhari <[email protected]>
Bumps [github.com/hashicorp/go-retryablehttp](https://github.com/hashicorp/go-retryablehttp) from 0.7.2 to 0.7.7. - [Changelog](https://github.com/hashicorp/go-retryablehttp/blob/main/CHANGELOG.md) - [Commits](hashicorp/go-retryablehttp@v0.7.2...v0.7.7) --- updated-dependencies: - dependency-name: github.com/hashicorp/go-retryablehttp dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 24.0.9+incompatible to 25.0.6+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v24.0.9...v25.0.6) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
- enable the API token login flow for UAA. - sets token type to api-token - supports use of alternate client ID - update token refresh logic of UAA to use the alternate ID Signed-off-by: Vui Lam <[email protected]>
Signed-off-by: Vui Lam <[email protected]>
* Add support to generate API token with `tanzu api-token create` Signed-off-by: Anuj Chaudhari <[email protected]>
Token refresh needs to account for custom CA cert and cert validation flag. Factors out the TLSConfig customization using the context.Context to be used for that well. Signed-off-by: Vui Lam <[email protected]>
Refactored login handler so that we can leverage it to perform the token refresh using provided API token. Also: - ensures that the API token based login updates CLI Context with the refresh token obtained from UAA. - do not interactively login on expired refresh token for api-token type tokens. Signed-off-by: Vui Lam <[email protected]>
Signed-off-by: Vui Lam <[email protected]>
Ensures a pre-established, intentionally non-secret, string is used in the token exchange request as the client secret to ensure the refresh token obtained is reusable. Signed-off-by: Vui Lam <[email protected]>
* Avoid unnecessary synching of Context and Servers Before this commit, the CLI would always perform a two-way sync of the Contexts of the config-ng.yaml file and the Servers of the config.yaml file, even if there was no reason to sync, i.e., if the Contexts and Servers were already in sync. This sync was being done for every single command of the CLI. This caused a write to the config files for each contexts configured and one more for the current context. With many contexts configured, this unnecessary sync would make the CLI startup noticeably slower. This commit verifies if the sync is required by computing and storing a SHA for the "context" section and one for the "server" section, and checking if the SHAs have changed on each CLI command and if so, only then doing the sync. Note that Tanzu contexts are kept out of the SHA computation since they are not synced. * Write to datastore and config files only if needed The logic to store the last execute CLI would always write to the datastore and to the config files, which should be avoided. This commit first checks if the update is required or not. Signed-off-by: Marc Khouzam <[email protected]>
A plugin, when doing shell completion, may print debug printouts to stderr. When the plugin is invoked through the tanzu cli, those printouts were being lost. This commit prints them out to stderr to allow for better troubleshooting of plugin shell completion. Signed-off-by: Marc Khouzam <[email protected]>
If the plugin's descriptor Hidden field is set to true, only the root command of the plugin should be hidden; any mapped subcommands should stay visible. Signed-off-by: Marc Khouzam <[email protected]>
Since the cert data and skip verify intent is captured in the certmap for the endpoint that one `tanzu login`s to, subsequent tanzu login to the same endpoint can succeed without providing these values. However the kube context created with the subsequent login attempt does not incorporate these values when they originate from the cert map. This change addresses this inconsistency, by ensuring that these values are incorporated unless command line arguments of alternative ones are provided in the login command. Signed-off-by: Vui Lam <[email protected]>
Bumps [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt) from 4.5.0 to 4.5.1. - [Release notes](https://github.com/golang-jwt/jwt/releases) - [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md) - [Commits](golang-jwt/jwt@v4.5.0...v4.5.1) --- updated-dependencies: - dependency-name: github.com/golang-jwt/jwt/v4 dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
… from v0.23.0 to v0.33.0 (#834) * Bump golang.org/x/crypto from 0.21.0 to 0.31.0, Bump golang.org/x/net from v0.23.0 to v0.33.0 Signed-off-by: Anuj Chaudhari <[email protected]> * Update the copyright to 2025 --------- Signed-off-by: Anuj Chaudhari <[email protected]>
* Update cosign and k8s.io dependencies - k8s.io/* from v0.28.3 to v0.31.3 - sigs.k8s.io/controller-runtime from v0.14.5 to v0.19.3 - Remove dependencies on github.com/vmware-tanzu/tanzu-framework by coping discovery client to this repo * Use golang v1.23 in CI * Bump Tanzu Plugin Runtime version to v1.4.7 Signed-off-by: Anuj Chaudhari <[email protected]>
This allows to have different packages signed with different keys. To achieve this, the building of RPM packages is now done by hack/rpm/build_package.sh while building the final repository is now done by hack/rpm/build_package_repo.sh. This approach allows to call hack/rpm/build_package.sh more than once with different RPM_PACKAGE_NAME and then build the repo with all the new packages as a last step. Signed-off-by: Marc Khouzam <[email protected]>
…ons (#840) * Only allow creating the NewRootCmd once with singleton pattern * Fix unit tests by using NewRootCmdForTest Signed-off-by: Anuj Chaudhari <[email protected]>
Signed-off-by: Marc Khouzam <[email protected]>
Signed-off-by: Prem Kumar Kalle <[email protected]>
Signed-off-by: Prem Kumar Kalle <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What this PR does / why we need it
This PR cherry pick fix for capturing endpoint hash for global plugins telemetry and update co-existence tests with updated legacy CLI URL
Which issue(s) this PR fixes
Fixes #
Describe testing done for PR
Release note
Additional information
Special notes for your reviewer