diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 59ed8aafd79..34c2bcaa9f1 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -208,6 +208,9 @@ jobs: - uses: arduino/setup-protoc@v3 with: repo-token: ${{ secrets.GITHUB_TOKEN }} + # the setup rust toolchain action ignores the input if file exists.. so remove it + - run: rm rust-toolchain.toml + - run: rustup default nightly-2024-10-11 - name: test run: cargo test --target x86_64-unknown-linux-gnu -p mirrord-agent @@ -387,7 +390,7 @@ jobs: with: components: rustfmt, clippy target: aarch64-apple-darwin - toolchain: nightly-2024-10-11 + toolchain: nightly-2024-09-12 - name: Install Protoc uses: arduino/setup-protoc@v3 with: @@ -559,7 +562,7 @@ jobs: # building concurrently can run faster the release ide tests build_mirrord_on_release_branch: runs-on: ubuntu-24.04 - name: build mirrord + name: build mirrord CLI needs: check_if_release_branch if: ${{ needs.check_if_release_branch.outputs.release_branch == 'true' }} steps: @@ -568,8 +571,8 @@ jobs: with: repo-token: ${{ secrets.GITHUB_TOKEN }} - uses: actions-rust-lang/setup-rust-toolchain@v1 - - run: cargo build --manifest-path=./Cargo.toml - - name: upload layer + - run: cargo build --manifest-path=./Cargo.toml -p mirrord + - name: upload mirrord CLI uses: actions/upload-artifact@v4 with: name: mirrord-artifacts diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index ac8feffa90b..ab041ebb953 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -59,7 +59,7 @@ jobs: - uses: actions-rust-lang/setup-rust-toolchain@v1 with: target: x86_64-apple-darwin,aarch64-apple-darwin - toolchain: nightly-2024-10-11 + toolchain: nightly-2024-09-12 rustflags: "" - name: Import Code-Signing Certificates uses: Apple-Actions/import-codesign-certs@v3 @@ -73,7 +73,7 @@ jobs: brew tap mitchellh/gon brew install mitchellh/gon/gon - name: build mirrord-layer x86-64 - run: cargo +nightly-2024-10-11 build --release -p mirrord-layer --target=x86_64-apple-darwin + run: cargo +nightly-2024-09-12 build --release -p mirrord-layer --target=x86_64-apple-darwin - name: build mirrord-layer macOS arm/arm64e # Editing the arm64 binary, since arm64e can be loaded into both arm64 & arm64e # >> target/debug/libmirrord_layer.dylib: Mach-O 64-bit dynamically linked shared library arm64 @@ -82,7 +82,7 @@ jobs: # >> magic bits: 0000000 facf feed 000c 0100 0002 0000 0006 0000 # >> target/debug/libmirrord_layer.dylib: Mach-O 64-bit dynamically linked shared library arm64e run: | - cargo +nightly-2024-10-11 build --release -p mirrord-layer --target=aarch64-apple-darwin + cargo +nightly-2024-09-12 build --release -p mirrord-layer --target=aarch64-apple-darwin cp target/aarch64-apple-darwin/release/libmirrord_layer.dylib target/aarch64-apple-darwin/release/libmirrord_layer_arm64e.dylib printf '\x02' | dd of=target/aarch64-apple-darwin/release/libmirrord_layer_arm64e.dylib bs=1 seek=8 count=1 conv=notrunc - name: Sign layer binaries @@ -102,11 +102,11 @@ jobs: - name: build macOS arm cli with universal dylib env: MIRRORD_LAYER_FILE: /tmp/target/universal-apple-darwin/release/libmirrord_layer.dylib - run: cargo +nightly-2024-10-11 build --release -p mirrord --target=aarch64-apple-darwin + run: cargo +nightly-2024-09-12 build --release -p mirrord --target=aarch64-apple-darwin - name: build macOS x86-64 cli with universal dylib env: MIRRORD_LAYER_FILE: /tmp/target/universal-apple-darwin/release/libmirrord_layer.dylib - run: cargo +nightly-2024-10-11 build --release -p mirrord --target=x86_64-apple-darwin + run: cargo +nightly-2024-09-12 build --release -p mirrord --target=x86_64-apple-darwin - name: Sign cli binaries env: AC_USERNAME: ${{ secrets.APPLE_DEVELOPER }} diff --git a/CHANGELOG.md b/CHANGELOG.md index 362ba2701a9..2b197046f0d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,43 @@ This project uses [*towncrier*](https://towncrier.readthedocs.io/) and the chang +## [3.121.0](https://github.com/metalbear-co/mirrord/tree/3.121.0) - 2024-10-17 + + +### Added + +- Added support for Istio CNI + [#2851](https://github.com/metalbear-co/mirrord/issues/2851) +- Added `nodeSelector` option to agent config. + + +### Changed + +- Allowed filtered steal requests to be retried when we get a Reset from + hyper(h2). + + +### Fixed + +- Fixed an issue where `mirrord exec ... -- npm run serve` in a Vue project was + failing with `EAFNOSUPPORT: address family not supported ::1:80`. Added new + `.experimental.hide_ipv6_interfaces` configuration entry that allows for + hiding local IPv6 interface addresses from the user application. + [#2807](https://github.com/metalbear-co/mirrord/issues/2807) +- Fixed wrong warning being displayed when binding UDP port 0 and filtering HTTP. + [#2812](https://github.com/metalbear-co/mirrord/issues/2812) +- mirrord now respects `insecure-skip-tls-verify` option set in the kubeconfig + when `accept_invalid_certificates` is not provided in the mirrord config. + [#2825](https://github.com/metalbear-co/mirrord/issues/2825) + + +### Internal + +- Downgraded Rust toochain to nightly-2024-09-12. + [#downgrade-rust](https://github.com/metalbear-co/mirrord/issues/downgrade-rust) +- Added integration (regression) test for binding port 0 twice. + [#2812](https://github.com/metalbear-co/mirrord/issues/2812) + ## [3.120.1](https://github.com/metalbear-co/mirrord/tree/3.120.1) - 2024-10-14 diff --git a/Cargo.lock b/Cargo.lock index c2f2458bbbb..3cef4580e36 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2363,7 +2363,7 @@ dependencies = [ [[package]] name = "fileops" -version = "3.120.1" +version = "3.121.0" dependencies = [ "libc", ] @@ -3383,7 +3383,7 @@ checksum = "7943c866cc5cd64cbc25b2e01621d07fa8eb2a1a23160ee81ce38704e97b8ecf" [[package]] name = "issue1317" -version = "3.120.1" +version = "3.121.0" dependencies = [ "actix-web", "env_logger 0.11.5", @@ -3393,7 +3393,7 @@ dependencies = [ [[package]] name = "issue1776" -version = "3.120.1" +version = "3.121.0" dependencies = [ "errno 0.3.9", "libc", @@ -3402,7 +3402,7 @@ dependencies = [ [[package]] name = "issue1776portnot53" -version = "3.120.1" +version = "3.121.0" dependencies = [ "libc", "socket2", @@ -3410,14 +3410,14 @@ dependencies = [ [[package]] name = "issue1899" -version = "3.120.1" +version = "3.121.0" dependencies = [ "libc", ] [[package]] name = "issue2001" -version = "3.120.1" +version = "3.121.0" dependencies = [ "libc", ] @@ -3749,7 +3749,7 @@ checksum = "78b3ae25bc7c8c38cec158d1f2757ee79e9b3740fbc7ccf0e59e4b08d793fa89" [[package]] name = "listen_ports" -version = "3.120.1" +version = "3.121.0" [[package]] name = "local-channel" @@ -3987,7 +3987,7 @@ checksum = "c9be0862c1b3f26a88803c4a49de6889c10e608b3ee9344e6ef5b45fb37ad3d1" [[package]] name = "mirrord" -version = "3.120.1" +version = "3.121.0" dependencies = [ "actix-codec", "clap", @@ -4042,7 +4042,7 @@ dependencies = [ [[package]] name = "mirrord-agent" -version = "3.120.1" +version = "3.121.0" dependencies = [ "actix-codec", "async-trait", @@ -4099,7 +4099,7 @@ dependencies = [ [[package]] name = "mirrord-analytics" -version = "3.120.1" +version = "3.121.0" dependencies = [ "assert-json-diff", "base64 0.22.1", @@ -4113,7 +4113,7 @@ dependencies = [ [[package]] name = "mirrord-auth" -version = "3.120.1" +version = "3.121.0" dependencies = [ "bcder", "chrono", @@ -4134,7 +4134,7 @@ dependencies = [ [[package]] name = "mirrord-config" -version = "3.120.1" +version = "3.121.0" dependencies = [ "bimap", "bitflags 2.6.0", @@ -4157,7 +4157,7 @@ dependencies = [ [[package]] name = "mirrord-config-derive" -version = "3.120.1" +version = "3.121.0" dependencies = [ "proc-macro2", "proc-macro2-diagnostics", @@ -4167,7 +4167,7 @@ dependencies = [ [[package]] name = "mirrord-console" -version = "3.120.1" +version = "3.121.0" dependencies = [ "bincode", "drain", @@ -4183,7 +4183,7 @@ dependencies = [ [[package]] name = "mirrord-intproxy" -version = "3.120.1" +version = "3.121.0" dependencies = [ "bytes", "exponential-backoff", @@ -4213,7 +4213,7 @@ dependencies = [ [[package]] name = "mirrord-intproxy-protocol" -version = "3.120.1" +version = "3.121.0" dependencies = [ "bincode", "mirrord-protocol", @@ -4223,7 +4223,7 @@ dependencies = [ [[package]] name = "mirrord-kube" -version = "3.120.1" +version = "3.121.0" dependencies = [ "actix-codec", "async-stream", @@ -4253,7 +4253,7 @@ dependencies = [ [[package]] name = "mirrord-layer" -version = "3.120.1" +version = "3.121.0" dependencies = [ "actix-codec", "base64 0.22.1", @@ -4302,7 +4302,7 @@ dependencies = [ [[package]] name = "mirrord-layer-macro" -version = "3.120.1" +version = "3.121.0" dependencies = [ "proc-macro2", "quote", @@ -4311,7 +4311,7 @@ dependencies = [ [[package]] name = "mirrord-macros" -version = "3.120.1" +version = "3.121.0" dependencies = [ "proc-macro2", "proc-macro2-diagnostics", @@ -4321,7 +4321,7 @@ dependencies = [ [[package]] name = "mirrord-operator" -version = "3.120.1" +version = "3.121.0" dependencies = [ "base64 0.22.1", "bincode", @@ -4355,7 +4355,7 @@ dependencies = [ [[package]] name = "mirrord-progress" -version = "3.120.1" +version = "3.121.0" dependencies = [ "enum_dispatch", "indicatif", @@ -4365,7 +4365,7 @@ dependencies = [ [[package]] name = "mirrord-protocol" -version = "1.11.4" +version = "1.11.5" dependencies = [ "actix-codec", "bincode", @@ -4389,7 +4389,7 @@ dependencies = [ [[package]] name = "mirrord-sip" -version = "3.120.1" +version = "3.121.0" dependencies = [ "apple-codesign", "object 0.36.5", @@ -4402,7 +4402,7 @@ dependencies = [ [[package]] name = "mirrord-vpn" -version = "3.120.1" +version = "3.121.0" dependencies = [ "futures", "ipnet", @@ -4732,7 +4732,7 @@ dependencies = [ [[package]] name = "outgoing" -version = "3.120.1" +version = "3.121.0" [[package]] name = "outref" @@ -5789,14 +5789,14 @@ dependencies = [ [[package]] name = "rust-bypassed-unix-socket" -version = "3.120.1" +version = "3.121.0" dependencies = [ "tokio", ] [[package]] name = "rust-e2e-fileops" -version = "3.120.1" +version = "3.121.0" dependencies = [ "libc", ] @@ -5812,7 +5812,7 @@ dependencies = [ [[package]] name = "rust-unix-socket-client" -version = "3.120.1" +version = "3.121.0" dependencies = [ "tokio", ] diff --git a/Cargo.toml b/Cargo.toml index f67629c7aeb..e40872e7460 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -27,7 +27,7 @@ resolver = "2" # latest commits on rustls suppress certificate verification [workspace.package] -version = "3.120.1" +version = "3.121.0" edition = "2021" license = "MIT" readme = "README.md" diff --git a/changelog.d/+649-gogrpc-retry-fix.changed.md b/changelog.d/+649-gogrpc-retry-fix.changed.md deleted file mode 100644 index 329ef73637e..00000000000 --- a/changelog.d/+649-gogrpc-retry-fix.changed.md +++ /dev/null @@ -1 +0,0 @@ -Allows filtered steal requests to be retried when we get a Reset from hyper(h2). \ No newline at end of file diff --git a/changelog.d/+nodeselector.added.md b/changelog.d/+nodeselector.added.md deleted file mode 100644 index 31fb793b301..00000000000 --- a/changelog.d/+nodeselector.added.md +++ /dev/null @@ -1 +0,0 @@ -Add nodeSelector option to agent config diff --git a/changelog.d/+update-rust.changed.md b/changelog.d/+update-rust.changed.md deleted file mode 100644 index 36cd3bf9c6b..00000000000 --- a/changelog.d/+update-rust.changed.md +++ /dev/null @@ -1 +0,0 @@ -update rust to 10-10-2024 \ No newline at end of file diff --git a/changelog.d/2807.fixed.md b/changelog.d/2807.fixed.md deleted file mode 100644 index 3dbcfc1b8f2..00000000000 --- a/changelog.d/2807.fixed.md +++ /dev/null @@ -1 +0,0 @@ -Fixed an issue where `mirrord exec ... -- npm run serve` in a Vue project was failing with `EAFNOSUPPORT: address family not supported ::1:80`. Added new `.experimental.hide_ipv6_interfaces` configuration entry that allows for hiding local IPv6 interface addresses from the user application. diff --git a/changelog.d/2812.fixed.md b/changelog.d/2812.fixed.md deleted file mode 100644 index a15b229babe..00000000000 --- a/changelog.d/2812.fixed.md +++ /dev/null @@ -1 +0,0 @@ -Wrong warning displayed when binding UDP port 0 and filtering HTTP. diff --git a/changelog.d/2812.internal.md b/changelog.d/2812.internal.md deleted file mode 100644 index d1a665b2d47..00000000000 --- a/changelog.d/2812.internal.md +++ /dev/null @@ -1 +0,0 @@ -Add integration (regression) test for binding port 0 twice. diff --git a/changelog.d/2825.fixed.md b/changelog.d/2825.fixed.md deleted file mode 100644 index 9e95aefb754..00000000000 --- a/changelog.d/2825.fixed.md +++ /dev/null @@ -1 +0,0 @@ -mirrord now respects `insecure-skip-tls-verify` option set in the kubeconfig when `accept_invalid_certificates` is not provided in the mirrord config. diff --git a/mirrord/agent/src/steal/ip_tables/mesh.rs b/mirrord/agent/src/steal/ip_tables/mesh.rs index b56ad805e40..88fdff5d0b1 100644 --- a/mirrord/agent/src/steal/ip_tables/mesh.rs +++ b/mirrord/agent/src/steal/ip_tables/mesh.rs @@ -22,6 +22,7 @@ static TCP_SKIP_PORTS_LOOKUP_REGEX: LazyLock = pub(crate) struct MeshRedirect { prerouting: PreroutingRedirect, output: OutputRedirect, + vendor: MeshVendor, } impl MeshRedirect @@ -37,19 +38,31 @@ where let output = OutputRedirect::create(ipt, IPTABLE_MESH.to_string(), pod_ips)?; - Ok(MeshRedirect { prerouting, output }) + Ok(MeshRedirect { + prerouting, + output, + vendor, + }) } - pub fn load(ipt: Arc, _vendor: MeshVendor) -> Result { + pub fn load(ipt: Arc, vendor: MeshVendor) -> Result { let prerouting = PreroutingRedirect::load(ipt.clone())?; let output = OutputRedirect::load(ipt, IPTABLE_MESH.to_string())?; - Ok(MeshRedirect { prerouting, output }) + Ok(MeshRedirect { + prerouting, + output, + vendor, + }) } fn get_skip_ports(ipt: &IPT, vendor: &MeshVendor) -> Result> { let chain_name = vendor.input_chain(); - let lookup_regex = vendor.skip_ports_regex(); + let lookup_regex = if let Some(regex) = vendor.skip_ports_regex() { + regex + } else { + return Ok(vec![]); + }; let skipped_ports = ipt .list_rules(chain_name)? @@ -88,9 +101,11 @@ where } async fn add_redirect(&self, redirected_port: Port, target_port: Port) -> Result<()> { - self.prerouting - .add_redirect(redirected_port, target_port) - .await?; + if self.vendor != MeshVendor::IstioCni { + self.prerouting + .add_redirect(redirected_port, target_port) + .await?; + } self.output .add_redirect(redirected_port, target_port) .await?; @@ -99,9 +114,11 @@ where } async fn remove_redirect(&self, redirected_port: Port, target_port: Port) -> Result<()> { - self.prerouting - .remove_redirect(redirected_port, target_port) - .await?; + if self.vendor != MeshVendor::IstioCni { + self.prerouting + .remove_redirect(redirected_port, target_port) + .await?; + } self.output .remove_redirect(redirected_port, target_port) .await?; @@ -114,11 +131,16 @@ where pub(super) trait MeshVendorExt: Sized { fn detect(ipt: &IPT) -> Result>; fn input_chain(&self) -> &str; - fn skip_ports_regex(&self) -> &Regex; + fn skip_ports_regex(&self) -> Option<&Regex>; } impl MeshVendorExt for MeshVendor { fn detect(ipt: &IPT) -> Result> { + if let Ok(val) = std::env::var("MIRRORD_AGENT_ISTIO_CNI") + && val.to_lowercase() == "true" + { + return Ok(Some(MeshVendor::IstioCni)); + } let output = ipt.list_rules("OUTPUT")?; let nat_result = output.iter().find_map(|rule| { @@ -154,16 +176,17 @@ impl MeshVendorExt for MeshVendor { fn input_chain(&self) -> &str { match self { MeshVendor::Linkerd => "PROXY_INIT_REDIRECT", - MeshVendor::Istio | MeshVendor::IstioAmbient => "ISTIO_INBOUND", + MeshVendor::Istio | MeshVendor::IstioAmbient | MeshVendor::IstioCni => "ISTIO_INBOUND", MeshVendor::Kuma => "KUMA_MESH_INBOUND", } } - fn skip_ports_regex(&self) -> &Regex { + fn skip_ports_regex(&self) -> Option<&Regex> { match self { - MeshVendor::Linkerd => &MULTIPORT_SKIP_PORTS_LOOKUP_REGEX, - MeshVendor::Istio | MeshVendor::IstioAmbient => &TCP_SKIP_PORTS_LOOKUP_REGEX, - MeshVendor::Kuma => &TCP_SKIP_PORTS_LOOKUP_REGEX, + MeshVendor::Linkerd => Some(&MULTIPORT_SKIP_PORTS_LOOKUP_REGEX), + MeshVendor::Istio | MeshVendor::IstioAmbient => Some(&TCP_SKIP_PORTS_LOOKUP_REGEX), + MeshVendor::Kuma => Some(&TCP_SKIP_PORTS_LOOKUP_REGEX), + MeshVendor::IstioCni => None, } } } diff --git a/mirrord/cli/src/main.rs b/mirrord/cli/src/main.rs index 58f9c51ffaf..de645b1f824 100644 --- a/mirrord/cli/src/main.rs +++ b/mirrord/cli/src/main.rs @@ -335,7 +335,6 @@ fn print_config

( async fn exec(args: &ExecArgs, watch: drain::Watch) -> Result<()> { let progress = ProgressTracker::from_env("mirrord exec"); - progress.warning(&format!("{:?}", args.params.accept_invalid_certificates)); if !args.params.disable_version_check { prompt_outdated_version(&progress).await; } diff --git a/mirrord/kube/src/api/container.rs b/mirrord/kube/src/api/container.rs index a12a361f738..b87a088a412 100644 --- a/mirrord/kube/src/api/container.rs +++ b/mirrord/kube/src/api/container.rs @@ -112,6 +112,7 @@ pub fn check_mesh_vendor(pod: &Pod) -> Option { const ISTIO: [&str; 2] = ["istio-proxy", "istio-init"]; const LINKERD: [&str; 2] = ["linkerd-proxy", "linkerd-init"]; const KUMA: [&str; 2] = ["kuma-sidecar", "kuma-init"]; + const ISTIO_CNI: [&str; 2] = ["istio-proxy", "istio-validation"]; if pod .metadata @@ -125,18 +126,33 @@ pub fn check_mesh_vendor(pod: &Pod) -> Option { } let container_statuses = pod.status.as_ref()?.container_statuses.as_ref()?; + let container_names = container_statuses + .iter() + .chain( + pod.status + .as_ref()? + .init_container_statuses + .as_ref()? + .iter(), + ) + .map(|status| status.name.as_str()) + .collect::>(); + + // check that all the containers are present + // we had a case where istio cni was detected as istio while + // the init was only present. + // leave old logic for detection to not break existing setups + if ISTIO_CNI.iter().all(|name| container_names.contains(name)) { + return Some(MeshVendor::IstioCni); + } else if ISTIO.iter().any(|name| container_names.contains(name)) { + return Some(MeshVendor::Istio); + } else if LINKERD.iter().any(|name| container_names.contains(name)) { + return Some(MeshVendor::Linkerd); + } else if KUMA.iter().any(|name| container_names.contains(name)) { + return Some(MeshVendor::Kuma); + } - container_statuses.iter().find_map(|status| { - if ISTIO.contains(&status.name.as_str()) { - Some(MeshVendor::Istio) - } else if LINKERD.contains(&status.name.as_str()) { - Some(MeshVendor::Linkerd) - } else if KUMA.contains(&status.name.as_str()) { - Some(MeshVendor::Kuma) - } else { - None - } - }) + None } /// Choose container logic: diff --git a/mirrord/kube/src/api/container/ephemeral.rs b/mirrord/kube/src/api/container/ephemeral.rs index 478f59255f8..d0a14a90506 100644 --- a/mirrord/kube/src/api/container/ephemeral.rs +++ b/mirrord/kube/src/api/container/ephemeral.rs @@ -174,18 +174,6 @@ impl<'c> EphemeralTargetedVariant<'c> { command_line.extend(["ephemeral".to_string()]); - // This is for backward compatabilty but needs to be remove at some point - if let Some(mesh) = runtime_data.mesh { - command_line.extend([ - "--mesh".to_string(), - match mesh { - MeshVendor::IstioAmbient => MeshVendor::Istio, - mesh => mesh, - } - .to_string(), - ]); - } - EphemeralTargetedVariant { agent, params, @@ -215,13 +203,20 @@ impl ContainerVariant for EphemeralTargetedVariant<'_> { } = self; let mut env = agent_env(agent, params); - if self.runtime_data.mesh.as_ref().is_some() { + if let Some(mesh_vendor) = self.runtime_data.mesh.as_ref() { env.push(EnvVar { name: "MIRRORD_AGENT_IN_SERVICE_MESH".into(), value: Some("true".into()), ..Default::default() }); - } + if matches!(mesh_vendor, MeshVendor::IstioCni) { + env.push(EnvVar { + name: "MIRRORD_AGENT_ISTIO_CNI".into(), + value: Some("true".into()), + ..Default::default() + }); + } + }; KubeEphemeralContainer { name: params.name.clone(), diff --git a/mirrord/kube/src/api/container/pod.rs b/mirrord/kube/src/api/container/pod.rs index 68c8305895d..588322bc749 100644 --- a/mirrord/kube/src/api/container/pod.rs +++ b/mirrord/kube/src/api/container/pod.rs @@ -168,18 +168,6 @@ impl<'c> PodTargetedVariant<'c> { runtime_data.container_runtime.to_string(), ]); - // This is for backward compatabilty but needs to be remove at some point - if let Some(mesh) = runtime_data.mesh { - command_line.extend([ - "--mesh".to_string(), - match mesh { - MeshVendor::IstioAmbient => MeshVendor::Istio, - mesh => mesh, - } - .to_string(), - ]); - } - let inner = PodVariant::with_command_line(agent, params, command_line); PodTargetedVariant { @@ -206,12 +194,20 @@ impl ContainerVariant for PodTargetedVariant<'_> { let agent = self.agent_config(); let params = self.params(); - let env = self.runtime_data.mesh.map(|_| { - vec![EnvVar { + let env = self.runtime_data.mesh.map(|mesh_vendor| { + let mut env = vec![EnvVar { name: "MIRRORD_AGENT_IN_SERVICE_MESH".into(), value: Some("true".into()), ..Default::default() - }] + }]; + if matches!(mesh_vendor, MeshVendor::IstioCni) { + env.push(EnvVar { + name: "MIRRORD_AGENT_ISTIO_CNI".into(), + value: Some("true".into()), + ..Default::default() + }); + } + env }); let update = Pod { diff --git a/mirrord/kube/src/api/runtime.rs b/mirrord/kube/src/api/runtime.rs index 42307ec0942..a77afd1b5b5 100644 --- a/mirrord/kube/src/api/runtime.rs +++ b/mirrord/kube/src/api/runtime.rs @@ -265,11 +265,8 @@ impl FromResidual> for NodeCheck where E: Into, { - fn from_residual(error: Result) -> Self { - match error { - Ok(_) => unreachable!(), - Err(err) => NodeCheck::Error(err.into()), - } + fn from_residual(Err(err): Result) -> Self { + NodeCheck::Error(err.into()) } } diff --git a/mirrord/layer/src/detour.rs b/mirrord/layer/src/detour.rs index 1c58e45b129..a89e79ce0f6 100644 --- a/mirrord/layer/src/detour.rs +++ b/mirrord/layer/src/detour.rs @@ -269,7 +269,6 @@ impl Try for Detour { impl FromResidual> for Detour { fn from_residual(residual: Detour) -> Self { match residual { - Detour::Success(_) => unreachable!(), Detour::Bypass(b) => Detour::Bypass(b), Detour::Error(e) => Detour::Error(e), } @@ -280,29 +279,20 @@ impl FromResidual> for Detour where E: Into, { - fn from_residual(residual: Result) -> Self { - match residual { - Ok(_) => unreachable!(), - Err(e) => Detour::Error(e.into()), - } + fn from_residual(Err(e): Result) -> Self { + Detour::Error(e.into()) } } impl FromResidual> for Detour { - fn from_residual(residual: Result) -> Self { - match residual { - Ok(_) => unreachable!(), - Err(e) => Detour::Bypass(e), - } + fn from_residual(Err(e): Result) -> Self { + Detour::Bypass(e) } } impl FromResidual> for Detour { - fn from_residual(residual: Option) -> Self { - match residual { - Some(_) => unreachable!(), - None => Detour::Bypass(Bypass::EmptyOption), - } + fn from_residual(_none_residual: Option) -> Self { + Detour::Bypass(Bypass::EmptyOption) } } diff --git a/mirrord/protocol/Cargo.toml b/mirrord/protocol/Cargo.toml index 5bd5dc2ae48..c24af340c79 100644 --- a/mirrord/protocol/Cargo.toml +++ b/mirrord/protocol/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mirrord-protocol" -version = "1.11.4" +version = "1.11.5" authors.workspace = true description.workspace = true documentation.workspace = true diff --git a/mirrord/protocol/src/lib.rs b/mirrord/protocol/src/lib.rs index c4ed45a39ab..826f2f9a51a 100644 --- a/mirrord/protocol/src/lib.rs +++ b/mirrord/protocol/src/lib.rs @@ -66,6 +66,7 @@ pub enum MeshVendor { Istio, Kuma, IstioAmbient, + IstioCni, } impl fmt::Display for MeshVendor { @@ -75,6 +76,7 @@ impl fmt::Display for MeshVendor { MeshVendor::Istio => write!(f, "istio"), MeshVendor::Kuma => write!(f, "kuma"), MeshVendor::IstioAmbient => write!(f, "istio-ambient"), + MeshVendor::IstioCni => write!(f, "istio-cni"), } } } diff --git a/rust-toolchain.toml b/rust-toolchain.toml index 4451b59249b..913f87a41d9 100644 --- a/rust-toolchain.toml +++ b/rust-toolchain.toml @@ -1,4 +1,4 @@ [toolchain] -channel = "nightly-2024-10-11" +channel = "nightly-2024-09-12" components = [ "rustfmt", "clippy", "rustc" ] profile = "minimal"