Remove support for legacy (Amazon Linux 2) AMIs#36153
Merged
Conversation
reedloden
force-pushed
the
reed/remove-legacy-amis
branch
from
70cede6 to
62fdff1
Compare
github-actions
Bot
requested review from
jimbishopp,
ptgott,
r0mant,
xinding33 and
zmb3
Contributor
|
The PR changelog entry failed validation: Changelog entry not found in the PR body. Please add a "no-changelog" label to the PR, or changelog lines starting with |
reedloden
added
the
no-changelog
reedloden
force-pushed
the
reed/remove-legacy-amis
branch
from
62fdff1 to
b8d31f7
Compare
zmb3
reviewed
Dec 30, 2023
Collaborator
There was a problem hiding this comment.
IIRC this is only going to replace existing entries in AMIS.md. Who/what is going to add the initial set of arm64 AMIs?
Contributor
Author
There was a problem hiding this comment.
Yeah, I was waiting for #36112 to land first, but I guess I can just add placeholders that will be updated in the meantime.
Contributor
Author
There was a problem hiding this comment.
Placeholders added.
reedloden
added
the
blocked
reedloden
force-pushed
the
reed/remove-legacy-amis
branch
2 times, most recently
from
f86237f to
a266d82
Compare
reedloden
removed
the
blocked
camscale
approved these changes
Jan 4, 2024
reedloden
force-pushed
the
reed/remove-legacy-amis
branch
from
a266d82 to
cbfc6ee
Compare
zmb3
approved these changes
Jan 4, 2024
public-teleport-github-review-bot
Bot
removed request for
fheinecke,
jakule,
jimbishopp,
ptgott,
r0mant,
wadells and
xinding33
Legacy (Amazon Linux 2) AMIs are deprecated and no longer supported as of Teleport 15. Ref #34282.
reedloden
force-pushed
the
reed/remove-legacy-amis
branch
from
cbfc6ee to
8415143
Compare
Envek
added a commit
to Envek/teleport
that referenced
this pull request
Jan 4, 2024
…se-anon-key * origin/master: (344 commits) Undelete CreateHostUserMode_HOST_USER_MODE_DROP (gravitational#36273) allow cwd to be changed in difftest (gravitational#35946) Auth device list component (gravitational#36235) make unified resources responsive (gravitational#35961) Support running Teleport in a "hot reload" mode (gravitational#35040) Prevent deleting enum values, allow deleting enum reservations in types.proto (gravitational#36248) Remove support for legacy (Amazon Linux 2) AMIs (gravitational#36153) Bump version(s) used for teleport-lab and teleport-quickstart (gravitational#36167) Allow Reconciler update handler to examine old value during update (gravitational#36171) Validate the user still exists during account reset (gravitational#35676) ButtonTextWithAddIcon shared component (gravitational#36103) Refactor hostname resolution for SSH connections via the WebUI (gravitational#35773) add structuredClone to jest JSDOMEnvironment (gravitational#36213) fix flaky `lib/auth` cache-enabled tests (gravitational#36216) Report resource usage counts by handling heartbeat events (gravitational#35968) Reviewer bot should use the stable version of Go (gravitational#36242) RFD 0153 Resource Guidelines (gravitational#34103) Use cmp and cmpots properly in operator tests (gravitational#36215) Relax Kubernetes CRD discovery when building cache (gravitational#36214) Add Access List messages to TAG protobuf (gravitational#36176) ...
github-merge-queue Bot
pushed a commit
that referenced
this pull request
Jan 13, 2024
* Refactor desktop player Adopt an approach similar to the SSH player (more standard react calls and less event emitting). This also updates the progress bar to be more of a "dumb" component that just renders state, and leaves the smoothing out of progress updates to the client. In addition, this adds support for seeking by dragging the progress bar to a particular portion of the video. Fixes #17199 * Prevents EOF from being reported as a tdp.Notification error at the end of every session * Removes duplicated code, handles errors in handleRDPFastPathPDU, ensures we always spit out some message if an error notification pops up in the UI * Add dynamic/ prefix to server info labels (#36219) This change: - Adds the dynamic/ prefix to labels from a server_info resource created with tctl - Forbids labels with the dynamic/ prefix form being used in deny rules for new roles. Existing roles will generate warnings in tctl as well as a cluster alert. * Address deprecation TODOs for or before v15. (#36473) * Convert insecure-drop to drop for unsupported clients (#35803) This change converts the insecure-drop host user creation mode to drop for clients that don't support it. * discovery: remove update if discovery group differs (#36472) * discovery: remove update if discovery group differs This PR removes code marked to be removed in Teleport 15 that updated unconditionally kubernetes and databases that were discovered using a different discovery group. Until this PR, if the `onCreate` function returned `trace.AlreadyExists` error, the resource ended up being updated without any condition. After this PR, the resource is only updated if the existing resource has an empty discovery group. This behavior is kept to ensure that users that migrate from bad configs don't need to delete resources manually. Signed-off-by: Tiago Silva <tiago.silva@goteleport.com> * Update discovery.go Co-authored-by: rosstimothy <39066650+rosstimothy@users.noreply.github.com> * handle code review suggestions --------- Signed-off-by: Tiago Silva <tiago.silva@goteleport.com> Co-authored-by: rosstimothy <39066650+rosstimothy@users.noreply.github.com> * Refactor Kubernetes Exec sessions upgrade logic (#36325) * Refactor Kubernetes Exec sessions upgrade logic Signed-off-by: Tiago Silva <tiago.silva@goteleport.com> * handle code review suggestions * Update lib/kube/proxy/forwarder.go Co-authored-by: Anton Miniailo <anton@goteleport.com> * Update lib/kube/proxy/forwarder.go Co-authored-by: Anton Miniailo <anton@goteleport.com> * handle code review suggestions --------- Signed-off-by: Tiago Silva <tiago.silva@goteleport.com> Co-authored-by: Anton Miniailo <anton@goteleport.com> * Deduplicate yarn.lock (#36560) * Deduplicate yarn.lock * Fix types in ProgressBar * docs: updates to tsh connect your client (#36526) * docs: updates to tsh connect your client * remove extra dash * Add backend code for listing EKS clusters through AWS OIDC integration. (#36489) * Add backend code for listing EKS clusters through AWS OIDC integration. * Remove leftover commented code. Co-authored-by: Marco André Dinis <marco.dinis@goteleport.com> * Add godoc. * Remove unneeded intialization of a parameter. * Reduce nesting. * Rename ExtraLabels to JoinLabels. --------- Co-authored-by: Marco André Dinis <marco.dinis@goteleport.com> * Update devbox. (#36193) * Update AWS account ID used in `update-ami-ids` GHA workflow (#36556) PR #36153 updated the AWS account ID used for pulling AMIs, but the GHA workflow was not updated to use this updated AWS account ID. Ref #34282. * Fix accesslist `tctl` (#36531) * Support unmarshalling accesslists manifests wihtout next_audit_date * Support `tctl get access_lists` * Fix accesslist reference * accountrecovery.go: Unconditionally delete the token after use (#36527) A previous conditional was allowing a replay attack on the recovery process. Although discovery of this token is a high bar for an attacker, we should be able to unconditionally delete this token after it's used. * Add app gateways to Connect (#36393) * Allow creating app gateways in tshd * Add UI for document gateway app * Show apps in connections This is a copy & paste from other connection kinds. * Capture app protocol * Start app proxy when clicking on 'Connect' in app * Remove `removeAppGateway` * `appUri` -> `targetUri` * Add TCP and HTTP constants * Add CLI command for HTTP apps * Add `makeAppGateway` * Specify `handleChangePort` dependencies correctly * Remove `doc.gateway_app` and `connection.app`, instead differentiate gateways by URI * Correctly report protocol usage * Mention that AWS apps are supported in tsh * Rename constants and add godoc * Add a TODO comment about dialogs for connecting to unsupported apps * `onRun` -> `onButtonClick`, `runButtonText` -> `buttonText` * Show a notification after copying to clipboard * Make the message about unsupported gateways more precise * Revert mistakenly removed `document.targetUri` from `getResourceUri` * Remove 'Local app proxy' header * Post-merge fixes * Use proper component for the 'offline gateway' state * Support all gateway types in relogin UI * Fix JSdoc comment * Add a TODO comment about the docs link --------- Co-authored-by: Rafał Cieślak <rafal.cieslak@goteleport.com> * Allow configuration of Okta access list importing. (#36569) Configuration options for enabling/disabling Okta access list importing have been added. This defaults to false. This has been added to both to Okta plugin settings and the standalone Okta service. Co-authored-by: Trent Clarke <trent@goteleport.com> * Fix example mysql grant all command (#36519) Fixing example mysql grant all command, because current one fails with `ERROR 1102 (42000): Incorrect database name ' % '` because of extra spaces around `%` * lib/teleterm app access: Add middleware for handling expired certs (#36520) * Add middleware for app gateways * Accommodate for app gateways in integration tests The previous version of tests depended on receiving helpers.TeleInstance from higher up. It was then used to generate valid and expired user certs, as well as to get client.TeleportClient. proxy.Suite (Kube tests) and dbhelpers.DatabasePack (db tests) expose helpers.TeleInstance so it wasn't a problem. However, appaccess.Pack, which we're going to use for app access tests, does not expose it. To work around that, we introduce two new fields to gatewayCertRenewalParams, tc (which accepts client.TeleportClient) and generateAndSetupUserCreds. These two fields get rid of the dependency on helpers.TeleInstance. * Add integration tests for app gateways * Switch to the new account settings screen (#36525) * Migrate `RotateCertAuthority` to gRPC (#36536) * Add RotateCertAuthority to gRPC TrustService. * Add gRPC server implementation. * Move RotateRequest type to api/types. * Mark deprecated HTTP rotate endpoint for deletion. * Add client implemenation and HTTP fallback. * Update go-oidc to get final go-jose v2 -> v3 updates (#36514) * Update go-oidc to get final go-jose v2 updates This updates our replaced go-oidc fork to use a tag with go-jose updated to v3: gravitational/go-oidc#19 This update removes the final usage of v2, and fully addresses the GHSA-2c7c-3mj9-8fqh DoS. * Update gopkg.in/go-jose/go-jose.v2 to 2.6.2 to get p2c DoS fix * Add ClusterDropdown component (#36310) This replaces the current ClusterSelector in the TopBar and adds the functionality to ClusterDropdown component on relevant pages * fix: Verify MFA device locks during authentication (#36471) * Test authn and password change with a locked user * Verify MFA device locks during authentication * Configure a LockWatcher in the passwordSuite setup * Appease linter * Update Toggle component styles (#36535) * Reintroduces the changes in #33273 which were erroneously deleted in #33273 (#36538) * Route to server by public addr (#36584) This change fixes a bug where tsh ssh could not dial a node with its public address. * Add EKS Discover into web testplan. (#36578) * Remove unused static token endpoints. (#36545) * Ensure player finishes at 100% * Fix style for disabled progress bar * Remove unused file * fix import order --------- Signed-off-by: Tiago Silva <tiago.silva@goteleport.com> Co-authored-by: Isaiah Becker-Mayer <isaiah@goteleport.com> Co-authored-by: Andrew Burke <31974658+atburke@users.noreply.github.com> Co-authored-by: Brian Joerger <bjoerger@goteleport.com> Co-authored-by: Tiago Silva <tiago.silva@goteleport.com> Co-authored-by: rosstimothy <39066650+rosstimothy@users.noreply.github.com> Co-authored-by: Anton Miniailo <anton@goteleport.com> Co-authored-by: Rafał Cieślak <rafal.cieslak@goteleport.com> Co-authored-by: Steven Martin <steven@goteleport.com> Co-authored-by: Marco André Dinis <marco.dinis@goteleport.com> Co-authored-by: Michael Wilson <mike@mdwn.dev> Co-authored-by: Reed Loden <reed@goteleport.com> Co-authored-by: Hugo Shaka <hugo.hervieux@goteleport.com> Co-authored-by: Mike Jensen <jentfoo@users.noreply.github.com> Co-authored-by: Grzegorz Zdunek <gzdunek@users.noreply.github.com> Co-authored-by: Trent Clarke <trent@goteleport.com> Co-authored-by: Taras <9948629+taraspos@users.noreply.github.com> Co-authored-by: Bartosz Leper <bartosz.leper@goteleport.com> Co-authored-by: Michael <michael.myers@goteleport.com> Co-authored-by: Alan Parra <alan.parra@goteleport.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Legacy (Amazon Linux 2) AMIs are deprecated and no longer supported as of Teleport 15.
ecompanion -- gravitational/teleport.e#3062Depends on #36112.
Ref #34282.