Skip to content

Backport of fix a panic in the CLI when deleting an acl policy with an unknown name into release/1.15.x#19690

Closed
hc-github-team-consul-core wants to merge 1284 commits intorelease/1.15.xfrom
backport/dhiaayachi/fix_panic_policy_delete/logically-amazed-crow
Closed

Backport of fix a panic in the CLI when deleting an acl policy with an unknown name into release/1.15.x#19690
hc-github-team-consul-core wants to merge 1284 commits intorelease/1.15.xfrom
backport/dhiaayachi/fix_panic_policy_delete/logically-amazed-crow

Conversation

@hc-github-team-consul-core
Copy link
Collaborator

@hc-github-team-consul-core hc-github-team-consul-core commented Nov 20, 2023

Backport

This PR is auto-generated from #19679 to be assessed for backporting due to the inclusion of the label backport/1.15.

The below text is copied from the body of the original PR.

Description

This fix a panic in the CLI when deleting a policy using its name and that name do not exist on the server.

consul acl policy delete -namespace david-test -datacenter us-east-infra -name namespace-management

panic: runtime error: invalid memory address or nil pointer dereference

[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x1012db5]




goroutine 1 [running]:

github.com/hashicorp/consul/command/acl.GetPolicyIDByName(...)

/Users/dayachi/git/consul-enterprise/command/acl/acl_helpers.go:102

github.com/hashicorp/consul/command/acl/policy/delete.(*cmd).Run(0xc000d62050, {0xc000072180?, 0xffffffffffffffff?, 0x0?})

/Users/dayachi/git/consul-enterprise/command/acl/policy/delete/policy_delete.go:62 +0x155

github.com/mitchellh/cli.(*CLI).Run(0xc000fa3400)

/Users/dayachi/go/pkg/mod/github.com/mitchellh/cli@v1.1.5/cli.go:262 +0x5b8

main.realMain()

/Users/dayachi/git/consul-enterprise/main.go:48 +0x469

main.main()

/Users/dayachi/git/consul-enterprise/main.go:18 +0x13

root@hashi-i-0cb3233c55d0fe848:/opt/consul/1.15.6+debug# consul version

Consul v1.15.6+ent

Revision ba04dc46b8+CHANGES

Build Date 2023-09-19T23:47:29Z

Protocol 2 spoken by default, understands 2 to 3 (agent will automatically use protocol >2 when speaking to compatible agents)

PR Checklist

  • updated test coverage
  • external facing docs updated
  • appropriate backport labels added
  • not a security concern
Overview of commits

rboyer and others added 30 commits October 3, 2023 10:06
@rboyer
chore: fix ce/ent drift in sdk and testing/deployer submodules (#19041)
df930a5
Reduce number of ports that consul test agents take (#19047)
41e6f6c
@jmurret
NET-5590 - authorization: check for identity:write in CA certs, xds s…
d67e5c6 
…erver, and getting envoy bootstrap params (#19049)

* NET-5590 - authorization: check for identity:write in CA certs, xds server, and getting envoy bootstrap params

* gofmt file
@erichaberkorn
Fix Traffic Permissions Default Deny (#19028)
f2b7b45 
Whenver a traffic permission exists for a given workload identity, turn on default deny.

Previously, this was only working at the port level.
Add workload identity hooks (#19045)
b43cde5
Remove parallel flag (#19057)
1a9666c
@erichaberkorn
Fix Explicit Destination Integration Test (#19060)
9656fd1 
fix explicit destination integration test
Add upgrade warnings (#19061)
cf9e1b6
@valeriia-ruban
chor: update rule to run frontend github tasks when changes are made … (
344f463 
#19053)
@asheshvidyut
Fixes docs of Consul Debug - Adds info about Since Flag (#19056)
af9a486 
fix docs
@trujillo-adam @boruszak @Ganeshrockz
Docs/ce 477 dataplanes on ecs (#19010)
788c586 
* updated architecture topic

* fixed type in arch diagram filenames

* fixed path to img file

* updated index page - still need to add links

* moved arch and tech specs to reference folder

* moved other ref topics to ref folder

* set up the Deploy folder and TF install topics

* merged secure conf into TF deploy instructions

* moved bind addr and route conf to their own topics

* moved arch and tech specs back to main folder

* update migrate-existing-tasks content

* merged manual deploy content; added serv conf ref

* fixed links

* added procedure for upgrading to dataplanes

* fixed linked reported by checker

* added updates to dataplanes overview page

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Ganesh S <ganesh.seetharaman@hashicorp.com>

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Ganesh S <ganesh.seetharaman@hashicorp.com>

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Ganesh S <ganesh.seetharaman@hashicorp.com>

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Ganesh S <ganesh.seetharaman@hashicorp.com>

* updated links and added redirects

* removed old architecture content

---------

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Ganesh S <ganesh.seetharaman@hashicorp.com>
@huikang
docs: clarify the requriment for cross-partition network (#19052)
079c9d6
Bump up compatibility test runner (#19081)
ca4ff6b
[CE] Add workload bind type and templated policy (#19077)
ad26494
Retry flaky tests (#19088)
aa526db
@missylbytes
Allow connections through Terminating Gateways from peered clusters N…
342306c 
…ET-3463 (#18959)

* Add InboundPeerTrustBundle maps to Terminating Gateway

* Add notify and cancelation of watch for inbound peer trust bundles

* Pass peer trust bundles to the RBAC creation function

* Regenerate Golden Files

* add changelog, also adds another spot that needed peeredTrustBundles

* Add basic test for terminating gateway with peer trust bundle

* Add intention to cluster peered golden test

* rerun codegen

* update changelog

* really update the changelog

---------

Co-authored-by: Melisa Griffin <melisa.griffin@hashicorp.com>
@rboyer
mesh: ensure we add the virtual port number for L7 implicit upstreams (
754ab9a 
…#19085)
Replace hub with gh for member roles on JIRA sync checks (#19089)
677e16a 
Update jira-pr.yaml

Change from `hub` to `gh` for checking member roles
Make raft-wal default when resource-apis is active (#19090)
ed882e2 
Make raft-wal default when v2 catalog experiment is on
@erichaberkorn
Add traffic permissions integration tests. (#19008)
ad3aab1 
Add traffic permissions integration tests.
@hashi-derek
Ensure that upstream configuration is properly normalized. (#19076)
af3439b 
This PR fixes an issue where upstreams did not correctly inherit the proper
namespace / partition from the parent service when attempting to fetch the
upstream protocol due to inconsistent normalization.

Some of the merge-service-configuration logic would normalize to default, while
some of the proxycfg logic would normalize to match the parent service. Due to
this mismatch in logic, an incorrect service-defaults configuration entry would
be fetched and have its protocol applied to the upstream.
@trujillo-adam @boruszak
Docs/ce 470 locality aware (#19071)
a9747dc 
* updated nav; renamed L7 traffic folder

* Added locality-aware routing to traffic mgmt overview

* Added route to local upstreams topic

* Updated agent configuration reference

* Added locality param to services conf ref

* Added locality param to conf entries

* mentioned traffic management in proxies overview

* added locality-aware to failover overview

* added docs for service rate limiting

* updated service defaults conf entry

* Apply suggestions from code review

Co-authored-by: Chris S. Kim <ckim@hashicorp.com>

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>

* updated links and added redirects

---------

Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
@mkeeler
protohcl: allow attribute syntax for all map fields (#19108)
4713317
@asheshvidyut @Ganeshrockz @rboyer
NET-4135 - Fix NodeMeta filtering Catalog List Services API (#18322)
a30ccdf 
* logs for debugging

* Init

* white spaces fix

* added change log

* Fix tests

* fix typo

* using queryoptionfilter to populate args.filter

* tests

* fix test

* fix tests

* fix tests

* fix tests

* fix tests

* fix variable name

* fix tests

* fix tests

* fix tests

* Update .changelog/18322.txt

Co-authored-by: Ganesh S <ganesh.seetharaman@hashicorp.com>

* fix change log

* address nits

* removed unused line

* doing join only when filter has nodemeta

* fix tests

* fix tests

* Update agent/consul/catalog_endpoint.go

Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com>

* fix tests

* removed unwanted code

---------

Co-authored-by: Ganesh S <ganesh.seetharaman@hashicorp.com>
Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com>
@asheshvidyut
Stop windows integration tests (#19118)
b9314de 
stop windows integration tests
Minor update to ratelimit wording (#19106)
d6200fa
@cthain
Update Vault CA provider namespace configuration (#19095)
dcdf2fc
Remove old build tags (#19128)
92ce814
Activate verifier when running WAL with experimental features (#19102)
2265905 
* activate verifier when running WAL with experimental features

* only change verifier parameters if it's disabled (default value)
@analogue
v2tenancy: cluster scoped reads (#19082)
830c4ea
@hc-github-team-consul-core hc-github-team-consul-core force-pushed the backport/dhiaayachi/fix_panic_policy_delete/logically-amazed-crow branch from 01d24e2 to 5ecf5e5 Compare November 20, 2023 14:48
github-team-consul-core-pr-approver
github-team-consul-core-pr-approver approved these changes Nov 20, 2023
View reviewed changes
Copy link
Collaborator

@github-team-consul-core-pr-approver github-team-consul-core-pr-approver left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Auto approved Consul Bot automated PR

@github-actions github-actions bot added type/docs Documentation needs to be created/updated/clarified theme/api Relating to the HTTP API interface theme/acls ACL and token generation theme/cli Flags and documentation for the CLI interface theme/config Relating to Consul Agent configuration, including reloading theme/ui Anything related to the UI theme/connect Anything related to Consul Connect, Service Mesh, Side Car Proxies theme/tls Using TLS (Transport Layer Security) or mTLS (mutual TLS) to secure communication theme/telemetry Anything related to telemetry or observability type/ci Relating to continuous integration (CI) tooling for testing or releases pr/dependencies PR specifically updates dependencies of project theme/envoy/xds Related to Envoy support theme/contributing Additions and enhancements to community contributing materials theme/internals Serf, Raft, SWIM, Lifeguard, Anti-Entropy, locking topics theme/certificates Related to creating, distributing, and rotating certificates in Consul theme/agent-cache Agent Cache theme/consul-terraform-sync Relating to Consul Terraform Sync and Network Infrastructure Automation labels Nov 20, 2023
@hc-github-team-consul-core
Copy link
Collaborator Author

hc-github-team-consul-core commented Nov 20, 2023

🤔 This PR has changes in the website/ directory but does not have a type/docs-cherrypick label. If the changes are for the next version, this can be ignored. If they are updates to current docs, attach the label to auto cherrypick to the stable-website branch after merging.

@dhiaayachi dhiaayachi disabled auto-merge November 20, 2023 14:49
@vercel vercel bot temporarily deployed to Preview – consul November 20, 2023 14:53 Inactive
@dhiaayachi dhiaayachi closed this Nov 20, 2023
@dhiaayachi dhiaayachi mentioned this pull request Nov 20, 2023
Merged
@github-actions github-actions bot deleted the backport/dhiaayachi/fix_panic_policy_delete/logically-amazed-crow branch August 29, 2025 06:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-team-consul-core-pr-approver github-team-consul-core-pr-approver github-team-consul-core-pr-approver approved these changes

@dekimsey dekimsey Awaiting requested review from dekimsey

@claire-labry claire-labry Awaiting requested review from claire-labry

@dhiaayachi dhiaayachi Awaiting requested review from dhiaayachi

Assignees

@dhiaayachi dhiaayachi

Labels

pr/dependencies PR specifically updates dependencies of project theme/acls ACL and token generation theme/agent-cache Agent Cache theme/api Relating to the HTTP API interface theme/certificates Related to creating, distributing, and rotating certificates in Consul theme/cli Flags and documentation for the CLI interface theme/config Relating to Consul Agent configuration, including reloading theme/connect Anything related to Consul Connect, Service Mesh, Side Car Proxies theme/consul-terraform-sync Relating to Consul Terraform Sync and Network Infrastructure Automation theme/contributing Additions and enhancements to community contributing materials theme/envoy/xds Related to Envoy support theme/internals Serf, Raft, SWIM, Lifeguard, Anti-Entropy, locking topics theme/telemetry Anything related to telemetry or observability theme/tls Using TLS (Transport Layer Security) or mTLS (mutual TLS) to secure communication theme/ui Anything related to the UI type/ci Relating to continuous integration (CI) tooling for testing or releases type/docs Documentation needs to be created/updated/clarified

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.