tyler.durden/icinga2
1
0
Fork 0
mirror of https://github.com/Icinga/icinga2.git synced 2025-09-23 17:57:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
12,249 Commits 279 Branches 124 Tags
Commit Graph

12249 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Julian Brost
372f8f3599
Merge pull request #9338 from Icinga/Al2Klimov-patch-3-212 
Let new cluster certificates expire after 397 days, not 15 years
 2022-04-12 09:50:37 +02:00
Julian Brost
c19a9192a1
Merge pull request #9334 from Icinga/bugfix/compare-cluster-tickets-in-constant-time-212 
Compare cluster tickets in constant time
 2022-04-11 20:28:51 +02:00
Julian Brost
3cd3766672
Merge pull request #9336 from Icinga/bugfix/startup-log-212 
Place startup.log and status in /var/lib/icinga2/api, not /var/lib/icinga2/api/zones-stage
 2022-04-11 18:05:53 +02:00
Alexander A. Klimov
a2817aefc7 Protect ApiListener#m_SSLContext with a mutex 2022-04-11 12:51:45 +02:00
Alexander A. Klimov
97dce39699 Renew certificates also periodically 2022-04-11 12:45:58 +02:00
Alexander A. Klimov
ff6219597a ApiListener#Start(): auto-renew own cert if CA owner 
otherwise that particular cert would expire.
 2022-04-11 12:44:52 +02:00
Alexander A. Klimov
1492bffccc Introduce ApiListener#RenewCert() 2022-04-11 12:44:52 +02:00
Alexander A. Klimov
913373fc38 Introduce IsCertUptodate() 2022-04-11 12:44:52 +02:00
Alexander A. Klimov
01422dfdf7 Request certificate renewal also master2->master1 
not only sat->master to prevent master2's certificate from expiring.
 2022-04-11 12:44:52 +02:00
Alexander A. Klimov
19ecb241f5 Let new cluster certificates expire after 397 days, not 15 years 
https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-1.7.3.pdf, section 6.3.2:

"Subscriber Certificates issued on or after 1 September 2020 SHOULD NOT have a Validity Period greater than 397 days and MUST NOT have a Validity Period greater than 398 days."
 2022-04-11 12:44:52 +02:00
Alexander A. Klimov
da70fea20e Write also /var/lib/icinga2/api/zones-stage-startup-last-failed.log 
in addition to /var/lib/icinga2/api/zones-stage-startup.log
to prevent the next success to overwrite the last failure.
 2022-04-11 12:30:05 +02:00
Alexander A. Klimov
e9c3e3718d Place startup.log and status in /var/lib/icinga2/api, not /var/lib/icinga2/api/zones-stage 
not to loose them.
 2022-04-11 12:30:05 +02:00
Alexander A. Klimov
dc2a3841ce Compare cluster tickets in constant time 
Just to be sure.
 2022-04-11 11:43:35 +02:00
Julian Brost
c402baf088
Merge pull request #9326 from Icinga/bugfix/parallel-api-package-calls-do-not-finish-while-reload 
Worker process doesn't let parallel API package stage updates to complete when terminated
 2022-04-08 12:28:11 +02:00
Julian Brost
9637034b43
Merge pull request #9329 from Icinga/perfdata-resume-signal-2.12 
Perfdata writers: disconnect handlers from signals in Pause()
 2022-04-07 18:37:20 +02:00
Yonas Habteab
0d4a68adc3 ConfigStagesHandler: Don't allow concurrent package updates anymore 
To prevent Icinga2 from being restarted while
one or more requests are still in progress and end up
as corrupted stages without status file and startup logs.
 2022-04-07 18:35:47 +02:00
Yonas Habteab
bda2849412 ConfigPackageUtility: Don't reset ongoing package updates on config validation success and process is going to be reloaded 2022-04-07 18:35:47 +02:00
Julian Brost
9ffd50fd94
Merge pull request #9327 from Icinga/boost-1.78-2.12 
Windows: bump Boost and OpenSSL
 2022-04-07 17:42:31 +02:00
Alexander A. Klimov
1eb274b550 Perfdata writers: disconnect handlers from signals in Pause() 
as they would be re-connected in Resume() (HA).

Before they were still connected during pause and connected X+1 times
after X split-brains (the same data was written X+1 times).
 2022-04-07 13:00:27 +02:00
Alexander A. Klimov
37bc27c301 Bump Boost to 1.78 2022-04-07 11:46:01 +02:00
Alexander A. Klimov
018f27c7c3 Bump OpenSSL to 1.1.1n 2022-04-07 11:44:00 +02:00
Yonas Habteab
e3f14883e9 Defer: Allow to cancel the callback before going out of scope 2022-04-07 11:30:50 +02:00
Alexander Aleksandrovič Klimov
92e688b94a
Merge pull request #9320 from Icinga/boost1.78 
Make compatible with Boost 1.78 (for Windows)
 2022-04-06 16:38:33 +02:00
Alexander Aleksandrovič Klimov
eebfd0284c
Merge pull request #9317 from Icinga/revert-9245-bugfix/adjust-behavior-of-service-get-severity-212 
Revert "Service#GetSeverity(): behave as the respective IDO query of Icinga Web"
 2022-04-06 13:39:41 +02:00
Alexander A. Klimov
1e0a0f7f9d Fix missing include 2022-04-06 12:44:49 +02:00
Edgar Fuß
bce291439c Avoid name clashes on case-insensitive file systems 
On case-insensitive file systems (i.e. macOS), the VERSION file collides with the Boost-provided version file on #include <version>.

Work around by re-naming VERSION to ICINGA2_VERSION.
 2022-04-06 12:43:13 +02:00
Julian Brost
f60a0111b7
Merge pull request #9313 from Icinga/9308 
IDO MySQL: explicitly use latin1
 2022-04-06 09:50:15 +02:00
Julian Brost
77aec49667
Revert "Service#GetSeverity(): behave as the respective IDO query of Icinga Web" 2022-04-01 15:06:47 +02:00
Alexander A. Klimov
11b8d0f058 IDO MySQL: reason latin1 charset for actually UTF-8 bytes 2022-03-31 18:10:21 +02:00
Alexander A. Klimov
245fbad1e5 IDO MySQL: explicitly use latin1 
for the case the MySQL client lib is compiled with another default
not to turn Unicode chars into ??.
 2022-03-31 15:04:45 +02:00
Alexander Aleksandrovič Klimov
16ca076262
Merge pull request #9305 from Icinga/bugfix/add-some-missing-locks-2.12 
Add some missing locks to prevent data races
 2022-03-30 10:54:45 +02:00
Yonas Habteab
7f9cbc8707 ConfigObject: Initialize local static var at declaration to ensure thread safety 2022-03-29 16:36:50 +02:00
Yonas Habteab
6ecf4fe4b5 ConfigItem: Use atomic variables for notified and commited items count 2022-03-29 16:36:50 +02:00
Julian Brost
5d2625c711
Merge pull request #9294 from Icinga/bugfix/override-default-template-apply-rules-7914 
Apply rules: import default templates first
 2022-03-29 16:03:46 +02:00
Alexander A. Klimov
07cd15f48f Apply rules: import default templates first 
... to allow to override the attributes they set.

refs #7914
 2022-03-24 14:04:58 +01:00
Julian Brost
2accf9962b
Merge pull request #9270 from Icinga/feature/subscription-212 
GHA: build RHEL and Amazon Linux
 2022-03-22 14:43:47 +01:00
Julian Brost
77eed19482
Merge pull request #9246 from Icinga/bugfix/timeperiod-dst-2.0-212 
LegacyTimePeriod::ScriptFunc: fix DST edge-cases
 2022-03-08 15:28:20 +01:00
Julian Brost
9dcd2da9b3
Merge pull request #9229 from Icinga/bugfix/processcheckresult-dependency-deadlock-2.12 
Prevent deadlock in ProcessCheckResult
 2022-03-07 11:15:11 +01:00
Julian Brost
26d78231dd Add tests for LegacyTimePeriod::ScriptFunc when used by TimePeriod::IsInside 2022-03-07 09:42:21 +01:00
Julian Brost
93217de515 LegacyTimePeriod::ScriptFunc: fix DST edge-cases 
This change fixes two problems:
* The internal functions used by ScriptFunc more or less expect to operate on
  full days, but ScriptFunc may have called them with some random timestamp
  during the day. This is fixed by always using midnight of the day as
  reference time.
* Previously, the code advanced a timestamp to the next day by adding 24 hours.
  On days with DST changes, this could either still be on the same day (a day
  may have 25 hours) or skip an entire day (a day may have 23 hours). This is
  fixed by using a struct tm to advance the time to the next day.
 2022-03-07 09:42:21 +01:00
Julian Brost
9e0459e5e1
Merge pull request #9245 from Icinga/bugfix/adjust-behavior-of-service-get-severity-212 
Service#GetSeverity(): behave as the respective IDO query of Icinga Web
 2022-03-07 09:24:13 +01:00
Julian Brost
7a1058993c
Merge pull request #9244 from Icinga/bugfix/doc-allow-to-change-severity-formula-across-icinga2-releases-212 
Doc: technical concepts: allow to change severity formula across Icin…
 2022-03-07 09:23:16 +01:00
Julian Brost
4bdde970df
Merge pull request #9243 from Icinga/bugfix/multi-ido-notification-id-212 
IDO: fix incorrect contacts in notification history with multiple IDO instances on a single node
 2022-03-07 09:22:17 +01:00
Alexander A. Klimov
a8969a7176 GHA: preserve .rpm job names 2022-03-02 18:18:53 +01:00
Alexander A. Klimov
0da0c69fdd GHA: build Amazon Linux 2022-03-02 18:18:53 +01:00
Alexander A. Klimov
f32c76e5c9 GHA: build RHEL 2022-03-02 18:18:53 +01:00
Alexander A. Klimov
04865cf077 GHA: correct subscription packages repo 2022-03-02 18:18:53 +01:00
Alexander A. Klimov
978d3d0e59 GHA: new subscription packages repo access token 
with more permissions and URL-friendlier login name.
 2022-03-02 18:18:53 +01:00
Alexander A. Klimov
f1145606cb GHA: explicitly specify whether $DISTRO packages require subscription 
to have all info at one place in the file.
 2022-03-02 18:18:53 +01:00
Julian Brost
0ccd7b799c
Merge pull request #9247 from Icinga/bugfix/influxdb-writer-synchronization-212 
Fix unsafe concurrent access to m_DataBuffer in InfluxdbWriter
 2022-03-01 15:07:48 +01:00