roachprod: add sufficient tenant ids when creating v22.2 client certs#136319
roachprod: add sufficient tenant ids when creating v22.2 client certs#136319craig[bot] merged 1 commit intocockroachdb:masterfrom
Conversation
|
This change is |
|
Passing run of |
| TENANT_SCOPE_OPT="" | ||
| if [[ $VERSION = v22.2 ]]; then | ||
| TENANT_SCOPE_OPT="--tenant-scope 1,2,3,4,11,12,13,14" | ||
| TENANT_SCOPE_OPT="--tenant-scope $(echo {1..100} | tr ' ' ,)" |
There was a problem hiding this comment.
Nit: I'd still enclose the delimiter in quotes for ease of (human) parsing; i.e., ','
In v22.2, tenant ids must be specified when creating client certs. Previously, only a select number tenant ids of were specified. Those ids were chosen to match the hardcoded ids used by the old multitenant roachprod framework. Now that the new mt framework assigns ids sequentially, we see that creating tenants with ids not specified causes auth issues on clusters bootstrapped on 22.2. Since there should be no drawback to assigning more valid tenant ids than needed, we now add tenants 1 to 100. This should be more than enough for roachprod/roachtest. Fixes: cockroachdb#133282 Epic: none Relese note: none
3d7c384 to
75758a6
Compare
|
TFTRs bors r=srosenberg, herkolategan |
|
Based on the specified backports for this PR, I applied new labels to the following linked issue(s). Please adjust the labels as needed to match the branches actually affected by the issue(s), including adding any known older branches. Issue #133282: branch-release-24.1, branch-release-24.2. 🦉 Hoot! I am a Blathers, a bot for CockroachDB. My owner is dev-inf. |
|
Encountered an error creating backports. Some common things that can go wrong:
You might need to create your backport manually using the backport tool. error creating merge commit from 75758a6 to blathers/backport-release-24.1-136319: POST https://api.github.com/repos/cockroachdb/cockroach/merges: 409 Merge conflict [] you may need to manually resolve merge conflicts with the backport tool. Backport to branch 24.1.x failed. See errors above. 🦉 Hoot! I am a Blathers, a bot for CockroachDB. My owner is dev-inf. |
In v22.2, tenant ids must be specified when creating client certs. Previously, only a select number tenant ids of were specified. Those ids were chosen to match the hardcoded ids used by the old multitenant roachprod framework.
Now that the new mt framework assigns ids sequentially, we see that creating tenants with ids not specified causes auth issues on clusters bootstrapped on 22.2. Since there should be no drawback to assigning more valid tenant ids than needed, we now add tenants 1 to 100. This should be more than enough for roachprod/roachtest.
Fixes: #133282
Epic: none
Relese note: none