-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add functionality to helm chart to allow image digest for controllerImage #11313
Conversation
adamshawvipps
commented
Aug 29, 2023
Is this a duplicate of #11278 ? |
Hi @adleong as a second reviewer's approval is needed, will another reviewer independently take that initiative or do one of us need to explicitly ask another maintainer? Thank you! |
@cromulentbanana the DCO sign off on your commit appears to have failed. how to we rectify that? |
I'm sorry, that was an oversight on my part. Perhaps the fastest solution might be, either revert or amend that commit with the sign-off as your own user. I'm not entirely sure that a If you're unable or unwilling to do that, I can address this later today. |
@cromulentbanana I think we got there in the end @alpeb are all the concerns addressed now? |
This release introduces direct pod-to-pod multicluster service mirroring. When clusters are deployed on a flat network, Linkerd can export multicluster services in a way where cross-cluster traffic does not need to go through the gateway. This enhances multicluster authentication and can reduce the need for provisioning public load balancers. In addition, this release adds support for the [Gateway API](https://gateway-api.sigs.k8s.io/) HTTPRoute resource (in the `gateway.networking.k8s.io` api group). This improves compatibility with other tools that use these resources such as [Flagger](https://flagger.app/) and [Argo Rollouts](https://argoproj.github.io/rollouts/). The release also includes a large number of features and improvements to HTTPRoute including the ability to set timeouts and the ability to define consumer-namespace HTTPRoutes. Finally, this release includes a number of bugfixes, performance improvements, and other smaller additions. **Upgrade notes**: Please see the [upgrade instructions](https://linkerd.io/2/tasks/upgrade/#upgrade-notice-stable-2140). * Multicluster * Remove namespace field from cluster scoped resources to fix pruning * Added -o json flag for the `linkerd multicluster gateways` command (thanks @hiteshwani29) * Introduced `logFormat` value to the multicluster `Link` Helm Chart (thanks @bunnybilou!) * Added leader-election capabilities to the service-mirror controller * Added high-availability (HA) mode for the multicluster service-mirror * Added a new `remoteDiscoverySelector` field to the multicluster `Link` CRD, which enables a service mirroring mode where the control plane performs discovery for the mirrored service from the remote cluster, rather than creating Endpoints for the mirrored service in the source cluster * HTTPRoute * Fixed `linkerd uninstall` issue for HTTPRoute * Added support for `gateway.networking.k8s.io` HTTPRoutes in the policy controller * Added support for RequestHeaderModifier and RequestRedirect HTTP filters in outbound policy; filters may be added at the route or backend level * Added support for the `ResponseHeaderModifier` HTTPRoute filter * Added support for HTTPRoutes defined in the consumer namespace * Added support for HTTPRoute `parent_refs` that do not specify a port * CRDs * Patched the MeshTLSAuthentication CRD to force providing at least one identity/identityRef * Control Plane * Send Opaque protocol hint for opaque ports in destination controller * Replaced deprecated `failure-domain.beta.kubernetes.io/zone` labels in Helm charts with `topology.kubernetes.io/zone` labels (thanks @piyushsingariya!) * Replaced `server_port_subscribers` Destination controller gauge metric with `server_port_subscribes` and `server_port_unsubscribes` counter metrics * Proxy * Handle Opaque protocol hints on endpoints * Added `outbound_http_balancer_endpoints` metric * Fixed missing route_ metrics for requests with ServiceProfiles * Fixed proxy startup failure when using the `config.linkerd.io/admin-port` annotation (thanks @jclegras!) * Added distinguishable version information to proxy logs and metrics * CLI * The `linkerd diagnostics policy` command now displays outbound policy when the target resource is a Service * A fix for HA validation checks when Linkerd is installed with Helm. Thanks @mikutas!! * Viz * Add the `kubelet` NetworkAuthentication back since it is used by the `linkerd viz allow-scrapes` subcommand. * Fixed the `linkerd viz check` command so that it will wait until the viz extension becomes ready * Fixed an issue where specifying a `remote_write` config would cause the Prometheus config to be invalid (thanks @hiteshwani29) * Improved validation of the `--to` and `--from` flags for the `linkerd viz stat` command (thanks @pranoyk) * Added `-o jsonpath` flag to `linkerd viz tap` to allow filtering output fields (thanks @hiteshwani29!) * Fixed a Grafana error caused by an incorrect datasource (thanks @albundy83!) * Fixed missing "Services" menu item in the Spanish localization for the `linkerd-viz` web dashboard (thanks @mclavel!) * Extensions * Added missing label `linkerd.io/extension` to certain resources to ensure they pruned when appropriate (thanks @ClementRepo) * Added tolerations and nodeSelector support in extensions `namespace-metadata` Jobs (thanks @pssalman!) * Init Containers * Added an option for disabling the network validator's security context for environments that provide their own * CNI * Added --set flag to install-cni plugin (thanks @amit-62!) * Fixed missing resource-cni labels on linkerd-cni, this blocked the linkerd-cni pods from coming up when the injector was broken (thanks @migueleliasweb!) * Build * Build improvements for multi-arch build artifacts. Thanks @MarkSRobinson!! This release includes changes from a massive list of contributors! A special thank-you to everyone who helped make this release possible: * Amir Karimi @AMK9978 * Amit Kumar @amit-62 * Andre Marcelo-Tanner @kzap * Andrew @andrew-gropyus * Arnaud Beun @bunnybilou * Clement @proxfly * Dima @krabradosty * Grégoire Bellon-Gervais @albundy83 * Harsh Soni @harsh020 * Jean-Charles Legras @jclegras * Loong Dai @daixiang0 * Mark Robinson @MarkSRobinson * Miguel Elias dos Santos @migueleliasweb * Pranoy Kumar Kundu @pranoyk * Ryan Hristovski @ryanhristovski * Takumi Sue @mikutas * Zakhar Bessarab @zekker6 * hiteshwani29 @hiteshwani29 * pheianox * pssalman @pssalman Signed-off-by: Alex Leong <[email protected]> Signed-off-by: Adam Shaw <[email protected]>
Signed-off-by: Adam Shaw <[email protected]>
Signed-off-by: Adam Shaw <[email protected]>
Signed-off-by: Adam Shaw <[email protected]>
Signed-off-by: Adam Shaw <[email protected]>
Signed-off-by: Adam Shaw <[email protected]>
The `linkerd-meshtls-boring` crate currently uses a Git dependency on `boring` and `tokio-boring`. This is because, when this crate was initially introduced, the proxy required unreleased changes to these crates. Now, however, upstream has published all the changes we depended on (this happened ages ago), and we can depend on these libraries from crates.io. This branch removes the Git deps and updates to v3.0.0 of `boring`/`tokio-boring`. I've also changed the `cargo-deny` settings to no longer allow Git deps on these crates, as we no longer depend on them from Git. --- * build(deps): use published version of `boring` (linkerd/linkerd2-proxy#2454) Signed-off-by: Eliza Weisman <[email protected]> Signed-off-by: Adam Shaw <[email protected]>
Nexxiot is no longer using Linkerd2 as we completely removed service mesh from our technology stack. Signed-off-by: alex-berger <[email protected]> Signed-off-by: Adam Shaw <[email protected]>
…1306) Signed-off-by: Alen Haric <[email protected]> Signed-off-by: Adam Shaw <[email protected]>
Bumps [eslint-plugin-react](https://github.com/jsx-eslint/eslint-plugin-react) from 7.33.1 to 7.33.2. - [Release notes](https://github.com/jsx-eslint/eslint-plugin-react/releases) - [Changelog](https://github.com/jsx-eslint/eslint-plugin-react/blob/master/CHANGELOG.md) - [Commits](jsx-eslint/eslint-plugin-react@v7.33.1...v7.33.2) --- updated-dependencies: - dependency-name: eslint-plugin-react dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Adam Shaw <[email protected]>
Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 11.0.0 to 12.0.0. - [Release notes](https://github.com/davidanson/markdownlint-cli2-action/releases) - [Commits](DavidAnson/markdownlint-cli2-action@8f35160...3aaa38e) --- updated-dependencies: - dependency-name: DavidAnson/markdownlint-cli2-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Adam Shaw <[email protected]>
When issuing `linkerd mc gateways` with no links, the command waited till it timed out (30s by default) before showing an empty table. This change refactors the concurrency code in `getGatewayMetrics()` to avoid that. Also the `linkerd mc link -h` help text for the `--gateway` flag was showing a dupe default value: ``` If false, allows a link to be created against a cluster that does not have a gateway service (default true) (default true) ``` Signed-off-by: Adam Shaw <[email protected]>
Bumps [jest-environment-jsdom](https://github.com/jestjs/jest/tree/HEAD/packages/jest-environment-jsdom) from 29.6.1 to 29.6.4. - [Release notes](https://github.com/jestjs/jest/releases) - [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/jestjs/jest/commits/v29.6.4/packages/jest-environment-jsdom) --- updated-dependencies: - dependency-name: jest-environment-jsdom dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Adam Shaw <[email protected]>
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4.0.1 to 4.1.0. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@fac708d...93397be) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Adam Shaw <[email protected]>
Bumps [@babel/eslint-parser](https://github.com/babel/babel/tree/HEAD/eslint/babel-eslint-parser) from 7.22.9 to 7.22.11. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.22.11/eslint/babel-eslint-parser) --- updated-dependencies: - dependency-name: "@babel/eslint-parser" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Adam Shaw <[email protected]>
…erd#11179) Signed-off-by: Takumi Sue <[email protected]> Signed-off-by: Adam Shaw <[email protected]>
…11328) * stopgap fix for hostport staleness ## Problem When there's a pod with a `hostPort` entry, `GetProfile` requests targetting the host's IP and that `hostPort` return an endpoint profile with that pod's IP and `containerPort`. If that pod vanishes and another one in that same host with that same `hostPort` comes up, the existing `GetProfile` streams won't get updated with the new pod information (metadata, identity, protocol). That breaks the connectivity of the client proxy relying on that stream. ## Partial Solution It should be less surprising for those `GetProfile` requests to return an endpoint profile with the same host IP and port requested, and leave to the cluster's CNI to peform the translation to the corresponding pod IP and `containerPort`. This PR performs that change, but continuing returning the corresponding pod's information alongside. If the pod associated to that host IP and port changes, the client proxy won't loose connectivity, but the pod's information won't get updated (that'll be fixed in a separate PR). A new unit test validating this has been added, which will be expanded to validate the changed pod information when that gets implemented. ## Details of Change - We no longer do the HostPort->ContainerPort conversion, so the `getPortForPod` function was dropped. - The `getPodByIp` function will now be split in two: `getPodByPodIP` and `getPodByHostIP`, the latter being called only if the former doesn't return anything. - The `createAddress` function is now simplified in that it just uses the passed IP to build the address. The passed IP will depend on which of the two functions just mentioned returned the pod (host IP or pod IP) Signed-off-by: Adam Shaw <[email protected]>
This commit updates `rustls-webpki` from v0.101.3 to v0.104.0. Signed-off-by: Adam Shaw <[email protected]>
…1355) Bumps [chai](https://github.com/chaijs/chai) from 4.3.7 to 4.3.8. - [Release notes](https://github.com/chaijs/chai/releases) - [Changelog](https://github.com/chaijs/chai/blob/4.x.x/History.md) - [Commits](chaijs/chai@v4.3.7...v4.3.8) --- updated-dependencies: - dependency-name: chai dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Adam Shaw <[email protected]>
Bumps [@babel/eslint-parser](https://github.com/babel/babel/tree/HEAD/eslint/babel-eslint-parser) from 7.22.11 to 7.22.15. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.22.15/eslint/babel-eslint-parser) --- updated-dependencies: - dependency-name: "@babel/eslint-parser" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Adam Shaw <[email protected]>
Bumps [@babel/preset-react](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-react) from 7.22.5 to 7.22.15. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.22.15/packages/babel-preset-react) --- updated-dependencies: - dependency-name: "@babel/preset-react" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Adam Shaw <[email protected]>
…linkerd#11351) Bumps [peter-evans/repository-dispatch](https://github.com/peter-evans/repository-dispatch) from 2.1.1 to 2.1.2. - [Release notes](https://github.com/peter-evans/repository-dispatch/releases) - [Commits](peter-evans/repository-dispatch@26b39ed...bf47d10) --- updated-dependencies: - dependency-name: peter-evans/repository-dispatch dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Adam Shaw <[email protected]>
lingui/cli manages locales, extracts messages from source files and compiles message catalogs for production use. Dependabot's bump seems to fail since lingui/cli requires at least node v16, and the current Dockerfile uses node v14. This change updates the web dockerfile to use node v20 and also configures the JS web test runner to use node v20. Lingui/cli's migration docs are covered in https://lingui.dev/releases/migration-4#backward-incompatible-changes for migrating from v3.x.x to v4.x.x. Signed-off-by: Matei David <[email protected]> Signed-off-by: Adam Shaw <[email protected]>
…d#11346) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.2 to 3.1.3. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@0b7f8ab...a8a3f3a) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Adam Shaw <[email protected]>
from destination and proxy-injector Fixes linkerd#10778 Signed-off-by: Takumi Sue <[email protected]> Signed-off-by: Adam Shaw <[email protected]>
This commit changes the `linkerd-meshtls-rustls` crate to use the upstream `rustls-webpki` crate, maintained by Rustls, rather than our fork of `briansmith/webpki` from GitHub. Since `rustls-webpki` includes the change which was the initial motivation for the `linkerd/webpki` fork (rustls/webpki#42), we can now depend on upstream. Currently, we must take a Git dependency on `rustls-webpki`, since a release including a fix for an issue (rustls/webpki#167) which prevents `rustls-webpki` from parsing our test certificates has not yet been published. Once v0.101.5 of `rustls-webpki` is published (PR see rustls/webpki#170), we can remove the Git dep. For now, I've updated `cargo-deny` to allow the Git dependency. --- * use `rustls-webpki` instead of `linkerd/webpki` (linkerd/linkerd2-proxy#2465) Signed-off-by: Eliza Weisman <[email protected]> Signed-off-by: Adam Shaw <[email protected]>
Fixes linkerd#11280 Signed-off-by: Takumi Sue <[email protected]> Signed-off-by: Adam Shaw <[email protected]>
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.3 to 4.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@c85c95e...3df4ab1) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Adam Shaw <[email protected]>
This edge release updates the proxy's dependency on the `webpki` library to patch security vulnerability [RUSTSEC-2023-0052] (GHSA-8qv2-5vq6-g2g7), a potential CPU usage denial-of-service attack when accepting a TLS handshake from an untrusted peer with a maliciously-crafted certificate. * Addressed security vulnerability [RUSTSEC-2023-0052] in the proxy (linkerd#11361) * Fixed `linkerd check --proxy` incorrectly checking the proxy version of pods in the `completed` state (thanks @mikutas!) (linkerd#11295; fixes linkerd#11280) * Removed unnecessary `linkerd.io/helm-release-version` annotation from the `linkerd-control-plane` Helm chart (thanks @mikutas!) (linkerd#11329; fixes linkerd#10778) [RUSTSEC-2023-0052]: https://rustsec.org/advisories/RUSTSEC-2023-0052.html Signed-off-by: Adam Shaw <[email protected]>
Signed-off-by: Alex Leong <[email protected]> Signed-off-by: Adam Shaw <[email protected]>
…nt env (linkerd#11283) This PR changes a variety of things: 1. Changes value `collector.config` from a string to an object to support field level merging/changing without having to copy/paste the entire unchanged portion of the config. 2. Changes the default `collector.config` for sensible out of the box Linkerd tracing use-case: 1. Only `opencensus` receiver (the format `linkerd-proxy` emits when configured for tracing) 2. `resource` processor that maps the Pod name and namespace labels `linkerd-proxy` sets on injected Pods to the fields the `k8sattributes` processor expects for looking up the trace's source Pod. 3. `k8sattributes` processor for decorating all traces with K8s metadata. 3. Standardizes `image.pullPolicy` behavior across all components and defaults to absent/null `imagePullPolicy` such that the K8s cluster configuration is used. 4. Adds collector RBAC needed for `k8sattributes` to lookup trace source K8s workloads 5. Adds collector ConfigMap checksum to rollout new Pod(s) when config is changed. 6. Adds/parameterizes the collector container command with value `collector.command`. 7. Changes collector image from [opentelemetry-collector](https://github.com/open-telemetry/opentelemetry-collector) to [opentelemetry-collector-contrib](https://github.com/open-telemetry/opentelemetry-collector-contrib) which includes additional connectors, exporters, extensions, processors, receivers. 8. Adds value `collector.env` for additional collector Deployment environment variables. Signed-off-by: Cameron Boulton <[email protected]> Signed-off-by: Adam Shaw <[email protected]>
…nkerd#11366) Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.10.0 to 3.0.0. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@885d146...f95db51) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Adam Shaw <[email protected]>
A git related "dubious ownership" error was preventing the go format action from running in CI. As a result of go formatting not getting checked in CI, some go formatting drift has been introduced. Add the appropriate git config command to resolve dubious ownership so that go format checking is run in CI. Signed-off-by: Alex Leong <[email protected]> Signed-off-by: Adam Shaw <[email protected]>
…kerd#11364) Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 39.0.1 to 39.0.2. - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](tj-actions/changed-files@246636f...6ee9cdc) --- updated-dependencies: - dependency-name: tj-actions/changed-files dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Adam Shaw <[email protected]>
…rd#11369) Bumps [k8s.io/kube-aggregator](https://github.com/kubernetes/kube-aggregator) from 0.27.4 to 0.28.2. - [Commits](kubernetes/kube-aggregator@v0.27.4...v0.28.2) --- updated-dependencies: - dependency-name: k8s.io/kube-aggregator dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Adam Shaw <[email protected]>
…erd#11222) Need to be able to set labels on Pod Monitors add a labels section to podMonitor Helm Lint/Helm Template Fixes #[11175] Signed-off-by: Justin S <[email protected]> Signed-off-by: Adam Shaw <[email protected]>
We intermittently see flaky policy integration test failures like: ``` failures: either thread 'either' panicked at 'assertion failed: `(left == right)` left: `7`, right: `0`: blessed uninjected curl must succeed', policy-test/tests/e2e_server_authorization.rs:293:9 ``` This test failure is saying that the curl process is returning an exit code of 7 instead of the expected exit code of 0. This exit code indicates that curl failed to establish a connection. https://everything.curl.dev/usingcurl/returns It's unclear why this connection occasionally fails in CI and I have not been able to reproduce this failure locally. However, by looking at the logic of the integration test, we can see that the integration test creates the `web` Service and the `web` Pod and waits for that pod to become ready before unblocking the curl from executing. This means that, theoretically, there could be a race condition between the test and the kubernetes endpoints controller. As soon as the web pod becomes ready, the endpoints controller will update the endpoints resource for the `web` Service and at the same time, our test will unblock the curl command. If the test wins this race, it is possible that curl will run before the endpoints resource has been updated. We add an additional wait condition to the test to wait until the endpoints resource has an endpoint before unblocking curl. Since I could not reproduce the test failure locally, it is impossible to say if this is actually the cause of the flakiness or if this change fixes it. Signed-off-by: Alex Leong <[email protected]> Signed-off-by: Adam Shaw <[email protected]>
Signed-off-by: Adam Shaw <[email protected]>
Signed-off-by: Adam Shaw <[email protected]>
Hi @adamshawvipps, I think something has gone wrong with your git branch. Can you try making sure that your For future reference, there are a number of different ways to agree to the DCO including by public statement, if that's easier. https://github.com/linkerd/linkerd2/blob/main/CONTRIBUTING.md#developer-certificate-of-origin |
@adleong thanks for your help. I attempted to update the branch. Please let me know how it looks now |
hi @adamshawvipps this PR currently modifies 131 files over 48 commits -- that doesn't seem right to me. For illustrative purposes, in my own git remote, I've rebased your original feature branch (main) on that of upstream -- you can find it here: https://github.com/cromulentbanana/linkerd2. Hope that helps. I expect that if you fetch my repo and reset your |
hi @adamshawvipps would you prefer to fix this PR or shall we abandon it and go forward with #11406 ? |
I believe that this can be closed now that #11406 has been merged |