From 8f30eb129baf647d3c5e18b09def8ef5b7eb5b61 Mon Sep 17 00:00:00 2001 From: Raphael 'kena' Poss Date: Tue, 25 Aug 2020 10:28:32 +0200 Subject: [PATCH] flags: mark `--insecure` as deprecated Release note (cli change): The command-line `--insecure` has been marked as deprecated. See https://go.crdb.dev/issue/53404 for details. The flag will be removed in a later version in a staged fashion: first, additional security mechanisms will be added to enable more flexible deployments which were previously done using `--insecure`; then the flaf will be removed from server commands, then finally in a later version also from client commands. --- pkg/cli/flags.go | 10 ++++++++++ pkg/cmd/roachtest/cli.go | 9 ++++++++- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/pkg/cli/flags.go b/pkg/cli/flags.go index 270e7571ac9e..3fb6a48bebab 100644 --- a/pkg/cli/flags.go +++ b/pkg/cli/flags.go @@ -25,6 +25,7 @@ import ( "github.com/cockroachdb/cockroach/pkg/security" "github.com/cockroachdb/cockroach/pkg/server/telemetry" "github.com/cockroachdb/cockroach/pkg/util/envutil" + "github.com/cockroachdb/cockroach/pkg/util/errorutil/unimplemented" "github.com/cockroachdb/cockroach/pkg/util/humanizeutil" "github.com/cockroachdb/cockroach/pkg/util/log" "github.com/cockroachdb/cockroach/pkg/util/log/logflags" @@ -390,6 +391,8 @@ func init() { // Use a separate variable to store the value of ServerInsecure. // We share the default with the ClientInsecure flag. boolFlag(f, &startCtx.serverInsecure, cliflags.ServerInsecure) + _ = f.MarkDeprecated(cliflags.ServerInsecure.Name, "it will be removed in a subsequent release.\n"+ + "For details, see: "+unimplemented.MakeURL(53404)) // Enable/disable various external storage endpoints. boolFlag(f, &serverCfg.ExternalIODirConfig.DisableHTTP, cliflags.ExternalIODisableHTTP) @@ -555,6 +558,8 @@ func init() { _ = f.MarkHidden(cliflags.ClientPort.Name) boolFlag(f, &baseCfg.Insecure, cliflags.ClientInsecure) + _ = f.MarkDeprecated(cliflags.ServerInsecure.Name, "it will be removed in a subsequent release.\n"+ + "For details, see: "+unimplemented.MakeURL(53404)) // Certificate flags. stringFlag(f, &baseCfg.SSLCertsDir, cliflags.CertsDir) @@ -735,6 +740,8 @@ func init() { varFlag(f, demoNodeSQLMemSizeValue, cliflags.DemoNodeSQLMemSize) varFlag(f, demoNodeCacheSizeValue, cliflags.DemoNodeCacheSize) boolFlag(f, &demoCtx.insecure, cliflags.ClientInsecure) + _ = f.MarkDeprecated(cliflags.ServerInsecure.Name, "it will be removed in a subsequent release.\n"+ + "For details, see: "+unimplemented.MakeURL(53404)) boolFlag(f, &demoCtx.disableLicenseAcquisition, cliflags.DemoNoLicense) // Mark the --global flag as hidden until we investigate it more. boolFlag(f, &demoCtx.simulateLatency, cliflags.Global) @@ -799,6 +806,9 @@ func init() { // (which is a PreRun for this command): _ = extraServerFlagInit // guru assignment boolFlag(f, &startCtx.serverInsecure, cliflags.ServerInsecure) + _ = f.MarkDeprecated(cliflags.ServerInsecure.Name, "it will be removed in a subsequent release.\n"+ + "For details, see: "+unimplemented.MakeURL(53404)) + stringFlag(f, &startCtx.serverSSLCertsDir, cliflags.ServerCertsDir) // NB: this also gets PreRun treatment via extraServerFlagInit to populate BaseCfg.SQLAddr. varFlag(f, addrSetter{&serverSQLAddr, &serverSQLPort}, cliflags.ListenSQLAddr) diff --git a/pkg/cmd/roachtest/cli.go b/pkg/cmd/roachtest/cli.go index 555382f86d1a..4f05a95898c7 100644 --- a/pkg/cmd/roachtest/cli.go +++ b/pkg/cmd/roachtest/cli.go @@ -28,7 +28,14 @@ func runCLINodeStatus(ctx context.Context, t *test, c *cluster) { lastWords := func(s string) []string { var result []string - for _, line := range strings.Split(s, "\n") { + lines := strings.Split(s, "\n") + // v20.1 introduces a deprecation notice for --insecure. Skip over it. + // TODO(knz): Remove this when --insecure is dropped. + // See: https://github.com/cockroachdb/cockroach/issues/53404 + if len(lines) > 0 && strings.HasPrefix(lines[0], "Flag --insecure has been deprecated") { + lines = lines[2:] + } + for _, line := range lines { words := strings.Fields(line) if n := len(words); n > 0 { result = append(result, words[n-2]+" "+words[n-1])