CodeQL has caught several instances where we may be susceptible to [log
forgery][cql].
This change ensures that we strip newlines from log messages that
include potentially user-supplied strings. Several redundant error logs
are removed--we should generally not log an error when returning an
error. Errors should be logged where they are handled.
This change also properly escapes URL paths when constructing them from
protobuf messages.
Note that CodeQL continued to mark some of these uses as issues, but
we've marked them as false-positive. See github/codeql-go#635 and
github/codeql-go#650.
[cql]: https://codeql.github.com/codeql-query-help/go/go-log-injection/
Signed-off-by: Oliver Gould <ver@buoyant.io>
Fixes https://github.com/linkerd/linkerd2/discussions/5777
When a user runs `linkerd viz check --proxy`, it will print a warning if there are any proxies which cannot be tapped. This is a normal state of affairs after freshly installing the linkerd-viz extensions because any existing pods will need to be restarted before they can be tapped. The check warning may lead users to falsely believe that something has gone wrong with their installation.
We remove this specific check from `linkerd viz check --proxy`. To replace it, we improve the error output when attempting to tap a resource which is not tappable. This gives the user actionable feedback when the tap command fails.
Old:
```console
> linkerd viz tap -n emojivoto deploy/vote-bot
no pods to tap for deployment/vote-bot
```
New:
```console
> linkerd viz tap -n emojivoto deploy/vote-bot
no pods to tap for deployment/vote-bot
1 pods found with tap not enabled:
* vote-bot-64dd87cb87-7mcv4
restart these pods to enable tap and make them valid tap targets
```
Signed-off-by: Alex Leong <alex@buoyant.io>
Closes#5545.
This change moves all tap and tap-injector code into the viz directory.
The tap and tap-injector components now also use a new tap image—separating
these components from the controller image that they are currently part of. This
means the controller image has removed all its build dependencies related to
tap.
Finally, the tap Protobuf has been separated from the metrics-api and moved into
it's own `.proto` file and gen directory. This introduces a clear split between
metrics-api and tap Protobuf.
There is no change in behavior for the `viz tap` command.
### Reviewing
#### Docker images
All the bin directory scripts should be updated to build and load the tap image.
All the CI workflows should be updated to build and push the tap image.
#### Controller and pkg directories
This is primarily deletions. Most of the deleted code in this directory is now
in the tap directory of the Viz extension.
#### viz/tap
This is the location that all the tap related code now lives in. New files are
mostly moved from the controller and pkg directories. Imports have all been
updated to point at the right locations and Protobuf.
The Protobuf here is taken from metrics-api and contains all tap-related
Protobuf.
Signed-off-by: Kevin Leimkuhler <kevin@kleimkuhler.com>
Oliver Gould
dependabot[bot]
Alex Leong
Mayank Shah
Kevin Leimkuhler