Skip to content
This repository has been archived by the owner on Jun 4, 2024. It is now read-only.

Drop swallow of trace.BadParameter errors in SearchEvents #1062

Merged
merged 2 commits into from
May 6, 2024
Merged

Drop swallow of trace.BadParameter errors in SearchEvents #1062

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
a1faad7
Drop swallow of `trace.BadParameter` errors in `SearchEvents`
tigrato May 2, 2024
3091466
Merge branch 'master' into tigrato/remove-error-swallow
tigrato May 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 1 addition & 32 deletions event-handler/teleport_events_watcher.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -151,26 +151,7 @@ func (t *TeleportEventsWatcher) flipPage() bool {
func (t *TeleportEventsWatcher) fetch(ctx context.Context) error {
log := logger.Get(ctx)
b, nextCursor, err := t.getEvents(ctx)
// When a trace.BadParameter error is returned, it means that the Teleport event handler
// protobuf version is incompatible with the Teleport Auth protobuf version.
// This is a fatal error and the event handler should exit because it won't be able to parse the
// event that is supported by the newer version of Teleport Auth but not by the
// older version of Teleport event handler.
// Teleport event handler compatibility is strictly tied to the Teleport Auth version
// and it should be updated to the latest version when the Teleport Auth
// version is updated. Event handler breaks our compatibility promise of supporting
// clients 1 major version behind Auth. We don't support older versions of event handler
// with newer versions of Teleport Auth even if they are in the same major version
// because we can not guarantee that the handler will be able to parse the events
// introduced between minor or patch versions of Teleport Auth.
// This is a temporary solution until we have a better way to handle this.
if trace.IsBadParameter(err) {
return trace.BadParameter(
"Teleport event handler version is incompatible with the Teleport Auth version. " +
"Please update Teleport event handler to the same version as the Teleport Auth server to resume operations. \n" +
authServerVersionMessage(ctx, t.client),
)
} else if err != nil {
if err != nil {
return trace.Wrap(err)
}

Expand Down Expand Up @@ -364,15 +345,3 @@ func (t *TeleportEventsWatcher) UpsertLock(ctx context.Context, user string, log

return t.client.UpsertLock(ctx, lock)
}

// authServerVersionMessage returns a message to be printed with the auth server
// and plugin versions if the auth server version is incompatible with the plugin.
// It returns an empty string if the auth version cannot be determined.
func authServerVersionMessage(ctx context.Context, client TeleportSearchEventsClient) string {
rsp, err := client.Ping(ctx)
if err != nil {
log.WithError(err).Warn("unable to get auth server version")
return ""
}
return fmt.Sprintf("Auth server version %v; Teleport event handler version %v", rsp.ServerVersion, Version)
}
Loading