diff --git a/api/client/client_test.go b/api/client/client_test.go index 1b24b457cdf4f..c6aa6ec503c15 100644 --- a/api/client/client_test.go +++ b/api/client/client_test.go @@ -30,6 +30,7 @@ import ( "github.com/gravitational/teleport/api/client/proto" "github.com/gravitational/teleport/api/defaults" "github.com/gravitational/teleport/api/types" + "google.golang.org/grpc/credentials/insecure" "github.com/gravitational/trace" "github.com/gravitational/trace/trail" @@ -290,7 +291,7 @@ func TestNew(t *testing.T) { &mockInsecureTLSCredentials{}, // TODO(Joerger) replace insecure credentials }, DialOpts: []grpc.DialOption{ - grpc.WithInsecure(), // TODO(Joerger) remove insecure dial option + grpc.WithTransportCredentials(insecure.NewCredentials()), // TODO(Joerger) remove insecure dial option }, }, assertErr: require.NoError, @@ -304,7 +305,7 @@ func TestNew(t *testing.T) { &tlsConfigCreds{nil}, }, DialOpts: []grpc.DialOption{ - grpc.WithInsecure(), // TODO(Joerger) remove insecure dial option + grpc.WithTransportCredentials(insecure.NewCredentials()), // TODO(Joerger) remove insecure dial option }, }, assertErr: require.NoError, @@ -317,7 +318,7 @@ func TestNew(t *testing.T) { &mockInsecureTLSCredentials{}, // TODO(Joerger) replace insecure credentials }, DialOpts: []grpc.DialOption{ - grpc.WithInsecure(), // TODO(Joerger) remove insecure dial option + grpc.WithTransportCredentials(insecure.NewCredentials()), // TODO(Joerger) remove insecure dial option }, }, assertErr: func(t require.TestingT, err error, _ ...interface{}) { @@ -331,7 +332,7 @@ func TestNew(t *testing.T) { &mockInsecureTLSCredentials{}, // TODO(Joerger) replace insecure credentials }, DialOpts: []grpc.DialOption{ - grpc.WithInsecure(), // TODO(Joerger) remove insecure dial option + grpc.WithTransportCredentials(insecure.NewCredentials()), // TODO(Joerger) remove insecure dial option }, }, assertErr: func(t require.TestingT, err error, _ ...interface{}) { @@ -372,7 +373,7 @@ func TestNewDialBackground(t *testing.T) { &mockInsecureTLSCredentials{}, // TODO(Joerger) replace insecure credentials }, DialOpts: []grpc.DialOption{ - grpc.WithInsecure(), // TODO(Joerger) remove insecure dial option + grpc.WithTransportCredentials(insecure.NewCredentials()), // TODO(Joerger) remove insecure dial option }, }) require.NoError(t, err) @@ -410,7 +411,7 @@ func TestWaitForConnectionReady(t *testing.T) { &mockInsecureTLSCredentials{}, // TODO(Joerger) replace insecure credentials }, DialOpts: []grpc.DialOption{ - grpc.WithInsecure(), // TODO(Joerger) remove insecure dial option + grpc.WithTransportCredentials(insecure.NewCredentials()), // TODO(Joerger) remove insecure dial option }, }) require.NoError(t, err) @@ -443,7 +444,7 @@ func TestLimitExceeded(t *testing.T) { &mockInsecureTLSCredentials{}, // TODO(Joerger) replace insecure credentials }, DialOpts: []grpc.DialOption{ - grpc.WithInsecure(), // TODO(Joerger) remove insecure dial option + grpc.WithTransportCredentials(insecure.NewCredentials()), // TODO(Joerger) remove insecure dial option }, }) require.NoError(t, err) @@ -495,7 +496,7 @@ func TestListResources(t *testing.T) { &mockInsecureTLSCredentials{}, // TODO(Joerger) replace insecure credentials }, DialOpts: []grpc.DialOption{ - grpc.WithInsecure(), // TODO(Joerger) remove insecure dial option + grpc.WithTransportCredentials(insecure.NewCredentials()), // TODO(Joerger) remove insecure dial option }, }) require.NoError(t, err) @@ -536,7 +537,7 @@ func TestGetResources(t *testing.T) { &mockInsecureTLSCredentials{}, // TODO(Joerger) replace insecure credentials }, DialOpts: []grpc.DialOption{ - grpc.WithInsecure(), // TODO(Joerger) remove insecure dial option + grpc.WithTransportCredentials(insecure.NewCredentials()), // TODO(Joerger) remove insecure dial option }, }) require.NoError(t, err) diff --git a/lib/backend/firestore/firestorebk.go b/lib/backend/firestore/firestorebk.go index 5ca7385aff39d..9fb6cb5bb9d34 100644 --- a/lib/backend/firestore/firestorebk.go +++ b/lib/backend/firestore/firestorebk.go @@ -27,6 +27,7 @@ import ( adminpb "google.golang.org/genproto/googleapis/firestore/admin/v1" "google.golang.org/grpc" "google.golang.org/grpc/codes" + "google.golang.org/grpc/credentials/insecure" "google.golang.org/grpc/status" "github.com/gravitational/teleport/api/types" @@ -218,7 +219,7 @@ func CreateFirestoreClients(ctx context.Context, projectID string, endPoint stri var args []option.ClientOption if len(endPoint) != 0 { - args = append(args, option.WithoutAuthentication(), option.WithEndpoint(endPoint), option.WithGRPCDialOption(grpc.WithInsecure())) + args = append(args, option.WithoutAuthentication(), option.WithEndpoint(endPoint), option.WithGRPCDialOption(grpc.WithTransportCredentials(insecure.NewCredentials()))) } else if len(credentialsFile) != 0 { args = append(args, option.WithCredentialsFile(credentialsFile)) } diff --git a/lib/events/gcssessions/gcshandler.go b/lib/events/gcssessions/gcshandler.go index be7017e174348..40d5d92cdac2b 100644 --- a/lib/events/gcssessions/gcshandler.go +++ b/lib/events/gcssessions/gcshandler.go @@ -29,6 +29,7 @@ import ( "github.com/gravitational/teleport/lib/session" "github.com/gravitational/teleport/lib/utils" "github.com/gravitational/trace" + "google.golang.org/grpc/credentials/insecure" "cloud.google.com/go/storage" "github.com/prometheus/client_golang/prometheus" @@ -170,7 +171,7 @@ func composerRun(ctx context.Context, composer *storage.Composer) (*storage.Obje func DefaultNewHandler(ctx context.Context, cfg Config) (*Handler, error) { var args []option.ClientOption if len(cfg.Endpoint) != 0 { - args = append(args, option.WithoutAuthentication(), option.WithEndpoint(cfg.Endpoint), option.WithGRPCDialOption(grpc.WithInsecure())) + args = append(args, option.WithoutAuthentication(), option.WithEndpoint(cfg.Endpoint), option.WithGRPCDialOption(grpc.WithTransportCredentials(insecure.NewCredentials()))) } else if len(cfg.CredentialsPath) != 0 { args = append(args, option.WithCredentialsFile(cfg.CredentialsPath)) } diff --git a/lib/srv/db/common/cloud.go b/lib/srv/db/common/cloud.go index 45a56f9ee3996..4ec87e0e5b939 100644 --- a/lib/srv/db/common/cloud.go +++ b/lib/srv/db/common/cloud.go @@ -34,6 +34,7 @@ import ( "github.com/aws/aws-sdk-go/service/redshift/redshiftiface" "github.com/aws/aws-sdk-go/service/sts" "github.com/aws/aws-sdk-go/service/sts/stsiface" + "google.golang.org/grpc/credentials/insecure" "github.com/gravitational/trace" "github.com/sirupsen/logrus" @@ -280,14 +281,14 @@ func (c *TestCloudClients) GetAWSSTSClient(region string) (stsiface.STSAPI, erro // GetGCPIAMClient returns GCP IAM client. func (c *TestCloudClients) GetGCPIAMClient(ctx context.Context) (*gcpcredentials.IamCredentialsClient, error) { return gcpcredentials.NewIamCredentialsClient(ctx, - option.WithGRPCDialOption(grpc.WithInsecure()), // Insecure must be set for unauth client. + option.WithGRPCDialOption(grpc.WithTransportCredentials(insecure.NewCredentials())), // Insecure must be set for unauth client. option.WithoutAuthentication()) } // GetGCPSQLAdminClient returns GCP Cloud SQL Admin client. func (c *TestCloudClients) GetGCPSQLAdminClient(ctx context.Context) (*sqladmin.Service, error) { return sqladmin.NewService(ctx, - option.WithGRPCDialOption(grpc.WithInsecure()), // Insecure must be set for unauth client. + option.WithGRPCDialOption(grpc.WithTransportCredentials(insecure.NewCredentials())), // Insecure must be set for unauth client. option.WithoutAuthentication()) } @@ -296,7 +297,7 @@ func (c *TestCloudClients) GetAzureCredential() (azcore.TokenCredential, error) return &azidentity.ChainedTokenCredential{}, nil } -// Closer closes all initialized clients. +// Close closes all initialized clients. func (c *TestCloudClients) Close() error { return nil }