Releases: metalbear-co/mirrord
Releases · metalbear-co/mirrord
2.9.1
2.9.0
Added
- Support for Golang fileops
- IntelliJ Extension for mirrord
Changed
- mirrord-layer: Added common
Result
type to to reduce boilerplate, removed dependency ofanyhow
crate. - mirrord-layer: Split
LayerError
intoLayerError
andHookError
to distinguish between errors that can be handled by the layer and errors that can be handled by the hook. (no more requiring libc errno for each error!). Closes #247
2.8.1
2.8.0
Added
- E2E - add basic env tests for bash scripts
Fixed
- mirrord-agent - Update pcap library, hopefully will fix dropped packets (syn sometimes missed in e2e).
- mirrord-agent/layer - Sometimes layer tries to connect to agent before it finsihed loading, even though pod is running. Added watching the log stream for a "ready" log message before attempting to connect.
Changed
- E2E - describe all pods on failure and add file name to print of logs.
- E2E - print timestamp of stdout/stderr of
TestProcess
. - E2E - Don't delete pod/service on failure, instead leave them for debugging.
- mirrord-agent - Don't use
tokio::spawn
for spawningsniffer
(or any other namespace changing task) to avoid namespace-clashing/undefined behavior. Possibly fixing bugs. - Change the version check on the VS Code extension to happen when mirrord is enabled rather than when the IDE starts up.
2.7.0
Added
- mirrord-layer: You can now pass
MIRRORD_AGENT_COMMUNICATION_TIMEOUT
as environment variable to control agent timeout. - Expand file system operations with
access
andfaccessat
hooks for absolute paths
Fixed
- Ephemeral Containers didn't wait for the right condition, leading to timeouts in many cases.
- mirrord-layer: Wait for the correct condition in job creation, resolving startup/timeout issues.
- mirrord-layer: Add a sleep on closing local socket after receiving close to let local application respond before closing.
- mirrord-layer: Fix DNS issue where
ai_addr
would not live long enough (breaking the remote DNS feature).
Changed
- Removed unused dependencies from
mirrord-layer/Cargo.toml
. (Closes #220) - reduce e2e flakiness (add message sent on tcp listen subscription, wait for that message)
- reduce e2e flakiness - increase timeout time
- mirrord-layer - increase agent creation timeout (to reduce e2e flakiness on macOS)
- E2E - Don't do file stuff on http traffic to reduce flakiness (doesn't add any coverage value..)
- mirrord-layer - Change tcp mirror tunnel
select
to be biased so it flushes all data before closing it (better testing, reduces e2e flakiness) - E2E - unify resolve_node_host for linux and macOS with support for wsl provided Docker & Kubernetes
- E2E - add
trace
for tests to have paramaterized arguments printed - mirrord-agent - add debug print of args to identify runs
- E2E - remove double
--extract-path
parameter in tests - E2E - macOS colima start with 3 cores and 8GB of RAM.
- E2E - Increase agent communication timeout to reduce flakiness.
- mirrord-layer - add
DetourGuard
to prevent unwanted calls to detours from our code. - mirrord-layer - extract reused detours to seperate logic functions
- E2E - macOS run only sanity http mirror traffic with Python
New Contributors
2.6.0
Added
- Add a flag for the agent,
--ephemeral-container
, to correctly refer to the filesystem i.e. refer to root path as/proc/1/root
when the flag is on, otherwise/
.
Changed
- Assign a random port number instead of
61337
. (Reason: A forking process creates multiple agents sending traffic on the same port, causing addrinuse error.) mirrord-layer/socket
now usessocket2::SockAddr
to comply with Rust's new IP format.
Fixed
- Fix filesystem tests to only run if the default path exists.
- Fix extension not running due to the node_modules directory not being packaged.
2.5.0
Added
- New feature, remote DNS resolving.
It is now possible to use the remote'saddrinfo
by setting theMIRRORD_REMOTE_DNS
variable to
true
, or using the-d
option in mirrord-cli. - New feature, Ephemeral Containers.
Use Kubernetes beta featureEphemeral Containers
to mirror traffic with the--ephemeral-container
flag. - E2E tests on macos for Golang using the Gin framework.
Changed
- Refactored
mirrord-layer/socket
into a module structure similar tomirrord-layer/file
. - Refactored the error part of the many
Result<Response, ResponseError>
. - Refactored
file
related functions, createdFileHandler
and improved structure. - Refactored error handling in mirrord-layer.
- E2E: Collect minikube logs and fix collecting container logs
- E2E: macOS use colima instead of minikube.
- Refactored
mirrord-layer/lib.rs
- no more passing many arguments! :)
Fixed
- Handle unwraps in fileops to gracefully exit and enable python fileops tests.
- Changed
addrinfo
toVecDeque
- fixes a potential bug (loss of order)
2.4.1
Added
- mirrord-cli
exec
subcommand accepts--extract-path
argument to set the directory to extract the library to. Used for tests mainly. - mirrord-layer provides
MIRRORD_IMPERSONATED_CONTAINER_NAME
environment variable to specify container name to impersonate. mirrord-cli accepts argument to set variable. - vscode-ext provides quick-select for setting
MIRRORD_IMPERSONATED_CONTAINER_NAME
Changed
- Refactor e2e, enable only Node HTTP mirroring test.
- E2E: add macOS to E2E, support using minikube by env var.
- E2E: Skip loading to docker before loading to minikube (load directly to minikube..)
- layer: Environment variables now load before process starts, no more race conditions.
Fixed
- Support connections that start with tcp flags in addition to Syn (on macOS CI we saw CWR + NS)
fcntl
error on macOS #184 by a workaround.
2.4.0
Added
- mirrord-cli
exec
subcommand accepts--extract-path
argument to set the directory to extract the library to. Used for tests mainly. - mirrord-layer provides
MIRRORD_IMPERSONATED_CONTAINER_NAME
environment variable to specify container name to impersonate. mirrord-cli accepts argument to set variable. - vscode-ext provides quick-select for setting
MIRRORD_IMPERSONATED_CONTAINER_NAME
Changed
- Refactor e2e, enable only Node HTTP mirroring test.
- E2E: add macOS to E2E, support using minikube by env var.
- E2E: Skip loading to docker before loading to minikube (load directly to minikube..)
- layer: Environment variables now load before process starts, no more race conditions.
Fixed
- Support connections that start with tcp flags in addition to Syn (on macOS CI we saw CWR + NS)
fcntl
error on macOS #184 by a workaround.
2.3.1
Changed
- Refactor(agent) - change
FileManager
to be per peer, thus removing the need of it being in a different task, moving the handling to the peer logic, change structure of peer handling to a struct. - Don't fail environment variable request if none exists.
- E2E: Don't assert jobs and pods length, to allow better debugging and less flakiness.
- Refactor(agent) - Main loop doesn't pass messages around but instead spawned peers interact directly with tcp sniffer. Renamed Peer -> Client and ClientID.
- Add context to agent/job creation errors (Fixes #112)
- Add context to stream creation error (Fixes #110)
- Change E2E to use real app, closes #149