Skip to content

chore: cherry-pick fixes from main for 3.8.1 release #27110

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
waynr merged 10 commits into from
Jan 12, 2026
Merged

chore: cherry-pick fixes from main for 3.8.1 release #27110

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
20fa509
fix: improve various error messages (#27084)
waynr Jan 7, 2026
8aa043e
feat: add --tls-no-verify option to CLI subcommands (#2096) (#27102)
waynr Jan 8, 2026
72aed4c
fix: ignore cargo audit for unmaintained crate bincode (#27101)
philjb Jan 8, 2026
20b327b
chore: point install script to 3.8.0 (#27030)
waynr Dec 17, 2025
69bbf7d
feat(port): backport retention and delete fixes from ent to core (#27…
appletreeisyellow Jan 2, 2026
fbadb74
fix(tests): use a 2125 date for "future dates" instead of 2025. (#27080)
philjb Jan 3, 2026
35a8979
fix: add EOF marker to end of metrics scrape (#27083)
Joe-Blount Jan 5, 2026
e9b1de6
chore(deps): bump rsa from 0.9.9 to 0.9.10 (#27088)
dependabot[bot] Jan 6, 2026
681a524
fix(write-buffer): use explicit capacity instead of defaults (#27099)
philjb Jan 7, 2026
1e2245a
feat: add retention to show output (#1680) (#27107)
lilic Jan 12, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 3 additions & 0 deletions deny.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,9 @@ ignore = [
# from object_store. We've removed our direct dependency and migrated to
# rustls-pki-types. Remove once object_store updates.
"RUSTSEC-2025-0134",
# bincode is considered complete at 1.3.3 and no longer maintained. It is
# past 1.0. Pulled into monolith via deps from iox.
"RUSTSEC-2025-0141",
]
git-fetch-with-cli = true

Expand Down
32 changes: 29 additions & 3 deletions influxdb3/src/commands/create.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,15 +31,17 @@ pub struct Config {

impl Config {
fn get_client(&self) -> Result<Client, Box<dyn Error>> {
let (host_url, auth_token, ca_cert) = match &self.cmd {
let (host_url, auth_token, ca_cert, tls_no_verify) = match &self.cmd {
SubCommand::Database(DatabaseConfig {
host_url,
auth_token,
ca_cert,
tls_no_verify,
..
})
| SubCommand::LastCache(LastCacheConfig {
ca_cert,
tls_no_verify,
influxdb3_config:
InfluxDb3Config {
host_url,
Expand All @@ -50,6 +52,7 @@ impl Config {
})
| SubCommand::DistinctCache(DistinctCacheConfig {
ca_cert,
tls_no_verify,
influxdb3_config:
InfluxDb3Config {
host_url,
Expand All @@ -60,6 +63,7 @@ impl Config {
})
| SubCommand::Table(TableConfig {
ca_cert,
tls_no_verify,
influxdb3_config:
InfluxDb3Config {
host_url,
Expand All @@ -70,21 +74,23 @@ impl Config {
})
| SubCommand::Trigger(TriggerConfig {
ca_cert,
tls_no_verify,
influxdb3_config:
InfluxDb3Config {
host_url,
auth_token,
..
},
..
}) => (host_url, auth_token, ca_cert),
}) => (host_url, auth_token, ca_cert, tls_no_verify),
SubCommand::Token(create_token_config) => {
let host_settings = create_token_config.get_connection_settings()?;
// We need to return references, so we'll handle this differently
return Ok({
let mut client = Client::new(
host_settings.host_url.clone(),
host_settings.ca_cert.clone(),
host_settings.tls_no_verify,
)?;
if let Some(token) = &host_settings.auth_token {
client = client.with_auth_token(token.expose_secret());
Expand All @@ -94,7 +100,7 @@ impl Config {
}
};

let mut client = Client::new(host_url.clone(), ca_cert.clone())?;
let mut client = Client::new(host_url.clone(), ca_cert.clone(), *tls_no_verify)?;
if let Some(token) = &auth_token {
client = client.with_auth_token(token.expose_secret());
}
Expand Down Expand Up @@ -147,6 +153,10 @@ pub struct DatabaseConfig {
/// An optional arg to use a custom ca for useful for testing with self signed certs
#[clap(long = "tls-ca", env = "INFLUXDB3_TLS_CA")]
ca_cert: Option<PathBuf>,

/// Disable TLS certificate verification
#[clap(long = "tls-no-verify", env = "INFLUXDB3_TLS_NO_VERIFY")]
tls_no_verify: bool,
}

#[derive(Debug, clap::Args)]
Expand Down Expand Up @@ -190,6 +200,10 @@ pub struct LastCacheConfig {
/// An optional arg to use a custom ca for useful for testing with self signed certs
#[clap(long = "tls-ca", env = "INFLUXDB3_TLS_CA")]
ca_cert: Option<PathBuf>,

/// Disable TLS certificate verification
#[clap(long = "tls-no-verify", env = "INFLUXDB3_TLS_NO_VERIFY")]
tls_no_verify: bool,
}

#[derive(Debug, clap::Args)]
Expand Down Expand Up @@ -227,6 +241,10 @@ pub struct DistinctCacheConfig {
/// An optional arg to use a custom ca for useful for testing with self signed certs
#[clap(long = "tls-ca", env = "INFLUXDB3_TLS_CA")]
ca_cert: Option<PathBuf>,

/// Disable TLS certificate verification
#[clap(long = "tls-no-verify", env = "INFLUXDB3_TLS_NO_VERIFY")]
tls_no_verify: bool,
}

#[derive(Debug, clap::Args)]
Expand All @@ -250,6 +268,10 @@ pub struct TableConfig {
/// An optional arg to use a custom ca for useful for testing with self signed certs
#[clap(long = "tls-ca", env = "INFLUXDB3_TLS_CA")]
ca_cert: Option<PathBuf>,

/// Disable TLS certificate verification
#[clap(long = "tls-no-verify", env = "INFLUXDB3_TLS_NO_VERIFY")]
tls_no_verify: bool,
}

#[derive(Debug, clap::Parser)]
Expand Down Expand Up @@ -291,6 +313,10 @@ pub struct TriggerConfig {
/// An optional arg to use a custom ca for useful for testing with self signed certs
#[clap(long = "tls-ca", env = "INFLUXDB3_TLS_CA")]
ca_cert: Option<PathBuf>,

/// Disable TLS certificate verification
#[clap(long = "tls-no-verify", env = "INFLUXDB3_TLS_NO_VERIFY")]
tls_no_verify: bool,
}

pub async fn command(config: Config) -> Result<(), Box<dyn Error>> {
Expand Down
8 changes: 8 additions & 0 deletions influxdb3/src/commands/create/token.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -201,6 +201,14 @@ pub struct InfluxDb3ServerConfig {
/// An optional arg to use a custom ca for useful for testing with self signed certs
#[clap(name = "tls-ca", long = "tls-ca")]
pub ca_cert: Option<PathBuf>,

/// Disable TLS certificate verification
#[clap(
name = "tls-no-verify",
long = "tls-no-verify",
env = "INFLUXDB3_TLS_NO_VERIFY"
)]
pub tls_no_verify: bool,
}

#[derive(Parser, Debug)]
Expand Down
45 changes: 37 additions & 8 deletions influxdb3/src/commands/delete.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,15 +16,17 @@ pub struct Config {

impl Config {
fn get_client(&self) -> Result<Client, Box<dyn Error>> {
match &self.cmd {
let (host_url, auth_token, ca_cert, tls_no_verify) = match &self.cmd {
SubCommand::Database(DatabaseConfig {
host_url,
auth_token,
ca_cert,
tls_no_verify,
..
})
| SubCommand::LastCache(LastCacheConfig {
ca_cert,
tls_no_verify,
influxdb3_config:
InfluxDb3Config {
host_url,
Expand All @@ -35,6 +37,7 @@ impl Config {
})
| SubCommand::DistinctCache(DistinctCacheConfig {
ca_cert,
tls_no_verify,
influxdb3_config:
InfluxDb3Config {
host_url,
Expand All @@ -45,6 +48,7 @@ impl Config {
})
| SubCommand::Table(TableConfig {
ca_cert,
tls_no_verify,
influxdb3_config:
InfluxDb3Config {
host_url,
Expand All @@ -55,6 +59,7 @@ impl Config {
})
| SubCommand::Trigger(TriggerConfig {
ca_cert,
tls_no_verify,
influxdb3_config:
InfluxDb3Config {
host_url,
Expand All @@ -65,17 +70,17 @@ impl Config {
})
| SubCommand::Token(TokenConfig {
ca_cert,
tls_no_verify,
host_url,
auth_token,
..
}) => {
let mut client = Client::new(host_url.clone(), ca_cert.clone())?;
if let Some(token) = &auth_token {
client = client.with_auth_token(token.expose_secret());
}
Ok(client)
}
}) => (host_url, auth_token, ca_cert, tls_no_verify),
};
let mut client = Client::new(host_url.clone(), ca_cert.clone(), *tls_no_verify)?;
if let Some(token) = &auth_token {
client = client.with_auth_token(token.expose_secret());
}
Ok(client)
}
}

Expand Down Expand Up @@ -124,6 +129,10 @@ pub struct DatabaseConfig {
/// An optional arg to use a custom ca for useful for testing with self signed certs
#[clap(long = "tls-ca", env = "INFLUXDB3_TLS_CA")]
ca_cert: Option<PathBuf>,

/// Disable TLS certificate verification
#[clap(long = "tls-no-verify", env = "INFLUXDB3_TLS_NO_VERIFY")]
tls_no_verify: bool,
}

#[derive(Debug, clap::Args)]
Expand All @@ -142,6 +151,10 @@ pub struct LastCacheConfig {
/// An optional arg to use a custom ca for useful for testing with self signed certs
#[clap(long = "tls-ca", env = "INFLUXDB3_TLS_CA")]
ca_cert: Option<PathBuf>,

/// Disable TLS certificate verification
#[clap(long = "tls-no-verify", env = "INFLUXDB3_TLS_NO_VERIFY")]
tls_no_verify: bool,
}

#[derive(Debug, clap::Args)]
Expand All @@ -160,6 +173,10 @@ pub struct DistinctCacheConfig {
/// An optional arg to use a custom ca for useful for testing with self signed certs
#[clap(long = "tls-ca", env = "INFLUXDB3_TLS_CA")]
ca_cert: Option<PathBuf>,

/// Disable TLS certificate verification
#[clap(long = "tls-no-verify", env = "INFLUXDB3_TLS_NO_VERIFY")]
tls_no_verify: bool,
}

#[derive(Debug, clap::Args)]
Expand All @@ -178,6 +195,10 @@ pub struct TableConfig {
/// An optional arg to use a custom ca for useful for testing with self signed certs
#[clap(long = "tls-ca", env = "INFLUXDB3_TLS_CA")]
ca_cert: Option<PathBuf>,

/// Disable TLS certificate verification
#[clap(long = "tls-no-verify", env = "INFLUXDB3_TLS_NO_VERIFY")]
tls_no_verify: bool,
}

#[derive(Debug, clap::Parser)]
Expand All @@ -196,6 +217,10 @@ pub struct TriggerConfig {
/// An optional arg to use a custom ca for useful for testing with self signed certs
#[clap(long = "tls-ca", env = "INFLUXDB3_TLS_CA")]
ca_cert: Option<PathBuf>,

/// Disable TLS certificate verification
#[clap(long = "tls-no-verify", env = "INFLUXDB3_TLS_NO_VERIFY")]
tls_no_verify: bool,
}

#[derive(Debug, clap::Args)]
Expand All @@ -220,6 +245,10 @@ pub struct TokenConfig {
/// An optional arg to use a custom ca for useful for testing with self signed certs
#[clap(long = "tls-ca", env = "INFLUXDB3_TLS_CA")]
ca_cert: Option<PathBuf>,

/// Disable TLS certificate verification
#[clap(long = "tls-no-verify", env = "INFLUXDB3_TLS_NO_VERIFY")]
tls_no_verify: bool,
}

fn parse_hard_delete_time(value: Option<String>) -> Option<HardDeletionTime> {
Expand Down
11 changes: 8 additions & 3 deletions influxdb3/src/commands/disable.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,19 +11,20 @@ pub struct Config {

impl Config {
fn get_client(&self) -> Result<Client, Box<dyn Error>> {
let (host_url, auth_token, ca_cert) = match &self.cmd {
let (host_url, auth_token, ca_cert, tls_no_verify) = match &self.cmd {
SubCommand::Trigger(TriggerConfig {
ca_cert,
tls_no_verify,
influxdb3_config:
InfluxDb3Config {
host_url,
auth_token,
..
},
..
}) => (host_url, auth_token, ca_cert),
}) => (host_url, auth_token, ca_cert, tls_no_verify),
};
let mut client = Client::new(host_url.clone(), ca_cert.clone())?;
let mut client = Client::new(host_url.clone(), ca_cert.clone(), *tls_no_verify)?;
if let Some(token) = &auth_token {
client = client.with_auth_token(token.expose_secret());
}
Expand All @@ -49,6 +50,10 @@ struct TriggerConfig {
/// An optional arg to use a custom ca for useful for testing with self signed certs
#[clap(long = "tls-ca", env = "INFLUXDB3_TLS_CA")]
pub ca_cert: Option<PathBuf>,

/// Disable TLS certificate verification
#[clap(long = "tls-no-verify", env = "INFLUXDB3_TLS_NO_VERIFY")]
pub tls_no_verify: bool,
}

pub async fn command(config: Config) -> Result<(), Box<dyn Error>> {
Expand Down
11 changes: 8 additions & 3 deletions influxdb3/src/commands/enable.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,19 +11,20 @@ pub struct Config {

impl Config {
fn get_client(&self) -> Result<Client, Box<dyn Error>> {
let (host_url, auth_token, ca_cert) = match &self.cmd {
let (host_url, auth_token, ca_cert, tls_no_verify) = match &self.cmd {
SubCommand::Trigger(TriggerConfig {
ca_cert,
tls_no_verify,
influxdb3_config:
InfluxDb3Config {
host_url,
auth_token,
..
},
..
}) => (host_url, auth_token, ca_cert),
}) => (host_url, auth_token, ca_cert, tls_no_verify),
};
let mut client = Client::new(host_url.clone(), ca_cert.clone())?;
let mut client = Client::new(host_url.clone(), ca_cert.clone(), *tls_no_verify)?;
if let Some(token) = &auth_token {
client = client.with_auth_token(token.expose_secret());
}
Expand All @@ -49,6 +50,10 @@ struct TriggerConfig {
/// An optional arg to use a custom ca for useful for testing with self signed certs
#[clap(long = "tls-ca", env = "INFLUXDB3_TLS_CA")]
pub ca_cert: Option<PathBuf>,

/// Disable TLS certificate verification
#[clap(long = "tls-no-verify", env = "INFLUXDB3_TLS_NO_VERIFY")]
pub tls_no_verify: bool,
}

pub async fn command(config: Config) -> Result<(), Box<dyn Error>> {
Expand Down
10 changes: 9 additions & 1 deletion influxdb3/src/commands/install.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,11 +55,19 @@ pub struct PackageConfig {
/// An optional arg to use a custom ca for useful for testing with self signed certs
#[clap(long = "tls-ca", env = "INFLUXDB3_TLS_CA")]
ca_cert: Option<PathBuf>,

/// Disable TLS certificate verification
#[clap(long = "tls-no-verify", env = "INFLUXDB3_TLS_NO_VERIFY")]
tls_no_verify: bool,
}

impl PackageConfig {
async fn run_command(&self) -> Result<(), anyhow::Error> {
let mut client = Client::new(self.host_url.clone(), self.ca_cert.clone())?;
let mut client = Client::new(
self.host_url.clone(),
self.ca_cert.clone(),
self.tls_no_verify,
)?;
if let Some(token) = &self.auth_token {
client = client.with_auth_token(token.expose_secret());
}
Expand Down
Loading