diff --git a/Makefile b/Makefile index fe0c835c..26a655b8 100644 --- a/Makefile +++ b/Makefile @@ -54,7 +54,7 @@ manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and Cust .PHONY: generate generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. - $(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..." + $(CONTROLLER_GEN) object:headerFile="Nimbus/hack/boilerplate.go.txt" paths="./Nimbus/..." .PHONY: fmt fmt: ## Run go fmt against code. @@ -68,7 +68,7 @@ vet: ## Run go vet against code. test: manifests generate fmt vet envtest ## Run tests. KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" go test ./... -coverprofile cover.out -GOLANGCI_LINT = $(shell pwd)/bin/golangci-lint +GOLANGCI_LINT = $(shell pwd)/Nimbus/bin/golangci-lint GOLANGCI_LINT_VERSION ?= v1.54.2 golangci-lint: @[ -f $(GOLANGCI_LINT) ] || { \ @@ -88,7 +88,7 @@ lint-fix: golangci-lint ## Run golangci-lint linter and perform fixes .PHONY: build build: manifests generate fmt vet ## Build manager binary. - go build -o bin/manager Nimbus/cmd/main.go + go build -o Nimbus/bin/manager Nimbus/cmd/main.go .PHONY: run run: manifests generate fmt vet ## Run a controller from your host. @@ -149,7 +149,7 @@ undeploy: ## Undeploy controller from the K8s cluster specified in ~/.kube/confi ##@ Build Dependencies ## Location to install dependencies to -LOCALBIN ?= $(shell pwd)/bin +LOCALBIN ?= $(shell pwd)/Nimbus/bin $(LOCALBIN): mkdir -p $(LOCALBIN) diff --git a/Nimbus/api/v1/zz_generated.deepcopy.go b/Nimbus/api/v1/zz_generated.deepcopy.go index d00d6c4a..69431e40 100644 --- a/Nimbus/api/v1/zz_generated.deepcopy.go +++ b/Nimbus/api/v1/zz_generated.deepcopy.go @@ -11,7 +11,82 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CIDRSet) DeepCopyInto(out *CIDRSet) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CIDRSet. +func (in *CIDRSet) DeepCopy() *CIDRSet { + if in == nil { + return nil + } + out := new(CIDRSet) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Capabilities) DeepCopyInto(out *Capabilities) { + *out = *in + if in.MatchCapabilities != nil { + in, out := &in.MatchCapabilities, &out.MatchCapabilities + *out = make([]MatchCapability, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Capabilities. +func (in *Capabilities) DeepCopy() *Capabilities { + if in == nil { + return nil + } + out := new(Capabilities) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *File) DeepCopyInto(out *File) { + *out = *in + if in.MatchPaths != nil { + in, out := &in.MatchPaths, &out.MatchPaths + *out = make([]MatchPath, len(*in)) + copy(*out, *in) + } + if in.MatchDirectories != nil { + in, out := &in.MatchDirectories, &out.MatchDirectories + *out = make([]MatchDirectory, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new File. +func (in *File) DeepCopy() *File { + if in == nil { + return nil + } + out := new(File) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FromSource) DeepCopyInto(out *FromSource) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FromSource. +func (in *FromSource) DeepCopy() *FromSource { + if in == nil { + return nil + } + out := new(FromSource) + in.DeepCopyInto(out) + return out +} // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Intent) DeepCopyInto(out *Intent) { @@ -36,30 +111,183 @@ func (in *Intent) DeepCopy() *Intent { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Match) DeepCopyInto(out *Match) { +func (in *IntentRequest) DeepCopyInto(out *IntentRequest) { *out = *in - if in.Any != nil { - in, out := &in.Any, &out.Any - *out = make([]ResourceFilter, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IntentRequest. +func (in *IntentRequest) DeepCopy() *IntentRequest { + if in == nil { + return nil } - if in.All != nil { - in, out := &in.All, &out.All - *out = make([]ResourceFilter, len(*in)) + out := new(IntentRequest) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MatchCapability) DeepCopyInto(out *MatchCapability) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchCapability. +func (in *MatchCapability) DeepCopy() *MatchCapability { + if in == nil { + return nil + } + out := new(MatchCapability) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MatchDirectory) DeepCopyInto(out *MatchDirectory) { + *out = *in + if in.FromSource != nil { + in, out := &in.FromSource, &out.FromSource + *out = make([]FromSource, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchDirectory. +func (in *MatchDirectory) DeepCopy() *MatchDirectory { + if in == nil { + return nil + } + out := new(MatchDirectory) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MatchPath) DeepCopyInto(out *MatchPath) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchPath. +func (in *MatchPath) DeepCopy() *MatchPath { + if in == nil { + return nil + } + out := new(MatchPath) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MatchPattern) DeepCopyInto(out *MatchPattern) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchPattern. +func (in *MatchPattern) DeepCopy() *MatchPattern { + if in == nil { + return nil + } + out := new(MatchPattern) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MatchProtocol) DeepCopyInto(out *MatchProtocol) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchProtocol. +func (in *MatchProtocol) DeepCopy() *MatchProtocol { + if in == nil { + return nil + } + out := new(MatchProtocol) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MatchSyscall) DeepCopyInto(out *MatchSyscall) { + *out = *in + if in.Syscalls != nil { + in, out := &in.Syscalls, &out.Syscalls + *out = make([]string, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchSyscall. +func (in *MatchSyscall) DeepCopy() *MatchSyscall { + if in == nil { + return nil + } + out := new(MatchSyscall) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Network) DeepCopyInto(out *Network) { + *out = *in + if in.MatchProtocols != nil { + in, out := &in.MatchProtocols, &out.MatchProtocols + *out = make([]MatchProtocol, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Network. +func (in *Network) DeepCopy() *Network { + if in == nil { + return nil + } + out := new(Network) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Port) DeepCopyInto(out *Port) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Port. +func (in *Port) DeepCopy() *Port { + if in == nil { + return nil + } + out := new(Port) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Process) DeepCopyInto(out *Process) { + *out = *in + if in.MatchPaths != nil { + in, out := &in.MatchPaths, &out.MatchPaths + *out = make([]MatchPath, len(*in)) + copy(*out, *in) + } + if in.MatchDirectories != nil { + in, out := &in.MatchDirectories, &out.MatchDirectories + *out = make([]MatchDirectory, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } + if in.MatchPatterns != nil { + in, out := &in.MatchPatterns, &out.MatchPatterns + *out = make([]MatchPattern, len(*in)) + copy(*out, *in) + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Match. -func (in *Match) DeepCopy() *Match { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Process. +func (in *Process) DeepCopy() *Process { if in == nil { return nil } - out := new(Match) + out := new(Process) in.DeepCopyInto(out) return out } @@ -67,16 +295,53 @@ func (in *Match) DeepCopy() *Match { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Resource) DeepCopyInto(out *Resource) { *out = *in - if in.Val != nil { - in, out := &in.Val, &out.Val - *out = make([]string, len(*in)) - copy(*out, *in) + if in.Network != nil { + in, out := &in.Network, &out.Network + *out = make([]Network, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } - if in.Attrs != nil { - in, out := &in.Attrs, &out.Attrs - *out = make([]string, len(*in)) + if in.Process != nil { + in, out := &in.Process, &out.Process + *out = make([]Process, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.File != nil { + in, out := &in.File, &out.File + *out = make([]File, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Capabilities != nil { + in, out := &in.Capabilities, &out.Capabilities + *out = make([]Capabilities, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Syscalls != nil { + in, out := &in.Syscalls, &out.Syscalls + *out = make([]Syscalls, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.FromCIDRSet != nil { + in, out := &in.FromCIDRSet, &out.FromCIDRSet + *out = make([]CIDRSet, len(*in)) copy(*out, *in) } + if in.ToPorts != nil { + in, out := &in.ToPorts, &out.ToPorts + *out = make([]ToPort, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Resource. @@ -93,16 +358,6 @@ func (in *Resource) DeepCopy() *Resource { func (in *ResourceFilter) DeepCopyInto(out *ResourceFilter) { *out = *in in.Resources.DeepCopyInto(&out.Resources) - if in.Subjects != nil { - in, out := &in.Subjects, &out.Subjects - *out = make([]Subject, len(*in)) - copy(*out, *in) - } - if in.Roles != nil { - in, out := &in.Roles, &out.Roles - *out = make([]string, len(*in)) - copy(*out, *in) - } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceFilter. @@ -118,26 +373,6 @@ func (in *ResourceFilter) DeepCopy() *ResourceFilter { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Resources) DeepCopyInto(out *Resources) { *out = *in - if in.Names != nil { - in, out := &in.Names, &out.Names - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Namespaces != nil { - in, out := &in.Namespaces, &out.Namespaces - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Kinds != nil { - in, out := &in.Kinds, &out.Kinds - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Operations != nil { - in, out := &in.Operations, &out.Operations - *out = make([]string, len(*in)) - copy(*out, *in) - } if in.MatchLabels != nil { in, out := &in.MatchLabels, &out.MatchLabels *out = make(map[string]string, len(*in)) @@ -184,6 +419,101 @@ func (in *SecurityIntent) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecurityIntentBinding) DeepCopyInto(out *SecurityIntentBinding) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityIntentBinding. +func (in *SecurityIntentBinding) DeepCopy() *SecurityIntentBinding { + if in == nil { + return nil + } + out := new(SecurityIntentBinding) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *SecurityIntentBinding) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecurityIntentBindingList) DeepCopyInto(out *SecurityIntentBindingList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]SecurityIntentBinding, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityIntentBindingList. +func (in *SecurityIntentBindingList) DeepCopy() *SecurityIntentBindingList { + if in == nil { + return nil + } + out := new(SecurityIntentBindingList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *SecurityIntentBindingList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecurityIntentBindingSpec) DeepCopyInto(out *SecurityIntentBindingSpec) { + *out = *in + in.Selector.DeepCopyInto(&out.Selector) + if in.IntentRequests != nil { + in, out := &in.IntentRequests, &out.IntentRequests + *out = make([]IntentRequest, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityIntentBindingSpec. +func (in *SecurityIntentBindingSpec) DeepCopy() *SecurityIntentBindingSpec { + if in == nil { + return nil + } + out := new(SecurityIntentBindingSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecurityIntentBindingStatus) DeepCopyInto(out *SecurityIntentBindingStatus) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityIntentBindingStatus. +func (in *SecurityIntentBindingStatus) DeepCopy() *SecurityIntentBindingStatus { + if in == nil { + return nil + } + out := new(SecurityIntentBindingStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SecurityIntentList) DeepCopyInto(out *SecurityIntentList) { *out = *in @@ -219,7 +549,6 @@ func (in *SecurityIntentList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SecurityIntentSpec) DeepCopyInto(out *SecurityIntentSpec) { *out = *in - in.Selector.DeepCopyInto(&out.Selector) in.Intent.DeepCopyInto(&out.Intent) } @@ -251,7 +580,20 @@ func (in *SecurityIntentStatus) DeepCopy() *SecurityIntentStatus { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Selector) DeepCopyInto(out *Selector) { *out = *in - in.Match.DeepCopyInto(&out.Match) + if in.Any != nil { + in, out := &in.Any, &out.Any + *out = make([]ResourceFilter, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.All != nil { + in, out := &in.All, &out.All + *out = make([]ResourceFilter, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.CEL != nil { in, out := &in.CEL, &out.CEL *out = make([]string, len(*in)) @@ -270,16 +612,43 @@ func (in *Selector) DeepCopy() *Selector { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Subject) DeepCopyInto(out *Subject) { +func (in *Syscalls) DeepCopyInto(out *Syscalls) { *out = *in + if in.MatchSyscalls != nil { + in, out := &in.MatchSyscalls, &out.MatchSyscalls + *out = make([]MatchSyscall, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Syscalls. +func (in *Syscalls) DeepCopy() *Syscalls { + if in == nil { + return nil + } + out := new(Syscalls) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ToPort) DeepCopyInto(out *ToPort) { + *out = *in + if in.Ports != nil { + in, out := &in.Ports, &out.Ports + *out = make([]Port, len(*in)) + copy(*out, *in) + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Subject. -func (in *Subject) DeepCopy() *Subject { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ToPort. +func (in *ToPort) DeepCopy() *ToPort { if in == nil { return nil } - out := new(Subject) + out := new(ToPort) in.DeepCopyInto(out) return out } diff --git a/Nimbus/bin/controller-gen b/Nimbus/bin/controller-gen new file mode 100755 index 00000000..bc357ab8 Binary files /dev/null and b/Nimbus/bin/controller-gen differ diff --git a/Nimbus/bin/kustomize b/Nimbus/bin/kustomize new file mode 100755 index 00000000..5b49fa5d Binary files /dev/null and b/Nimbus/bin/kustomize differ diff --git a/Nimbus/config/crd/bases/intent.security.nimbus.com_securityintentbindings.yaml b/Nimbus/config/crd/bases/intent.security.nimbus.com_securityintentbindings.yaml new file mode 100644 index 00000000..8d31ce03 --- /dev/null +++ b/Nimbus/config/crd/bases/intent.security.nimbus.com_securityintentbindings.yaml @@ -0,0 +1,116 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + name: securityintentbindings.intent.security.nimbus.com +spec: + group: intent.security.nimbus.com + names: + kind: SecurityIntentBinding + listKind: SecurityIntentBindingList + plural: securityintentbindings + singular: securityintentbinding + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: SecurityIntentBinding is the Schema for the securityintentbindings + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: SecurityIntentBindingSpec defines the desired state of SecurityIntentBinding + properties: + intentRequests: + items: + description: IntentRequest defines the request for a specific SecurityIntent + properties: + description: + type: string + intentName: + type: string + mode: + type: string + type: + type: string + required: + - description + - intentName + - mode + - type + type: object + type: array + selector: + description: Foo is an example field of SecurityIntentBinding. Edit + securityintentbinding_types.go to remove/update + properties: + all: + items: + description: ResourceFilter is used for filtering resources + properties: + resources: + description: Resources defines the properties for selecting + Kubernetes resources + properties: + kind: + type: string + matchLabels: + additionalProperties: + type: string + type: object + namespace: + type: string + type: object + type: object + type: array + any: + items: + description: ResourceFilter is used for filtering resources + properties: + resources: + description: Resources defines the properties for selecting + Kubernetes resources + properties: + kind: + type: string + matchLabels: + additionalProperties: + type: string + type: object + namespace: + type: string + type: object + type: object + type: array + cel: + items: + type: string + type: array + type: object + required: + - intentRequests + - selector + type: object + status: + description: SecurityIntentBindingStatus defines the observed state of + SecurityIntentBinding + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/Nimbus/config/crd/bases/intent.security.nimbus.com_securityintents.yaml b/Nimbus/config/crd/bases/intent.security.nimbus.com_securityintents.yaml index 0eb4c348..a40e688d 100644 --- a/Nimbus/config/crd/bases/intent.security.nimbus.com_securityintents.yaml +++ b/Nimbus/config/crd/bases/intent.security.nimbus.com_securityintents.yaml @@ -39,152 +39,174 @@ spec: properties: action: type: string - mode: + description: type: string resource: items: description: Resource defines the resources that the security policy applies to properties: - attrs: + capabilities: items: - type: string + description: Capabilities defines the capabilities-related + policies + properties: + matchCapabilities: + items: + description: MatchCapability defines a capability + for capabilities policies + properties: + capability: + type: string + type: object + type: array + type: object + type: array + file: + items: + description: File defines the file-related policies + properties: + matchDirectories: + items: + description: MatchDirectory defines a directory + for process or file policies + properties: + dir: + type: string + fromSource: + items: + description: FromSource defines a source path + for directory-based policies + properties: + path: + type: string + type: object + type: array + type: object + type: array + matchPaths: + items: + description: MatchPath defines a path for process + or file policies + properties: + path: + type: string + type: object + type: array + type: object type: array - key: - type: string - val: + fromCIDRSet: items: - type: string + description: CIDRSet defines CIDR ranges for network policies + properties: + cidr: + type: string + type: object + type: array + network: + items: + description: Network defines the network-related policies + properties: + matchProtocols: + items: + description: MatchProtocol defines a protocol for + network policies + properties: + protocol: + type: string + type: object + type: array + type: object + type: array + process: + items: + description: Process defines the process-related policies + properties: + matchDirectories: + items: + description: MatchDirectory defines a directory + for process or file policies + properties: + dir: + type: string + fromSource: + items: + description: FromSource defines a source path + for directory-based policies + properties: + path: + type: string + type: object + type: array + type: object + type: array + matchPaths: + items: + description: MatchPath defines a path for process + or file policies + properties: + path: + type: string + type: object + type: array + matchPatterns: + items: + description: MatchPattern defines a pattern for + process policies + properties: + pattern: + type: string + type: object + type: array + type: object + type: array + syscalls: + items: + description: Syscalls defines the syscalls-related policies + properties: + matchSyscalls: + items: + description: MatchSyscall defines a syscall for + syscall policies + properties: + syscalls: + items: + type: string + type: array + type: object + type: array + type: object + type: array + toPorts: + items: + description: ToPort defines ports and protocols for network + policies + properties: + ports: + items: + description: Port defines a network port and its + protocol + properties: + port: + type: string + protocol: + type: string + type: object + type: array + type: object type: array - valcel: - type: string type: object type: array type: type: string required: - action - - mode + - description - resource - type type: object - selector: - description: Selector defines the selection criteria for resources - properties: - cel: - items: - type: string - type: array - match: - description: Match defines the resource filters to be used - properties: - all: - items: - description: ResourceFilter is used for filtering resources, - subjects, roles, and cluster roles - properties: - resources: - description: Resources defines the properties for selecting - Kubernetes resources - properties: - kinds: - items: - type: string - type: array - matchLabels: - additionalProperties: - type: string - type: object - names: - items: - type: string - type: array - namespaces: - items: - type: string - type: array - operations: - items: - type: string - type: array - required: - - kinds - type: object - roles: - items: - type: string - type: array - subjects: - items: - description: Subject defines the subject for filtering - properties: - kind: - type: string - name: - type: string - required: - - kind - type: object - type: array - type: object - type: array - any: - items: - description: ResourceFilter is used for filtering resources, - subjects, roles, and cluster roles - properties: - resources: - description: Resources defines the properties for selecting - Kubernetes resources - properties: - kinds: - items: - type: string - type: array - matchLabels: - additionalProperties: - type: string - type: object - names: - items: - type: string - type: array - namespaces: - items: - type: string - type: array - operations: - items: - type: string - type: array - required: - - kinds - type: object - roles: - items: - type: string - type: array - subjects: - items: - description: Subject defines the subject for filtering - properties: - kind: - type: string - name: - type: string - required: - - kind - type: object - type: array - type: object - type: array - type: object - required: - - cel - type: object required: - intent - - selector type: object status: description: SecurityIntentStatus defines the observed state of SecurityIntent diff --git a/config/crd/bases/intent.security.nimbus.com_securityintents.yaml b/config/crd/bases/intent.security.nimbus.com_securityintents.yaml index 6438c68d..a40e688d 100644 --- a/config/crd/bases/intent.security.nimbus.com_securityintents.yaml +++ b/config/crd/bases/intent.security.nimbus.com_securityintents.yaml @@ -104,7 +104,19 @@ spec: type: object type: array network: - items: {} + items: + description: Network defines the network-related policies + properties: + matchProtocols: + items: + description: MatchProtocol defines a protocol for + network policies + properties: + protocol: + type: string + type: object + type: array + type: object type: array process: items: diff --git a/Nimbus/config/crd/kustomization.yaml b/config/crd/kustomization.yaml similarity index 84% rename from Nimbus/config/crd/kustomization.yaml rename to config/crd/kustomization.yaml index 09ca7a1f..399c070e 100644 --- a/Nimbus/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -3,17 +3,20 @@ # It should be run by config/default resources: - bases/intent.security.nimbus.com_securityintents.yaml +- bases/intent.security.nimbus.com_securityintentbindings.yaml #+kubebuilder:scaffold:crdkustomizeresource patches: # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. # patches here are for enabling the conversion webhook for each CRD #- path: patches/webhook_in_securityintents.yaml +#- path: patches/webhook_in_securityintentbindings.yaml #+kubebuilder:scaffold:crdkustomizewebhookpatch # [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix. # patches here are for enabling the CA injection for each CRD #- path: patches/cainjection_in_securityintents.yaml +#- path: patches/cainjection_in_securityintentbindings.yaml #+kubebuilder:scaffold:crdkustomizecainjectionpatch # [WEBHOOK] To enable webhook, uncomment the following section diff --git a/Nimbus/config/crd/kustomizeconfig.yaml b/config/crd/kustomizeconfig.yaml similarity index 100% rename from Nimbus/config/crd/kustomizeconfig.yaml rename to config/crd/kustomizeconfig.yaml diff --git a/Nimbus/config/default/kustomization.yaml b/config/default/kustomization.yaml similarity index 100% rename from Nimbus/config/default/kustomization.yaml rename to config/default/kustomization.yaml diff --git a/Nimbus/config/default/manager_auth_proxy_patch.yaml b/config/default/manager_auth_proxy_patch.yaml similarity index 100% rename from Nimbus/config/default/manager_auth_proxy_patch.yaml rename to config/default/manager_auth_proxy_patch.yaml diff --git a/Nimbus/config/default/manager_config_patch.yaml b/config/default/manager_config_patch.yaml similarity index 100% rename from Nimbus/config/default/manager_config_patch.yaml rename to config/default/manager_config_patch.yaml diff --git a/Nimbus/config/manager/kustomization.yaml b/config/manager/kustomization.yaml similarity index 100% rename from Nimbus/config/manager/kustomization.yaml rename to config/manager/kustomization.yaml diff --git a/Nimbus/config/manager/manager.yaml b/config/manager/manager.yaml similarity index 100% rename from Nimbus/config/manager/manager.yaml rename to config/manager/manager.yaml diff --git a/Nimbus/config/prometheus/kustomization.yaml b/config/prometheus/kustomization.yaml similarity index 100% rename from Nimbus/config/prometheus/kustomization.yaml rename to config/prometheus/kustomization.yaml diff --git a/Nimbus/config/prometheus/monitor.yaml b/config/prometheus/monitor.yaml similarity index 100% rename from Nimbus/config/prometheus/monitor.yaml rename to config/prometheus/monitor.yaml diff --git a/Nimbus/config/rbac/auth_proxy_client_clusterrole.yaml b/config/rbac/auth_proxy_client_clusterrole.yaml similarity index 100% rename from Nimbus/config/rbac/auth_proxy_client_clusterrole.yaml rename to config/rbac/auth_proxy_client_clusterrole.yaml diff --git a/Nimbus/config/rbac/auth_proxy_role.yaml b/config/rbac/auth_proxy_role.yaml similarity index 100% rename from Nimbus/config/rbac/auth_proxy_role.yaml rename to config/rbac/auth_proxy_role.yaml diff --git a/Nimbus/config/rbac/auth_proxy_role_binding.yaml b/config/rbac/auth_proxy_role_binding.yaml similarity index 100% rename from Nimbus/config/rbac/auth_proxy_role_binding.yaml rename to config/rbac/auth_proxy_role_binding.yaml diff --git a/Nimbus/config/rbac/auth_proxy_service.yaml b/config/rbac/auth_proxy_service.yaml similarity index 100% rename from Nimbus/config/rbac/auth_proxy_service.yaml rename to config/rbac/auth_proxy_service.yaml diff --git a/Nimbus/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml similarity index 100% rename from Nimbus/config/rbac/kustomization.yaml rename to config/rbac/kustomization.yaml diff --git a/Nimbus/config/rbac/leader_election_role.yaml b/config/rbac/leader_election_role.yaml similarity index 100% rename from Nimbus/config/rbac/leader_election_role.yaml rename to config/rbac/leader_election_role.yaml diff --git a/Nimbus/config/rbac/leader_election_role_binding.yaml b/config/rbac/leader_election_role_binding.yaml similarity index 100% rename from Nimbus/config/rbac/leader_election_role_binding.yaml rename to config/rbac/leader_election_role_binding.yaml diff --git a/Nimbus/config/rbac/role.yaml b/config/rbac/role.yaml similarity index 54% rename from Nimbus/config/rbac/role.yaml rename to config/rbac/role.yaml index 529251e7..63cf0e18 100644 --- a/Nimbus/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -4,6 +4,32 @@ kind: ClusterRole metadata: name: manager-role rules: +- apiGroups: + - intent.security.nimbus.com + resources: + - securityintentbindings + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - intent.security.nimbus.com + resources: + - securityintentbindings/finalizers + verbs: + - update +- apiGroups: + - intent.security.nimbus.com + resources: + - securityintentbindings/status + verbs: + - get + - patch + - update - apiGroups: - intent.security.nimbus.com resources: diff --git a/Nimbus/config/rbac/role_binding.yaml b/config/rbac/role_binding.yaml similarity index 100% rename from Nimbus/config/rbac/role_binding.yaml rename to config/rbac/role_binding.yaml diff --git a/Nimbus/config/rbac/securityintent_editor_role.yaml b/config/rbac/securityintent_editor_role.yaml similarity index 100% rename from Nimbus/config/rbac/securityintent_editor_role.yaml rename to config/rbac/securityintent_editor_role.yaml diff --git a/Nimbus/config/rbac/securityintent_viewer_role.yaml b/config/rbac/securityintent_viewer_role.yaml similarity index 100% rename from Nimbus/config/rbac/securityintent_viewer_role.yaml rename to config/rbac/securityintent_viewer_role.yaml diff --git a/config/rbac/securityintentbinding_editor_role.yaml b/config/rbac/securityintentbinding_editor_role.yaml new file mode 100644 index 00000000..dcd147e5 --- /dev/null +++ b/config/rbac/securityintentbinding_editor_role.yaml @@ -0,0 +1,31 @@ +# permissions for end users to edit securityintentbindings. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: securityintentbinding-editor-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: nimbus + app.kubernetes.io/part-of: nimbus + app.kubernetes.io/managed-by: kustomize + name: securityintentbinding-editor-role +rules: +- apiGroups: + - intent.security.nimbus.com + resources: + - securityintentbindings + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - intent.security.nimbus.com + resources: + - securityintentbindings/status + verbs: + - get diff --git a/config/rbac/securityintentbinding_viewer_role.yaml b/config/rbac/securityintentbinding_viewer_role.yaml new file mode 100644 index 00000000..e2bc7408 --- /dev/null +++ b/config/rbac/securityintentbinding_viewer_role.yaml @@ -0,0 +1,27 @@ +# permissions for end users to view securityintentbindings. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: securityintentbinding-viewer-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: nimbus + app.kubernetes.io/part-of: nimbus + app.kubernetes.io/managed-by: kustomize + name: securityintentbinding-viewer-role +rules: +- apiGroups: + - intent.security.nimbus.com + resources: + - securityintentbindings + verbs: + - get + - list + - watch +- apiGroups: + - intent.security.nimbus.com + resources: + - securityintentbindings/status + verbs: + - get diff --git a/Nimbus/config/rbac/service_account.yaml b/config/rbac/service_account.yaml similarity index 100% rename from Nimbus/config/rbac/service_account.yaml rename to config/rbac/service_account.yaml diff --git a/Nimbus/config/samples/intent_v1_securityintent.yaml b/config/samples/intent_v1_securityintent.yaml similarity index 100% rename from Nimbus/config/samples/intent_v1_securityintent.yaml rename to config/samples/intent_v1_securityintent.yaml diff --git a/config/samples/intent_v1_securityintentbinding.yaml b/config/samples/intent_v1_securityintentbinding.yaml new file mode 100644 index 00000000..8dd7ac7e --- /dev/null +++ b/config/samples/intent_v1_securityintentbinding.yaml @@ -0,0 +1,12 @@ +apiVersion: intent.security.nimbus.com/v1 +kind: SecurityIntentBinding +metadata: + labels: + app.kubernetes.io/name: securityintentbinding + app.kubernetes.io/instance: securityintentbinding-sample + app.kubernetes.io/part-of: nimbus + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/created-by: nimbus + name: securityintentbinding-sample +spec: + # TODO(user): Add fields here diff --git a/Nimbus/config/samples/kustomization.yaml b/config/samples/kustomization.yaml similarity index 76% rename from Nimbus/config/samples/kustomization.yaml rename to config/samples/kustomization.yaml index d9aaf765..c5f98a58 100644 --- a/Nimbus/config/samples/kustomization.yaml +++ b/config/samples/kustomization.yaml @@ -1,4 +1,5 @@ ## Append samples of your project ## resources: - intent_v1_securityintent.yaml +- intent_v1_securityintentbinding.yaml #+kubebuilder:scaffold:manifestskustomizesamples diff --git a/go.mod b/go.mod index 9c9342b7..7286c306 100644 --- a/go.mod +++ b/go.mod @@ -1,9 +1,10 @@ -module github.com/5GSEC/nimbus/Nimbus +module github.com/5GSEC/nimbus go 1.20 require ( github.com/cilium/cilium v1.14.3 + github.com/go-logr/logr v1.2.4 github.com/kubearmor/KubeArmor/pkg/KubeArmorHostPolicy v0.0.0-20230616113436-0f9e047493a0 github.com/kubearmor/KubeArmor/pkg/KubeArmorPolicy v0.0.0-20230622041458-52e38e236598 github.com/onsi/ginkgo/v2 v2.11.0 @@ -23,9 +24,7 @@ require ( github.com/davecgh/go-spew v1.1.1 // indirect github.com/emicklei/go-restful/v3 v3.11.0 // indirect github.com/evanphx/json-patch/v5 v5.6.0 // indirect - github.com/fatih/color v1.15.0 // indirect github.com/fsnotify/fsnotify v1.6.0 // indirect - github.com/go-logr/logr v1.2.4 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-logr/zapr v1.2.4 // indirect github.com/go-ole/go-ole v1.2.6 // indirect @@ -40,7 +39,6 @@ require ( github.com/go-openapi/swag v0.22.4 // indirect github.com/go-openapi/validate v0.22.1 // indirect github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect - github.com/gobuffalo/flect v1.0.2 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.3 // indirect @@ -59,8 +57,6 @@ require ( github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect github.com/magiconair/properties v1.8.7 // indirect github.com/mailru/easyjson v0.7.7 // indirect - github.com/mattn/go-colorable v0.1.13 // indirect - github.com/mattn/go-isatty v0.0.17 // indirect github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect @@ -101,7 +97,6 @@ require ( go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.25.0 // indirect golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 // indirect - golang.org/x/mod v0.12.0 // indirect golang.org/x/net v0.17.0 // indirect golang.org/x/oauth2 v0.8.0 // indirect golang.org/x/sync v0.3.0 // indirect @@ -123,7 +118,6 @@ require ( k8s.io/klog/v2 v2.100.1 // indirect k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 // indirect k8s.io/utils v0.0.0-20230505201702-9f6742963106 // indirect - sigs.k8s.io/controller-tools v0.13.0 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect sigs.k8s.io/yaml v1.3.0 // indirect diff --git a/go.sum b/go.sum index 8b460bc8..8377f6ae 100644 --- a/go.sum +++ b/go.sum @@ -36,6 +36,7 @@ cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RX cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= +github.com/AdaLogics/go-fuzz-headers v0.0.0-20230106234847-43070de90fa1 h1:EKPd1INOIyr5hWOWhvpmQpY6tKjeG0hT1s3AMC/9fic= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= @@ -50,11 +51,13 @@ github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6r github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM= github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/census-instrumentation/opencensus-proto v0.4.1 h1:iKLQ0xPNFxR/2hzXZMrBo8f1j86j5WHzznCCQxV/b8g= github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= +github.com/cilium/checkmate v1.0.3 h1:CQC5eOmlAZeEjPrVZY3ZwEBH64lHlx9mXYdUehEwI5w= github.com/cilium/cilium v1.14.3 h1:Nbya9Lr/k1A8Wty1oPdV+/k/qh3KoIeTb6tXRM2eLWg= github.com/cilium/cilium v1.14.3/go.mod h1:jcysu5KCmXET1lo3TeRq9cUvwQeFajcSRs4n6YfvTqM= github.com/cilium/ebpf v0.10.1-0.20230626090016-654491c8a500 h1:eAn1/gEVvcamZLoF4JKznmG2zKABsF7mRisyfQtwa3Q= @@ -65,8 +68,10 @@ github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDk github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4 h1:/inchEIKaYC1Akx+H+gqO04wryn5h75LSazbRlnya1k= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/cyphar/filepath-securejoin v0.2.3 h1:YX6ebbZCZP7VkM3scTTokDgBL2TY741X51MTk3ycuNI= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -78,11 +83,11 @@ github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1m github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po= github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= +github.com/envoyproxy/protoc-gen-validate v0.10.1 h1:c0g45+xCJhdgFGw7a5QAfdS4byAbud7miNWJ1WwEVf8= github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww= github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= -github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= -github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw= +github.com/frankban/quicktest v1.14.5 h1:dfYrrRyLtiqT9GyKXgdh+k4inNeTvmGbuSgZ3lx3GhA= github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= @@ -131,7 +136,6 @@ github.com/go-openapi/strfmt v0.21.7/go.mod h1:adeGTkxE44sPyLk0JV235VQAO/ZXUr8KA github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.15/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-openapi/swag v0.21.1/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= -github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU= github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= @@ -148,8 +152,6 @@ github.com/gobuffalo/envy v1.7.0/go.mod h1:n7DRkBerg/aorDM8kbduw5dN3oXGswK5liaSC github.com/gobuffalo/flect v0.1.0/go.mod h1:d2ehjJqGOH/Kjqcoz+F7jHTBbmDb38yXA598Hb50EGs= github.com/gobuffalo/flect v0.1.1/go.mod h1:8JCgGVbRjJhVgD6399mQr4fx5rRfGKVzFjbj6RE/9UI= github.com/gobuffalo/flect v0.1.3/go.mod h1:8JCgGVbRjJhVgD6399mQr4fx5rRfGKVzFjbj6RE/9UI= -github.com/gobuffalo/flect v1.0.2 h1:eqjPGSo2WmjgY2XlpGwo2NXgL3RucAKo4k4qQMNA5sA= -github.com/gobuffalo/flect v1.0.2/go.mod h1:A5msMlrHtLqh9umBSnvabjsMrCcCpAyzglnDvkbYKHs= github.com/gobuffalo/genny v0.0.0-20190329151137-27723ad26ef9/go.mod h1:rWs4Z12d1Zbf19rlsn0nurr75KqhYp52EAGGxTbBhNk= github.com/gobuffalo/genny v0.0.0-20190403191548-3ca520ef0d9e/go.mod h1:80lIj3kVJWwOrXWWMRzzdhW3DsrdjILVil/SFKBzF28= github.com/gobuffalo/genny v0.1.0/go.mod h1:XidbUqzak3lHdS//TPu2OgiFB+51Ur5f7CSnXZ/JDvo= @@ -248,8 +250,6 @@ github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/imdario/mergo v0.3.6 h1:xTNEAn+kxVO7dTZGu0CegyqKZmoWFI0rF8UxjlB2d28= -github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.15 h1:M8XP7IuFNsqUx6VPK2P9OSmsYsI/YFaGil0uD21V3dM= github.com/imdario/mergo v0.3.15/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= @@ -294,11 +294,6 @@ github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0 github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/markbates/oncer v0.0.0-20181203154359-bf2de49a0be2/go.mod h1:Ld9puTsIW75CHf65OeIOkyKbteujpZVXDpWK6YGZbxE= github.com/markbates/safe v1.0.1/go.mod h1:nAqgmRi7cY2nqMc92/bSEeQA+R4OheNU2T1kNSCBdG0= -github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= -github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= -github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng= -github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/mitchellh/mapstructure v1.3.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= @@ -344,15 +339,12 @@ github.com/prometheus/client_model v0.4.0 h1:5lQXD3cAg1OXBf4Wq03gTrXHeaV0TQvGfUo github.com/prometheus/client_model v0.4.0/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU= github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY= github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY= -github.com/prometheus/procfs v0.10.1 h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg= -github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM= github.com/prometheus/procfs v0.11.0 h1:5EAgkfkMl659uZPbe9AS2N68a7Cc1TJbPEuGzFuRbyk= github.com/prometheus/procfs v0.11.0/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM= github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.2.2/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= @@ -394,12 +386,12 @@ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/subosito/gotenv v1.4.2 h1:X1TuBLAMDFbaTAChgCBLu3DU3UPyELpnF2jjJ2cz/S8= github.com/subosito/gotenv v1.4.2/go.mod h1:ayKnFf/c6rvx/2iiLrJUk1e6plDbT3edrFNGqEflhK0= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= +github.com/tidwall/pretty v1.2.0 h1:RWIZEg2iJ8/g6fDDYzMpobmaoGh5OLl4AXtGUGPcqCs= github.com/tklauser/go-sysconf v0.3.11 h1:89WgdJhk5SNwJfu+GKyYveZ4IaJ7xAkecBo+KdJV0CM= github.com/tklauser/go-sysconf v0.3.11/go.mod h1:GqXfhXY3kiPa0nAXPDIQIWzJbMCB7AmcWpGR8lSZfqI= github.com/tklauser/numcpus v0.6.0 h1:kebhY2Qt+3U6RNK7UqpYNA+tJ23IBEGKkB7JQBfDYms= @@ -437,6 +429,7 @@ go.opentelemetry.io/otel v1.16.0 h1:Z7GVAX/UkAXPKsy94IU+i6thsQS4nb7LviLpnaNeW8s= go.opentelemetry.io/otel v1.16.0/go.mod h1:vl0h9NUa1D5s1nv3A5vZOYWn8av4K8Ml6JDeHrT/bx4= go.opentelemetry.io/otel/metric v1.16.0 h1:RbrpwVG1Hfv85LgnZ7+txXioPDoh6EdbZHo26Q3hqOo= go.opentelemetry.io/otel/metric v1.16.0/go.mod h1:QE47cpOmkwipPiefDwo2wDzwJrlfxxNYodqc4xnGCo4= +go.opentelemetry.io/otel/sdk v1.14.0 h1:PDCppFRDq8A1jL9v6KMI6dYesaq+DFcDZvjsoGvxGzY= go.opentelemetry.io/otel/trace v1.16.0 h1:8JRpaObFoW0pxuVPapkgH8UhHQj+bJW8jJsCZEu5MQs= go.opentelemetry.io/otel/trace v1.16.0/go.mod h1:Yt9vYq1SdNz3xdjZZK7wcXv1qv2pwLkqr2QVwea0ef0= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= @@ -471,8 +464,6 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e h1:+WEEuIdZHnUeJJmEUjyYC2gfUMj69yZXw17EnHg/otA= -golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e/go.mod h1:Kr81I6Kryrl9sr8s2FK3vxD90NdsKWRuOIl2O4CvYbA= golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 h1:k/i9J1pBpvlfR+9QsetwPyERsqu1GIbi967PQMq3Ivc= golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= @@ -499,9 +490,7 @@ golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.10.0 h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk= golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc= -golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -610,7 +599,6 @@ golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -690,10 +678,6 @@ golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4f golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.9.3 h1:Gn1I8+64MsuTb/HpH+LmQtNas23LhUVr3rYZ0eKuaMM= -golang.org/x/tools v0.9.3/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc= -golang.org/x/tools v0.11.0 h1:EMCa6U9S2LtZXLAMoWiR/R8dAQFRqbAitmbJ2UKhoi8= -golang.org/x/tools v0.11.0/go.mod h1:anzJrxPjNtfgiYQYirP2CPGzGLxrH2u2QBhn6Bf3qY8= golang.org/x/tools v0.12.0 h1:YW6HUoUmYBpwSgyaGaZq1fHjrBjX1rlpZ54T6mu2kss= golang.org/x/tools v0.12.0/go.mod h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -765,6 +749,9 @@ google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210108203827-ffc7fda8c3d7/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210226172003-ab064af71705/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20230530153820-e85fd2cbaebc h1:8DyZCyvI8mE1IdLy/60bS+52xfymkE72wv1asokgtao= +google.golang.org/genproto/googleapis/api v0.0.0-20230526203410-71b5a4ffd15e h1:AZX1ra8YbFMSb7+1pI8S9v4rrgRR7jU1FmuFSSjTVcQ= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230530153820-e85fd2cbaebc h1:XSJ8Vk1SWuNr8S18z1NZSziL0CPIXLCCMDOEFtHBOFc= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= @@ -793,8 +780,6 @@ google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGj google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng= -google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -838,8 +823,6 @@ k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ= k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM= -k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 h1:qY1Ad8PODbnymg2pRbkyMT/ylpTrCM8P2RJ0yroCyIk= -k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= k8s.io/utils v0.0.0-20230505201702-9f6742963106 h1:EObNQ3TW2D+WptiYXlApGNLVy0zm/JIBVY9i+M4wpAU= k8s.io/utils v0.0.0-20230505201702-9f6742963106/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= @@ -847,8 +830,6 @@ rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= sigs.k8s.io/controller-runtime v0.16.3 h1:2TuvuokmfXvDUamSx1SuAOO3eTyye+47mJCigwG62c4= sigs.k8s.io/controller-runtime v0.16.3/go.mod h1:j7bialYoSn142nv9sCOJmQgDXQXxnroFU4VnX/brVJ0= -sigs.k8s.io/controller-tools v0.13.0 h1:NfrvuZ4bxyolhDBt/rCZhDnx3M2hzlhgo5n3Iv2RykI= -sigs.k8s.io/controller-tools v0.13.0/go.mod h1:5vw3En2NazbejQGCeWKRrE7q4P+CW8/klfVqP8QZkgA= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE=