From 55ccd82d99da074f4e1bf9ed3c8430ab7041b805 Mon Sep 17 00:00:00 2001 From: ajanikow <12255597+ajanikow@users.noreply.github.com> Date: Wed, 7 Feb 2024 13:57:32 +0000 Subject: [PATCH 1/2] [Feature] Authentication Service V1 --- .golangci.yaml | 4 + Makefile | 61 +- cmd/cmd.go | 1 + cmd/integration.go | 14 +- cmd/main-int/main_int.go | 60 ++ go.mod | 38 +- go.sum | 49 ++ integrations/authentication/v1/cache.go | 144 +++++ .../authentication/v1/configuration.go | 129 +++++ .../v1/definition/definition.pb.go | 531 ++++++++++++++++++ .../v1/definition/definition.proto | 85 +++ .../v1/definition/definition_grpc.pb.go | 145 +++++ .../authentication/v1/implementation.go | 204 +++++++ .../authentication/v1/implementation_test.go | 184 ++++++ .../authentication/v1/service_test.go | 191 +++++++ integrations/authentication/v1/utils_test.go | 71 +++ pkg/deployment/agency/config/config.go | 4 +- pkg/deployment/resources/secrets.go | 5 +- pkg/integrations/authentication_v1.go | 67 +++ {cmd => pkg}/integrations/integration.go | 0 {cmd => pkg}/integrations/logger.go | 0 {cmd => pkg}/integrations/register.go | 10 +- {cmd => pkg}/integrations/shutdown_v1.go | 0 {cmd => pkg}/integrations/storage_v1.go | 0 pkg/ml/container_jwt.go | 55 ++ pkg/util/file.go | 63 +++ pkg/util/k8sutil/secrets.go | 8 +- pkg/util/strings/strings.go | 12 +- pkg/util/token/errors.go | 46 ++ pkg/util/token/mods.go | 78 +++ pkg/util/token/parse.go | 63 +++ pkg/util/token/token.go | 69 +++ pkg/util/token/token_test.go | 129 +++++ 33 files changed, 2461 insertions(+), 59 deletions(-) create mode 100644 cmd/main-int/main_int.go create mode 100644 integrations/authentication/v1/cache.go create mode 100644 integrations/authentication/v1/configuration.go create mode 100644 integrations/authentication/v1/definition/definition.pb.go create mode 100644 integrations/authentication/v1/definition/definition.proto create mode 100644 integrations/authentication/v1/definition/definition_grpc.pb.go create mode 100644 integrations/authentication/v1/implementation.go create mode 100644 integrations/authentication/v1/implementation_test.go create mode 100644 integrations/authentication/v1/service_test.go create mode 100644 integrations/authentication/v1/utils_test.go create mode 100644 pkg/integrations/authentication_v1.go rename {cmd => pkg}/integrations/integration.go (100%) rename {cmd => pkg}/integrations/logger.go (100%) rename {cmd => pkg}/integrations/register.go (94%) rename {cmd => pkg}/integrations/shutdown_v1.go (100%) rename {cmd => pkg}/integrations/storage_v1.go (100%) create mode 100644 pkg/ml/container_jwt.go create mode 100644 pkg/util/file.go create mode 100644 pkg/util/token/errors.go create mode 100644 pkg/util/token/mods.go create mode 100644 pkg/util/token/parse.go create mode 100644 pkg/util/token/token.go create mode 100644 pkg/util/token/token_test.go diff --git a/.golangci.yaml b/.golangci.yaml index c957fdcee..72cec9f65 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -53,6 +53,10 @@ linters-settings: alias: pbShutdownV1 - pkg: github.com/arangodb/kube-arangodb/integrations/shutdown/v1 alias: pbImplShutdownV1 + - pkg: github.com/arangodb/kube-arangodb/integrations/authentication/v1/definition + alias: pbAuthenticationV1 + - pkg: github.com/arangodb/kube-arangodb/integrations/authentication/v1 + alias: pbImplAuthenticationV1 - pkg: github.com/arangodb/kube-arangodb/integrations/shared/v1/definition alias: pbSharedV1 - pkg: github.com/arangodb/kube-arangodb/integrations/shared/v1 diff --git a/Makefile b/Makefile index 881fc8bf7..700768b8b 100644 --- a/Makefile +++ b/Makefile @@ -223,16 +223,40 @@ endif BINNAME := $(PROJECT) BIN := $(BINDIR)/$(BINNAME) -VBIN_LINUX_AMD64 := $(BINDIR)/$(RELEASE_MODE)/linux/amd64/$(BINNAME) -VBIN_LINUX_ARM64 := $(BINDIR)/$(RELEASE_MODE)/linux/arm64/$(BINNAME) BIN_OPS_NAME := $(PROJECT)_ops BIN_OPS := $(BINDIR)/$(BIN_OPS_NAME) -VBIN_OPS_LINUX_AMD64 := $(BINDIR)/$(RELEASE_MODE)/linux/amd64/$(BIN_OPS_NAME) -VBIN_OPS_LINUX_ARM64 := $(BINDIR)/$(RELEASE_MODE)/linux/arm64/$(BIN_OPS_NAME) -VBIN_OPS_DARWIN_AMD64 := $(BINDIR)/$(RELEASE_MODE)/darwin/amd64/$(BIN_OPS_NAME) -VBIN_OPS_DARWIN_ARM64 := $(BINDIR)/$(RELEASE_MODE)/darwin/arm64/$(BIN_OPS_NAME) +BIN_INT_NAME := $(PROJECT)_integration +BIN_INT := $(BINDIR)/$(BIN_INT_NAME) + +define binary +$(eval _OS:=$(call UPPER_ENV,$1)) +$(eval _ARCH:=$(call UPPER_ENV,$2)) +VBIN_$(_OS)_$(_ARCH) := $(BINDIR)/$(RELEASE_MODE)/$1/$2/$(BINNAME) +VBIN_OPS_$(_OS)_$(_ARCH) := $(BINDIR)/$(RELEASE_MODE)/$1/$2/$(BIN_OPS_NAME) +VBIN_INT_$(_OS)_$(_ARCH) := $(BINDIR)/$(RELEASE_MODE)/$1/$2/$(BIN_INT_NAME) + +$$(VBIN_$(_OS)_$(_ARCH)): $$(SOURCES) dashboard/assets.go VERSION + @mkdir -p $(BINDIR)/$(RELEASE_MODE)/$1/$2 + CGO_ENABLED=0 GOOS=$1 GOARCH=$2 go build $${GOBUILDARGS} --tags "$$(GOBUILDTAGS)" $$(COMPILE_DEBUG_FLAGS) -installsuffix netgo -gcflags=all="$$(GOBUILDGCFLAGS)" -ldflags "$$(GOBUILDLDFLAGS)" -o $$@ ./cmd/main + +$$(VBIN_OPS_$(_OS)_$(_ARCH)): $$(SOURCES) dashboard/assets.go VERSION + @mkdir -p $(BINDIR)/$(RELEASE_MODE)/$1/$2 + CGO_ENABLED=0 GOOS=$1 GOARCH=$2 go build $${GOBUILDARGS} --tags "$$(GOBUILDTAGS)" $$(COMPILE_DEBUG_FLAGS) -installsuffix netgo -gcflags=all="$$(GOBUILDGCFLAGS)" -ldflags "$$(GOBUILDLDFLAGS)" -o $$@ ./cmd/main-ops + +$$(VBIN_INT_$(_OS)_$(_ARCH)): $$(SOURCES) dashboard/assets.go VERSION + @mkdir -p $(BINDIR)/$(RELEASE_MODE)/$1/$2 + CGO_ENABLED=0 GOOS=$1 GOARCH=$2 go build $${GOBUILDARGS} --tags "$$(GOBUILDTAGS)" $$(COMPILE_DEBUG_FLAGS) -installsuffix netgo -gcflags=all="$$(GOBUILDGCFLAGS)" -ldflags "$$(GOBUILDLDFLAGS)" -o $$@ ./cmd/main-int + +bin-all: $$(VBIN_$(_OS)_$(_ARCH)) $$(VBIN_OPS_$(_OS)_$(_ARCH)) $$(VBIN_INT_$(_OS)_$(_ARCH)) + +endef + +$(eval $(call binary,linux,amd64)) +$(eval $(call binary,linux,arm64)) +$(eval $(call binary,darwin,amd64)) +$(eval $(call binary,darwin,arm64)) ifdef VERBOSE TESTVERBOSEOPTIONS := -v @@ -421,27 +445,12 @@ dashboard/assets.go: $(DASHBOARDBUILDIMAGE) $(GOASSETSBUILDER) -s /dashboard/build/ -o dashboard/assets.go -p dashboard dashboard/build -.PHONY: bin bin-all -bin: $(BIN) -bin-all: $(BIN) $(VBIN_LINUX_AMD64) $(VBIN_LINUX_ARM64) - -$(VBIN_LINUX_AMD64): $(SOURCES) dashboard/assets.go VERSION - @mkdir -p $(BINDIR)/$(RELEASE_MODE)/linux/amd64 - CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build ${GOBUILDARGS} --tags "$(GOBUILDTAGS)" $(COMPILE_DEBUG_FLAGS) -installsuffix netgo -gcflags=all="$(GOBUILDGCFLAGS)" -ldflags "$(GOBUILDLDFLAGS)" -o $(VBIN_LINUX_AMD64) ./cmd/main - CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build ${GOBUILDARGS} --tags "$(GOBUILDTAGS)" $(COMPILE_DEBUG_FLAGS) -installsuffix netgo -gcflags=all="$(GOBUILDGCFLAGS)" -ldflags "$(GOBUILDLDFLAGS)" -o $(VBIN_OPS_LINUX_AMD64) ./cmd/main-ops - -$(VBIN_LINUX_ARM64): $(SOURCES) dashboard/assets.go VERSION - @mkdir -p $(BINDIR)/$(RELEASE_MODE)/linux/arm64 - CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build ${GOBUILDARGS} --tags "$(GOBUILDTAGS)" $(COMPILE_DEBUG_FLAGS) -installsuffix netgo -gcflags=all="$(GOBUILDGCFLAGS)" -ldflags "$(GOBUILDLDFLAGS)" -o $(VBIN_LINUX_ARM64) ./cmd/main - CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build ${GOBUILDARGS} --tags "$(GOBUILDTAGS)" $(COMPILE_DEBUG_FLAGS) -installsuffix netgo -gcflags=all="$(GOBUILDGCFLAGS)" -ldflags "$(GOBUILDLDFLAGS)" -o $(VBIN_OPS_LINUX_ARM64) ./cmd/main-ops +# Binaries -bin-ops-all: $(VBIN_LINUX_AMD64) $(VBIN_LINUX_ARM64) - @mkdir -p $(BINDIR)/$(RELEASE_MODE)/darwin/amd64 - CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build ${GOBUILDARGS} --tags "$(GOBUILDTAGS)" $(COMPILE_DEBUG_FLAGS) -installsuffix netgo -gcflags=all="$(GOBUILDGCFLAGS)" -ldflags "$(GOBUILDLDFLAGS)" -o $(VBIN_OPS_DARWIN_AMD64) ./cmd/main-ops - @mkdir -p $(BINDIR)/$(RELEASE_MODE)/darwin/arm64 - CGO_ENABLED=0 GOOS=darwin GOARCH=arm64 go build ${GOBUILDARGS} --tags "$(GOBUILDTAGS)" $(COMPILE_DEBUG_FLAGS) -installsuffix netgo -gcflags=all="$(GOBUILDGCFLAGS)" -ldflags "$(GOBUILDLDFLAGS)" -o $(VBIN_OPS_DARWIN_ARM64) ./cmd/main-ops +.PHONY: bin +bin: $(BIN) -$(BIN): $(VBIN_LINUX_AMD64) +$(BIN): $(VBIN_LINUX_AMD64) $(VBIN_OPS_LINUX_AMD64) $(VBIN_INT_LINUX_AMD64) @cp "$(VBIN_LINUX_AMD64)" "$(BIN)" @cp "$(VBIN_OPS_LINUX_AMD64)" "$(BIN_OPS)" @@ -817,7 +826,7 @@ check-community: @$(MAKE) _check RELEASE_MODE=community _check: sync-crds - @$(MAKE) fmt yamlfmt license-verify linter run-unit-tests bin vulncheck-optional + @$(MAKE) fmt yamlfmt license-verify linter run-unit-tests bin-all vulncheck-optional generate: generate-internal generate-proto fmt yamlfmt diff --git a/cmd/cmd.go b/cmd/cmd.go index 64dc4272f..4933736e1 100644 --- a/cmd/cmd.go +++ b/cmd/cmd.go @@ -184,6 +184,7 @@ func init() { var deprecatedStr string f := cmdMain.Flags() + f.StringVar(&serverOptions.host, "server.host", defaultServerHost, "Host to listen on") f.IntVar(&serverOptions.port, "server.port", defaultServerPort, "Port to listen on") f.StringVar(&serverOptions.tlsSecretName, "server.tls-secret-name", "", "Name of secret containing tls.crt & tls.key for HTTPS server (if empty, self-signed certificate is used)") diff --git a/cmd/integration.go b/cmd/integration.go index d9eba96e9..3cb613c39 100644 --- a/cmd/integration.go +++ b/cmd/integration.go @@ -20,10 +20,20 @@ package cmd -import "github.com/arangodb/kube-arangodb/cmd/integrations" +import ( + "github.com/spf13/cobra" + + "github.com/arangodb/kube-arangodb/pkg/integrations" +) func init() { - if err := integrations.Register(&cmdMain); err != nil { + subCommand := &cobra.Command{ + Use: "integration", + } + + if err := integrations.Register(subCommand); err != nil { panic(err.Error()) } + + cmdMain.AddCommand(subCommand) } diff --git a/cmd/main-int/main_int.go b/cmd/main-int/main_int.go new file mode 100644 index 000000000..9dd27a376 --- /dev/null +++ b/cmd/main-int/main_int.go @@ -0,0 +1,60 @@ +// +// DISCLAIMER +// +// Copyright 2024 ArangoDB GmbH, Cologne, Germany +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Copyright holder is ArangoDB GmbH, Cologne, Germany +// + +package main + +import ( + goflag "flag" + "os" + + "github.com/spf13/cobra" + flag "github.com/spf13/pflag" + + "github.com/arangodb/kube-arangodb/pkg/integrations" +) + +var ( + cmd = cobra.Command{ + Use: "arangodb_int", + RunE: func(cmd *cobra.Command, args []string) error { + return cmd.Usage() + }, + } +) + +func init() { + if err := integrations.Register(&cmd); err != nil { + panic(err.Error()) + } +} + +func Execute() int { + flag.CommandLine.AddGoFlagSet(goflag.CommandLine) + + if err := cmd.Execute(); err != nil { + return 1 + } + + return 0 +} + +func main() { + os.Exit(Execute()) +} diff --git a/go.mod b/go.mod index 8ac8189ca..ee82348d4 100644 --- a/go.mod +++ b/go.mod @@ -36,11 +36,11 @@ require ( github.com/fsnotify/fsnotify v1.7.0 github.com/gin-gonic/gin v1.9.1 github.com/golang-jwt/jwt v3.2.2+incompatible - github.com/google/uuid v1.3.1 + github.com/google/uuid v1.4.0 github.com/jessevdk/go-assets v0.0.0-20160921144138-4f4301a06e15 github.com/josephburnett/jd v1.6.1 github.com/julienschmidt/httprouter v1.3.0 - github.com/magiconair/properties v1.8.5 + github.com/magiconair/properties v1.8.7 github.com/pkg/errors v0.9.1 github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.44.1 github.com/prometheus-operator/prometheus-operator/pkg/client v0.0.0-00010101000000-000000000000 @@ -49,13 +49,13 @@ require ( github.com/prometheus/prom2json v1.3.3 github.com/robfig/cron v1.2.0 github.com/rs/zerolog v1.19.0 - github.com/spf13/cobra v1.7.0 + github.com/spf13/cobra v1.8.0 github.com/spf13/pflag v1.0.5 github.com/stretchr/testify v1.8.4 - golang.org/x/sync v0.4.0 + golang.org/x/sync v0.6.0 golang.org/x/sys v0.16.0 golang.org/x/text v0.14.0 - golang.org/x/time v0.3.0 + golang.org/x/time v0.5.0 google.golang.org/grpc v1.60.1 google.golang.org/protobuf v1.32.0 gopkg.in/yaml.v3 v3.0.1 @@ -74,7 +74,7 @@ require ( github.com/cenkalti/backoff/v4 v4.2.1 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect - github.com/davecgh/go-spew v1.1.1 // indirect + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/dchest/siphash v1.2.2 // indirect github.com/emicklei/go-restful/v3 v3.9.0 // indirect github.com/evanphx/json-patch v4.12.0+incompatible // indirect @@ -94,6 +94,7 @@ require ( github.com/google/gnostic-models v0.6.8 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect + github.com/hashicorp/hcl v1.0.0 // indirect github.com/imdario/mergo v0.3.6 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/josharian/intern v1.0.0 // indirect @@ -104,27 +105,38 @@ require ( github.com/mailru/easyjson v0.7.7 // indirect github.com/mattn/go-isatty v0.0.19 // indirect github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect + github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/moby/spdystream v0.2.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/pavel-v-chernykh/keystore-go v2.1.0+incompatible // indirect - github.com/pelletier/go-toml/v2 v2.0.8 // indirect - github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/pelletier/go-toml/v2 v2.1.1 // indirect + github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/prometheus/common v0.44.0 // indirect github.com/prometheus/procfs v0.10.1 // indirect + github.com/sagikazarmark/locafero v0.4.0 // indirect + github.com/sagikazarmark/slog-shim v0.1.0 // indirect + github.com/sourcegraph/conc v0.3.0 // indirect + github.com/spf13/afero v1.11.0 // indirect + github.com/spf13/cast v1.6.0 // indirect + github.com/spf13/viper v1.18.2 // indirect github.com/stretchr/objx v0.4.0 // indirect + github.com/subosito/gotenv v1.6.0 // indirect github.com/twitchyliquid64/golang-asm v0.15.1 // indirect github.com/ugorji/go/codec v1.2.11 // indirect + go.uber.org/multierr v1.11.0 // indirect golang.org/x/arch v0.3.0 // indirect - golang.org/x/crypto v0.17.0 // indirect - golang.org/x/net v0.19.0 // indirect - golang.org/x/oauth2 v0.13.0 // indirect - golang.org/x/term v0.15.0 // indirect - golang.org/x/tools v0.12.0 // indirect + golang.org/x/crypto v0.18.0 // indirect + golang.org/x/exp v0.0.0-20240205201215-2c58cdc269a3 // indirect + golang.org/x/net v0.20.0 // indirect + golang.org/x/oauth2 v0.15.0 // indirect + golang.org/x/term v0.16.0 // indirect + golang.org/x/tools v0.17.0 // indirect google.golang.org/appengine v1.6.8 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20240102182953-50ed04b92917 // indirect gopkg.in/inf.v0 v0.9.1 // indirect + gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect k8s.io/klog/v2 v2.100.1 // indirect k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 // indirect diff --git a/go.sum b/go.sum index 146501786..34f198384 100644 --- a/go.sum +++ b/go.sum @@ -703,12 +703,15 @@ github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSV github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.11/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dchest/siphash v1.2.2 h1:9DFz8tQwl9pTVt5iok/9zKyzA1Q6bRGiF3HPiEEVr9I= github.com/dchest/siphash v1.2.2/go.mod h1:q+IRvb2gOSrUnYoPqHiyHXS0FOBBOdl6tONBlVnOnt4= github.com/dchest/uniuri v0.0.0-20160212164326-8902c56451e9 h1:74lLNRzvsdIlkTgfDSMuaPjBr4cf6k7pwQQANm/yLKU= @@ -918,6 +921,8 @@ github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+ github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4= +github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/enterprise-certificate-proxy v0.0.0-20220520183353-fd19c99a87aa/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8= github.com/googleapis/enterprise-certificate-proxy v0.1.0/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8= github.com/googleapis/enterprise-certificate-proxy v0.2.0/go.mod h1:8C0jb7/mgJe/9KK8Lm7X9ctZC2t60YyIpYEI16jx0Qg= @@ -962,6 +967,7 @@ github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/b github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= @@ -1031,6 +1037,8 @@ github.com/lyft/protoc-gen-star/v2 v2.0.1/go.mod h1:RcCdONR2ScXaYnQC5tUzxzlpA3WV github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.5 h1:b6kJs+EmPFMYGkow9GiUyCyOvIwYetYJ3fSaWak/Gls= github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= +github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY= +github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0= github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= @@ -1057,6 +1065,8 @@ github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS4 github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY= github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= +github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8= github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= github.com/moby/term v0.0.0-20221205130635-1aeaba878587/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y= @@ -1116,6 +1126,8 @@ github.com/pavel-v-chernykh/keystore-go v2.1.0+incompatible/go.mod h1:xlUlxe/2It github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= github.com/pelletier/go-toml/v2 v2.0.8 h1:0ctb6s9mE31h0/lhu+J6OPmVeDxJn+kYnJc2jZR9tGQ= github.com/pelletier/go-toml/v2 v2.0.8/go.mod h1:vuYfssBdrU2XDZ9bYydBu6t+6a6PYNcZljzZR9VXg+4= +github.com/pelletier/go-toml/v2 v2.1.1 h1:LWAJwfNvjQZCFIDKWYQaM62NcYeYViCmWIwmOStowAI= +github.com/pelletier/go-toml/v2 v2.1.1/go.mod h1:tJU2Z3ZkXwnxa4DPO899bsyIoywizdUvyaeZurnPPDc= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/phpdave11/gofpdf v1.4.2/go.mod h1:zpO6xFn9yxo3YLyMvW8HcKWVdbNqgIfOOp2dXMnm1mY= github.com/phpdave11/gofpdi v1.0.12/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI= @@ -1130,6 +1142,8 @@ github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZ github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= github.com/pquerna/cachecontrol v0.1.0/go.mod h1:NrUG3Z7Rdu85UNR3vm7SOsl1nFIeSiQnrHV5K9mBcUI= github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.46.0 h1:J+aQlaDVIemgZDR1f/48MBaiA7rDTm6OyKSRhDX2ZTY= @@ -1195,6 +1209,10 @@ github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQD github.com/ruudk/golang-pdf417 v0.0.0-20181029194003-1af4ab5afa58/go.mod h1:6lfFZQK844Gfx8o5WFuvpxWRwnSoipWe/p622j1v06w= github.com/ruudk/golang-pdf417 v0.0.0-20201230142125-a7e3863a1245/go.mod h1:pQAZKsJ8yyVxGRWYNEm9oFB8ieLgKFnamEyDmSA0BRk= github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= +github.com/sagikazarmark/locafero v0.4.0 h1:HApY1R9zGo4DBgr7dqsTH/JJxLTTsOt7u6keLGt6kNQ= +github.com/sagikazarmark/locafero v0.4.0/go.mod h1:Pe1W6UlPYUk/+wc/6KFhbORCfqzgYEpgQ3O5fPuL3H4= +github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6gto+ugjYE= +github.com/sagikazarmark/slog-shim v0.1.0/go.mod h1:SrcSrq8aKtyuqEI1uvTDTK1arOWRIczQRv+GVI1AkeQ= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= @@ -1207,21 +1225,31 @@ github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1 github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= github.com/soheilhy/cmux v0.1.5/go.mod h1:T7TcVDs9LWfQgPlPsdngu6I6QIoyIFZDDC6sNE1GqG0= +github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9ySo= +github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= github.com/spf13/afero v1.3.3/go.mod h1:5KUK8ByomD5Ti5Artl0RtHeI5pTF7MIDuXL3yY520V4= github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I= github.com/spf13/afero v1.9.2/go.mod h1:iUV7ddyEEZPO5gA3zD4fJt6iStLlL+Lg4m2cihcDf8Y= +github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8= +github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY= github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= +github.com/spf13/cast v1.6.0 h1:GEiTHELF+vaR5dhz3VqZfFSzZjYbgeKDpBxQVS4GYJ0= +github.com/spf13/cast v1.6.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo= github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I= github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= +github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= +github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v1.7.0/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg= +github.com/spf13/viper v1.18.2 h1:LUXCnvUvSM6FXAsj6nnfc8Q2tp1dIgUfY9Kc8GsSOiQ= +github.com/spf13/viper v1.18.2/go.mod h1:EKmWIqdnk5lOcmR72yw6hS+8OPYcwD0jteitLMVB+yk= github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= @@ -1230,6 +1258,8 @@ github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSS github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= +github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8= +github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20220101234140-673ab2c3ae75/go.mod h1:KO6IkyS8Y3j8OdNO85qEYBsRPuteD+YciPomcXdrMnk= @@ -1297,6 +1327,7 @@ go.uber.org/goleak v1.2.0/go.mod h1:XJYK+MuIchqpmGmUSAzotztawfKvYLUIgg7guXrwVUo= go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= +go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo= @@ -1320,6 +1351,8 @@ golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k= golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= +golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc= +golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -1336,6 +1369,8 @@ golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EH golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e/go.mod h1:Kr81I6Kryrl9sr8s2FK3vxD90NdsKWRuOIl2O4CvYbA= golang.org/x/exp v0.0.0-20220827204233-334a2380cb91/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE= +golang.org/x/exp v0.0.0-20240205201215-2c58cdc269a3 h1:/RIbNt/Zr7rVhIkQhooTxCxFcdWLGIKnZA4IXNFSrvo= +golang.org/x/exp v0.0.0-20240205201215-2c58cdc269a3/go.mod h1:idGWGoKP1toJGkd5/ig9ZLuPcZBC3ewk7SzmH0uou08= golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86hEcLt0YII63i6oz57MZXIpbrjZUs= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= @@ -1457,6 +1492,8 @@ golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/net v0.19.0 h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c= golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= +golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo= +golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1489,6 +1526,8 @@ golang.org/x/oauth2 v0.7.0/go.mod h1:hPLQkd9LyjfXTiRohC/41GhcFqxisoUQ99sCUOHO9x4 golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE= golang.org/x/oauth2 v0.13.0 h1:jDDenyj+WgFtmV3zYVoi8aE2BwtXFLWOA67ZfNWftiY= golang.org/x/oauth2 v0.13.0/go.mod h1:/JMhi4ZRXAf4HG9LiNmxvk+45+96RUlVThiH8FzNBn0= +golang.org/x/oauth2 v0.15.0 h1:s8pnnxNVzjWyrvYdFUQq5llS1PX2zhPXmccZv99h7uQ= +golang.org/x/oauth2 v0.15.0/go.mod h1:q48ptWNTY5XWf+JNten23lcvHpLJ0ZSxF5ttTHKVCAM= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -1508,6 +1547,8 @@ golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.2.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.4.0 h1:zxkM55ReGkDlKSM+Fu41A+zmbZuaPVbGMzvvdUPznYQ= golang.org/x/sync v0.4.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= +golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ= +golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -1627,6 +1668,8 @@ golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4= golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= +golang.org/x/term v0.16.0 h1:m+B6fahuftsE9qjo0VWp2FW0mB3MTJvR0BaMQrq0pmE= +golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1654,6 +1697,8 @@ golang.org/x/time v0.0.0-20220922220347-f3bd1da661af/go.mod h1:tRJNPiyCQ0inRvYxb golang.org/x/time v0.1.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= +golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -1730,6 +1775,8 @@ golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s= golang.org/x/tools v0.8.0/go.mod h1:JxBZ99ISMI5ViVkT1tr6tdNmXeTrcpVSD3vZ1RsRdN4= golang.org/x/tools v0.12.0 h1:YW6HUoUmYBpwSgyaGaZq1fHjrBjX1rlpZ54T6mu2kss= golang.org/x/tools v0.12.0/go.mod h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM= +golang.org/x/tools v0.17.0 h1:FvmRgNOcs3kOa+T20R1uhfP9F6HgG2mfxDv1vrx1Htc= +golang.org/x/tools v0.17.0/go.mod h1:xsh6VxdV005rRVaS6SSAf9oiAqljS7UZUacMZ8Bnsps= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -2031,6 +2078,8 @@ gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMy gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= +gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= +gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= gopkg.in/natefinch/lumberjack.v2 v2.2.1/go.mod h1:YD8tP3GAjkrDg1eZH7EGmyESg/lsYskCTPBJVb9jqSc= gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= diff --git a/integrations/authentication/v1/cache.go b/integrations/authentication/v1/cache.go new file mode 100644 index 000000000..7c52e4536 --- /dev/null +++ b/integrations/authentication/v1/cache.go @@ -0,0 +1,144 @@ +// +// DISCLAIMER +// +// Copyright 2024 ArangoDB GmbH, Cologne, Germany +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Copyright holder is ArangoDB GmbH, Cologne, Germany +// + +package v1 + +import ( + "io" + "os" + "path" + "sort" + "time" + + "github.com/arangodb/kube-arangodb/pkg/util" + "github.com/arangodb/kube-arangodb/pkg/util/errors" +) + +const MaxSize = 128 + +type cache struct { + parent *implementation + + eol time.Time + + signingToken []byte + + validationTokens [][]byte +} + +func (i *implementation) newCache() (*cache, error) { + files, err := os.ReadDir(i.cfg.Path) + if err != nil { + return nil, err + } + + var keys []string + var tokens = make(map[string][]byte) + + for _, file := range files { + if file.IsDir() { + continue + } + + data, err := util.OpenWithRead(path.Join(i.cfg.Path, file.Name()), MaxSize) + if err != nil { + continue + } + + if len(data) == 0 { + continue + } + + buff := make([]byte, 32) + + for id := range buff { + buff[id] = 0 + } + + copy(buff, data) + + keys = append(keys, file.Name()) + tokens[file.Name()] = buff + } + + if len(keys) == 0 { + return nil, io.ErrUnexpectedEOF + } + + sort.Strings(keys) + + data := make([][]byte, len(keys)) + + for id := range data { + data[id] = tokens[keys[id]] + } + + cache := cache{ + parent: i, + eol: time.Now().Add(i.cfg.TTL), + signingToken: tokens[keys[0]], + validationTokens: data, + } + + return &cache, nil +} + +func (i *implementation) localGetCache() *cache { + if c := i.cache; c != nil && c.eol.After(time.Now()) { + return c + } + + return nil +} + +func (i *implementation) withCache() (*cache, error) { + if c := i.getCache(); c != nil { + return c, nil + } + + return i.refreshCache() +} + +func (i *implementation) getCache() *cache { + i.lock.RLock() + defer i.lock.RUnlock() + + return i.localGetCache() +} + +func (i *implementation) refreshCache() (*cache, error) { + i.lock.Lock() + defer i.lock.Unlock() + + if c := i.localGetCache(); c != nil { + return c, nil + } + + // Get was not successful, retry + + if c, err := i.newCache(); err != nil { + return nil, err + } else if c == nil { + return nil, errors.Errorf("cache returned is nil") + } else { + i.cache = c + return i.cache, nil + } +} diff --git a/integrations/authentication/v1/configuration.go b/integrations/authentication/v1/configuration.go new file mode 100644 index 000000000..b45adea14 --- /dev/null +++ b/integrations/authentication/v1/configuration.go @@ -0,0 +1,129 @@ +// +// DISCLAIMER +// +// Copyright 2024 ArangoDB GmbH, Cologne, Germany +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Copyright holder is ArangoDB GmbH, Cologne, Germany +// + +package v1 + +import ( + "time" + + "github.com/arangodb/kube-arangodb/pkg/util/errors" + "github.com/arangodb/kube-arangodb/pkg/util/strings" +) + +const ( + DefaultAdminUser = "root" + + DefaultUser = "root" + + DefaultTTL = 15 * time.Second + + DefaultTokenMinTTL = time.Minute + DefaultTokenMaxTTL = time.Hour + DefaultTokenDefaultTTL = time.Hour +) + +type Mod func(c Configuration) Configuration + +func NewConfiguration() Configuration { + return Configuration{ + Enabled: true, + TTL: DefaultTTL, + Path: "", + Create: Token{ + DefaultUser: DefaultUser, + AllowedUsers: nil, + MinTTL: DefaultTokenMinTTL, + MaxTTL: DefaultTokenMaxTTL, + DefaultTTL: DefaultTokenDefaultTTL, + }, + } +} + +type Configuration struct { + Enabled bool + + TTL time.Duration + + Path string + + Create Token +} + +func (c Configuration) With(mods ...Mod) Configuration { + n := c + + for _, mod := range mods { + n = mod(n) + } + + return n +} + +func (c Configuration) Validate() error { + if c.Path == "" { + return errors.Errorf("Path should not be empty") + } + + if c.TTL < 0 { + return errors.Errorf("TTLS should be not negative") + } + + if err := c.Create.Validate(); err != nil { + return errors.Wrapf(err, "Token validation failed") + } + + return nil +} + +type Token struct { + DefaultUser string + + AllowedUsers []string + + MinTTL, MaxTTL, DefaultTTL time.Duration +} + +func (t Token) Validate() error { + if t.MinTTL < 0 { + return errors.Errorf("MinTTL Cannot be lower than 0") + } + + if t.MaxTTL < t.MinTTL { + return errors.Errorf("MaxTTL Cannot be lower than MinTTL") + } + + if t.DefaultTTL < t.MinTTL { + return errors.Errorf("DefautTTL Cannot be lower than MinTTL") + } + + if t.DefaultTTL > t.MaxTTL { + return errors.Errorf("DefautTTL Cannot be higher than MaxTTL") + } + + if len(t.AllowedUsers) > 0 { + // We are enforcing allowed users + + if !strings.ListContains(t.AllowedUsers, t.DefaultUser) { + return errors.Errorf("DefaultUser should be always allowed") + } + } + + return nil +} diff --git a/integrations/authentication/v1/definition/definition.pb.go b/integrations/authentication/v1/definition/definition.pb.go new file mode 100644 index 000000000..3ecd6a9f9 --- /dev/null +++ b/integrations/authentication/v1/definition/definition.pb.go @@ -0,0 +1,531 @@ +// +// DISCLAIMER +// +// Copyright 2016-2022 ArangoDB GmbH, Cologne, Germany +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Copyright holder is ArangoDB GmbH, Cologne, Germany +// + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.26.0 +// protoc v3.21.1 +// source: integrations/authentication/v1/definition/definition.proto + +package definition + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + durationpb "google.golang.org/protobuf/types/known/durationpb" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// ValidateRequest defines request for AuthenticationV1 Validate Request +type ValidateRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Token specifies a token extracted from the request or used currently + Token string `protobuf:"bytes,1,opt,name=Token,proto3" json:"Token,omitempty"` +} + +func (x *ValidateRequest) Reset() { + *x = ValidateRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_integrations_authentication_v1_definition_definition_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ValidateRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ValidateRequest) ProtoMessage() {} + +func (x *ValidateRequest) ProtoReflect() protoreflect.Message { + mi := &file_integrations_authentication_v1_definition_definition_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ValidateRequest.ProtoReflect.Descriptor instead. +func (*ValidateRequest) Descriptor() ([]byte, []int) { + return file_integrations_authentication_v1_definition_definition_proto_rawDescGZIP(), []int{0} +} + +func (x *ValidateRequest) GetToken() string { + if x != nil { + return x.Token + } + return "" +} + +// ValidateResponse defines response for AuthenticationV1 Validate Request +type ValidateResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // IsValid returns information about the validity of the token + IsValid bool `protobuf:"varint,1,opt,name=IsValid,proto3" json:"IsValid,omitempty"` + // Message message for the validation phase + Message string `protobuf:"bytes,2,opt,name=Message,proto3" json:"Message,omitempty"` + // Details returns token details if the token is valid + Details *ValidateResponseDetails `protobuf:"bytes,3,opt,name=Details,proto3,oneof" json:"Details,omitempty"` +} + +func (x *ValidateResponse) Reset() { + *x = ValidateResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_integrations_authentication_v1_definition_definition_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ValidateResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ValidateResponse) ProtoMessage() {} + +func (x *ValidateResponse) ProtoReflect() protoreflect.Message { + mi := &file_integrations_authentication_v1_definition_definition_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ValidateResponse.ProtoReflect.Descriptor instead. +func (*ValidateResponse) Descriptor() ([]byte, []int) { + return file_integrations_authentication_v1_definition_definition_proto_rawDescGZIP(), []int{1} +} + +func (x *ValidateResponse) GetIsValid() bool { + if x != nil { + return x.IsValid + } + return false +} + +func (x *ValidateResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +func (x *ValidateResponse) GetDetails() *ValidateResponseDetails { + if x != nil { + return x.Details + } + return nil +} + +// ValidateResponseDetails defines optional response for AuthenticationV1 Validate Request. +// Returned only if the Token provided in the request is valid. +type ValidateResponseDetails struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Lifetime specify the lifetime of the token + Lifetime *durationpb.Duration `protobuf:"bytes,1,opt,name=Lifetime,proto3" json:"Lifetime,omitempty"` + // User returns the User used in the Token. If a user is not specified, `root` is returned + User string `protobuf:"bytes,2,opt,name=User,proto3" json:"User,omitempty"` +} + +func (x *ValidateResponseDetails) Reset() { + *x = ValidateResponseDetails{} + if protoimpl.UnsafeEnabled { + mi := &file_integrations_authentication_v1_definition_definition_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ValidateResponseDetails) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ValidateResponseDetails) ProtoMessage() {} + +func (x *ValidateResponseDetails) ProtoReflect() protoreflect.Message { + mi := &file_integrations_authentication_v1_definition_definition_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ValidateResponseDetails.ProtoReflect.Descriptor instead. +func (*ValidateResponseDetails) Descriptor() ([]byte, []int) { + return file_integrations_authentication_v1_definition_definition_proto_rawDescGZIP(), []int{2} +} + +func (x *ValidateResponseDetails) GetLifetime() *durationpb.Duration { + if x != nil { + return x.Lifetime + } + return nil +} + +func (x *ValidateResponseDetails) GetUser() string { + if x != nil { + return x.User + } + return "" +} + +// CreateTokenRequest defines request for AuthenticationV1 CreateToken Request +type CreateTokenRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Lifetime specifies the lifetime of the token as duration. Defaults to 1 hour + Lifetime *durationpb.Duration `protobuf:"bytes,1,opt,name=Lifetime,proto3,oneof" json:"Lifetime,omitempty"` + // User specify the User for which token should be created. By default, the default user is used (root in most cases) + User *string `protobuf:"bytes,2,opt,name=User,proto3,oneof" json:"User,omitempty"` +} + +func (x *CreateTokenRequest) Reset() { + *x = CreateTokenRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_integrations_authentication_v1_definition_definition_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *CreateTokenRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CreateTokenRequest) ProtoMessage() {} + +func (x *CreateTokenRequest) ProtoReflect() protoreflect.Message { + mi := &file_integrations_authentication_v1_definition_definition_proto_msgTypes[3] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CreateTokenRequest.ProtoReflect.Descriptor instead. +func (*CreateTokenRequest) Descriptor() ([]byte, []int) { + return file_integrations_authentication_v1_definition_definition_proto_rawDescGZIP(), []int{3} +} + +func (x *CreateTokenRequest) GetLifetime() *durationpb.Duration { + if x != nil { + return x.Lifetime + } + return nil +} + +func (x *CreateTokenRequest) GetUser() string { + if x != nil && x.User != nil { + return *x.User + } + return "" +} + +// CreateTokenResponse defines response for AuthenticationV1 CreateToken Request +type CreateTokenResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Lifetime specify the lifetime of the token as the duration + Lifetime *durationpb.Duration `protobuf:"bytes,1,opt,name=Lifetime,proto3" json:"Lifetime,omitempty"` + // User returns the User used in the Token + User string `protobuf:"bytes,2,opt,name=User,proto3" json:"User,omitempty"` + // Token returns the Token as a string + Token string `protobuf:"bytes,3,opt,name=Token,proto3" json:"Token,omitempty"` +} + +func (x *CreateTokenResponse) Reset() { + *x = CreateTokenResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_integrations_authentication_v1_definition_definition_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *CreateTokenResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CreateTokenResponse) ProtoMessage() {} + +func (x *CreateTokenResponse) ProtoReflect() protoreflect.Message { + mi := &file_integrations_authentication_v1_definition_definition_proto_msgTypes[4] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CreateTokenResponse.ProtoReflect.Descriptor instead. +func (*CreateTokenResponse) Descriptor() ([]byte, []int) { + return file_integrations_authentication_v1_definition_definition_proto_rawDescGZIP(), []int{4} +} + +func (x *CreateTokenResponse) GetLifetime() *durationpb.Duration { + if x != nil { + return x.Lifetime + } + return nil +} + +func (x *CreateTokenResponse) GetUser() string { + if x != nil { + return x.User + } + return "" +} + +func (x *CreateTokenResponse) GetToken() string { + if x != nil { + return x.Token + } + return "" +} + +var File_integrations_authentication_v1_definition_definition_proto protoreflect.FileDescriptor + +var file_integrations_authentication_v1_definition_definition_proto_rawDesc = []byte{ + 0x0a, 0x3a, 0x69, 0x6e, 0x74, 0x65, 0x67, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x61, + 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x76, 0x31, + 0x2f, 0x64, 0x65, 0x66, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x64, 0x65, 0x66, 0x69, + 0x6e, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0e, 0x61, 0x75, + 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x1a, 0x1e, 0x67, 0x6f, + 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, + 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x27, 0x0a, 0x0f, + 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, + 0x14, 0x0a, 0x05, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, + 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x9a, 0x01, 0x0a, 0x10, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, + 0x74, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x49, 0x73, + 0x56, 0x61, 0x6c, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x49, 0x73, 0x56, + 0x61, 0x6c, 0x69, 0x64, 0x12, 0x18, 0x0a, 0x07, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x46, + 0x0a, 0x07, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x27, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x2e, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, + 0x65, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x48, 0x00, 0x52, 0x07, 0x44, 0x65, 0x74, 0x61, + 0x69, 0x6c, 0x73, 0x88, 0x01, 0x01, 0x42, 0x0a, 0x0a, 0x08, 0x5f, 0x44, 0x65, 0x74, 0x61, 0x69, + 0x6c, 0x73, 0x22, 0x64, 0x0a, 0x17, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x12, 0x35, 0x0a, + 0x08, 0x4c, 0x69, 0x66, 0x65, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, + 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x08, 0x4c, 0x69, 0x66, 0x65, + 0x74, 0x69, 0x6d, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x55, 0x73, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x04, 0x55, 0x73, 0x65, 0x72, 0x22, 0x7f, 0x0a, 0x12, 0x43, 0x72, 0x65, 0x61, + 0x74, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3a, + 0x0a, 0x08, 0x4c, 0x69, 0x66, 0x65, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, + 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x00, 0x52, 0x08, 0x4c, + 0x69, 0x66, 0x65, 0x74, 0x69, 0x6d, 0x65, 0x88, 0x01, 0x01, 0x12, 0x17, 0x0a, 0x04, 0x55, 0x73, + 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x48, 0x01, 0x52, 0x04, 0x55, 0x73, 0x65, 0x72, + 0x88, 0x01, 0x01, 0x42, 0x0b, 0x0a, 0x09, 0x5f, 0x4c, 0x69, 0x66, 0x65, 0x74, 0x69, 0x6d, 0x65, + 0x42, 0x07, 0x0a, 0x05, 0x5f, 0x55, 0x73, 0x65, 0x72, 0x22, 0x76, 0x0a, 0x13, 0x43, 0x72, 0x65, + 0x61, 0x74, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x12, 0x35, 0x0a, 0x08, 0x4c, 0x69, 0x66, 0x65, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, + 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x08, 0x4c, + 0x69, 0x66, 0x65, 0x74, 0x69, 0x6d, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x55, 0x73, 0x65, 0x72, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x55, 0x73, 0x65, 0x72, 0x12, 0x14, 0x0a, 0x05, 0x54, + 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x54, 0x6f, 0x6b, 0x65, + 0x6e, 0x32, 0xbd, 0x01, 0x0a, 0x10, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x56, 0x31, 0x12, 0x4f, 0x0a, 0x08, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, + 0x74, 0x65, 0x12, 0x1f, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x2e, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x1a, 0x20, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, + 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x58, 0x0a, 0x0b, 0x43, 0x72, 0x65, 0x61, 0x74, + 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x22, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, + 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x54, 0x6f, + 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x23, 0x2e, 0x61, 0x75, 0x74, + 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x43, 0x72, 0x65, 0x61, + 0x74, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, + 0x00, 0x42, 0x3e, 0x5a, 0x3c, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, + 0x61, 0x72, 0x61, 0x6e, 0x67, 0x6f, 0x64, 0x62, 0x2f, 0x6b, 0x75, 0x62, 0x65, 0x2d, 0x61, 0x72, + 0x61, 0x6e, 0x67, 0x6f, 0x64, 0x62, 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x67, 0x72, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x31, 0x2f, 0x64, 0x65, 0x66, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x6f, + 0x6e, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_integrations_authentication_v1_definition_definition_proto_rawDescOnce sync.Once + file_integrations_authentication_v1_definition_definition_proto_rawDescData = file_integrations_authentication_v1_definition_definition_proto_rawDesc +) + +func file_integrations_authentication_v1_definition_definition_proto_rawDescGZIP() []byte { + file_integrations_authentication_v1_definition_definition_proto_rawDescOnce.Do(func() { + file_integrations_authentication_v1_definition_definition_proto_rawDescData = protoimpl.X.CompressGZIP(file_integrations_authentication_v1_definition_definition_proto_rawDescData) + }) + return file_integrations_authentication_v1_definition_definition_proto_rawDescData +} + +var file_integrations_authentication_v1_definition_definition_proto_msgTypes = make([]protoimpl.MessageInfo, 5) +var file_integrations_authentication_v1_definition_definition_proto_goTypes = []interface{}{ + (*ValidateRequest)(nil), // 0: authentication.ValidateRequest + (*ValidateResponse)(nil), // 1: authentication.ValidateResponse + (*ValidateResponseDetails)(nil), // 2: authentication.ValidateResponseDetails + (*CreateTokenRequest)(nil), // 3: authentication.CreateTokenRequest + (*CreateTokenResponse)(nil), // 4: authentication.CreateTokenResponse + (*durationpb.Duration)(nil), // 5: google.protobuf.Duration +} +var file_integrations_authentication_v1_definition_definition_proto_depIdxs = []int32{ + 2, // 0: authentication.ValidateResponse.Details:type_name -> authentication.ValidateResponseDetails + 5, // 1: authentication.ValidateResponseDetails.Lifetime:type_name -> google.protobuf.Duration + 5, // 2: authentication.CreateTokenRequest.Lifetime:type_name -> google.protobuf.Duration + 5, // 3: authentication.CreateTokenResponse.Lifetime:type_name -> google.protobuf.Duration + 0, // 4: authentication.AuthenticationV1.Validate:input_type -> authentication.ValidateRequest + 3, // 5: authentication.AuthenticationV1.CreateToken:input_type -> authentication.CreateTokenRequest + 1, // 6: authentication.AuthenticationV1.Validate:output_type -> authentication.ValidateResponse + 4, // 7: authentication.AuthenticationV1.CreateToken:output_type -> authentication.CreateTokenResponse + 6, // [6:8] is the sub-list for method output_type + 4, // [4:6] is the sub-list for method input_type + 4, // [4:4] is the sub-list for extension type_name + 4, // [4:4] is the sub-list for extension extendee + 0, // [0:4] is the sub-list for field type_name +} + +func init() { file_integrations_authentication_v1_definition_definition_proto_init() } +func file_integrations_authentication_v1_definition_definition_proto_init() { + if File_integrations_authentication_v1_definition_definition_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_integrations_authentication_v1_definition_definition_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ValidateRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_integrations_authentication_v1_definition_definition_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ValidateResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_integrations_authentication_v1_definition_definition_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ValidateResponseDetails); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_integrations_authentication_v1_definition_definition_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CreateTokenRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_integrations_authentication_v1_definition_definition_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CreateTokenResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + file_integrations_authentication_v1_definition_definition_proto_msgTypes[1].OneofWrappers = []interface{}{} + file_integrations_authentication_v1_definition_definition_proto_msgTypes[3].OneofWrappers = []interface{}{} + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_integrations_authentication_v1_definition_definition_proto_rawDesc, + NumEnums: 0, + NumMessages: 5, + NumExtensions: 0, + NumServices: 1, + }, + GoTypes: file_integrations_authentication_v1_definition_definition_proto_goTypes, + DependencyIndexes: file_integrations_authentication_v1_definition_definition_proto_depIdxs, + MessageInfos: file_integrations_authentication_v1_definition_definition_proto_msgTypes, + }.Build() + File_integrations_authentication_v1_definition_definition_proto = out.File + file_integrations_authentication_v1_definition_definition_proto_rawDesc = nil + file_integrations_authentication_v1_definition_definition_proto_goTypes = nil + file_integrations_authentication_v1_definition_definition_proto_depIdxs = nil +} diff --git a/integrations/authentication/v1/definition/definition.proto b/integrations/authentication/v1/definition/definition.proto new file mode 100644 index 000000000..e68688de2 --- /dev/null +++ b/integrations/authentication/v1/definition/definition.proto @@ -0,0 +1,85 @@ +// +// DISCLAIMER +// +// Copyright 2016-2022 ArangoDB GmbH, Cologne, Germany +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Copyright holder is ArangoDB GmbH, Cologne, Germany +// + +syntax = "proto3"; + +import "google/protobuf/duration.proto"; + +option go_package = "github.com/arangodb/kube-arangodb/integrations/v1/definition"; + +package authentication; + +// AuthenticationV1 define ServiceInterface for Authentication V1 +service AuthenticationV1 { + // Validate and ensure that Authentication details are valid returns information about the user + rpc Validate (ValidateRequest) returns (ValidateResponse) {} + + // CreateToken creates a token for the specified user + rpc CreateToken (CreateTokenRequest) returns (CreateTokenResponse) {} +} + +// ValidateRequest defines request for AuthenticationV1 Validate Request +message ValidateRequest { + // Token specifies a token extracted from the request or used currently + string Token = 1; +} + +// ValidateResponse defines response for AuthenticationV1 Validate Request +message ValidateResponse { + // IsValid returns information about the validity of the token + bool IsValid = 1; + + // Message message for the validation phase + string Message = 2; + + // Details returns token details if the token is valid + optional ValidateResponseDetails Details = 3; +} + +// ValidateResponseDetails defines optional response for AuthenticationV1 Validate Request. +// Returned only if the Token provided in the request is valid. +message ValidateResponseDetails { + // Lifetime specify the lifetime of the token + google.protobuf.Duration Lifetime = 1; + + // User returns the User used in the Token. If a user is not specified, `root` is returned + string User = 2; +} + +// CreateTokenRequest defines request for AuthenticationV1 CreateToken Request +message CreateTokenRequest { + // Lifetime specifies the lifetime of the token as duration. Defaults to 1 hour + optional google.protobuf.Duration Lifetime = 1; + + // User specify the User for which token should be created. By default, the default user is used (root in most cases) + optional string User = 2; +} + +// CreateTokenResponse defines response for AuthenticationV1 CreateToken Request +message CreateTokenResponse { + // Lifetime specify the lifetime of the token as the duration + google.protobuf.Duration Lifetime = 1; + + // User returns the User used in the Token + string User = 2; + + // Token returns the Token as a string + string Token = 3; +} \ No newline at end of file diff --git a/integrations/authentication/v1/definition/definition_grpc.pb.go b/integrations/authentication/v1/definition/definition_grpc.pb.go new file mode 100644 index 000000000..220cc08a8 --- /dev/null +++ b/integrations/authentication/v1/definition/definition_grpc.pb.go @@ -0,0 +1,145 @@ +// Code generated by protoc-gen-go-grpc. DO NOT EDIT. +// versions: +// - protoc-gen-go-grpc v1.2.0 +// - protoc v3.21.1 +// source: integrations/authentication/v1/definition/definition.proto + +package definition + +import ( + context "context" + grpc "google.golang.org/grpc" + codes "google.golang.org/grpc/codes" + status "google.golang.org/grpc/status" +) + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the grpc package it is being compiled against. +// Requires gRPC-Go v1.32.0 or later. +const _ = grpc.SupportPackageIsVersion7 + +// AuthenticationV1Client is the client API for AuthenticationV1 service. +// +// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. +type AuthenticationV1Client interface { + // Validate and ensure that Authentication details are valid returns information about the user + Validate(ctx context.Context, in *ValidateRequest, opts ...grpc.CallOption) (*ValidateResponse, error) + // CreateToken creates a token for the specified user + CreateToken(ctx context.Context, in *CreateTokenRequest, opts ...grpc.CallOption) (*CreateTokenResponse, error) +} + +type authenticationV1Client struct { + cc grpc.ClientConnInterface +} + +func NewAuthenticationV1Client(cc grpc.ClientConnInterface) AuthenticationV1Client { + return &authenticationV1Client{cc} +} + +func (c *authenticationV1Client) Validate(ctx context.Context, in *ValidateRequest, opts ...grpc.CallOption) (*ValidateResponse, error) { + out := new(ValidateResponse) + err := c.cc.Invoke(ctx, "/authentication.AuthenticationV1/Validate", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authenticationV1Client) CreateToken(ctx context.Context, in *CreateTokenRequest, opts ...grpc.CallOption) (*CreateTokenResponse, error) { + out := new(CreateTokenResponse) + err := c.cc.Invoke(ctx, "/authentication.AuthenticationV1/CreateToken", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +// AuthenticationV1Server is the server API for AuthenticationV1 service. +// All implementations must embed UnimplementedAuthenticationV1Server +// for forward compatibility +type AuthenticationV1Server interface { + // Validate and ensure that Authentication details are valid returns information about the user + Validate(context.Context, *ValidateRequest) (*ValidateResponse, error) + // CreateToken creates a token for the specified user + CreateToken(context.Context, *CreateTokenRequest) (*CreateTokenResponse, error) + mustEmbedUnimplementedAuthenticationV1Server() +} + +// UnimplementedAuthenticationV1Server must be embedded to have forward compatible implementations. +type UnimplementedAuthenticationV1Server struct { +} + +func (UnimplementedAuthenticationV1Server) Validate(context.Context, *ValidateRequest) (*ValidateResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method Validate not implemented") +} +func (UnimplementedAuthenticationV1Server) CreateToken(context.Context, *CreateTokenRequest) (*CreateTokenResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method CreateToken not implemented") +} +func (UnimplementedAuthenticationV1Server) mustEmbedUnimplementedAuthenticationV1Server() {} + +// UnsafeAuthenticationV1Server may be embedded to opt out of forward compatibility for this service. +// Use of this interface is not recommended, as added methods to AuthenticationV1Server will +// result in compilation errors. +type UnsafeAuthenticationV1Server interface { + mustEmbedUnimplementedAuthenticationV1Server() +} + +func RegisterAuthenticationV1Server(s grpc.ServiceRegistrar, srv AuthenticationV1Server) { + s.RegisterService(&AuthenticationV1_ServiceDesc, srv) +} + +func _AuthenticationV1_Validate_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(ValidateRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthenticationV1Server).Validate(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/authentication.AuthenticationV1/Validate", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthenticationV1Server).Validate(ctx, req.(*ValidateRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthenticationV1_CreateToken_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(CreateTokenRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthenticationV1Server).CreateToken(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/authentication.AuthenticationV1/CreateToken", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthenticationV1Server).CreateToken(ctx, req.(*CreateTokenRequest)) + } + return interceptor(ctx, in, info, handler) +} + +// AuthenticationV1_ServiceDesc is the grpc.ServiceDesc for AuthenticationV1 service. +// It's only intended for direct use with grpc.RegisterService, +// and not to be introspected or modified (even as a copy) +var AuthenticationV1_ServiceDesc = grpc.ServiceDesc{ + ServiceName: "authentication.AuthenticationV1", + HandlerType: (*AuthenticationV1Server)(nil), + Methods: []grpc.MethodDesc{ + { + MethodName: "Validate", + Handler: _AuthenticationV1_Validate_Handler, + }, + { + MethodName: "CreateToken", + Handler: _AuthenticationV1_CreateToken_Handler, + }, + }, + Streams: []grpc.StreamDesc{}, + Metadata: "integrations/authentication/v1/definition/definition.proto", +} diff --git a/integrations/authentication/v1/implementation.go b/integrations/authentication/v1/implementation.go new file mode 100644 index 000000000..7ffa71a99 --- /dev/null +++ b/integrations/authentication/v1/implementation.go @@ -0,0 +1,204 @@ +// +// DISCLAIMER +// +// Copyright 2024 ArangoDB GmbH, Cologne, Germany +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Copyright holder is ArangoDB GmbH, Cologne, Germany +// + +package v1 + +import ( + "context" + "sync" + "time" + + "google.golang.org/grpc" + "google.golang.org/protobuf/types/known/durationpb" + + pbAuthenticationV1 "github.com/arangodb/kube-arangodb/integrations/authentication/v1/definition" + "github.com/arangodb/kube-arangodb/pkg/util" + "github.com/arangodb/kube-arangodb/pkg/util/errors" + "github.com/arangodb/kube-arangodb/pkg/util/strings" + "github.com/arangodb/kube-arangodb/pkg/util/svc" + "github.com/arangodb/kube-arangodb/pkg/util/token" +) + +func New(ctx context.Context, cfg Configuration) (svc.Handler, error) { + return newInternal(ctx, cfg) +} + +func newInternal(ctx context.Context, cfg Configuration) (*implementation, error) { + if err := cfg.Validate(); err != nil { + return nil, err + } + + obj := &implementation{ + cfg: cfg, + ctx: ctx, + } + + return obj, nil +} + +var _ pbAuthenticationV1.AuthenticationV1Server = &implementation{} +var _ svc.Handler = &implementation{} + +type implementation struct { + pbAuthenticationV1.UnimplementedAuthenticationV1Server + + lock sync.RWMutex + + ctx context.Context + cfg Configuration + + cache *cache +} + +func (i *implementation) Name() string { + return "authentication.v1" +} + +func (i *implementation) Health() svc.HealthState { + return svc.Healthy +} + +func (i *implementation) Register(registrar *grpc.Server) { + pbAuthenticationV1.RegisterAuthenticationV1Server(registrar, i) +} + +func (i *implementation) Validate(ctx context.Context, request *pbAuthenticationV1.ValidateRequest) (*pbAuthenticationV1.ValidateResponse, error) { + if request == nil { + return nil, errors.Errorf("Request is nil") + } + + if !i.cfg.Enabled { + return &pbAuthenticationV1.ValidateResponse{ + IsValid: true, + Details: &pbAuthenticationV1.ValidateResponseDetails{ + Lifetime: durationpb.New(DefaultTokenMaxTTL), + User: DefaultAdminUser, + }, + }, nil + } + + cache, err := i.withCache() + if err != nil { + return nil, err + } + + user, exp, err := i.extractTokenDetails(cache, request.GetToken()) + if err != nil { + return &pbAuthenticationV1.ValidateResponse{ + IsValid: false, + Message: err.Error(), + }, nil + } + + return &pbAuthenticationV1.ValidateResponse{ + IsValid: true, + Details: &pbAuthenticationV1.ValidateResponseDetails{ + Lifetime: durationpb.New(exp), + User: user, + }, + }, nil +} + +func (i *implementation) CreateToken(ctx context.Context, request *pbAuthenticationV1.CreateTokenRequest) (*pbAuthenticationV1.CreateTokenResponse, error) { + if request == nil { + return nil, errors.Errorf("Request is nil") + } + + if !i.cfg.Enabled { + // Authentication is not enabled, pass with empty token + + return &pbAuthenticationV1.CreateTokenResponse{ + Lifetime: durationpb.New(DefaultTokenMaxTTL), + User: DefaultAdminUser, + Token: "", + }, nil + } + + cache, err := i.withCache() + if err != nil { + return nil, err + } + + user := util.TypeOrDefault(request.User, i.cfg.Create.DefaultUser) + duration := i.cfg.Create.DefaultTTL + if v := request.Lifetime; v != nil { + duration = v.AsDuration() + } + + // Check configuration + if v := i.cfg.Create.AllowedUsers; len(v) > 0 { + if !strings.ListContains(v, user) { + return nil, errors.Errorf("User %s is not allowed", user) + } + } + + if v := i.cfg.Create.MaxTTL; duration > v { + duration = v + } + + if v := i.cfg.Create.MinTTL; duration < v { + duration = v + } + + // Token is validated, we can continue with creation + secret := cache.signingToken + + signedToken, err := token.New(secret, token.NewClaims().With(token.WithDefaultClaims(), token.WithCurrentIAT(), token.WithDuration(duration), token.WithUsername(user))) + if err != nil { + return nil, err + } + + user, exp, err := i.extractTokenDetails(cache, signedToken) + if err != nil { + return nil, err + } + + return &pbAuthenticationV1.CreateTokenResponse{ + Lifetime: durationpb.New(exp), + User: user, + Token: signedToken, + }, nil +} + +func (i *implementation) extractTokenDetails(cache *cache, t string) (string, time.Duration, error) { + // Let's check if token is signed properly + + p, err := token.ParseWithAny(t, cache.validationTokens...) + if err != nil { + return "", 0, err + } + + user := DefaultAdminUser + if v, ok := p[token.ClaimPreferredUsername]; ok { + if s, ok := v.(string); ok { + user = s + } + } + + duration := DefaultTokenMaxTTL + + if v, ok := p[token.ClaimEXP]; ok { + if s, ok := v.(int64); ok { + duration = time.Until(time.Unix(s, 0)) + } + } + + return user, duration, nil +} diff --git a/integrations/authentication/v1/implementation_test.go b/integrations/authentication/v1/implementation_test.go new file mode 100644 index 000000000..20b8271d3 --- /dev/null +++ b/integrations/authentication/v1/implementation_test.go @@ -0,0 +1,184 @@ +// +// DISCLAIMER +// +// Copyright 2024 ArangoDB GmbH, Cologne, Germany +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Copyright holder is ArangoDB GmbH, Cologne, Germany +// + +package v1 + +import ( + "context" + "testing" + "time" + + "github.com/stretchr/testify/require" + "google.golang.org/protobuf/types/known/durationpb" + + pbAuthenticationV1 "github.com/arangodb/kube-arangodb/integrations/authentication/v1/definition" + "github.com/arangodb/kube-arangodb/pkg/util" +) + +func Test_Basic(t *testing.T) { + directory := t.TempDir() + + reSaveJWTTokens(t, directory, generateJWTToken(), generateJWTToken(), generateJWTToken(), generateJWTToken(), generateJWTToken(), generateJWTToken()) + + ctx, c := context.WithCancel(context.Background()) + defer c() + + s, err := newInternal(ctx, Configuration{ + Path: directory, + TTL: time.Duration(0), + }) + require.NoError(t, err) + + // Create token + tokenResponse, err := s.CreateToken(context.Background(), &pbAuthenticationV1.CreateTokenRequest{ + Lifetime: durationpb.New(time.Minute), + User: util.NewType(DefaultUser), + }) + require.NoError(t, err) + + validateResponse, err := s.Validate(context.Background(), &pbAuthenticationV1.ValidateRequest{ + Token: tokenResponse.Token, + }) + + require.NoError(t, err) + + require.True(t, validateResponse.IsValid) + require.NotNil(t, validateResponse.Details) + require.EqualValues(t, DefaultUser, validateResponse.Details.User) +} + +func Test_Flow_WithoutTTL(t *testing.T) { + directory := t.TempDir() + + ctx, c := context.WithCancel(context.Background()) + defer c() + + cfg := NewConfiguration() + + cfg.Path = directory + cfg.TTL = time.Duration(0) + + s, err := newInternal(ctx, cfg) + require.NoError(t, err) + + secret1 := generateJWTToken() + secret2 := generateJWTToken() + + var token1, token2 string + + t.Run("Ensure we cant work without secrets", func(t *testing.T) { + _, err := s.CreateToken(context.Background(), &pbAuthenticationV1.CreateTokenRequest{}) + require.EqualError(t, err, "unexpected EOF") + }) + + t.Run("Save secret1", func(t *testing.T) { + reSaveJWTTokens(t, directory, secret1) + }) + + t.Run("Create token1", func(t *testing.T) { + response, err := s.CreateToken(context.Background(), &pbAuthenticationV1.CreateTokenRequest{}) + require.NoError(t, err) + require.NotNil(t, response) + token1 = response.Token + }) + + t.Run("Validate token1", func(t *testing.T) { + response, err := s.Validate(context.Background(), &pbAuthenticationV1.ValidateRequest{ + Token: token1, + }) + require.NoError(t, err) + require.NotNil(t, response) + require.True(t, response.IsValid) + require.EqualValues(t, cfg.Create.DefaultUser, response.Details.User) + }) + + t.Run("Save secret2", func(t *testing.T) { + reSaveJWTTokens(t, directory, secret2) + }) + + t.Run("Create token2", func(t *testing.T) { + response, err := s.CreateToken(context.Background(), &pbAuthenticationV1.CreateTokenRequest{}) + require.NoError(t, err) + require.NotNil(t, response) + token2 = response.Token + }) + + t.Run("Validate token2", func(t *testing.T) { + response, err := s.Validate(context.Background(), &pbAuthenticationV1.ValidateRequest{ + Token: token2, + }) + require.NoError(t, err) + require.NotNil(t, response) + require.True(t, response.IsValid) + require.EqualValues(t, cfg.Create.DefaultUser, response.Details.User) + }) + + t.Run("Save secret1", func(t *testing.T) { + reSaveJWTTokens(t, directory, secret1) + }) + + t.Run("Validate token2", func(t *testing.T) { + response, err := s.Validate(context.Background(), &pbAuthenticationV1.ValidateRequest{ + Token: token2, + }) + require.NoError(t, err) + require.NotNil(t, response) + require.False(t, response.IsValid) + require.EqualValues(t, "signature is invalid", response.Message) + }) + + t.Run("Save secret2", func(t *testing.T) { + reSaveJWTTokens(t, directory, secret2) + }) + + t.Run("Validate token1", func(t *testing.T) { + response, err := s.Validate(context.Background(), &pbAuthenticationV1.ValidateRequest{ + Token: token1, + }) + require.NoError(t, err) + require.NotNil(t, response) + require.False(t, response.IsValid) + require.EqualValues(t, "signature is invalid", response.Message) + }) + + t.Run("Save secret1 & secret2", func(t *testing.T) { + reSaveJWTTokens(t, directory, secret1, secret2) + }) + + t.Run("Validate token1", func(t *testing.T) { + response, err := s.Validate(context.Background(), &pbAuthenticationV1.ValidateRequest{ + Token: token1, + }) + require.NoError(t, err) + require.NotNil(t, response) + require.True(t, response.IsValid) + require.EqualValues(t, cfg.Create.DefaultUser, response.Details.User) + }) + + t.Run("Validate token2", func(t *testing.T) { + response, err := s.Validate(context.Background(), &pbAuthenticationV1.ValidateRequest{ + Token: token2, + }) + require.NoError(t, err) + require.NotNil(t, response) + require.True(t, response.IsValid) + require.EqualValues(t, cfg.Create.DefaultUser, response.Details.User) + }) +} diff --git a/integrations/authentication/v1/service_test.go b/integrations/authentication/v1/service_test.go new file mode 100644 index 000000000..af26e4bd7 --- /dev/null +++ b/integrations/authentication/v1/service_test.go @@ -0,0 +1,191 @@ +// +// DISCLAIMER +// +// Copyright 2024 ArangoDB GmbH, Cologne, Germany +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Copyright holder is ArangoDB GmbH, Cologne, Germany +// + +package v1 + +import ( + "context" + "testing" + + "github.com/stretchr/testify/require" + + pbAuthenticationV1 "github.com/arangodb/kube-arangodb/integrations/authentication/v1/definition" + "github.com/arangodb/kube-arangodb/pkg/util" + "github.com/arangodb/kube-arangodb/pkg/util/svc" + "github.com/arangodb/kube-arangodb/pkg/util/tests/tgrpc" +) + +func Handler(t *testing.T, ctx context.Context, mods ...Mod) svc.Handler { + handler, err := New(ctx, NewConfiguration().With(mods...)) + require.NoError(t, err) + + return handler +} + +func Client(t *testing.T, ctx context.Context, mods ...Mod) (pbAuthenticationV1.AuthenticationV1Client, string) { + directory := t.TempDir() + + var currentMods []Mod + + currentMods = append(currentMods, func(c Configuration) Configuration { + c.Path = directory + return c + }) + + currentMods = append(currentMods, mods...) + + local := svc.NewService(svc.Configuration{ + Address: "127.0.0.1:0", + }, Handler(t, ctx, currentMods...)) + + start := local.Start(ctx) + + client := tgrpc.NewGRPCClient(t, ctx, pbAuthenticationV1.NewAuthenticationV1Client, start.Address()) + + return client, directory +} + +func Test_Service(t *testing.T) { + ctx, c := context.WithCancel(context.Background()) + defer c() + + client, directory := Client(t, ctx) + + reSaveJWTTokens(t, directory, generateJWTToken()) + + token, err := client.CreateToken(ctx, &pbAuthenticationV1.CreateTokenRequest{}) + require.NoError(t, err) + + t.Logf("Token generated for user %s: %s", token.User, token.Token) + + require.EqualValues(t, "root", token.User) + + valid, err := client.Validate(ctx, &pbAuthenticationV1.ValidateRequest{ + Token: token.Token, + }) + require.NoError(t, err) + + require.True(t, valid.IsValid) + require.NotNil(t, valid.Details) + require.EqualValues(t, token.User, valid.Details.User) +} + +func Test_Service_DifferentDefaultUser(t *testing.T) { + ctx, c := context.WithCancel(context.Background()) + defer c() + + client, directory := Client(t, ctx, func(c Configuration) Configuration { + c.Create.DefaultUser = "different" + return c + }) + + reSaveJWTTokens(t, directory, generateJWTToken()) + + token, err := client.CreateToken(ctx, &pbAuthenticationV1.CreateTokenRequest{}) + require.NoError(t, err) + + t.Logf("Token generated for user %s: %s", token.User, token.Token) + + require.EqualValues(t, "different", token.User) + + valid, err := client.Validate(ctx, &pbAuthenticationV1.ValidateRequest{ + Token: token.Token, + }) + require.NoError(t, err) + + require.True(t, valid.IsValid) + require.NotNil(t, valid.Details) + require.EqualValues(t, token.User, valid.Details.User) +} + +func Test_Service_AskForDefaultIfAllowed(t *testing.T) { + ctx, c := context.WithCancel(context.Background()) + defer c() + + client, directory := Client(t, ctx, func(c Configuration) Configuration { + c.Create.AllowedUsers = []string{"root"} + return c + }) + + reSaveJWTTokens(t, directory, generateJWTToken()) + + token, err := client.CreateToken(ctx, &pbAuthenticationV1.CreateTokenRequest{}) + require.NoError(t, err) + + t.Logf("Token generated for user %s: %s", token.User, token.Token) + + require.EqualValues(t, "root", token.User) + + valid, err := client.Validate(ctx, &pbAuthenticationV1.ValidateRequest{ + Token: token.Token, + }) + require.NoError(t, err) + + require.True(t, valid.IsValid) + require.NotNil(t, valid.Details) + require.EqualValues(t, token.User, valid.Details.User) +} + +func Test_Service_AskForNonDefaultIfAllowed(t *testing.T) { + ctx, c := context.WithCancel(context.Background()) + defer c() + + client, directory := Client(t, ctx, func(c Configuration) Configuration { + c.Create.AllowedUsers = []string{"root", "other"} + return c + }) + + reSaveJWTTokens(t, directory, generateJWTToken()) + + token, err := client.CreateToken(ctx, &pbAuthenticationV1.CreateTokenRequest{ + User: util.NewType("other"), + }) + require.NoError(t, err) + + t.Logf("Token generated for user %s: %s", token.User, token.Token) + + require.EqualValues(t, "other", token.User) + + valid, err := client.Validate(ctx, &pbAuthenticationV1.ValidateRequest{ + Token: token.Token, + }) + require.NoError(t, err) + + require.True(t, valid.IsValid) + require.NotNil(t, valid.Details) + require.EqualValues(t, token.User, valid.Details.User) +} + +func Test_Service_AskForDefaultIfBlocked(t *testing.T) { + ctx, c := context.WithCancel(context.Background()) + defer c() + + client, directory := Client(t, ctx, func(c Configuration) Configuration { + c.Create.AllowedUsers = []string{"root"} + return c + }) + + reSaveJWTTokens(t, directory, generateJWTToken()) + + _, err := client.CreateToken(ctx, &pbAuthenticationV1.CreateTokenRequest{ + User: util.NewType("blocked"), + }) + require.EqualError(t, err, "rpc error: code = Unknown desc = User blocked is not allowed") +} diff --git a/integrations/authentication/v1/utils_test.go b/integrations/authentication/v1/utils_test.go new file mode 100644 index 000000000..db464c888 --- /dev/null +++ b/integrations/authentication/v1/utils_test.go @@ -0,0 +1,71 @@ +// +// DISCLAIMER +// +// Copyright 2024 ArangoDB GmbH, Cologne, Germany +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Copyright holder is ArangoDB GmbH, Cologne, Germany +// + +package v1 + +import ( + "os" + "path" + "testing" + + "github.com/stretchr/testify/require" + + "github.com/arangodb/kube-arangodb/pkg/util" +) + +type tokenType [32]byte + +func generateJWTToken() tokenType { + var tokenData tokenType + util.Rand().Read(tokenData[:]) + return tokenData +} + +func reSaveJWTTokens(t *testing.T, directory string, datas ...tokenType) { + cleanJWTTokens(t, directory) + saveJWTTokens(t, directory, datas...) +} + +func cleanJWTTokens(t *testing.T, directory string) { + files, err := os.ReadDir(directory) + require.NoError(t, err) + + for _, f := range files { + require.NoError(t, os.Remove(path.Join(directory, f.Name()))) + } + + files, err = os.ReadDir(directory) + require.NoError(t, err) + require.Len(t, files, 0) +} + +func saveJWTTokens(t *testing.T, directory string, datas ...tokenType) { + require.True(t, len(datas) > 0, "Required at least one token") + saveJWTToken(t, directory, "-", datas[0]) + + for _, data := range datas { + saveJWTToken(t, directory, util.SHA256(data[:]), data) + } +} + +func saveJWTToken(t *testing.T, directory, name string, data tokenType) { + fn := path.Join(directory, name) + require.NoError(t, os.WriteFile(fn, data[:], 0644)) +} diff --git a/pkg/deployment/agency/config/config.go b/pkg/deployment/agency/config/config.go index d355c25a9..7874e30a3 100644 --- a/pkg/deployment/agency/config/config.go +++ b/pkg/deployment/agency/config/config.go @@ -1,7 +1,7 @@ // // DISCLAIMER // -// Copyright 2023 ArangoDB GmbH, Cologne, Germany +// Copyright 2023-2024 ArangoDB GmbH, Cologne, Germany // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -27,7 +27,7 @@ import ( ) func Init(cmd *cobra.Command) error { - f := cmd.PersistentFlags() + f := cmd.Flags() f.Bool("agency.poll-enabled", false, "The Agency poll functionality enablement (EnterpriseEdition Only)") diff --git a/pkg/deployment/resources/secrets.go b/pkg/deployment/resources/secrets.go index 23cab190b..5998b4b61 100644 --- a/pkg/deployment/resources/secrets.go +++ b/pkg/deployment/resources/secrets.go @@ -49,6 +49,7 @@ import ( secretv1 "github.com/arangodb/kube-arangodb/pkg/util/k8sutil/inspector/secret/v1" "github.com/arangodb/kube-arangodb/pkg/util/k8sutil/kerrors" "github.com/arangodb/kube-arangodb/pkg/util/k8sutil/tls" + "github.com/arangodb/kube-arangodb/pkg/util/token" ) var ( @@ -422,8 +423,8 @@ func AppendKeyfileToKeyfolder(ctx context.Context, cachedStatus inspectorInterfa var ( exporterTokenClaims = jg.MapClaims{ - "iss": "arangodb", - "server_id": "exporter", + token.ClaimISS: token.ClaimISSValue, + "server_id": "exporter", "allowed_paths": []interface{}{"/_admin/statistics", "/_admin/statistics-description", shared.ArangoExporterInternalEndpoint, shared.ArangoExporterInternalEndpointV2, shared.ArangoExporterStatusEndpoint, shared.ArangoExporterClusterHealthEndpoint}, diff --git a/pkg/integrations/authentication_v1.go b/pkg/integrations/authentication_v1.go new file mode 100644 index 000000000..3bac99342 --- /dev/null +++ b/pkg/integrations/authentication_v1.go @@ -0,0 +1,67 @@ +// +// DISCLAIMER +// +// Copyright 2024 ArangoDB GmbH, Cologne, Germany +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Copyright holder is ArangoDB GmbH, Cologne, Germany +// + +package integrations + +import ( + "context" + + "github.com/spf13/cobra" + + pbImplAuthenticationV1 "github.com/arangodb/kube-arangodb/integrations/authentication/v1" + "github.com/arangodb/kube-arangodb/pkg/util/svc" +) + +func init() { + register(func() Integration { + return &authenticationV1{} + }) +} + +type authenticationV1 struct { + config pbImplAuthenticationV1.Configuration +} + +func (a *authenticationV1) Register(cmd *cobra.Command, arg ArgGen) error { + f := cmd.Flags() + + f.StringVar(&a.config.Path, arg("path"), "", "Path to the JWT Folder") + f.BoolVar(&a.config.Enabled, arg("enabled"), true, "Defines if Authentication is enabled") + f.DurationVar(&a.config.TTL, arg("ttl"), pbImplAuthenticationV1.DefaultTTL, "TTL of the JWT cache") + f.StringVar(&a.config.Create.DefaultUser, arg("token.user"), pbImplAuthenticationV1.DefaultUser, "Default user of the Token") + f.DurationVar(&a.config.Create.DefaultTTL, arg("token.ttl.default"), pbImplAuthenticationV1.DefaultTokenDefaultTTL, "Default Token TTL") + f.DurationVar(&a.config.Create.MinTTL, arg("token.ttl.min"), pbImplAuthenticationV1.DefaultTokenMinTTL, "Min Token TTL") + f.DurationVar(&a.config.Create.MaxTTL, arg("token.ttl.max"), pbImplAuthenticationV1.DefaultTokenMaxTTL, "Max Token TTL") + f.StringSliceVar(&a.config.Create.AllowedUsers, arg("token.allowed"), []string{}, "Allowed users for the Token") + + return nil +} + +func (a *authenticationV1) Handler(ctx context.Context) (svc.Handler, error) { + return pbImplAuthenticationV1.New(ctx, a.config) +} + +func (a *authenticationV1) Name() string { + return "authentication.v1" +} + +func (a *authenticationV1) Description() string { + return "Enable AuthenticationV1 Integration Service" +} diff --git a/cmd/integrations/integration.go b/pkg/integrations/integration.go similarity index 100% rename from cmd/integrations/integration.go rename to pkg/integrations/integration.go diff --git a/cmd/integrations/logger.go b/pkg/integrations/logger.go similarity index 100% rename from cmd/integrations/logger.go rename to pkg/integrations/logger.go diff --git a/cmd/integrations/register.go b/pkg/integrations/register.go similarity index 94% rename from cmd/integrations/register.go rename to pkg/integrations/register.go index fed120a53..807687e23 100644 --- a/cmd/integrations/register.go +++ b/pkg/integrations/register.go @@ -77,12 +77,9 @@ func (c *configuration) Register(cmd *cobra.Command) error { return c.registered[i].Name() < c.registered[j].Name() }) - subCommand := &cobra.Command{ - Use: "integration", - RunE: c.run, - } + cmd.RunE = c.run - f := subCommand.Flags() + f := cmd.Flags() f.StringVar(&c.health.config.Address, "health.address", "0.0.0.0:9091", "Address to expose health service") f.BoolVar(&c.health.shutdownEnabled, "health.shutdown.enabled", true, "Determines if shutdown service should be enabled and exposed") @@ -93,14 +90,13 @@ func (c *configuration) Register(cmd *cobra.Command) error { f.Bool(prefix, false, service.Description()) - if err := service.Register(subCommand, func(name string) string { + if err := service.Register(cmd, func(name string) string { return fmt.Sprintf("%s.%s", prefix, name) }); err != nil { return errors.Wrapf(err, "Unable to register service %s", service.Name()) } } - cmd.AddCommand(subCommand) return nil } diff --git a/cmd/integrations/shutdown_v1.go b/pkg/integrations/shutdown_v1.go similarity index 100% rename from cmd/integrations/shutdown_v1.go rename to pkg/integrations/shutdown_v1.go diff --git a/cmd/integrations/storage_v1.go b/pkg/integrations/storage_v1.go similarity index 100% rename from cmd/integrations/storage_v1.go rename to pkg/integrations/storage_v1.go diff --git a/pkg/ml/container_jwt.go b/pkg/ml/container_jwt.go new file mode 100644 index 000000000..758753693 --- /dev/null +++ b/pkg/ml/container_jwt.go @@ -0,0 +1,55 @@ +// +// DISCLAIMER +// +// Copyright 2024 ArangoDB GmbH, Cologne, Germany +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Copyright holder is ArangoDB GmbH, Cologne, Germany +// + +package ml + +import ( + core "k8s.io/api/core/v1" + + api "github.com/arangodb/kube-arangodb/pkg/apis/deployment/v1" + shared "github.com/arangodb/kube-arangodb/pkg/apis/shared" + "github.com/arangodb/kube-arangodb/pkg/deployment/pod" +) + +func AddJWTFolderToPod(deployment *api.ArangoDeployment, spec *core.PodTemplateSpec, integrationContainer *core.Container) { + if deployment.GetAcceptedSpec().Authentication.IsAuthenticated() { + spec.Spec.Volumes = append(spec.Spec.Volumes, core.Volume{ + Name: shared.ClusterJWTSecretVolumeName, + VolumeSource: core.VolumeSource{ + Secret: &core.SecretVolumeSource{ + SecretName: pod.JWTSecretFolder(deployment.GetName()), + }, + }, + }) + } else { + spec.Spec.Volumes = append(spec.Spec.Volumes, core.Volume{ + Name: shared.ClusterJWTSecretVolumeName, + VolumeSource: core.VolumeSource{ + EmptyDir: &core.EmptyDirVolumeSource{}, + }, + }) + } + + integrationContainer.VolumeMounts = append(integrationContainer.VolumeMounts, core.VolumeMount{ + Name: shared.ClusterJWTSecretVolumeName, + ReadOnly: true, + MountPath: shared.ClusterJWTSecretVolumeMountDir, + }) +} diff --git a/pkg/util/file.go b/pkg/util/file.go new file mode 100644 index 000000000..154914f43 --- /dev/null +++ b/pkg/util/file.go @@ -0,0 +1,63 @@ +// +// DISCLAIMER +// +// Copyright 2024 ArangoDB GmbH, Cologne, Germany +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Copyright holder is ArangoDB GmbH, Cologne, Germany +// + +package util + +import ( + "io" + "os" + + "github.com/pkg/errors" +) + +func OpenWithRead(path string, size int) ([]byte, error) { + f, err := os.OpenFile(path, os.O_RDONLY, 0644) + if err != nil { + return nil, err + } + + buff := make([]byte, size+1) + if s, err := Read(f, buff); err != nil { + if nerr := f.Close(); nerr != nil { + return nil, nerr + } + + return nil, err + } else if s == 0 { + return nil, io.ErrUnexpectedEOF + } else { + return buff[:s], nil + } +} + +func Read(in io.Reader, buff []byte) (int, error) { + readed := 0 + for { + s, err := in.Read(buff) + readed += s + if err != nil { + if errors.Is(err, io.EOF) { + return readed, nil + } + + return readed, err + } + } +} diff --git a/pkg/util/k8sutil/secrets.go b/pkg/util/k8sutil/secrets.go index 6bb4a5c91..865da02f5 100644 --- a/pkg/util/k8sutil/secrets.go +++ b/pkg/util/k8sutil/secrets.go @@ -23,7 +23,6 @@ package k8sutil import ( "context" - jg "github.com/golang-jwt/jwt" core "k8s.io/api/core/v1" meta "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -35,6 +34,7 @@ import ( "github.com/arangodb/kube-arangodb/pkg/util/globals" secretv1 "github.com/arangodb/kube-arangodb/pkg/util/k8sutil/inspector/secret/v1" "github.com/arangodb/kube-arangodb/pkg/util/k8sutil/kerrors" + "github.com/arangodb/kube-arangodb/pkg/util/token" ) // ValidateEncryptionKeySecret checks that a secret with given name in given namespace @@ -302,12 +302,8 @@ func CreateJWTFromSecret(ctx context.Context, cachedSecrets secretv1.ReadInterfa if err != nil { return errors.WithStack(err) } - // Create a new token object, specifying signing method and the claims - // you would like it to contain. - token := jg.NewWithClaims(jg.SigningMethodHS256, jg.MapClaims(claims)) - // Sign and get the complete encoded token as a string using the secret - signedToken, err := token.SignedString([]byte(secret)) + signedToken, err := token.New([]byte(secret), claims) if err != nil { return errors.WithStack(err) } diff --git a/pkg/util/strings/strings.go b/pkg/util/strings/strings.go index 873a33ce0..52fa89a11 100644 --- a/pkg/util/strings/strings.go +++ b/pkg/util/strings/strings.go @@ -1,7 +1,7 @@ // // DISCLAIMER // -// Copyright 2016-2022 ArangoDB GmbH, Cologne, Germany +// Copyright 2016-2024 ArangoDB GmbH, Cologne, Germany // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -28,6 +28,16 @@ import ( "golang.org/x/text/language" ) +func ListContains(a []string, b string) bool { + for _, v := range a { + if v == b { + return true + } + } + + return false +} + func CompareStrings(a, b string) bool { return a == b } diff --git a/pkg/util/token/errors.go b/pkg/util/token/errors.go new file mode 100644 index 000000000..4ef1a0fef --- /dev/null +++ b/pkg/util/token/errors.go @@ -0,0 +1,46 @@ +// +// DISCLAIMER +// +// Copyright 2024 ArangoDB GmbH, Cologne, Germany +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Copyright holder is ArangoDB GmbH, Cologne, Germany +// + +package token + +import ( + jg "github.com/golang-jwt/jwt" + + "github.com/arangodb/kube-arangodb/pkg/util/errors" +) + +func IsSignatureInvalidError(err error) bool { + return isJQError(err, jg.ErrSignatureInvalid) +} + +func isJQError(err, expected error) bool { + if err == nil || expected == nil { + return false + } + + var v *jg.ValidationError + if errors.As(err, &v) { + if errors.Is(v.Inner, expected) { + return true + } + } + + return false +} diff --git a/pkg/util/token/mods.go b/pkg/util/token/mods.go new file mode 100644 index 000000000..17bf135aa --- /dev/null +++ b/pkg/util/token/mods.go @@ -0,0 +1,78 @@ +// +// DISCLAIMER +// +// Copyright 2024 ArangoDB GmbH, Cologne, Germany +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Copyright holder is ArangoDB GmbH, Cologne, Germany +// + +package token + +import ( + "time" + + jg "github.com/golang-jwt/jwt" +) + +var defaultTokenClaims = jg.MapClaims{ + ClaimISS: ClaimISSValue, +} + +func WithDefaultClaims() Mod { + return func(in Claims) Claims { + for k, v := range defaultTokenClaims { + if _, ok := in[k]; !ok { + in[k] = v + } + } + + return in + } +} + +func WithUsername(username string) Mod { + return func(in Claims) Claims { + in[ClaimPreferredUsername] = username + return in + } +} + +func WithCurrentIAT() Mod { + return func(in Claims) Claims { + in[ClaimIAT] = time.Now().Unix() + return in + } +} + +func WithIAT(time time.Time) Mod { + return func(in Claims) Claims { + in[ClaimIAT] = time.Unix() + return in + } +} + +func WithDuration(dur time.Duration) Mod { + return func(in Claims) Claims { + in[ClaimEXP] = time.Now().Add(dur).Unix() + return in + } +} + +func WithExp(time time.Time) Mod { + return func(in Claims) Claims { + in[ClaimEXP] = time.Unix() + return in + } +} diff --git a/pkg/util/token/parse.go b/pkg/util/token/parse.go new file mode 100644 index 000000000..97704f1ab --- /dev/null +++ b/pkg/util/token/parse.go @@ -0,0 +1,63 @@ +// +// DISCLAIMER +// +// Copyright 2024 ArangoDB GmbH, Cologne, Germany +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Copyright holder is ArangoDB GmbH, Cologne, Germany +// + +package token + +import ( + jg "github.com/golang-jwt/jwt" + + "github.com/arangodb/kube-arangodb/pkg/util/errors" +) + +func Parse(token string, secret []byte) (Claims, error) { + parsedToken, err := jg.Parse(token, func(token *jg.Token) (i interface{}, err error) { + return secret, nil + }) + + if err != nil { + return nil, err + } + + tokenClaims, ok := parsedToken.Claims.(jg.MapClaims) + if !ok { + return nil, errors.Errorf("Invalid token provided") + } + + return Claims(tokenClaims), nil +} + +func ParseWithAny(token string, secrets ...[]byte) (Claims, error) { + for _, secret := range secrets { + if c, err := Parse(token, secret); err != nil { + if IsSignatureInvalidError(err) { + continue + } + + return nil, err + } else { + return c, nil + } + } + + return nil, &jg.ValidationError{ + Inner: jg.ErrSignatureInvalid, + Errors: 1, + } +} diff --git a/pkg/util/token/token.go b/pkg/util/token/token.go new file mode 100644 index 000000000..4bce5de76 --- /dev/null +++ b/pkg/util/token/token.go @@ -0,0 +1,69 @@ +// +// DISCLAIMER +// +// Copyright 2024 ArangoDB GmbH, Cologne, Germany +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Copyright holder is ArangoDB GmbH, Cologne, Germany +// + +package token + +import ( + jg "github.com/golang-jwt/jwt" + + "github.com/arangodb/kube-arangodb/pkg/util/errors" +) + +const ( + ClaimISS = "iss" + ClaimISSValue = "arangodb" + ClaimEXP = "exp" + ClaimIAT = "iat" + ClaimPreferredUsername = "preferred_username" +) + +type Mod func(in Claims) Claims + +func NewClaims() Claims { + return Claims{} +} + +type Claims jg.MapClaims + +func (t Claims) With(mods ...Mod) Claims { + q := t + + if q == nil { + q = Claims{} + } + + for _, mod := range mods { + q = mod(q) + } + + return q +} + +func New(secret []byte, claims map[string]interface{}) (string, error) { + token := jg.NewWithClaims(jg.SigningMethodHS256, jg.MapClaims(claims)) + + // Sign and get the complete encoded token as a string using the secret + signedToken, err := token.SignedString(secret) + if err != nil { + return "", errors.WithStack(err) + } + + return signedToken, nil +} diff --git a/pkg/util/token/token_test.go b/pkg/util/token/token_test.go new file mode 100644 index 000000000..c90e87103 --- /dev/null +++ b/pkg/util/token/token_test.go @@ -0,0 +1,129 @@ +// +// DISCLAIMER +// +// Copyright 2024 ArangoDB GmbH, Cologne, Germany +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Copyright holder is ArangoDB GmbH, Cologne, Germany +// + +package token + +import ( + "testing" + "time" + + "github.com/stretchr/testify/require" + + "github.com/arangodb/kube-arangodb/pkg/util" +) + +func secret() []byte { + d := make([]byte, 32) + + util.Rand().Read(d) + + return d +} + +func sign(t *testing.T, secret []byte, mods ...Mod) string { + token, err := New(secret, NewClaims().With(mods...)) + require.NoError(t, err) + return token +} + +func Test_TokenSign(t *testing.T) { + t.Run("Signed properly token", func(t *testing.T) { + s := secret() + + token := sign(t, s, WithCurrentIAT()) + + claims, err := Parse(token, s) + require.NoError(t, err) + + require.Contains(t, claims, ClaimIAT) + }) + + t.Run("Signed in future token", func(t *testing.T) { + s := secret() + + token := sign(t, s, WithIAT(time.Now().Add(time.Hour))) + + _, err := Parse(token, s) + require.EqualError(t, err, "Token used before issued") + }) + + t.Run("Expired", func(t *testing.T) { + s := secret() + + token := sign(t, s, WithIAT(time.Now().Add(-time.Hour)), WithDuration(-time.Second)) + + _, err := Parse(token, s) + require.EqualError(t, err, "Token is expired") + }) + + t.Run("Invalid secret", func(t *testing.T) { + s := secret() + s2 := secret() + + token := sign(t, s, WithCurrentIAT()) + + _, err := Parse(token, s2) + require.EqualError(t, err, "signature is invalid") + require.True(t, IsSignatureInvalidError(err)) + }) + + t.Run("Signed properly token with first", func(t *testing.T) { + s := secret() + s2 := secret() + + token := sign(t, s, WithCurrentIAT()) + + claims, err := ParseWithAny(token, s, s2) + require.NoError(t, err) + + require.Contains(t, claims, ClaimIAT) + }) + + t.Run("Signed properly token with second", func(t *testing.T) { + s := secret() + s2 := secret() + + token := sign(t, s, WithCurrentIAT()) + + claims, err := ParseWithAny(token, s2, s) + require.NoError(t, err) + + require.Contains(t, claims, ClaimIAT) + }) + + t.Run("Without secrets", func(t *testing.T) { + s := secret() + + token := sign(t, s, WithCurrentIAT()) + + _, err := ParseWithAny(token) + require.True(t, IsSignatureInvalidError(err)) + }) + + t.Run("Expired with second", func(t *testing.T) { + s := secret() + s2 := secret() + + token := sign(t, s, WithIAT(time.Now().Add(-time.Hour)), WithDuration(-time.Second)) + + _, err := ParseWithAny(token, s2, s) + require.EqualError(t, err, "Token is expired") + }) +} From 3b6ae18a4661d4fac08e340cb03939b5dddaad46 Mon Sep 17 00:00:00 2001 From: ajanikow <12255597+ajanikow@users.noreply.github.com> Date: Tue, 13 Feb 2024 14:59:52 +0000 Subject: [PATCH 2/2] Iter --- go.mod | 12 ----------- go.sum | 66 ---------------------------------------------------------- 2 files changed, 78 deletions(-) diff --git a/go.mod b/go.mod index ee82348d4..343fcdf4f 100644 --- a/go.mod +++ b/go.mod @@ -94,7 +94,6 @@ require ( github.com/google/gnostic-models v0.6.8 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect - github.com/hashicorp/hcl v1.0.0 // indirect github.com/imdario/mergo v0.3.6 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/josharian/intern v1.0.0 // indirect @@ -105,7 +104,6 @@ require ( github.com/mailru/easyjson v0.7.7 // indirect github.com/mattn/go-isatty v0.0.19 // indirect github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect - github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/moby/spdystream v0.2.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect @@ -115,20 +113,11 @@ require ( github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/prometheus/common v0.44.0 // indirect github.com/prometheus/procfs v0.10.1 // indirect - github.com/sagikazarmark/locafero v0.4.0 // indirect - github.com/sagikazarmark/slog-shim v0.1.0 // indirect - github.com/sourcegraph/conc v0.3.0 // indirect - github.com/spf13/afero v1.11.0 // indirect - github.com/spf13/cast v1.6.0 // indirect - github.com/spf13/viper v1.18.2 // indirect github.com/stretchr/objx v0.4.0 // indirect - github.com/subosito/gotenv v1.6.0 // indirect github.com/twitchyliquid64/golang-asm v0.15.1 // indirect github.com/ugorji/go/codec v1.2.11 // indirect - go.uber.org/multierr v1.11.0 // indirect golang.org/x/arch v0.3.0 // indirect golang.org/x/crypto v0.18.0 // indirect - golang.org/x/exp v0.0.0-20240205201215-2c58cdc269a3 // indirect golang.org/x/net v0.20.0 // indirect golang.org/x/oauth2 v0.15.0 // indirect golang.org/x/term v0.16.0 // indirect @@ -136,7 +125,6 @@ require ( google.golang.org/appengine v1.6.8 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20240102182953-50ed04b92917 // indirect gopkg.in/inf.v0 v0.9.1 // indirect - gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect k8s.io/klog/v2 v2.100.1 // indirect k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 // indirect diff --git a/go.sum b/go.sum index 34f198384..446d91115 100644 --- a/go.sum +++ b/go.sum @@ -603,8 +603,6 @@ github.com/JohnCGriffin/overflow v0.0.0-20211019200055-46fa312c352c/go.mod h1:X0 github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMomdKFjzJNB0c= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= -github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= github.com/ajstarks/deck v0.0.0-20200831202436-30c9fc6549a9/go.mod h1:JynElWSGnm/4RlzPXRlREEwqTHAN3T56Bv2ITsFT3gY= github.com/ajstarks/deck/generate v0.0.0-20210309230005-c3f852c02e19/go.mod h1:T13YZdzov6OU0A1+RfKZiZN9ca6VeKdBdyDV+BY97Tk= github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw= @@ -708,7 +706,6 @@ github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ3 github.com/creack/pty v1.1.11/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -752,7 +749,6 @@ github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nos github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= github.com/gabriel-vasile/mimetype v1.4.2 h1:w5qFW6JKBz9Y393Y4q372O9A7cUSequkh1Q7OhCmWKU= github.com/gabriel-vasile/mimetype v1.4.2/go.mod h1:zApsH/mKG4w07erKIaJPFiX0Tsq9BFQgN3qGY5GnNgA= -github.com/getkin/kin-openapi v0.76.0/go.mod h1:660oXbgy5JFMKreazJaQTw7o+X00qeSyhcnluiMv+Xg= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE= github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI= @@ -787,17 +783,11 @@ github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-logr/zapr v1.2.3/go.mod h1:eIauM6P8qSvTw5o2ez6UEAfGjQKrxQTl5EoK+Qa2oG4= -github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= -github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= -github.com/go-openapi/jsonreference v0.19.5/go.mod h1:RdybgQwPxbL4UEjuAruzK1x3nE69AqPYEJeo/TWfEeg= github.com/go-openapi/jsonreference v0.20.1/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= github.com/go-pdf/fpdf v0.5.0/go.mod h1:HzcnA+A23uwogo0tp9yU+l3V+KXhiESpt1PMayhOh5M= @@ -870,7 +860,6 @@ github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA= github.com/google/cel-go v0.16.1/go.mod h1:HXZKzB0LXqer5lHHgfWAnlYwJaQBDKMjxjulNQzhwhY= github.com/google/flatbuffers v2.0.8+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8= -github.com/google/gnostic v0.5.7-v3refs/go.mod h1:73MKFl6jIHelAJNaBGFzt3SPtZULs9dYrGFt8OiIsHQ= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= @@ -919,8 +908,6 @@ github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLe github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= -github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4= github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/enterprise-certificate-proxy v0.0.0-20220520183353-fd19c99a87aa/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8= @@ -942,7 +929,6 @@ github.com/googleapis/gax-go/v2 v2.7.1/go.mod h1:4orTrqY6hXxxaUL4LHIPl6lGo8vAE38 github.com/googleapis/go-type-adapters v1.0.0/go.mod h1:zHW75FOG2aur7gAO2B+MLby+cLsWGBF62rFAi7WjWO4= github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= @@ -967,7 +953,6 @@ github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/b github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= @@ -1035,13 +1020,8 @@ github.com/lyft/protoc-gen-star v0.6.0/go.mod h1:TGAoBVkt8w7MPG72TrKIu85MIdXwDuz github.com/lyft/protoc-gen-star v0.6.1/go.mod h1:TGAoBVkt8w7MPG72TrKIu85MIdXwDuzJYeZuUPFPNwA= github.com/lyft/protoc-gen-star/v2 v2.0.1/go.mod h1:RcCdONR2ScXaYnQC5tUzxzlpA3WVYF7/opLeUgcQs/o= github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= -github.com/magiconair/properties v1.8.5 h1:b6kJs+EmPFMYGkow9GiUyCyOvIwYetYJ3fSaWak/Gls= -github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY= github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0= -github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= @@ -1065,8 +1045,6 @@ github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS4 github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY= github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= -github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8= github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= github.com/moby/term v0.0.0-20221205130635-1aeaba878587/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y= @@ -1083,7 +1061,6 @@ github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8m github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= @@ -1124,8 +1101,6 @@ github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FI github.com/pavel-v-chernykh/keystore-go v2.1.0+incompatible h1:Jd6xfriVlJ6hWPvYOE0Ni0QWcNTLRehfGPFxr3eSL80= github.com/pavel-v-chernykh/keystore-go v2.1.0+incompatible/go.mod h1:xlUlxe/2ItGlQyMTstqeDv9r3U4obH7xYd26TbDQutY= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= -github.com/pelletier/go-toml/v2 v2.0.8 h1:0ctb6s9mE31h0/lhu+J6OPmVeDxJn+kYnJc2jZR9tGQ= -github.com/pelletier/go-toml/v2 v2.0.8/go.mod h1:vuYfssBdrU2XDZ9bYydBu6t+6a6PYNcZljzZR9VXg+4= github.com/pelletier/go-toml/v2 v2.1.1 h1:LWAJwfNvjQZCFIDKWYQaM62NcYeYViCmWIwmOStowAI= github.com/pelletier/go-toml/v2 v2.1.1/go.mod h1:tJU2Z3ZkXwnxa4DPO899bsyIoywizdUvyaeZurnPPDc= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= @@ -1140,7 +1115,6 @@ github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI= github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= @@ -1209,10 +1183,6 @@ github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQD github.com/ruudk/golang-pdf417 v0.0.0-20181029194003-1af4ab5afa58/go.mod h1:6lfFZQK844Gfx8o5WFuvpxWRwnSoipWe/p622j1v06w= github.com/ruudk/golang-pdf417 v0.0.0-20201230142125-a7e3863a1245/go.mod h1:pQAZKsJ8yyVxGRWYNEm9oFB8ieLgKFnamEyDmSA0BRk= github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= -github.com/sagikazarmark/locafero v0.4.0 h1:HApY1R9zGo4DBgr7dqsTH/JJxLTTsOt7u6keLGt6kNQ= -github.com/sagikazarmark/locafero v0.4.0/go.mod h1:Pe1W6UlPYUk/+wc/6KFhbORCfqzgYEpgQ3O5fPuL3H4= -github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6gto+ugjYE= -github.com/sagikazarmark/slog-shim v0.1.0/go.mod h1:SrcSrq8aKtyuqEI1uvTDTK1arOWRIczQRv+GVI1AkeQ= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= @@ -1225,21 +1195,14 @@ github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1 github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= github.com/soheilhy/cmux v0.1.5/go.mod h1:T7TcVDs9LWfQgPlPsdngu6I6QIoyIFZDDC6sNE1GqG0= -github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9ySo= -github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= github.com/spf13/afero v1.3.3/go.mod h1:5KUK8ByomD5Ti5Artl0RtHeI5pTF7MIDuXL3yY520V4= github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I= github.com/spf13/afero v1.9.2/go.mod h1:iUV7ddyEEZPO5gA3zD4fJt6iStLlL+Lg4m2cihcDf8Y= -github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8= -github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY= github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cast v1.6.0 h1:GEiTHELF+vaR5dhz3VqZfFSzZjYbgeKDpBxQVS4GYJ0= -github.com/spf13/cast v1.6.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo= -github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I= github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= @@ -1248,8 +1211,6 @@ github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnIn github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v1.7.0/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg= -github.com/spf13/viper v1.18.2 h1:LUXCnvUvSM6FXAsj6nnfc8Q2tp1dIgUfY9Kc8GsSOiQ= -github.com/spf13/viper v1.18.2/go.mod h1:EKmWIqdnk5lOcmR72yw6hS+8OPYcwD0jteitLMVB+yk= github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= @@ -1258,8 +1219,6 @@ github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSS github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= -github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8= -github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20220101234140-673ab2c3ae75/go.mod h1:KO6IkyS8Y3j8OdNO85qEYBsRPuteD+YciPomcXdrMnk= @@ -1327,7 +1286,6 @@ go.uber.org/goleak v1.2.0/go.mod h1:XJYK+MuIchqpmGmUSAzotztawfKvYLUIgg7guXrwVUo= go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= -go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo= @@ -1349,8 +1307,6 @@ golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= -golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k= -golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc= golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -1369,8 +1325,6 @@ golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EH golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e/go.mod h1:Kr81I6Kryrl9sr8s2FK3vxD90NdsKWRuOIl2O4CvYbA= golang.org/x/exp v0.0.0-20220827204233-334a2380cb91/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE= -golang.org/x/exp v0.0.0-20240205201215-2c58cdc269a3 h1:/RIbNt/Zr7rVhIkQhooTxCxFcdWLGIKnZA4IXNFSrvo= -golang.org/x/exp v0.0.0-20240205201215-2c58cdc269a3/go.mod h1:idGWGoKP1toJGkd5/ig9ZLuPcZBC3ewk7SzmH0uou08= golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86hEcLt0YII63i6oz57MZXIpbrjZUs= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= @@ -1434,7 +1388,6 @@ golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLL golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -1490,8 +1443,6 @@ golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= -golang.org/x/net v0.19.0 h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c= -golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo= golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -1524,8 +1475,6 @@ golang.org/x/oauth2 v0.5.0/go.mod h1:9/XBHVqLaWO3/BRHs5jbpYCnOZVjj5V0ndyaAM7KB4I golang.org/x/oauth2 v0.6.0/go.mod h1:ycmewcwgD4Rpr3eZJLSB4Kyyljb3qDh40vJ8STE5HKw= golang.org/x/oauth2 v0.7.0/go.mod h1:hPLQkd9LyjfXTiRohC/41GhcFqxisoUQ99sCUOHO9x4= golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE= -golang.org/x/oauth2 v0.13.0 h1:jDDenyj+WgFtmV3zYVoi8aE2BwtXFLWOA67ZfNWftiY= -golang.org/x/oauth2 v0.13.0/go.mod h1:/JMhi4ZRXAf4HG9LiNmxvk+45+96RUlVThiH8FzNBn0= golang.org/x/oauth2 v0.15.0 h1:s8pnnxNVzjWyrvYdFUQq5llS1PX2zhPXmccZv99h7uQ= golang.org/x/oauth2 v0.15.0/go.mod h1:q48ptWNTY5XWf+JNten23lcvHpLJ0ZSxF5ttTHKVCAM= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -1545,8 +1494,6 @@ golang.org/x/sync v0.0.0-20220819030929-7fc1605a5dde/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20220929204114-8fcdb60fdcc0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.2.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.4.0 h1:zxkM55ReGkDlKSM+Fu41A+zmbZuaPVbGMzvvdUPznYQ= -golang.org/x/sync v0.4.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ= golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -1666,8 +1613,6 @@ golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= -golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4= -golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= golang.org/x/term v0.16.0 h1:m+B6fahuftsE9qjo0VWp2FW0mB3MTJvR0BaMQrq0pmE= golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1695,7 +1640,6 @@ golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxb golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20220922220347-f3bd1da661af/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.1.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= @@ -1773,8 +1717,6 @@ golang.org/x/tools v0.4.0/go.mod h1:UE5sM2OK9E/d67R0ANs2xJizIymRP5gJU295PvKXxjQ= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s= golang.org/x/tools v0.8.0/go.mod h1:JxBZ99ISMI5ViVkT1tr6tdNmXeTrcpVSD3vZ1RsRdN4= -golang.org/x/tools v0.12.0 h1:YW6HUoUmYBpwSgyaGaZq1fHjrBjX1rlpZ54T6mu2kss= -golang.org/x/tools v0.12.0/go.mod h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM= golang.org/x/tools v0.17.0 h1:FvmRgNOcs3kOa+T20R1uhfP9F6HgG2mfxDv1vrx1Htc= golang.org/x/tools v0.17.0/go.mod h1:xsh6VxdV005rRVaS6SSAf9oiAqljS7UZUacMZ8Bnsps= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -1891,7 +1833,6 @@ google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= @@ -2070,7 +2011,6 @@ gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLks gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= @@ -2078,8 +2018,6 @@ gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMy gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= -gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= gopkg.in/natefinch/lumberjack.v2 v2.2.1/go.mod h1:YD8tP3GAjkrDg1eZH7EGmyESg/lsYskCTPBJVb9jqSc= gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= @@ -2096,7 +2034,6 @@ gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= @@ -2119,16 +2056,13 @@ k8s.io/client-go v0.28.5 h1:6UNmc33vuJhh3+SAOEKku3QnKa+DtPKGnhO2MR0IEbk= k8s.io/client-go v0.28.5/go.mod h1:+pt086yx1i0HAlHzM9S+RZQDqdlzuXFl4hY01uhpcpA= k8s.io/component-base v0.28.5/go.mod h1:gw2d8O28okS9RrsPuJnD2mFl2It0HH9neHiGi2xoXcY= k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= -k8s.io/gengo v0.0.0-20211129171323-c02415ce4185/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/gengo v0.0.0-20220902162205-c0856e24416d/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/klog/v2 v2.70.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/kms v0.28.5/go.mod h1:BuOJ8gZRpTFPw4g/OXNfy9ljhuG+U2mT8SK3+3TuCxs= -k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1/go.mod h1:C/N6wCaBHeBHkHUesQOQy2/MZqGgMAFPqGsGQLdbZBU= k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ= k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM= k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=