diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index d5efd1a8d1..427e40c039 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -108,7 +108,7 @@ jobs:
repository: boundary
version: ${{ needs.set-product-version.outputs.product-version }}
product: ${{ env.PKG_NAME }}
- - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+ - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
with:
name: metadata.json
path: ${{ steps.generate-metadata-file.outputs.filepath }}
@@ -279,12 +279,12 @@ jobs:
echo "RPM_PACKAGE=$(basename out/*.rpm)" >> "$GITHUB_ENV"
echo "DEB_PACKAGE=$(basename out/*.deb)" >> "$GITHUB_ENV"
- name: Upload RPM package
- uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+ uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
with:
name: ${{ env.RPM_PACKAGE }}
path: out/${{ env.RPM_PACKAGE }}
- name: Upload DEB package
- uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+ uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
with:
name: ${{ env.DEB_PACKAGE }}
path: out/${{ env.DEB_PACKAGE }}
@@ -380,6 +380,7 @@ jobs:
arch: ${{ matrix.arch }}
tags: |
docker.io/hashicorp/${{ env.repo }}:${{ env.version }}
+ docker.io/hashicorp/${{ env.repo }}:${{ env.version }}_${{ github.sha }}
public.ecr.aws/hashicorp/${{ env.repo }}:${{ env.version }}
# Per-commit dev images follow the naming convention MAJOR.MINOR-dev
# And MAJOR.MINOR-dev-$COMMITSHA
diff --git a/.github/workflows/enos-run.yml b/.github/workflows/enos-run.yml
index 4428ef96a7..65aae3851a 100644
--- a/.github/workflows/enos-run.yml
+++ b/.github/workflows/enos-run.yml
@@ -218,7 +218,7 @@ jobs:
run: |
mv ${{ steps.download-docker.outputs.download-path }}/*.tar enos/support/boundary_docker_image.tar
- name: Set up Node.js
- uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
+ uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
if: contains(matrix.filter, 'e2e_ui')
with:
node-version: '16.x'
@@ -266,7 +266,7 @@ jobs:
SCENARIO=$(echo "${{ matrix.filter }}" | cut -d' ' -f1)
echo fragment="${SCENARIO}" >> "$GITHUB_OUTPUT"
- name: Upload e2e tests output
- uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+ uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
with:
name: test-${{ steps.split.outputs.fragment }}
path: enos/*.log
@@ -279,7 +279,7 @@ jobs:
docker logs database
- name: Upload e2e UI tests debug info
if: contains(matrix.filter, 'e2e_ui') && steps.run.outcome == 'failure'
- uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+ uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
with:
name: test-e2e-ui-debug
path: enos/support/src/boundary-ui/ui/admin/tests/e2e/artifacts/test-failures
@@ -292,7 +292,7 @@ jobs:
enos scenario launch --timeout 60m0s --chdir ./enos ${{ matrix.filter }}
- name: Upload Debug Data
if: ${{ always() && steps.run_retry.outcome == 'failure' }}
- uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+ uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
with:
# The name of the artifact is the same as the matrix scenario name with the spaces replaced with underscores and colons replaced by equals.
name: ${{ steps.prepare_scenario.outputs.debug_data_artifact_name }}
@@ -327,7 +327,7 @@ jobs:
env
find ./enos -name "scenario.tf" -exec cat {} \;
- name: Send Slack message if Run and Retry fails (or if something else went wrong)
- uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0
+ uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0
# steps.run.outcome reports as failure when there is an error in `Run Enos scenario`
# failure() captures errors before `Run Enos scenario`
# failure() does not capture errors in `Run Enos scenario` due to continue-on-error
@@ -341,7 +341,7 @@ jobs:
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_TOKEN }}
- name: Send Slack message if Run but Retry passes
- uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0
+ uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0
if: ${{ steps.run.outcome == 'failure' && steps.run_retry.outcome != 'failure' }}
with:
channel-id: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_CHANNEL_ID }}
diff --git a/.github/workflows/fuzz.yml b/.github/workflows/fuzz.yml
index ad74a3d2cc..f4ab831657 100644
--- a/.github/workflows/fuzz.yml
+++ b/.github/workflows/fuzz.yml
@@ -49,7 +49,7 @@ jobs:
run: go test ./internal/perms -fuzz=FuzzParse -fuzztime=30s
- name: Upload fuzz failure seed corpus as run artifact
if: failure()
- uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+ uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
with:
name: fuzz-corpus
path: ./internal/perms/testdata/fuzz
diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml
index d2d485ef13..eae85bd806 100644
--- a/.github/workflows/security-scan.yml
+++ b/.github/workflows/security-scan.yml
@@ -34,7 +34,7 @@ jobs:
cache: false
- name: Set up Python
- uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
+ uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
with:
python-version: 3.x
@@ -42,7 +42,7 @@ jobs:
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
repository: hashicorp/security-scanner
- token: ${{ secrets.PRODSEC_SCANNER_READ_ONLY }}
+ token: ${{ secrets.HASHIBOT_PRODSEC_GITHUB_TOKEN }}
path: security-scanner
ref: main
@@ -64,7 +64,7 @@ jobs:
python3 -m pip install semgrep==1.45.0
# CodeQL
- LATEST=$(gh release list --repo https://github.com/github/codeql-action | cut -f 3 | grep codeql-bundle- | sort --version-sort | tail -n1)
+ LATEST=$(gh release list --repo https://github.com/github/codeql-action | cut -f 3 | sort --version-sort | tail -n1)
gh release download --repo https://github.com/github/codeql-action --pattern codeql-bundle-linux64.tar.gz "$LATEST"
tar xf codeql-bundle-linux64.tar.gz -C "$HOME/.bin"
@@ -79,7 +79,7 @@ jobs:
repository: "$PWD"
- name: Upload SARIF file
- uses: github/codeql-action/upload-sarif@5618c9fc1e675841ca52c1c6b1304f5255a905a0 # codeql-bundle-v2.19.0
+ uses: github/codeql-action/upload-sarif@5c02493ebfd65b28fd3b082c65e5af2cd745d91f # codeql-bundle-v2.18.2
with:
sarif_file: results.sarif
diff --git a/.github/workflows/test-cli-ui_oss.yml b/.github/workflows/test-cli-ui_oss.yml
index de52043355..5cf9d548b9 100644
--- a/.github/workflows/test-cli-ui_oss.yml
+++ b/.github/workflows/test-cli-ui_oss.yml
@@ -36,7 +36,7 @@ jobs:
path: /tmp/bats-cli-ui-deps
key: enos-bats-cli-ui-deps-jq-1.6-password-store-1.7.4-vault-1.12.2
- name: Set up Node for Bats install
- uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
+ uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
with:
node-version: 16
- name: Install Bats via NPM
@@ -112,7 +112,7 @@ jobs:
make -C internal/tests/cli test-vault-down
- name: Send Slack message
if: ${{ failure() }}
- uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0
+ uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0
with:
channel-id: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_CHANNEL_ID }}
payload: |
diff --git a/.go-version b/.go-version
index 49e0a31d49..ac1df3fce3 100644
--- a/.go-version
+++ b/.go-version
@@ -1 +1 @@
-1.23.1
+1.23.3
diff --git a/.release/security-scan.hcl b/.release/security-scan.hcl
index da2c1a239d..afe49295c3 100644
--- a/.release/security-scan.hcl
+++ b/.release/security-scan.hcl
@@ -5,6 +5,13 @@ container {
dependencies = true
alpine_secdb = true
secrets = false
+
+ triage {
+ suppress {
+ // Suppress wget vulnerability
+ vulnerabilities = ["CVE-2024-10524"]
+ }
+ }
}
binary {
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8252051138..9a1ea9fadf 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,13 +2,6 @@
Canonical reference for changes, improvements, and bugfixes for Boundary.
-## Next
-
-### New and Improved
-
-* Introduces soft-delete for users within the client cache.
- ([PR](https://github.com/hashicorp/boundary/pull/5173)).
-
## 0.18.1 (2024/11/21)
### New and Improved
diff --git a/CODEOWNERS b/CODEOWNERS
index faecb08c90..cf8401253b 100644
--- a/CODEOWNERS
+++ b/CODEOWNERS
@@ -1,11 +1,6 @@
# These owners will be the default owners for everything in
# the repo, unless a later match takes precedence.
-* @hashicorp/boundary
-
-# release configuration
-
-/.release/ @hashicorp/github-secure-boundary
-/.github/workflows/build.yml @hashicorp/github-secure-boundary
+@hashicorp/boundary
# education
diff --git a/api/go.mod b/api/go.mod
index 72c841775c..5859d115f3 100644
--- a/api/go.mod
+++ b/api/go.mod
@@ -1,11 +1,11 @@
module github.com/hashicorp/boundary/api
-go 1.23.1
+go 1.23.3
require (
github.com/hashicorp/boundary/sdk v0.0.48
github.com/hashicorp/go-cleanhttp v0.5.2
- github.com/hashicorp/go-kms-wrapping/v2 v2.0.14
+ github.com/hashicorp/go-kms-wrapping/v2 v2.0.16
github.com/hashicorp/go-retryablehttp v0.7.7
github.com/hashicorp/go-rootcerts v1.0.2
github.com/hashicorp/go-secure-stdlib/base62 v0.1.2
@@ -19,7 +19,7 @@ require (
go.uber.org/atomic v1.11.0
golang.org/x/time v0.3.0
google.golang.org/grpc v1.61.0
- google.golang.org/protobuf v1.34.2
+ google.golang.org/protobuf v1.33.0
nhooyr.io/websocket v1.8.10
)
diff --git a/api/go.sum b/api/go.sum
index 90af95ffe3..ccb30a5010 100644
--- a/api/go.sum
+++ b/api/go.sum
@@ -40,8 +40,8 @@ github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB1
github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM=
github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ=
+github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0=
+github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ=
github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
github.com/hashicorp/go-plugin v1.5.2 h1:aWv8eimFqWlsEiMrYZdPYl+FdHaBJSN4AWwGWfT1G2Y=
@@ -189,8 +189,8 @@ google.golang.org/grpc v1.61.0 h1:TOvOcuXn30kRao+gfcvsebNEa5iZIiLkisYEkf7R7o0=
google.golang.org/grpc v1.61.0/go.mod h1:VUbo7IFqmF1QtCAstipjG0GIoq49KvMe9+h1jFLBNJs=
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
-google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
+google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
+google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
diff --git a/enos/ci/bootstrap/main.tf b/enos/ci/bootstrap/main.tf
index 1b9f952fb6..3c778c49ce 100644
--- a/enos/ci/bootstrap/main.tf
+++ b/enos/ci/bootstrap/main.tf
@@ -4,8 +4,7 @@
terraform {
required_providers {
aws = {
- source = "hashicorp/aws"
- version = "5.72.1"
+ source = "hashicorp/aws"
}
}
diff --git a/enos/ci/service-user-iam/main.tf b/enos/ci/service-user-iam/main.tf
index c52cc6e4de..a8c2fd4d6e 100644
--- a/enos/ci/service-user-iam/main.tf
+++ b/enos/ci/service-user-iam/main.tf
@@ -119,7 +119,6 @@ data "aws_iam_policy_document" "enos_policy_document" {
"ec2:RevokeSecurityGroupIngress",
"ec2:RunInstances",
"ec2:TerminateInstances",
- "ec2:UnassignIpv6Addresses",
"elasticloadbalancing:AddTags",
"elasticloadbalancing:ApplySecurityGroupsToLoadBalancer",
"elasticloadbalancing:AttachLoadBalancerToSubnets",
@@ -133,7 +132,6 @@ data "aws_iam_policy_document" "enos_policy_document" {
"elasticloadbalancing:DeleteRule",
"elasticloadbalancing:DeleteTargetGroup",
"elasticloadbalancing:DeregisterTargets",
- "elasticloadbalancing:DescribeListenerAttributes",
"elasticloadbalancing:DescribeListeners",
"elasticloadbalancing:DescribeLoadBalancerAttributes",
"elasticloadbalancing:DescribeLoadBalancers",
diff --git a/enos/enos.hcl b/enos/enos.hcl
index d71352c566..5bd1d82a53 100644
--- a/enos/enos.hcl
+++ b/enos/enos.hcl
@@ -14,8 +14,7 @@ terraform "default" {
}
aws = {
- source = "hashicorp/aws"
- version = "5.72.1"
+ source = "hashicorp/aws"
}
}
}
diff --git a/enos/modules/docker_openssh_server_ca_key/custom-cont-init.d/00-trust-user-ca b/enos/modules/docker_openssh_server_ca_key/custom-cont-init.d/00-trust-user-ca
index 00cd08e724..de348a417a 100644
--- a/enos/modules/docker_openssh_server_ca_key/custom-cont-init.d/00-trust-user-ca
+++ b/enos/modules/docker_openssh_server_ca_key/custom-cont-init.d/00-trust-user-ca
@@ -2,13 +2,13 @@
# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: BUSL-1.1
-cp /ca/ca-key.pub /etc/ssh/ca-key.pub
-chown 1000:1000 /etc/ssh/ca-key.pub
-chmod 644 /etc/ssh/ca-key.pub
-echo TrustedUserCAKeys /etc/ssh/ca-key.pub >> /etc/ssh/sshd_config
-echo PermitTTY yes >> /etc/ssh/sshd_config
-sed -i 's/X11Forwarding no/X11Forwarding yes/' /etc/ssh/sshd_config
-echo "X11UseLocalhost no" >> /etc/ssh/sshd_config
+cp /ca/ca-key.pub /config/sshd/ca-key.pub
+chown 1000:1000 /config/sshd/ca-key.pub
+chmod 644 /config/sshd/ca-key.pub
+echo TrustedUserCAKeys /config/sshd/ca-key.pub >> /config/sshd/sshd_config
+echo PermitTTY yes >> /config/sshd/sshd_config
+sed -i 's/X11Forwarding no/X11Forwarding yes/' /config/sshd/sshd_config
+echo "X11UseLocalhost no" >> /config/sshd/sshd_config
apk update
apk add xterm util-linux dbus ttf-freefont xauth firefox
diff --git a/enos/modules/docker_openssh_server_ca_key/custom-cont-init.d/01-allow-tcp-forwarding b/enos/modules/docker_openssh_server_ca_key/custom-cont-init.d/01-allow-tcp-forwarding
new file mode 100644
index 0000000000..b5f589da23
--- /dev/null
+++ b/enos/modules/docker_openssh_server_ca_key/custom-cont-init.d/01-allow-tcp-forwarding
@@ -0,0 +1,5 @@
+#!/usr/bin/with-contenv bash
+# Copyright (c) HashiCorp, Inc.
+# SPDX-License-Identifier: BUSL-1.1
+
+sed -i 's/AllowTcpForwarding no/AllowTcpForwarding yes/' /config/sshd/sshd_config
diff --git a/enos/modules/docker_openssh_server_ca_key/main.tf b/enos/modules/docker_openssh_server_ca_key/main.tf
index c6cd4bab6c..cf1441aefe 100644
--- a/enos/modules/docker_openssh_server_ca_key/main.tf
+++ b/enos/modules/docker_openssh_server_ca_key/main.tf
@@ -61,9 +61,14 @@ locals {
ca_public_key = data.tls_public_key.ca_key.public_key_openssh
}
+data "docker_registry_image" "openssh" {
+ name = var.image_name
+}
+
resource "docker_image" "openssh_server" {
- name = var.image_name
- keep_locally = true
+ name = var.image_name
+ keep_locally = true
+ pull_triggers = [data.docker_registry_image.openssh.sha256_digest]
}
resource "docker_container" "openssh_server" {
@@ -75,6 +80,7 @@ resource "docker_container" "openssh_server" {
"TZ=US/Eastern",
"USER_NAME=${var.target_user}",
"PUBLIC_KEY=${local.ssh_public_key}",
+ "SUDO_ACCESS=true",
]
network_mode = "bridge"
dynamic "networks_advanced" {
diff --git a/go.mod b/go.mod
index 0b385c1c8d..a32559cce3 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
module github.com/hashicorp/boundary
-go 1.23.1
+go 1.23.3
replace github.com/hashicorp/boundary/api => ./api
@@ -66,10 +66,10 @@ require (
github.com/stretchr/testify v1.9.0
github.com/zalando/go-keyring v0.2.3
go.uber.org/atomic v1.11.0
- golang.org/x/crypto v0.29.0
- golang.org/x/sync v0.9.0
- golang.org/x/sys v0.27.0
- golang.org/x/term v0.26.0
+ golang.org/x/crypto v0.25.0
+ golang.org/x/sync v0.7.0
+ golang.org/x/sys v0.22.0
+ golang.org/x/term v0.22.0
golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d
google.golang.org/genproto v0.0.0-20240205150955-31a09d347014
google.golang.org/grpc v1.61.1
@@ -91,7 +91,7 @@ require (
github.com/golang/protobuf v1.5.3
github.com/hashicorp/cap/ldap v0.0.0-20240206183135-ed8f24513744
github.com/hashicorp/dbassert v0.0.0-20231012105025-1bc1bd88e22b
- github.com/hashicorp/go-kms-wrapping/extras/kms/v2 v2.0.0-20231219183231-6bac757bb482
+ github.com/hashicorp/go-kms-wrapping/extras/kms/v2 v2.0.0-20241126174344-f3b1a41a15fd
github.com/hashicorp/go-rate v0.0.0-20231204194614-cc8d401f70ab
github.com/hashicorp/go-version v1.6.0
github.com/hashicorp/nodeenrollment v0.2.13
@@ -102,7 +102,7 @@ require (
github.com/mikesmitty/edkey v0.0.0-20170222072505-3356ea4e686a
github.com/sevlyar/go-daemon v0.1.6
golang.org/x/exp v0.0.0-20240205201215-2c58cdc269a3
- golang.org/x/net v0.31.0
+ golang.org/x/net v0.25.0
google.golang.org/genproto/googleapis/api v0.0.0-20240205150955-31a09d347014
)
@@ -223,7 +223,7 @@ require (
github.com/xo/dburl v0.23.1 // indirect
golang.org/x/mod v0.17.0 // indirect
golang.org/x/oauth2 v0.17.0 // indirect
- golang.org/x/text v0.20.0
+ golang.org/x/text v0.16.0
golang.org/x/time v0.5.0 // indirect
google.golang.org/appengine v1.6.8 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20240205150955-31a09d347014 // indirect
diff --git a/go.sum b/go.sum
index 201c1a352c..639ad523fa 100644
--- a/go.sum
+++ b/go.sum
@@ -205,8 +205,8 @@ github.com/hashicorp/go-dbw v0.1.5-0.20240909162114-6cee92b3da36 h1:rPD+2QPhCLq8
github.com/hashicorp/go-dbw v0.1.5-0.20240909162114-6cee92b3da36/go.mod h1:/YHbfK7mgG9k09aB74Imw3fEOwno0eTtlFTTYGZ7SFk=
github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k=
github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
-github.com/hashicorp/go-kms-wrapping/extras/kms/v2 v2.0.0-20231219183231-6bac757bb482 h1:1DqTnLaNk658AEenlF4PNGYd9b1hXE/+0jSOBIGOAms=
-github.com/hashicorp/go-kms-wrapping/extras/kms/v2 v2.0.0-20231219183231-6bac757bb482/go.mod h1:323uN1BJ6bc9F1U6DPvgmLTVlBlMMnOIRrzCd5ZDee0=
+github.com/hashicorp/go-kms-wrapping/extras/kms/v2 v2.0.0-20241126174344-f3b1a41a15fd h1:CmPn4FXkYbPgmIqAKU970nXOEWW0u2RYZ7NnB6f7jkQ=
+github.com/hashicorp/go-kms-wrapping/extras/kms/v2 v2.0.0-20241126174344-f3b1a41a15fd/go.mod h1:8G70jr/DzTk81B2Z+bXnvqWHwPq6GkoRWagyZsbX0U0=
github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 h1:gM4OwbF16Cmfxt2QMkoGMQbRTfYFZLvDMPgU3rM3KIo=
github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7/go.mod h1:7ZMHVluyqgHgEuTADeDzFNWoA9mnyPfdiK8Tk2Bct1c=
github.com/hashicorp/go-kms-wrapping/v2 v2.0.17-0.20240313190905-91d44aa8e360 h1:AgzTis5Y2hKvmluFZH7V6+evaB1LoKT1KKjXysywyRI=
@@ -547,8 +547,8 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y
golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4=
golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
-golang.org/x/crypto v0.29.0 h1:L5SG1JTTXupVV3n6sUqMTeWbjAyfPwoda2DLX8J8FrQ=
-golang.org/x/crypto v0.29.0/go.mod h1:+F4F4N5hv6v38hfeYwTdx20oUvLLc+QfrE9Ax9HtgRg=
+golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30=
+golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20240205201215-2c58cdc269a3 h1:/RIbNt/Zr7rVhIkQhooTxCxFcdWLGIKnZA4IXNFSrvo=
golang.org/x/exp v0.0.0-20240205201215-2c58cdc269a3/go.mod h1:idGWGoKP1toJGkd5/ig9ZLuPcZBC3ewk7SzmH0uou08=
@@ -583,8 +583,8 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug
golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
-golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo=
-golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM=
+golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac=
+golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.17.0 h1:6m3ZPmLEFdVxKKWnKq4VqZ60gutO35zm+zrAHVmHyDQ=
golang.org/x/oauth2 v0.17.0/go.mod h1:OzPDGQiuQMguemayvdylqddI7qcD9lnSDb+1FiwQ5HA=
@@ -595,8 +595,8 @@ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJ
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.9.0 h1:fEo0HyrW1GIgZdpbhCRO0PkJajUS5H9IFUztCgEo2jQ=
-golang.org/x/sync v0.9.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M=
+golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -625,8 +625,8 @@ golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s=
-golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI=
+golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210503060354-a79de5458b56/go.mod h1:tfny5GFUkzUvx4ps4ajbZsCe5lw1metzhBm9T3x7oIY=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
@@ -635,8 +635,8 @@ golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
-golang.org/x/term v0.26.0 h1:WEQa6V3Gja/BhNxg540hBip/kkaYtRg3cxg4oXSw4AU=
-golang.org/x/term v0.26.0/go.mod h1:Si5m1o57C5nBNQo5z1iq+XDijt21BDBDp2bK0QI8e3E=
+golang.org/x/term v0.22.0 h1:BbsgPEJULsl2fV/AT3v15Mjva5yXKQDyKf+TbDz7QJk=
+golang.org/x/term v0.22.0/go.mod h1:F3qCibpT5AMpCRfhfT53vVJwhLtIVHhB9XDjfFvnMI4=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
@@ -647,8 +647,8 @@ golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
-golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug=
-golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
+golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4=
+golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI=
golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
diff --git a/internal/alias/target/alias_test.go b/internal/alias/target/alias_test.go
index c9571b61b2..8bff6d08dc 100644
--- a/internal/alias/target/alias_test.go
+++ b/internal/alias/target/alias_test.go
@@ -157,7 +157,7 @@ func TestCreate(t *testing.T) {
a.PublicId, err = db.NewPublicId(ctx, globals.TargetAliasPrefix)
require.NoError(t, err)
- start := time.Now().UTC().Round(time.Second)
+ start := time.Now().UTC()
err = rw.Create(ctx, a)
if c.errContains != "" {
@@ -169,8 +169,8 @@ func TestCreate(t *testing.T) {
assert.Equal(t, a.Version, uint32(1))
assert.Equal(t, a.ScopeId, c.scope)
assert.Equal(t, a.Value, c.value)
- assert.GreaterOrEqual(t, a.CreateTime.AsTime().Round(time.Second), start)
- assert.GreaterOrEqual(t, a.UpdateTime.AsTime().Round(time.Second), start)
+ assert.GreaterOrEqual(t, a.CreateTime.AsTime(), start)
+ assert.GreaterOrEqual(t, a.UpdateTime.AsTime(), start)
if c.validate != nil {
c.validate(t, a)
}
diff --git a/internal/clientcache/internal/cache/refresh_test.go b/internal/clientcache/internal/cache/refresh_test.go
index 6f43e6b028..3895376132 100644
--- a/internal/clientcache/internal/cache/refresh_test.go
+++ b/internal/clientcache/internal/cache/refresh_test.go
@@ -104,7 +104,7 @@ func testResolvableAliasStaticResourceRetrievalFunc(inFunc func(ctx context.Cont
// testNoRefreshRetrievalFunc simulates a controller that doesn't support refresh
// since it does not return any refresh token.
-func testNoRefreshRetrievalFunc[T any](_ *testing.T) func(context.Context, string, string, RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) {
+func testNoRefreshRetrievalFunc[T any](t *testing.T) func(context.Context, string, string, RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) {
return func(_ context.Context, _, _ string, _ RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) {
return nil, nil, "", ErrRefreshNotSupported
}
@@ -113,7 +113,7 @@ func testNoRefreshRetrievalFunc[T any](_ *testing.T) func(context.Context, strin
// testErroringForRefreshTokenRetrievalFunc returns a refresh token error when
// the refresh token is not empty. This is useful for testing behavior when
// the refresh token has expired or is otherwise invalid.
-func testErroringForRefreshTokenRetrievalFunc[T any](_ *testing.T, ret []T) func(context.Context, string, string, RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) {
+func testErroringForRefreshTokenRetrievalFunc[T any](t *testing.T, ret []T) func(context.Context, string, string, RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) {
return func(ctx context.Context, s1, s2 string, refToken RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) {
if refToken != "" {
return nil, nil, "", api.ErrInvalidListToken
@@ -158,7 +158,7 @@ func testStaticResourceRetrievalFuncForId[T any](t *testing.T, ret [][]T, remove
// since it does not return any refresh token. This is for retrieval
// functions that require an id be provided for listing purposes like when
// listing resolvable aliases.
-func testNoRefreshRetrievalFuncForId[T any](_ *testing.T) func(context.Context, string, string, string, RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) {
+func testNoRefreshRetrievalFuncForId[T any](t *testing.T) func(context.Context, string, string, string, RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) {
return func(_ context.Context, _, _, _ string, _ RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) {
return nil, nil, "", ErrRefreshNotSupported
}
@@ -169,7 +169,7 @@ func testNoRefreshRetrievalFuncForId[T any](_ *testing.T) func(context.Context,
// the refresh token has expired or is otherwise invalid. This is for retrieval
// functions that require an id be provided for listing purposes like when
// listing resolvable aliases.
-func testErroringForRefreshTokenRetrievalFuncForId[T any](_ *testing.T, ret []T) func(context.Context, string, string, string, RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) {
+func testErroringForRefreshTokenRetrievalFuncForId[T any](t *testing.T, ret []T) func(context.Context, string, string, string, RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) {
return func(ctx context.Context, s1, s2, s3 string, refToken RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) {
if refToken != "" {
return nil, nil, "", api.ErrInvalidListToken
diff --git a/internal/clientcache/internal/cache/repository_refresh_token_test.go b/internal/clientcache/internal/cache/repository_refresh_token_test.go
index cb092b6912..e2c67ccabe 100644
--- a/internal/clientcache/internal/cache/repository_refresh_token_test.go
+++ b/internal/clientcache/internal/cache/repository_refresh_token_test.go
@@ -189,7 +189,7 @@ func TestLookupRefreshToken(t *testing.T) {
})
t.Run("unknown user", func(t *testing.T) {
- got, err := r.lookupRefreshToken(ctx, &user{Id: "unknownUser", Address: "addr"}, targetResourceType)
+ got, err := r.lookupRefreshToken(ctx, &user{Id: "unkonwnUser", Address: "addr"}, targetResourceType)
assert.NoError(t, err)
assert.Empty(t, got)
})
@@ -209,11 +209,10 @@ func TestLookupRefreshToken(t *testing.T) {
require.NoError(t, r.rw.Create(ctx, known))
before := time.Now().Truncate(time.Millisecond).UTC()
- _, err := r.rw.DoTx(ctx, 1, db.ExpBackoff{}, func(r db.Reader, w db.Writer) error {
+ r.rw.DoTx(ctx, 1, db.ExpBackoff{}, func(r db.Reader, w db.Writer) error {
require.NoError(t, upsertRefreshToken(ctx, w, known, targetResourceType, token))
return nil
})
- require.NoError(t, err)
got, err := r.lookupRefreshToken(ctx, known, targetResourceType)
assert.NoError(t, err)
diff --git a/internal/clientcache/internal/cache/repository_token.go b/internal/clientcache/internal/cache/repository_token.go
index 1e7f8f7b27..055a1b7e32 100644
--- a/internal/clientcache/internal/cache/repository_token.go
+++ b/internal/clientcache/internal/cache/repository_token.go
@@ -75,8 +75,7 @@ func upsertUserAndAuthToken(ctx context.Context, reader db.Reader, writer db.Wri
}
var users []*user
- // we only want users that have not been soft deleted
- if err := reader.SearchWhere(ctx, &users, "true", []any{}, db.WithLimit(-1), db.WithTable(activeUserTableName)); err != nil {
+ if err := reader.SearchWhere(ctx, &users, "true", []any{}, db.WithLimit(-1)); err != nil {
return errors.Wrap(ctx, err, op)
}
if len(users) <= usersLimit {
@@ -383,8 +382,6 @@ func cleanExpiredOrOrphanedAuthTokens(ctx context.Context, writer db.Writer, idT
return nil
}
-const activeUserTableName = "user_active" // users that have not been soft deleted
-
// lookupUser returns a user if one is present in the repository or nil if not.
func (r *Repository) lookupUser(ctx context.Context, id string) (*user, error) {
const op = "cache.(Repository).lookupUser"
@@ -393,8 +390,7 @@ func (r *Repository) lookupUser(ctx context.Context, id string) (*user, error) {
return nil, errors.New(ctx, errors.InvalidParameter, op, "empty id")
}
ret := &user{Id: id}
- // we only want users that have NOT been soft deleted
- if err := r.rw.LookupById(ctx, ret, db.WithTable(activeUserTableName)); err != nil {
+ if err := r.rw.LookupById(ctx, ret); err != nil {
if errors.IsNotFoundError(err) {
return nil, nil
}
@@ -407,8 +403,7 @@ func (r *Repository) lookupUser(ctx context.Context, id string) (*user, error) {
func (r *Repository) listUsers(ctx context.Context) ([]*user, error) {
const op = "cache.(Repository).listUsers"
var ret []*user
- // we only want users that have NOT been soft deleted
- if err := r.rw.SearchWhere(ctx, &ret, "true", nil, db.WithTable(activeUserTableName)); err != nil {
+ if err := r.rw.SearchWhere(ctx, &ret, "true", nil); err != nil {
return nil, errors.Wrap(ctx, err, op)
}
return ret, nil
@@ -487,31 +482,16 @@ func deleteUser(ctx context.Context, w db.Writer, u *user) (int, error) {
case u.Id == "":
return db.NoRowsAffected, errors.New(ctx, errors.InvalidParameter, op, "missing id")
}
- const (
- // delete the user if they don't have any refresh tokens which are
- // newer than 20 days (the refresh token expiration time)
- deleteStmt = "delete from user where id = ? and id not in (select user_id from refresh_token where DATETIME('now', '-20 days') < datetime(create_time) )"
-
- // fallback to soft deleting the user
- softDeleteStmt = "update user set deleted_at = (strftime('%Y-%m-%d %H:%M:%f','now')) where id = ?"
- )
- // see if we should delete the user
- rowsAffected, err := w.Exec(ctx, deleteStmt, []any{u.Id})
- switch {
- case err != nil:
- return db.NoRowsAffected, errors.Wrap(ctx, err, op)
- case rowsAffected > 0:
- // if we deleted the user, we're done.
- return rowsAffected, nil
- }
-
- // fallback to soft delete
- rowsAffected, err = w.Exec(ctx, softDeleteStmt, []any{u.Id})
+ // TODO(https://github.com/go-gorm/gorm/issues/4879): Use the
+ // writer.Delete() function once the gorm bug is fixed. Until then
+ // the gorm driver for sqlite has an error which wont execute a
+ // delete correctly. as a work around we manually execute the
+ // query here.
+ n, err := w.Exec(ctx, "delete from user where id = ?", []any{u.Id})
if err != nil {
- return db.NoRowsAffected, errors.Wrap(ctx, err, op)
+ err = errors.Wrap(ctx, err, op)
}
-
- return rowsAffected, nil
+ return n, err
}
// user is a gorm model for the user table. It represents a user
diff --git a/internal/clientcache/internal/cache/repository_token_test.go b/internal/clientcache/internal/cache/repository_token_test.go
index c41845f316..7124e805ad 100644
--- a/internal/clientcache/internal/cache/repository_token_test.go
+++ b/internal/clientcache/internal/cache/repository_token_test.go
@@ -5,21 +5,14 @@ package cache
import (
"context"
- "database/sql/driver"
- stderrors "errors"
"fmt"
"sync"
"testing"
"time"
- "github.com/hashicorp/boundary/api/aliases"
"github.com/hashicorp/boundary/api/authtokens"
- "github.com/hashicorp/boundary/api/sessions"
- "github.com/hashicorp/boundary/api/targets"
cachedb "github.com/hashicorp/boundary/internal/clientcache/internal/db"
"github.com/hashicorp/boundary/internal/db"
- "github.com/hashicorp/go-dbw"
- "github.com/hashicorp/go-hclog"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"golang.org/x/exp/maps"
@@ -617,7 +610,7 @@ func TestRepository_LookupToken(t *testing.T) {
})
}
-func TestRepository_lookupUpUser(t *testing.T) {
+func TestRepository_lookupUpser(t *testing.T) {
ctx := context.Background()
s, err := cachedb.Open(ctx)
require.NoError(t, err)
@@ -657,250 +650,6 @@ func TestRepository_lookupUpUser(t *testing.T) {
assert.NoError(t, err)
assert.Equal(t, &user{Id: at.UserId, Address: addr}, u)
})
- t.Run("soft-deleted", func(t *testing.T) {
- at2 := &authtokens.AuthToken{
- Id: "at_2",
- Token: "at_2_token",
- UserId: "u_2",
- ExpirationTime: time.Now().Add(1 * time.Minute), // not expired is required for this test
- }
- kt2 := KeyringToken{
- TokenName: "t2",
- KeyringType: "k2",
- AuthTokenId: at2.Id,
- }
- addr2 := "address2"
- boundaryAuthTokens2 := []*authtokens.AuthToken{at2}
- atMap2 := map[ringToken]*authtokens.AuthToken{
- {kt2.KeyringType, kt2.TokenName}: at2,
- }
- m := &sync.Map{}
- r2, err := NewRepository(ctx, s, m, mapBasedAuthTokenKeyringLookup(atMap2), sliceBasedAuthTokenBoundaryReader(boundaryAuthTokens2))
- require.NoError(t, err)
- assert.NoError(t, r2.AddKeyringToken(ctx, addr2, kt2))
-
- rs, err := NewRefreshService(ctx, r2, hclog.NewNullLogger(), 0, 0)
- require.NoError(t, err)
-
- retTargets := []*targets.Target{
- target("1"),
- target("2"),
- target("3"),
- target("4"),
- }
- opts := []Option{
- WithAliasRetrievalFunc(testResolvableAliasStaticResourceRetrievalFunc(testStaticResourceRetrievalFuncForId[*aliases.Alias](t, nil, nil))),
- WithSessionRetrievalFunc(testSessionStaticResourceRetrievalFunc(testStaticResourceRetrievalFunc[*sessions.Session](t, nil, nil))),
- WithTargetRetrievalFunc(testTargetStaticResourceRetrievalFunc(testStaticResourceRetrievalFunc[*targets.Target](t,
- [][]*targets.Target{
- retTargets[:3],
- retTargets[3:],
- },
- [][]string{
- nil,
- {retTargets[0].Id, retTargets[1].Id},
- },
- ))),
- }
- assert.NoError(t, rs.RefreshForSearch(ctx, at2.Id, Targets, opts...))
- // Now load up a few resources and a token, and trying again should
- // see the RefreshForSearch update more fields.
- assert.NoError(t, rs.Refresh(ctx, opts...))
- cachedTargets, err := r.ListTargets(ctx, at2.Id)
- assert.NoError(t, err)
- assert.ElementsMatch(t, retTargets[:3], cachedTargets.Targets)
-
- // should be found in cache (user_active)
- u2, err := r2.lookupUser(ctx, at2.UserId)
- assert.NoError(t, err)
- assert.Equal(t, &user{Id: at2.UserId, Address: addr2}, u2)
- u2, err = r2.lookupUser(ctx, at2.UserId)
- assert.NoError(t, err)
- assert.Equal(t, &user{Id: at2.UserId, Address: addr2}, u2)
-
- // should be found in underlying user table as well
- tu, err := testLookupUser(t, s, at2.UserId)
- assert.NoError(t, err)
- assert.Equal(t, &testUser{Id: at2.UserId, Address: addr2, DeletedAt: infinityValue}, tu)
-
- // there better be some refresh tokens
- tks, err := r2.listRefreshTokens(ctx, u2)
- assert.NoError(t, err)
- assert.NotEmpty(t, tks)
-
- // now delete the user's auth_token and be sure the user is still found
- // in the cache (table == "user" and not in "user_active")
- err = r2.deleteKeyringToken(ctx, kt2)
- require.NoError(t, err)
-
- currentTks, err := r2.listTokens(ctx, u2)
- require.NoError(t, err)
- assert.Empty(t, currentTks)
-
- // should no longer be an active user
- u2, err = r2.lookupUser(ctx, tu.Id)
- assert.NoError(t, err)
- assert.Empty(t, u2)
-
- // should still be found in underlying user table
- tu, err = testLookupUser(t, s, tu.Id)
- assert.NoError(t, err)
- assert.Equal(t, &testUser{Id: tu.Id, Address: tu.Address, DeletedAt: tu.DeletedAt}, tu)
- })
- t.Run("hard-deleted", func(t *testing.T) {
- at3 := &authtokens.AuthToken{
- Id: "at_3",
- Token: "at_3_token",
- UserId: "u_3",
- ExpirationTime: time.Now().Add(1 * time.Minute), // not expired is required for this test
- }
- kt3 := KeyringToken{
- TokenName: "t3",
- KeyringType: "k3",
- AuthTokenId: at3.Id,
- }
- addr3 := "address3"
- boundaryAuthTokens3 := []*authtokens.AuthToken{at3}
- atMap3 := map[ringToken]*authtokens.AuthToken{
- {kt3.KeyringType, kt3.TokenName}: at3,
- }
- m := &sync.Map{}
- r3, err := NewRepository(ctx, s, m, mapBasedAuthTokenKeyringLookup(atMap3), sliceBasedAuthTokenBoundaryReader(boundaryAuthTokens3))
- require.NoError(t, err)
- assert.NoError(t, r3.AddKeyringToken(ctx, addr3, kt3))
-
- // should be found in cache (user_active)
- u3, err := r3.lookupUser(ctx, at3.UserId)
- assert.NoError(t, err)
- assert.Equal(t, &user{Id: at3.UserId, Address: addr3}, u3)
- u3, err = r3.lookupUser(ctx, at3.UserId)
- assert.NoError(t, err)
- assert.Equal(t, &user{Id: at3.UserId, Address: addr3}, u3)
-
- // should be found in underlying user table as well
- tu, err := testLookupUser(t, s, at3.UserId)
- assert.NoError(t, err)
- assert.Equal(t, &testUser{Id: at3.UserId, Address: addr3, DeletedAt: infinityValue}, tu)
-
- // there better be some refresh tokens
- tks, err := r3.listRefreshTokens(ctx, u3)
- assert.NoError(t, err)
- assert.Empty(t, tks)
-
- // now delete the user's auth_token and be sure the user is not found
- // in the cache (not in either the "user" or "user_active" tables)
- err = r3.deleteKeyringToken(ctx, kt3)
- require.NoError(t, err)
-
- currentTks, err := r3.listTokens(ctx, u3)
- require.NoError(t, err)
- assert.Empty(t, currentTks)
-
- // should no longer be an active user
- u3, err = r3.lookupUser(ctx, tu.Id)
- assert.NoError(t, err)
- assert.Empty(t, u3)
-
- // should not be found in underlying user table
- _, err = testLookupUser(t, s, tu.Id)
- assert.Error(t, err)
- assert.ErrorIs(t, err, dbw.ErrRecordNotFound)
- })
-}
-
-// infinityValue represents a time.Time that is infinity
-var infinityValue = infinityDate{
- Time: time.Time{},
- IsInfinity: true,
-}
-
-// negInfinityValue represents a time.Time that is negative infinity
-var negInfinityValue = infinityDate{
- Time: time.Time{},
- IsNegInfinity: true,
-}
-
-// infinityDate is used to represent a time.Time that can be infinity, neg
-// infinity or a regular time.Time
-type infinityDate struct {
- Time time.Time
- IsInfinity bool
- IsNegInfinity bool
-}
-
-// sqliteDatetimeLayout defines the format for sqlite datetime ('YYYY-MM-DD HH:MM:SS.SSS')
-const sqliteDatetimeLayout = "2006-01-02 15:04:05.999"
-
-// Scan implements the sql.Scanner interface for infinityDate
-func (d *infinityDate) Scan(value any) error {
- switch v := value.(type) {
- case string:
- if v == "infinity" {
- d.IsInfinity = true
- d.IsNegInfinity = false
- return nil
- } else if v == "-infinity" {
- d.IsNegInfinity = true
- d.IsInfinity = false
- return nil
- } else {
- parsedTime, err := time.Parse(sqliteDatetimeLayout, v)
- if err != nil {
- return err
- }
- d.Time = parsedTime
- d.IsInfinity = false
- d.IsNegInfinity = false
- return nil
- }
- case time.Time:
- d.Time = v
- d.IsInfinity = false
- d.IsNegInfinity = false
- return nil
- }
- return stderrors.New("unsupported data type for Date")
-}
-
-// Value implements the driver.Valuer interface for infinityDate
-func (d infinityDate) Value() (driver.Value, error) {
- if d.IsInfinity {
- return "infinity", nil
- } else if d.IsNegInfinity {
- return "-infinity", nil
- }
- return d.Time.Format(sqliteDatetimeLayout), nil
-}
-
-// testUser is used by testLookupUser to lookup a user from the database and
-// supports returning the user's DeletedAt time (soft delete).
-type testUser struct {
- Id string
- Address string
- DeletedAt infinityDate
-}
-
-// testLookupUser is a helper function to lookup a user from the database in the
-// underlying user table.
-func testLookupUser(t *testing.T, conn any, id string) (*testUser, error) {
- t.Helper()
- var rw db.Reader
- switch v := conn.(type) {
- case *db.DB:
- rw = db.New(v)
- case db.Reader:
- rw = v
- }
- u := &testUser{
- Id: id,
- }
- err := rw.LookupById(context.Background(), u, db.WithTable("user"))
- switch {
- case err == nil:
- return u, nil
- default:
- return &testUser{}, err
- }
}
func TestRepository_RemoveStaleTokens(t *testing.T) {
@@ -1114,110 +863,4 @@ func TestUpsertUserAndAuthToken(t *testing.T) {
return nil
})
require.NoError(t, err)
- t.Run("hard-and-soft-delete-oldest-user", func(t *testing.T) {
- boundaryAuthTokens := make([]*authtokens.AuthToken, 0, usersLimit)
- atMap := map[ringToken]*authtokens.AuthToken{}
- m := &sync.Map{}
-
- // create usersLimit users to simulate the case where the user limit is
- // reached. The Tx is required because upsertUserAndAuthToken requires
- // an inflight transaction.
- _, err = rw.DoTx(ctx, 1, db.ExpBackoff{}, func(txReader db.Reader, txWriter db.Writer) error {
- for i := 1; i <= usersLimit; i++ {
- u := &user{
- Id: fmt.Sprintf("u_%d", i),
- Address: fmt.Sprintf("address_%d", i),
- }
- at := &authtokens.AuthToken{
- Id: fmt.Sprintf("at_%d", i),
- Token: fmt.Sprintf("at_%d_token", i),
- UserId: u.Id,
- }
- boundaryAuthTokens = append(boundaryAuthTokens, at)
- atMap[ringToken{fmt.Sprintf("k_%d", i), fmt.Sprintf("t_%d", i)}] = at
- err := upsertUserAndAuthToken(ctx, txReader, txWriter, u.Address, at)
- require.NoError(t, err)
-
- }
- return nil
- })
- // verify that all the initial users were added
- repo, err := NewRepository(ctx, s, m, mapBasedAuthTokenKeyringLookup(atMap), sliceBasedAuthTokenBoundaryReader(boundaryAuthTokens))
- require.NoError(t, err)
- for i := 1; i <= usersLimit; i++ {
- userId := fmt.Sprintf("u_%d", i)
- foundUser, err := repo.lookupUser(ctx, userId)
- require.NoError(t, err)
- _, err = testLookupUser(t, s, foundUser.Id)
- assert.NoError(t, err)
- }
-
- {
- // setup is done. Let's add a new user and verify that the oldest
- // user is hard deleted
- _, err = rw.DoTx(ctx, 1, db.ExpBackoff{}, func(txReader db.Reader, txWriter db.Writer) error {
- // add a new user, which should trigger the hard deletion of the oldest user
- newUser := &user{
- Id: "u_new",
- Address: "address_new",
- }
- newUserAt := &authtokens.AuthToken{
- Id: "at_new",
- Token: "at_new_token",
- UserId: newUser.Id,
- }
- err := upsertUserAndAuthToken(ctx, txReader, txWriter, newUser.Address, newUserAt)
- require.NoError(t, err)
- return nil
- })
- require.NoError(t, err)
-
- // verify that the oldest user was hard deleted
- foundUser, err := repo.lookupUser(ctx, "u_1")
- assert.NoError(t, err)
- assert.Empty(t, foundUser)
- foundTestUser, err := testLookupUser(t, s, "u_1")
- assert.Error(t, err)
- assert.Equal(t, &testUser{}, foundTestUser)
- }
- {
- // Let's add a refresh token for the oldest user and then new user
- // and verify that the oldest user is soft deleted
- rt := &refreshToken{
- UserId: "u_2",
- ResourceType: "target",
- RefreshToken: "rt_2",
- CreateTime: time.Now().Add(-24 * time.Hour),
- UpdateTime: time.Now().Add(-24 * time.Hour),
- }
- err = repo.rw.Create(ctx, rt)
- require.NoError(t, err)
-
- _, err = rw.DoTx(ctx, 1, db.ExpBackoff{}, func(txReader db.Reader, txWriter db.Writer) error {
- // add a new user, which should trigger the soft deletion of the oldest user
- newUser := &user{
- Id: "u_new_2",
- Address: "address_new_2",
- }
- newUserAt := &authtokens.AuthToken{
- Id: "at_new_2",
- Token: "at_new_token_2",
- UserId: newUser.Id,
- }
- err := upsertUserAndAuthToken(ctx, txReader, txWriter, newUser.Address, newUserAt)
- require.NoError(t, err)
- return nil
- })
- require.NoError(t, err)
-
- // verify that the oldest user was soft deleted
- foundUser, err := repo.lookupUser(ctx, "u_2")
- assert.NoError(t, err)
- assert.Empty(t, foundUser)
- // should not find the user in the underlying user table
- foundTestUser, err := testLookupUser(t, s, "u_2")
- assert.NoError(t, err)
- assert.NotEqual(t, &testUser{}, foundTestUser)
- }
- })
}
diff --git a/internal/clientcache/internal/db/db.go b/internal/clientcache/internal/db/db.go
index 302b36f370..9063cf3725 100644
--- a/internal/clientcache/internal/db/db.go
+++ b/internal/clientcache/internal/db/db.go
@@ -146,7 +146,7 @@ type schema struct {
const (
schemaTableName = "schema_version"
- schemaCurrentVersion = "v0.0.3"
+ schemaCurrentVersion = "v0.0.2"
)
// TableName returns the table name
diff --git a/internal/clientcache/internal/db/schema.sql b/internal/clientcache/internal/db/schema.sql
index 4b20cd910f..3806637716 100644
--- a/internal/clientcache/internal/db/schema.sql
+++ b/internal/clientcache/internal/db/schema.sql
@@ -34,7 +34,7 @@ when
end;
-insert into schema_version(version) values('v0.0.3');
+insert into schema_version(version) values('v0.0.2');
-- user contains the boundary user information for the boundary user that owns
-- the information in the cache.
@@ -44,18 +44,9 @@ create table if not exists user (
check (length(id) > 0),
-- The address of the boundary instance that this user id comes from
address text not null
- check (length(address) > 0),
- -- deleted_at indicates when the user was soft-deleted because all
- -- auth_tokens associated with the user were deleted. It is set to 'infinity'
- -- for users that have not been soft-deleted.
- deleted_at timestamp not null default 'infinity'
+ check (length(address) > 0)
);
--- user_active is a view that contains only the active users in the cache. This
--- view is used to prevent the cache from syncing data for users that have been
--- soft-deleted.
-create view user_active as select * from user where deleted_at = 'infinity';
-
-- Contains the known resource types contained in the boundary client cache
create table if not exists resource_type_enm(
string text not null primary key
@@ -120,46 +111,19 @@ create table if not exists auth_token (
);
-- *delete_orphaned_users triggers delete a user when it no longer has any
--- auth tokens associated with them and they no longer have any refresh tokens
--- that are less than 20 days old. This is to prevent the cache from syncing
--- data for users that are no longer active.
+-- auth tokens associated with them
create trigger token_update_delete_orphaned_users after update on auth_token
begin
--- delete users that no longer have any auth tokens associated with them
--- and they have no refresh tokens that are newer (less) than 20 days old.
-delete from user
-where
- id not in (select user_id from auth_token) and
- id not in (select user_id from refresh_token where DATETIME('now', '-20 days') < datetime(create_time) );
-
--- soft delete users that no longer have any auth tokens associated with them
--- and they haven't been previously soft deleted
--- and they no longer have any refresh tokens that are newer (greater) than 20 days old.
-update user set deleted_at = (strftime('%Y-%m-%d %H:%M:%f','now'))
+delete from user
where
- id not in (select user_id from auth_token) and
- deleted_at = 'infinity' and
- id not in (select user_id from refresh_token where DATETIME('now', '-20 days') > datetime(create_time));
-
+ id not in (select user_id from auth_token);
end;
create trigger token_delete_delete_orphaned_users after delete on auth_token
begin
--- delete users that no longer have any auth tokens associated with them
--- and they have no refresh tokens that are newer (less) than 20 days old.
-delete from user
-where
- id not in (select user_id from auth_token) and
- id not in (select user_id from refresh_token where DATETIME('now', '-20 days') < datetime(create_time) );
-
--- soft delete users that no longer have any auth tokens associated with them
--- and they haven't been previously soft deleted
--- and they no longer have any refresh tokens that are newer (greater) than 20 days old.
-update user set deleted_at = (strftime('%Y-%m-%d %H:%M:%f','now'))
+delete from user
where
- id not in (select user_id from auth_token) and
- deleted_at = 'infinity' and
- id not in (select user_id from refresh_token where DATETIME('now', '-20 days') > datetime(create_time));
+ id not in (select user_id from auth_token);
end;
create table if not exists keyring_token (
diff --git a/internal/cmd/base/base.go b/internal/cmd/base/base.go
index 2e2c0618d1..e668743f31 100644
--- a/internal/cmd/base/base.go
+++ b/internal/cmd/base/base.go
@@ -38,7 +38,6 @@ const (
EnabledPluginAws
EnabledPluginHostAzure
EnabledPluginMinio
- EnabledPluginGCP
)
// MinioEnabled controls if the Minio storage plugin should be initiated or not
@@ -54,8 +53,6 @@ func (e EnabledPlugin) String() string {
return "Azure"
case EnabledPluginMinio:
return "MinIO"
- case EnabledPluginGCP:
- return "GCP"
default:
return ""
}
diff --git a/internal/cmd/base/dev.go b/internal/cmd/base/dev.go
index e8881d5d3e..f930015444 100644
--- a/internal/cmd/base/dev.go
+++ b/internal/cmd/base/dev.go
@@ -23,7 +23,6 @@ import (
"github.com/hashicorp/boundary/internal/iam"
"github.com/hashicorp/boundary/internal/kms"
"github.com/hashicorp/boundary/internal/types/scope"
- "github.com/hashicorp/boundary/internal/util"
"github.com/hashicorp/boundary/testing/dbtest"
capoidc "github.com/hashicorp/cap/oidc"
"github.com/jimlambrt/gldap"
@@ -243,9 +242,13 @@ func (b *Server) CreateDevLdapAuthMethod(ctx context.Context) error {
if purpose != "api" {
continue
}
- host, _, err = util.SplitHostPort(ln.Config.Address)
+ host, _, err = net.SplitHostPort(ln.Config.Address)
if err != nil {
- return fmt.Errorf("error splitting host/port: %w", err)
+ if strings.Contains(err.Error(), "missing port") {
+ host = ln.Config.Address
+ } else {
+ return fmt.Errorf("error splitting host/port: %w", err)
+ }
}
}
if host == "" {
@@ -256,16 +259,6 @@ func (b *Server) CreateDevLdapAuthMethod(ctx context.Context) error {
tb := &oidcLogger{}
port = testdirectory.FreePort(tb)
-
- // The util.SplitHostPort() method removes the square brackets that enclose the
- // host address when the address type is ipv6. The square brackets must be
- // added back, otherwise the gldap server will fail to start due to a parsing
- // error.
- if ip := net.ParseIP(host); ip != nil {
- if ip.To16() != nil {
- host = fmt.Sprintf("[%s]", host)
- }
- }
b.DevLdapSetup.testDirectory = testdirectory.Start(tb,
testdirectory.WithNoTLS(tb),
testdirectory.WithHost(tb, host),
@@ -462,12 +455,15 @@ func (b *Server) CreateDevOidcAuthMethod(ctx context.Context) error {
if purpose != "api" {
continue
}
- b.DevOidcSetup.hostAddr, b.DevOidcSetup.callbackPort, err = util.SplitHostPort(ln.Config.Address)
+ b.DevOidcSetup.hostAddr, b.DevOidcSetup.callbackPort, err = net.SplitHostPort(ln.Config.Address)
if err != nil {
- return fmt.Errorf("error splitting host/port: %w", err)
- }
- if b.DevOidcSetup.callbackPort == "" {
- b.DevOidcSetup.callbackPort = "9200"
+ if strings.Contains(err.Error(), "missing port") {
+ b.DevOidcSetup.hostAddr = ln.Config.Address
+ // Use the default API port in the callback
+ b.DevOidcSetup.callbackPort = "9200"
+ } else {
+ return fmt.Errorf("error splitting host/port: %w", err)
+ }
}
}
if b.DevOidcSetup.hostAddr == "" {
diff --git a/internal/cmd/base/listener.go b/internal/cmd/base/listener.go
index bfaad009de..49a32e9bce 100644
--- a/internal/cmd/base/listener.go
+++ b/internal/cmd/base/listener.go
@@ -16,7 +16,6 @@ import (
_ "crypto/sha512"
"crypto/tls"
- "github.com/hashicorp/boundary/internal/util"
"github.com/hashicorp/go-secure-stdlib/listenerutil"
"github.com/hashicorp/go-secure-stdlib/reloadutil"
"github.com/mitchellh/cli"
@@ -138,22 +137,24 @@ func tcpListenerFactory(purpose string, l *listenerutil.ListenerConfig, ui cli.U
}
}
- host, port, err := util.SplitHostPort(l.Address)
+ host, port, err := net.SplitHostPort(l.Address)
if err != nil {
- return "", nil, fmt.Errorf("error splitting host/port: %w", err)
- }
- if port == "" {
- switch purpose {
- case "api":
- port = "9200"
- case "cluster":
- port = "9201"
- case "proxy":
- port = "9202"
- case "ops":
- port = "9203"
- default:
- return "", nil, errors.New("no purpose provided for listener and no port discoverable")
+ if strings.Contains(err.Error(), "missing port") {
+ switch purpose {
+ case "api":
+ port = "9200"
+ case "cluster":
+ port = "9201"
+ case "proxy":
+ port = "9202"
+ case "ops":
+ port = "9203"
+ default:
+ return "", nil, errors.New("no purpose provided for listener and no port discoverable")
+ }
+ host = l.Address
+ } else {
+ return "", nil, fmt.Errorf("error splitting host/port: %w", err)
}
}
diff --git a/internal/cmd/base/servers.go b/internal/cmd/base/servers.go
index 351f8a6f81..b5392a53b1 100644
--- a/internal/cmd/base/servers.go
+++ b/internal/cmd/base/servers.go
@@ -10,9 +10,11 @@ import (
"errors"
"fmt"
"io"
+ "net"
"os"
"os/signal"
"path/filepath"
+ "regexp"
"sort"
"strconv"
"strings"
@@ -56,6 +58,10 @@ const (
WorkerAuthReqFile = "auth_request_token"
)
+// This regular expression is used to find all instances of square brackets within a string.
+// This regular expression is used to remove the square brackets from an IPv6 address.
+var squareBrackets = regexp.MustCompile("\\[|\\]")
+
func init() {
metric.InitializeBuildInfo(prometheus.DefaultRegisterer)
}
@@ -835,14 +841,20 @@ func (b *Server) SetupWorkerPublicAddress(conf *config.Config, flagValue string)
}
}
- host, port, err := util.SplitHostPort(conf.Worker.PublicAddr)
+ host, port, err := net.SplitHostPort(conf.Worker.PublicAddr)
if err != nil {
- return fmt.Errorf("Error splitting public adddress host/port: %w", err)
- }
- if port == "" {
- port = "9202"
+ if strings.Contains(err.Error(), "missing port") {
+ port = "9202"
+ host = conf.Worker.PublicAddr
+ } else {
+ return fmt.Errorf("Error splitting public adddress host/port: %w", err)
+ }
}
- conf.Worker.PublicAddr = util.JoinHostPort(host, port)
+
+ // remove the square brackets from the ipv6 address because the method
+ // net.JoinHostPort() will add a second pair of square brackets.
+ host = squareBrackets.ReplaceAllString(host, "")
+ conf.Worker.PublicAddr = net.JoinHostPort(host, port)
return nil
}
diff --git a/internal/cmd/commands/connect/connect.go b/internal/cmd/commands/connect/connect.go
index aac30cac66..dbed3345df 100644
--- a/internal/cmd/commands/connect/connect.go
+++ b/internal/cmd/commands/connect/connect.go
@@ -10,6 +10,7 @@ import (
"fmt"
"io"
"math"
+ "net"
"net/netip"
"os"
"strconv"
@@ -21,7 +22,6 @@ import (
apiproxy "github.com/hashicorp/boundary/api/proxy"
"github.com/hashicorp/boundary/api/targets"
"github.com/hashicorp/boundary/internal/cmd/base"
- "github.com/hashicorp/boundary/internal/util"
"github.com/mitchellh/cli"
"github.com/posener/complete"
"go.uber.org/atomic"
@@ -476,10 +476,14 @@ func (c *Command) Run(args []string) (retCode int) {
proxyAddr := clientProxy.ListenerAddress(context.Background())
var clientProxyHost, clientProxyPort string
- clientProxyHost, clientProxyPort, err = util.SplitHostPort(proxyAddr)
+ clientProxyHost, clientProxyPort, err = net.SplitHostPort(proxyAddr)
if err != nil {
- c.PrintCliError(fmt.Errorf("error splitting listener addr: %w", err))
- return base.CommandCliError
+ if strings.Contains(err.Error(), "missing port") {
+ clientProxyHost = proxyAddr
+ } else {
+ c.PrintCliError(fmt.Errorf("error splitting listener addr: %w", err))
+ return base.CommandCliError
+ }
}
c.sessInfo.Address = clientProxyHost
@@ -601,11 +605,15 @@ func (c *Command) handleExec(clientProxy *apiproxy.ClientProxy, passthroughArgs
addr := clientProxy.ListenerAddress(context.Background())
var host, port string
var err error
- host, port, err = util.SplitHostPort(addr)
+ host, port, err = net.SplitHostPort(addr)
if err != nil {
- c.PrintCliError(fmt.Errorf("Error splitting listener addr: %w", err))
- c.execCmdReturnValue.Store(int32(3))
- return
+ if strings.Contains(err.Error(), "missing port") {
+ host = addr
+ } else {
+ c.PrintCliError(fmt.Errorf("Error splitting listener addr: %w", err))
+ c.execCmdReturnValue.Store(int32(3))
+ return
+ }
}
var args []string
diff --git a/internal/cmd/commands/dev/dev.go b/internal/cmd/commands/dev/dev.go
index 6edf736970..77bc225c69 100644
--- a/internal/cmd/commands/dev/dev.go
+++ b/internal/cmd/commands/dev/dev.go
@@ -8,6 +8,7 @@ import (
"errors"
"fmt"
"math/rand"
+ "net"
"os"
"runtime"
"strings"
@@ -26,7 +27,6 @@ import (
"github.com/hashicorp/boundary/internal/server"
"github.com/hashicorp/boundary/internal/server/store"
"github.com/hashicorp/boundary/internal/types/scope"
- "github.com/hashicorp/boundary/internal/util"
"github.com/hashicorp/go-secure-stdlib/parseutil"
"github.com/hashicorp/go-secure-stdlib/strutil"
"github.com/hashicorp/nodeenrollment"
@@ -592,10 +592,13 @@ func (c *Command) Run(args []string) int {
return base.CommandUserError
}
- host, port, err := util.SplitHostPort(c.flagHostAddress)
+ host, port, err := net.SplitHostPort(c.flagHostAddress)
if err != nil {
- c.UI.Error(fmt.Errorf("Invalid host address specified: %w", err).Error())
- return base.CommandUserError
+ if !strings.Contains(err.Error(), "missing port") {
+ c.UI.Error(fmt.Errorf("Invalid host address specified: %w", err).Error())
+ return base.CommandUserError
+ }
+ host = c.flagHostAddress
}
if port != "" {
c.UI.Error(`Port must not be specified as part of the dev host address`)
@@ -821,7 +824,7 @@ func (c *Command) Run(args []string) int {
}
{
- c.EnabledPlugins = append(c.EnabledPlugins, base.EnabledPluginAws, base.EnabledPluginHostAzure, base.EnabledPluginGCP)
+ c.EnabledPlugins = append(c.EnabledPlugins, base.EnabledPluginAws, base.EnabledPluginHostAzure)
if base.MinioEnabled {
c.EnabledPlugins = append(c.EnabledPlugins, base.EnabledPluginMinio)
}
diff --git a/internal/cmd/commands/server/controller_db_swap_test.go b/internal/cmd/commands/server/controller_db_swap_test.go
index f6ee0f49e1..73abff3f66 100644
--- a/internal/cmd/commands/server/controller_db_swap_test.go
+++ b/internal/cmd/commands/server/controller_db_swap_test.go
@@ -115,7 +115,7 @@ func TestReloadControllerDatabase(t *testing.T) {
exitCode := cmd.Run(args)
if exitCode != 0 {
output := cmd.UI.(*cli.MockUi).ErrorWriter.String() + cmd.UI.(*cli.MockUi).OutputWriter.String()
- fmt.Printf("%s: got a non-zero exit status: %s", t.Name(), output)
+ t.Errorf("got a non-zero exit status: %s", output)
}
}()
@@ -241,6 +241,7 @@ func TestReloadControllerDatabase_InvalidNewDatabaseState(t *testing.T) {
cfgHcl := fmt.Sprintf(dbSwapConfig, urlA, controllerKey, workerAuthKey, recoveryKey)
require.NoError(t, os.WriteFile(td+"/config.hcl", []byte(cfgHcl), 0o644))
+ errCh := make(chan error, 1)
wg := &sync.WaitGroup{}
wg.Add(1)
go func() {
@@ -250,12 +251,15 @@ func TestReloadControllerDatabase_InvalidNewDatabaseState(t *testing.T) {
exitCode := cmd.Run(args)
if exitCode != 0 {
output := cmd.UI.(*cli.MockUi).ErrorWriter.String() + cmd.UI.(*cli.MockUi).OutputWriter.String()
- fmt.Printf("%s: got a non-zero exit status: %s", t.Name(), output)
+ errCh <- fmt.Errorf("got a non-zero exit status: %s", output)
+ close(errCh)
}
}()
// Wait until things are up and running (or timeout).
select {
+ case err := <-errCh:
+ t.Fatal(err)
case <-cmd.startedCh:
case <-time.After(15 * time.Second):
t.Fatal("timeout")
diff --git a/internal/cmd/commands/server/controller_ratelimit_reload_test.go b/internal/cmd/commands/server/controller_ratelimit_reload_test.go
index 2fce90741e..278d00f1a6 100644
--- a/internal/cmd/commands/server/controller_ratelimit_reload_test.go
+++ b/internal/cmd/commands/server/controller_ratelimit_reload_test.go
@@ -184,7 +184,7 @@ listener "tcp" {
`
)
-func TestReloadControllerRateLimits(t *testing.T) {
+func TestRealodControllerRateLimits(t *testing.T) {
td := t.TempDir()
controllerKey := config.DevKeyGeneration()
@@ -209,7 +209,7 @@ func TestReloadControllerRateLimits(t *testing.T) {
exitCode := cmd.Run(args)
if exitCode != 0 {
output := cmd.UI.(*cli.MockUi).ErrorWriter.String() + cmd.UI.(*cli.MockUi).OutputWriter.String()
- fmt.Printf("%s: got a non-zero exit status: %s", t.Name(), output)
+ t.Errorf("got a non-zero exit status: %s", output)
}
}()
@@ -282,7 +282,7 @@ func TestReloadControllerRateLimits(t *testing.T) {
wg.Wait()
}
-func TestReloadControllerRateLimitsSameConfig(t *testing.T) {
+func TestRealodControllerRateLimitsSameConfig(t *testing.T) {
td := t.TempDir()
// Create and migrate database A and B.
@@ -308,7 +308,7 @@ func TestReloadControllerRateLimitsSameConfig(t *testing.T) {
exitCode := cmd.Run(args)
if exitCode != 0 {
output := cmd.UI.(*cli.MockUi).ErrorWriter.String() + cmd.UI.(*cli.MockUi).OutputWriter.String()
- fmt.Printf("%s: got a non-zero exit status: %s", t.Name(), output)
+ t.Errorf("got a non-zero exit status: %s", output)
}
}()
@@ -377,7 +377,7 @@ func TestReloadControllerRateLimitsSameConfig(t *testing.T) {
wg.Wait()
}
-func TestReloadControllerRateLimitsDisable(t *testing.T) {
+func TestRealodControllerRateLimitsDisable(t *testing.T) {
td := t.TempDir()
controllerKey := config.DevKeyGeneration()
@@ -402,7 +402,7 @@ func TestReloadControllerRateLimitsDisable(t *testing.T) {
exitCode := cmd.Run(args)
if exitCode != 0 {
output := cmd.UI.(*cli.MockUi).ErrorWriter.String() + cmd.UI.(*cli.MockUi).OutputWriter.String()
- fmt.Printf("%s: got a non-zero exit status: %s", t.Name(), output)
+ t.Errorf("got a non-zero exit status: %s", output)
}
}()
@@ -475,7 +475,7 @@ func TestReloadControllerRateLimitsDisable(t *testing.T) {
wg.Wait()
}
-func TestReloadControllerRateLimitsEnable(t *testing.T) {
+func TestRealodControllerRateLimitsEnable(t *testing.T) {
td := t.TempDir()
controllerKey := config.DevKeyGeneration()
@@ -501,7 +501,7 @@ func TestReloadControllerRateLimitsEnable(t *testing.T) {
exitCode := cmd.Run(args)
if exitCode != 0 {
output := cmd.UI.(*cli.MockUi).ErrorWriter.String() + cmd.UI.(*cli.MockUi).OutputWriter.String()
- fmt.Printf("%s: got a non-zero exit status: %s", t.Name(), output)
+ t.Errorf("got a non-zero exit status: %s", output)
}
}()
diff --git a/internal/cmd/commands/server/listener_reload_test.go b/internal/cmd/commands/server/listener_reload_test.go
index a5472f4501..809e6ca7cd 100644
--- a/internal/cmd/commands/server/listener_reload_test.go
+++ b/internal/cmd/commands/server/listener_reload_test.go
@@ -132,7 +132,7 @@ func TestServer_ReloadListener(t *testing.T) {
defer wg.Done()
if code := cmd.Run(args); code != 0 {
output := cmd.UI.(*cli.MockUi).ErrorWriter.String() + cmd.UI.(*cli.MockUi).OutputWriter.String()
- fmt.Printf("%s: got a non-zero exit status: %s", t.Name(), output)
+ t.Errorf("got a non-zero exit status: %s", output)
}
}()
diff --git a/internal/cmd/commands/server/server.go b/internal/cmd/commands/server/server.go
index 5badbfa4c7..a57c3b8137 100644
--- a/internal/cmd/commands/server/server.go
+++ b/internal/cmd/commands/server/server.go
@@ -26,7 +26,6 @@ import (
"github.com/hashicorp/boundary/internal/errors"
"github.com/hashicorp/boundary/internal/event"
"github.com/hashicorp/boundary/internal/kms"
- "github.com/hashicorp/boundary/internal/util"
"github.com/hashicorp/go-hclog"
"github.com/hashicorp/go-secure-stdlib/mlock"
"github.com/hashicorp/go-secure-stdlib/parseutil"
@@ -356,10 +355,14 @@ func (c *Command) Run(args []string) int {
}
}
for _, upstream := range c.Config.Worker.InitialUpstreams {
- host, _, err := util.SplitHostPort(upstream)
+ host, _, err := net.SplitHostPort(upstream)
if err != nil {
- c.UI.Error(fmt.Errorf("Invalid worker upstream address %q: %w", upstream, err).Error())
- return base.CommandUserError
+ if strings.Contains(err.Error(), globals.MissingPortErrStr) {
+ host = upstream
+ } else {
+ c.UI.Error(fmt.Errorf("Invalid worker upstream address %q: %w", upstream, err).Error())
+ return base.CommandUserError
+ }
}
ip := net.ParseIP(host)
if ip != nil {
@@ -410,10 +413,14 @@ func (c *Command) Run(args []string) int {
if purpose != "cluster" {
continue
}
- host, _, err := util.SplitHostPort(ln.Address)
+ host, _, err := net.SplitHostPort(ln.Address)
if err != nil {
- c.UI.Error(fmt.Errorf("Invalid cluster listener address %q: %w", ln.Address, err).Error())
- return base.CommandUserError
+ if strings.Contains(err.Error(), globals.MissingPortErrStr) {
+ host = ln.Address
+ } else {
+ c.UI.Error(fmt.Errorf("Invalid cluster listener address %q: %w", ln.Address, err).Error())
+ return base.CommandUserError
+ }
}
ip := net.ParseIP(host)
if ip != nil {
@@ -492,7 +499,7 @@ func (c *Command) Run(args []string) int {
}
}
- c.EnabledPlugins = append(c.EnabledPlugins, base.EnabledPluginAws, base.EnabledPluginHostAzure, base.EnabledPluginGCP)
+ c.EnabledPlugins = append(c.EnabledPlugins, base.EnabledPluginAws, base.EnabledPluginHostAzure)
if base.MinioEnabled {
c.EnabledPlugins = append(c.EnabledPlugins, base.EnabledPluginMinio)
}
diff --git a/internal/cmd/commands/server/worker_initial_upstreams_reload_test.go b/internal/cmd/commands/server/worker_initial_upstreams_reload_test.go
index a16935ce93..24b7b36fb1 100644
--- a/internal/cmd/commands/server/worker_initial_upstreams_reload_test.go
+++ b/internal/cmd/commands/server/worker_initial_upstreams_reload_test.go
@@ -75,7 +75,7 @@ func TestServer_ReloadInitialUpstreams(t *testing.T) {
defer wg.Done()
if code := cmd.Run(nil); code != 0 {
output := cmd.UI.(*cli.MockUi).ErrorWriter.String() + cmd.UI.(*cli.MockUi).OutputWriter.String()
- fmt.Printf("%s: got a non-zero exit status: %s", t.Name(), output)
+ t.Errorf("got a non-zero exit status: %s", output)
}
}()
diff --git a/internal/cmd/commands/server/worker_tags_reload_test.go b/internal/cmd/commands/server/worker_tags_reload_test.go
index b6f8729c4b..4159b9f181 100644
--- a/internal/cmd/commands/server/worker_tags_reload_test.go
+++ b/internal/cmd/commands/server/worker_tags_reload_test.go
@@ -87,7 +87,7 @@ func TestServer_ReloadWorkerTags(t *testing.T) {
defer wg.Done()
if code := cmd.Run(nil); code != 0 {
output := cmd.UI.(*cli.MockUi).ErrorWriter.String() + cmd.UI.(*cli.MockUi).OutputWriter.String()
- fmt.Printf("%s: got a non-zero exit status: %s", t.Name(), output)
+ t.Errorf("got a non-zero exit status: %s", output)
}
}()
diff --git a/internal/cmd/config/config.go b/internal/cmd/config/config.go
index b66ea720bc..6b2dbbc1a4 100644
--- a/internal/cmd/config/config.go
+++ b/internal/cmd/config/config.go
@@ -15,6 +15,7 @@ import (
"net"
"os"
"reflect"
+ "regexp"
"strconv"
"strings"
"time"
@@ -102,84 +103,6 @@ listener "tcp" {
purpose = "ops"
tls_disable = true
}
-`
-
- devIpv6ControllerExtraConfig = `
-controller {
- name = "dev-controller"
- description = "A default controller created in dev mode"
-}
-
-kms "aead" {
- purpose = "root"
- aead_type = "aes-gcm"
- key = "%s"
- key_id = "global_root"
-}
-
-kms "aead" {
- purpose = "worker-auth"
- aead_type = "aes-gcm"
- key = "%s"
- key_id = "global_worker-auth"
-}
-
-kms "aead" {
- purpose = "bsr"
- aead_type = "aes-gcm"
- key = "%s"
- key_id = "global_bsr"
-}
-
-kms "aead" {
- purpose = "recovery"
- aead_type = "aes-gcm"
- key = "%s"
- key_id = "global_recovery"
-}
-
-listener "tcp" {
- address = "[::1]"
- purpose = "api"
- tls_disable = true
- cors_enabled = true
- cors_allowed_origins = ["*"]
-}
-
-listener "tcp" {
- address = "[::1]"
- purpose = "cluster"
-}
-
-listener "tcp" {
- address = "[::1]"
- purpose = "ops"
- tls_disable = true
-}
-`
-
- devIpv6WorkerExtraConfig = `
-listener "tcp" {
- address = "[::1]"
- purpose = "proxy"
-}
-
-worker {
- name = "w_1234567890"
- description = "A default worker created in dev mode"
- public_addr = "[::1]"
- initial_upstreams = ["[::1]"]
- tags {
- type = ["dev", "local"]
- }
-}
-
-kms "aead" {
- purpose = "worker-auth-storage"
- aead_type = "aes-gcm"
- key = "%s"
- key_id = "worker-auth-storage"
-}
`
devWorkerExtraConfig = `
@@ -210,6 +133,10 @@ kms "aead" {
defaultCsp = "default-src 'none'; script-src 'self' 'wasm-unsafe-eval'; frame-src 'self'; font-src 'self'; connect-src 'self'; img-src 'self' data:; style-src 'self'; media-src 'self'; manifest-src 'self'; style-src-attr 'self'; frame-ancestors 'self'"
)
+// This regular expression is used to find all instances of square brackets within a string.
+// This regular expression is used to remove the square brackets from an IPv6 address.
+var squareBrackets = regexp.MustCompile("\\[|\\]")
+
// Config is the configuration for the boundary controller
type Config struct {
*configutil.SharedConfig `hcl:"-"`
@@ -451,18 +378,15 @@ type License struct {
// WithAuditEventsEnabled, TestWithErrorEventsEnabled
func DevWorker(opt ...Option) (*Config, error) {
workerAuthStorageKey := DevKeyGeneration()
- opts, err := getOpts(opt...)
- if err != nil {
- return nil, fmt.Errorf("error parsing options: %w", err)
- }
hclStr := fmt.Sprintf(devConfig+devWorkerExtraConfig, workerAuthStorageKey)
- if opts.withIPv6Enabled {
- hclStr = fmt.Sprintf(devConfig+devIpv6WorkerExtraConfig, workerAuthStorageKey)
- }
parsed, err := Parse(hclStr)
if err != nil {
return nil, fmt.Errorf("error parsing dev config: %w", err)
}
+ opts, err := getOpts(opt...)
+ if err != nil {
+ return nil, fmt.Errorf("error parsing options: %w", err)
+ }
parsed.Eventing.AuditEnabled = opts.withAuditEventsEnabled
parsed.Eventing.ObservationsEnabled = opts.withObservationsEnabled
parsed.Eventing.SysEventsEnabled = opts.withSysEventsEnabled
@@ -490,20 +414,12 @@ func DevKeyGeneration() string {
// DevController is a Config that is used for dev mode of Boundary
// controllers
func DevController(opt ...Option) (*Config, error) {
- opts, err := getOpts(opt...)
- if err != nil {
- return nil, fmt.Errorf("error parsing options: %w", err)
- }
-
controllerKey := DevKeyGeneration()
workerAuthKey := DevKeyGeneration()
bsrKey := DevKeyGeneration()
recoveryKey := DevKeyGeneration()
hclStr := fmt.Sprintf(devConfig+devControllerExtraConfig, controllerKey, workerAuthKey, bsrKey, recoveryKey)
- if opts.withIPv6Enabled {
- hclStr = fmt.Sprintf(devConfig+devIpv6ControllerExtraConfig, controllerKey, workerAuthKey, bsrKey, recoveryKey)
- }
parsed, err := Parse(hclStr)
if err != nil {
return nil, fmt.Errorf("error parsing dev config: %w", err)
@@ -513,6 +429,10 @@ func DevController(opt ...Option) (*Config, error) {
parsed.DevWorkerAuthKey = workerAuthKey
parsed.DevBsrKey = bsrKey
parsed.DevRecoveryKey = recoveryKey
+ opts, err := getOpts(opt...)
+ if err != nil {
+ return nil, fmt.Errorf("error parsing options: %w", err)
+ }
parsed.Eventing.AuditEnabled = opts.withAuditEventsEnabled
parsed.Eventing.ObservationsEnabled = opts.withObservationsEnabled
parsed.Eventing.SysEventsEnabled = opts.withSysEventsEnabled
@@ -520,22 +440,13 @@ func DevController(opt ...Option) (*Config, error) {
return parsed, nil
}
-func DevCombined(opt ...Option) (*Config, error) {
- opts, err := getOpts(opt...)
- if err != nil {
- return nil, fmt.Errorf("error parsing options: %w", err)
- }
-
+func DevCombined() (*Config, error) {
controllerKey := DevKeyGeneration()
workerAuthKey := DevKeyGeneration()
workerAuthStorageKey := DevKeyGeneration()
bsrKey := DevKeyGeneration()
recoveryKey := DevKeyGeneration()
-
hclStr := fmt.Sprintf(devConfig+devControllerExtraConfig+devWorkerExtraConfig, controllerKey, workerAuthKey, bsrKey, recoveryKey, workerAuthStorageKey)
- if opts.withIPv6Enabled {
- hclStr = fmt.Sprintf(devConfig+devIpv6ControllerExtraConfig+devIpv6WorkerExtraConfig, controllerKey, workerAuthKey, bsrKey, recoveryKey, workerAuthStorageKey)
- }
parsed, err := Parse(hclStr)
if err != nil {
return nil, fmt.Errorf("error parsing dev config: %w", err)
@@ -1344,14 +1255,20 @@ func (c *Config) SetupControllerPublicClusterAddress(flagValue string) error {
}
}
- host, port, err := util.SplitHostPort(c.Controller.PublicClusterAddr)
+ host, port, err := net.SplitHostPort(c.Controller.PublicClusterAddr)
if err != nil {
- return fmt.Errorf("Error splitting public cluster adddress host/port: %w", err)
- }
- if port == "" {
- port = "9201"
+ if strings.Contains(err.Error(), "missing port") {
+ port = "9201"
+ host = c.Controller.PublicClusterAddr
+ } else {
+ return fmt.Errorf("Error splitting public cluster adddress host/port: %w", err)
+ }
}
- c.Controller.PublicClusterAddr = util.JoinHostPort(host, port)
+
+ // remove the square brackets from the ipv6 address because the method
+ // net.JoinHostPort() will add a second pair of square brackets.
+ host = squareBrackets.ReplaceAllString(host, "")
+ c.Controller.PublicClusterAddr = net.JoinHostPort(host, port)
return nil
}
@@ -1405,7 +1322,11 @@ func (c *Config) SetupWorkerInitialUpstreams() error {
break
}
// Best effort see if it's a domain name and if not assume it must match
- host, _, err := util.SplitHostPort(c.Worker.InitialUpstreams[0])
+ host, _, err := net.SplitHostPort(c.Worker.InitialUpstreams[0])
+ if err != nil && strings.Contains(err.Error(), globals.MissingPortErrStr) {
+ err = nil
+ host = c.Worker.InitialUpstreams[0]
+ }
if err == nil {
ip := net.ParseIP(host)
if ip == nil {
diff --git a/internal/cmd/config/config_test.go b/internal/cmd/config/config_test.go
index 56f4d834b1..30449cc7ba 100644
--- a/internal/cmd/config/config_test.go
+++ b/internal/cmd/config/config_test.go
@@ -6,7 +6,6 @@ package config
import (
"encoding/base64"
"fmt"
- "net"
"net/http"
"os"
"testing"
@@ -14,7 +13,6 @@ import (
"github.com/hashicorp/boundary/internal/event"
"github.com/hashicorp/boundary/internal/ratelimit"
- "github.com/hashicorp/boundary/internal/util"
configutil "github.com/hashicorp/go-secure-stdlib/configutil/v2"
"github.com/hashicorp/go-secure-stdlib/listenerutil"
"github.com/hashicorp/go-secure-stdlib/parseutil"
@@ -781,101 +779,6 @@ func TestDevWorkerRecordingStoragePath(t *testing.T) {
}
}
-func TestDevControllerIpv6(t *testing.T) {
- require, assert := require.New(t), assert.New(t)
- // This test only validates that all listeners are utilizing an IPv6 address.
- // Other dev controller configurations are validates in TestDevController.
- actual, err := DevController(WithIPv6Enabled(true))
- require.NoError(err)
-
- // expected an error here because we purposely did not provide a port number
- // to allow randomly assigned port values
- _, _, err = net.SplitHostPort(actual.Controller.PublicClusterAddr)
- require.Error(err)
-
- // assert the square brackets are removed from the host ipv6 address and that the port value is empty
- publicAddr, port, err := util.SplitHostPort(actual.Controller.PublicClusterAddr)
- require.NoError(err)
- assert.Empty(port)
- assert.Empty(publicAddr)
-
- require.NotEmpty(actual.Listeners)
- for _, l := range actual.Listeners {
- addr, _, err := util.SplitHostPort(l.Address)
- require.NoError(err)
- ip := net.ParseIP(addr)
- assert.NotNil(ip, "failed to parse listener address for %v", l.Purpose)
- assert.NotNil(ip.To16(), "failed to convert address to IPv6 for %v, found %v", l.Purpose, addr)
- }
-}
-
-func TestDevWorkerIpv6(t *testing.T) {
- require, assert := require.New(t), assert.New(t)
- // This test only validates that all listeners are utilizing an IPv6 address.
- // Other dev worker configurations are validates in TestDevWorker.
- actual, err := DevWorker(WithIPv6Enabled(true))
- require.NoError(err)
-
- // expected an error here because we purposely did not provide a port number
- // to allow randomly assigned port values
- _, _, err = net.SplitHostPort(actual.Worker.PublicAddr)
- require.Error(err)
-
- // assert the square brackets are removed from the worker ipv6 address and that the port value is empty
- publicAddr, port, err := util.SplitHostPort(actual.Worker.PublicAddr)
- require.NoError(err)
- assert.Empty(port)
- ip := net.ParseIP(publicAddr)
- assert.NotNil(ip, "failed to parse worker public address")
- assert.NotNil(ip.To16(), "worker public address is not IPv6 %s", actual.Worker.PublicAddr)
-
- require.NotEmpty(actual.Listeners)
- for _, l := range actual.Listeners {
- addr, _, err := util.SplitHostPort(l.Address)
- require.NoError(err)
- ip := net.ParseIP(addr)
- assert.NotNil(ip, "failed to parse listener address for %v", l.Purpose)
- assert.NotNil(ip.To16(), "failed to convert address to IPv6 for %v, found %v", l.Purpose, addr)
- }
-}
-
-func TestDevCombinedIpv6(t *testing.T) {
- require, assert := require.New(t), assert.New(t)
- // This test only validates that all listeners are utilizing an IPv6 address.
- actual, err := DevCombined(WithIPv6Enabled(true))
- require.NoError(err)
-
- // expected an error here because we purposely did not provide a port number
- // to allow randomly assigned port values for the worker and controller
- _, _, err = net.SplitHostPort(actual.Worker.PublicAddr)
- require.Error(err)
- _, _, err = net.SplitHostPort(actual.Controller.PublicClusterAddr)
- require.Error(err)
-
- // assert the square brackets are removed from the host ipv6 address and that the port value is empty
- publicAddr, port, err := util.SplitHostPort(actual.Worker.PublicAddr)
- require.NoError(err)
- assert.Empty(port)
- ip := net.ParseIP(publicAddr)
- assert.NotNil(ip, "failed to parse worker public address")
- assert.NotNil(ip.To16(), "worker public address is not IPv6 %s", actual.Worker.PublicAddr)
-
- // assert the square brackets are removed from the controller ipv6 address and that the port value is empty
- publicAddr, port, err = util.SplitHostPort(actual.Controller.PublicClusterAddr)
- require.NoError(err)
- assert.Empty(port)
- assert.Empty(publicAddr)
-
- require.NotEmpty(actual.Listeners)
- for _, l := range actual.Listeners {
- addr, _, err := util.SplitHostPort(l.Address)
- require.NoError(err)
- ip := net.ParseIP(addr)
- assert.NotNil(ip, "failed to parse listener address for %v", l.Purpose)
- assert.NotNil(ip.To16(), "failed to convert address to IPv6 for %v, found %v", l.Purpose, addr)
- }
-}
-
func TestDevKeyGeneration(t *testing.T) {
t.Parallel()
dk := DevKeyGeneration()
diff --git a/internal/cmd/config/options.go b/internal/cmd/config/options.go
index e95564f786..aed401b7a3 100644
--- a/internal/cmd/config/options.go
+++ b/internal/cmd/config/options.go
@@ -35,7 +35,6 @@ type options struct {
withSysEventsEnabled bool
withAuditEventsEnabled bool
withObservationsEnabled bool
- withIPv6Enabled bool
testWithErrorEventsEnabled bool
}
@@ -60,12 +59,6 @@ func getDefaultOptions() (options, error) {
}
opts.withObservationsEnabled = obs
- ipv6, err := parseutil.ParseBool(os.Getenv("BOUNDARY_ENABLE_TEST_IPV6"))
- if err != nil {
- return opts, err
- }
- opts.withIPv6Enabled = ipv6
-
errEvents, err := parseutil.ParseBool(os.Getenv("BOUNDARY_ENABLE_TEST_ERROR_EVENTS"))
if err != nil {
return opts, err
@@ -99,14 +92,6 @@ func WithObservationsEnabled(enable bool) Option {
}
}
-// WithIPv6Enabled provides an option for enabling network ipv6 addresses
-func WithIPv6Enabled(enable bool) Option {
- return func(o *options) error {
- o.withIPv6Enabled = enable
- return nil
- }
-}
-
// TestWithErrorEventsEnabled provides an option for enabling error events
// during tests.
func TestWithErrorEventsEnabled(_ testing.TB, enable bool) Option {
diff --git a/internal/daemon/controller/controller.go b/internal/daemon/controller/controller.go
index 57200a7a62..3ac24f483e 100644
--- a/internal/daemon/controller/controller.go
+++ b/internal/daemon/controller/controller.go
@@ -45,6 +45,7 @@ import (
"github.com/hashicorp/boundary/internal/ratelimit"
"github.com/hashicorp/boundary/internal/recording"
"github.com/hashicorp/boundary/internal/scheduler"
+ "github.com/hashicorp/boundary/internal/scheduler/cleaner"
"github.com/hashicorp/boundary/internal/scheduler/job"
"github.com/hashicorp/boundary/internal/server"
serversjob "github.com/hashicorp/boundary/internal/server/job"
@@ -320,8 +321,6 @@ func New(ctx context.Context, conf *Config) (*Controller, error) {
if _, err := conf.RegisterPlugin(ctx, pluginType, client, []plugin.PluginType{plugin.PluginTypeHost}, plugin.WithDescription(fmt.Sprintf("Built-in %s host plugin", enabledPlugin.String()))); err != nil {
return nil, fmt.Errorf("error registering %s host plugin: %w", pluginType, err)
}
- case enabledPlugin == base.EnabledPluginGCP && !c.conf.SkipPlugins:
- fallthrough
case enabledPlugin == base.EnabledPluginAws && !c.conf.SkipPlugins:
pluginType := strings.ToLower(enabledPlugin.String())
client, cleanup, err := external_plugins.CreateHostPlugin(
@@ -398,8 +397,8 @@ func New(ctx context.Context, conf *Config) (*Controller, error) {
jobRepoFn := func() (*job.Repository, error) {
return job.NewRepository(ctx, dbase, dbase, c.kms)
}
-
- schedulerOpts := []scheduler.Option{}
+ // TODO: Allow setting run jobs limit from config
+ schedulerOpts := []scheduler.Option{scheduler.WithRunJobsLimit(-1)}
if c.conf.RawConfig.Controller.Scheduler.JobRunIntervalDuration > 0 {
schedulerOpts = append(schedulerOpts, scheduler.WithRunJobsInterval(c.conf.RawConfig.Controller.Scheduler.JobRunIntervalDuration))
}
@@ -638,6 +637,9 @@ func (c *Controller) registerJobs() error {
if err := kmsjob.RegisterJobs(c.baseContext, c.scheduler, c.kms); err != nil {
return err
}
+ if err := cleaner.RegisterJob(c.baseContext, c.scheduler, rw); err != nil {
+ return err
+ }
if err := snapshot.RegisterJob(c.baseContext, c.scheduler, rw, rw); err != nil {
return err
}
diff --git a/internal/daemon/controller/controller_test.go b/internal/daemon/controller/controller_test.go
index 1c6dd54aa9..0dfb72ab81 100644
--- a/internal/daemon/controller/controller_test.go
+++ b/internal/daemon/controller/controller_test.go
@@ -257,7 +257,6 @@ func TestController_NewPluginsConfig(t *testing.T) {
conf.EnabledPlugins = []base.EnabledPlugin{
base.EnabledPluginAws,
base.EnabledPluginHostAzure,
- base.EnabledPluginGCP,
}
_, err = New(testCtx, conf)
@@ -266,15 +265,14 @@ func TestController_NewPluginsConfig(t *testing.T) {
// Check that both plugins were written to the temp dir
files, err := os.ReadDir(tmpDir)
require.NoError(err)
- require.Len(files, 3)
+ require.Len(files, 2)
for _, file := range files {
name := filepath.Base(file.Name())
// Remove random chars and hyphen
name = name[0 : len(name)-6]
switch name {
case boundary_plugin_assets.PluginPrefix + "aws",
- boundary_plugin_assets.PluginPrefix + "azure",
- boundary_plugin_assets.PluginPrefix + "gcp":
+ boundary_plugin_assets.PluginPrefix + "azure":
default:
require.Fail("unexpected name", name)
}
diff --git a/internal/daemon/controller/handlers/targets/target_service.go b/internal/daemon/controller/handlers/targets/target_service.go
index f6e92d28d1..e05eeaec49 100644
--- a/internal/daemon/controller/handlers/targets/target_service.go
+++ b/internal/daemon/controller/handlers/targets/target_service.go
@@ -42,7 +42,6 @@ import (
"github.com/hashicorp/boundary/internal/types/resource"
"github.com/hashicorp/boundary/internal/types/scope"
"github.com/hashicorp/boundary/internal/types/subtypes"
- "github.com/hashicorp/boundary/internal/util"
"github.com/hashicorp/boundary/sdk/pbs/controller/api/resources/scopes"
pb "github.com/hashicorp/boundary/sdk/pbs/controller/api/resources/targets"
fm "github.com/hashicorp/boundary/version"
@@ -968,10 +967,17 @@ func (s Service) AuthorizeSession(ctx context.Context, req *pbs.AuthorizeSession
"No host was discovered after checking target address and host sources.")
}
- // Ensure we don't have a port from the address
- _, err = util.ParseAddress(ctx, h)
- if err != nil {
+ // Ensure we don't have a port from the address, which would be unexpected
+ _, _, err = net.SplitHostPort(h)
+ switch {
+ case err != nil && strings.Contains(err.Error(), globals.MissingPortErrStr):
+ // This is what we expect
+ case err != nil:
return nil, errors.Wrap(ctx, err, op, errors.WithMsg("error when parsing the chosen endpoint host address"))
+ case err == nil:
+ return nil, handlers.ApiErrorWithCodeAndMessage(
+ codes.FailedPrecondition,
+ "Address specified for use unexpectedly contains a port.")
}
// Generate the endpoint URL
diff --git a/internal/daemon/controller/handlers/targets/tcp/target_service_test.go b/internal/daemon/controller/handlers/targets/tcp/target_service_test.go
index 836c6a28b7..92274e83e1 100644
--- a/internal/daemon/controller/handlers/targets/tcp/target_service_test.go
+++ b/internal/daemon/controller/handlers/targets/tcp/target_service_test.go
@@ -4409,104 +4409,57 @@ func TestAuthorizeSession_Errors(t *testing.T) {
assert.Equal(t, 1, num)
v.RevokeToken(t, tok1)
- workerExists := func(tar target.Target) target.Target {
+ workerExists := func(tar target.Target) (version uint32) {
server.TestKmsWorker(t, conn, wrapper)
- return tar
+ return tar.GetVersion()
}
- hostSetNoHostExists := func(tar target.Target) target.Target {
+ hostSetNoHostExists := func(tar target.Target) (version uint32) {
hc := static.TestCatalogs(t, conn, proj.GetPublicId(), 1)[0]
hs := static.TestSets(t, conn, hc.GetPublicId(), 1)[0]
- _, err := s.AddTargetHostSources(ctx, &pbs.AddTargetHostSourcesRequest{
- Id: tar.GetPublicId(),
- Version: tar.GetVersion(),
- HostSourceIds: []string{hs.GetPublicId()},
- })
- require.NoError(t, err)
- repo, err := repoFn()
- require.NoError(t, err)
- tar, err = repo.LookupTarget(ctx, tar.GetPublicId())
- require.NoError(t, err)
- return tar
- }
- hostExists := func(tar target.Target) target.Target {
- hc := static.TestCatalogs(t, conn, proj.GetPublicId(), 1)[0]
- h := static.TestHosts(t, conn, hc.GetPublicId(), 1)[0]
- hs := static.TestSets(t, conn, hc.GetPublicId(), 1)[0]
- _ = static.TestSetMembers(t, conn, hs.GetPublicId(), []*static.Host{h})
- _, err := s.AddTargetHostSources(ctx, &pbs.AddTargetHostSourcesRequest{
+ tr, err := s.AddTargetHostSources(ctx, &pbs.AddTargetHostSourcesRequest{
Id: tar.GetPublicId(),
Version: tar.GetVersion(),
HostSourceIds: []string{hs.GetPublicId()},
})
require.NoError(t, err)
- hostRepo, err := staticHostRepoFn()
- require.NoError(t, err)
- _, _, err = hostRepo.UpdateHost(ctx, hc.GetProjectId(), h, h.GetVersion(), []string{"address"})
- require.NoError(t, err)
- repo, err := repoFn()
- require.NoError(t, err)
- tar, err = repo.LookupTarget(ctx, tar.GetPublicId())
- require.NoError(t, err)
- return tar
+ return tr.GetItem().GetVersion()
}
- hostWithoutPort := func(tar target.Target) target.Target {
+ hostExists := func(tar target.Target) (version uint32) {
hc := static.TestCatalogs(t, conn, proj.GetPublicId(), 1)[0]
h := static.TestHosts(t, conn, hc.GetPublicId(), 1)[0]
hs := static.TestSets(t, conn, hc.GetPublicId(), 1)[0]
_ = static.TestSetMembers(t, conn, hs.GetPublicId(), []*static.Host{h})
- _, err := s.AddTargetHostSources(ctx, &pbs.AddTargetHostSourcesRequest{
- Id: tar.GetPublicId(),
- Version: tar.GetVersion(),
- HostSourceIds: []string{hs.GetPublicId()},
- })
- require.NoError(t, err)
- repo, err := repoFn()
- require.NoError(t, err)
- tar, err = repo.LookupTarget(ctx, tar.GetPublicId())
- require.NoError(t, err)
- return tar
- }
-
- ipv4HostWithHostPort := func(tar target.Target) target.Target {
- hc := static.TestCatalogs(t, conn, proj.GetPublicId(), 1)[0]
- h := static.TestHost(t, conn, hc.GetPublicId(), static.WithAddress("8.8.8.8:22"))
- hs := static.TestSets(t, conn, hc.GetPublicId(), 1)[0]
- _ = static.TestSetMembers(t, conn, hs.GetPublicId(), []*static.Host{h})
- _, err := s.SetTargetHostSources(ctx, &pbs.SetTargetHostSourcesRequest{
+ apiTar, err := s.AddTargetHostSources(ctx, &pbs.AddTargetHostSourcesRequest{
Id: tar.GetPublicId(),
Version: tar.GetVersion(),
HostSourceIds: []string{hs.GetPublicId()},
})
require.NoError(t, err)
- repo, err := repoFn()
+ repo, err := staticHostRepoFn()
require.NoError(t, err)
- tar, err = repo.LookupTarget(ctx, tar.GetPublicId())
+ _, _, err = repo.UpdateHost(ctx, hc.GetProjectId(), h, h.GetVersion(), []string{"address"})
require.NoError(t, err)
- return tar
+ return apiTar.GetItem().GetVersion()
}
- ipv6HostWithHostPort := func(tar target.Target) target.Target {
+ hostWithoutPort := func(tar target.Target) (version uint32) {
hc := static.TestCatalogs(t, conn, proj.GetPublicId(), 1)[0]
- h := static.TestHost(t, conn, hc.GetPublicId(), static.WithAddress("[2001:4860:4860:0:0:0:0:8888]:22"))
+ h := static.TestHosts(t, conn, hc.GetPublicId(), 1)[0]
hs := static.TestSets(t, conn, hc.GetPublicId(), 1)[0]
_ = static.TestSetMembers(t, conn, hs.GetPublicId(), []*static.Host{h})
- _, err := s.SetTargetHostSources(ctx, &pbs.SetTargetHostSourcesRequest{
+ apiTar, err := s.AddTargetHostSources(ctx, &pbs.AddTargetHostSourcesRequest{
Id: tar.GetPublicId(),
Version: tar.GetVersion(),
HostSourceIds: []string{hs.GetPublicId()},
})
require.NoError(t, err)
- repo, err := repoFn()
- require.NoError(t, err)
- tar, err = repo.LookupTarget(ctx, tar.GetPublicId())
- require.NoError(t, err)
- return tar
+ return apiTar.GetItem().GetVersion()
}
- libraryExists := func(tar target.Target) target.Target {
+ libraryExists := func(tar target.Target) (version uint32) {
credService, err := credentiallibraries.NewService(ctx, iamRepoFn, vaultCredRepoFn, 1000)
require.NoError(t, err)
clsResp, err := credService.CreateCredentialLibrary(ctx, &pbs.CreateCredentialLibraryRequest{Item: &credlibpb.CredentialLibrary{
@@ -4521,21 +4474,17 @@ func TestAuthorizeSession_Errors(t *testing.T) {
}})
require.NoError(t, err)
- _, err = s.AddTargetCredentialSources(ctx,
+ tr, err := s.AddTargetCredentialSources(ctx,
&pbs.AddTargetCredentialSourcesRequest{
Id: tar.GetPublicId(),
BrokeredCredentialSourceIds: []string{clsResp.GetItem().GetId()},
Version: tar.GetVersion(),
})
require.NoError(t, err)
- repo, err := repoFn()
- require.NoError(t, err)
- tar, err = repo.LookupTarget(ctx, tar.GetPublicId())
- require.NoError(t, err)
- return tar
+ return tr.GetItem().GetVersion()
}
- misConfiguredlibraryExists := func(tar target.Target) target.Target {
+ misConfiguredlibraryExists := func(tar target.Target) (version uint32) {
credService, err := credentiallibraries.NewService(ctx, iamRepoFn, vaultCredRepoFn, 1000)
require.NoError(t, err)
clsResp, err := credService.CreateCredentialLibrary(ctx, &pbs.CreateCredentialLibraryRequest{Item: &credlibpb.CredentialLibrary{
@@ -4550,21 +4499,17 @@ func TestAuthorizeSession_Errors(t *testing.T) {
}})
require.NoError(t, err)
- _, err = s.AddTargetCredentialSources(ctx,
+ tr, err := s.AddTargetCredentialSources(ctx,
&pbs.AddTargetCredentialSourcesRequest{
Id: tar.GetPublicId(),
BrokeredCredentialSourceIds: []string{clsResp.GetItem().GetId()},
Version: tar.GetVersion(),
})
require.NoError(t, err)
- repo, err := repoFn()
- require.NoError(t, err)
- tar, err = repo.LookupTarget(ctx, tar.GetPublicId())
- require.NoError(t, err)
- return tar
+ return tr.GetItem().GetVersion()
}
- expiredTokenLibrary := func(tar target.Target) target.Target {
+ expiredTokenLibrary := func(tar target.Target) (version uint32) {
credService, err := credentiallibraries.NewService(ctx, iamRepoFn, vaultCredRepoFn, 1000)
require.NoError(t, err)
clsResp, err := credService.CreateCredentialLibrary(ctx, &pbs.CreateCredentialLibraryRequest{Item: &credlibpb.CredentialLibrary{
@@ -4579,18 +4524,14 @@ func TestAuthorizeSession_Errors(t *testing.T) {
}})
require.NoError(t, err)
- _, err = s.AddTargetCredentialSources(ctx,
+ tr, err := s.AddTargetCredentialSources(ctx,
&pbs.AddTargetCredentialSourcesRequest{
Id: tar.GetPublicId(),
BrokeredCredentialSourceIds: []string{clsResp.GetItem().GetId()},
Version: tar.GetVersion(),
})
require.NoError(t, err)
- repo, err := repoFn()
- require.NoError(t, err)
- tar, err = repo.LookupTarget(ctx, tar.GetPublicId())
- require.NoError(t, err)
- return tar
+ return tr.GetItem().GetVersion()
}
// Generate correlation Id and add it to the context
@@ -4602,7 +4543,7 @@ func TestAuthorizeSession_Errors(t *testing.T) {
cases := []struct {
name string
ctx context.Context
- setup []func(target.Target) target.Target
+ setup []func(target.Target) uint32
useTargetId bool
wantErr bool
wantErrContains string
@@ -4611,100 +4552,70 @@ func TestAuthorizeSession_Errors(t *testing.T) {
// This one must be run first since it relies on the DB not having any worker details
name: "no worker",
ctx: ctxWithCor,
- setup: []func(tcpTarget target.Target) target.Target{hostExists, libraryExists},
+ setup: []func(tcpTarget target.Target) uint32{hostExists, libraryExists},
useTargetId: true,
wantErrContains: "No workers are available to handle this session",
},
{
name: "success",
ctx: ctxWithCor,
- setup: []func(tcpTarget target.Target) target.Target{workerExists, hostExists, libraryExists},
+ setup: []func(tcpTarget target.Target) uint32{workerExists, hostExists, libraryExists},
useTargetId: true,
},
{
name: "no target",
ctx: ctxWithCor,
- setup: []func(tcpTarget target.Target) target.Target{workerExists, hostExists, libraryExists},
+ setup: []func(tcpTarget target.Target) uint32{workerExists, hostExists, libraryExists},
useTargetId: false,
wantErrContains: "Resource not found",
},
{
name: "no host port",
ctx: ctxWithCor,
- setup: []func(tcpTarget target.Target) target.Target{workerExists, hostWithoutPort, libraryExists},
+ setup: []func(tcpTarget target.Target) uint32{workerExists, hostWithoutPort, libraryExists},
useTargetId: true,
},
{
- name: "ipv4 target address host port",
+ name: "host port",
ctx: ctxWithCor,
- setup: []func(tcpTarget target.Target) target.Target{
- workerExists, func(tcpTarget target.Target) target.Target {
+ setup: []func(tcpTarget target.Target) uint32{
+ workerExists, func(tcpTarget target.Target) uint32 {
+ tcpTarget.SetAddress("127.0.0.1:22")
repo, err := repoFn()
require.NoError(t, err)
- n, err := repo.DeleteTarget(ctx, tcpTarget.GetPublicId())
+ tcpTarget, _, err = repo.UpdateTarget(ctx, tcpTarget, tcpTarget.GetVersion(), []string{"address"})
require.NoError(t, err)
- assert.Equal(t, 1, n)
- return tcp.TestTarget(ctx, t, conn, tcpTarget.GetProjectId(), tcpTarget.GetName(), target.WithAddress("127.0.0.1:22"), target.WithDefaultPort(22))
+ return tcpTarget.GetVersion()
},
},
- wantErrContains: "error when parsing the chosen endpoint host address: unknown: error #0: address contains a port",
- useTargetId: true,
- },
- {
- name: "ipv6 target address host port",
- ctx: ctxWithCor,
- setup: []func(tcpTarget target.Target) target.Target{
- workerExists, func(tcpTarget target.Target) target.Target {
- repo, err := repoFn()
- require.NoError(t, err)
- n, err := repo.DeleteTarget(ctx, tcpTarget.GetPublicId())
- require.NoError(t, err)
- assert.Equal(t, 1, n)
- return tcp.TestTarget(ctx, t, conn, tcpTarget.GetProjectId(), tcpTarget.GetName(), target.WithAddress("[2001:4860:4860:0:0:0:0:8888]:22"), target.WithDefaultPort(22))
- },
- },
- wantErrContains: "error when parsing the chosen endpoint host address: unknown: error #0: address contains a port",
- useTargetId: true,
- },
- {
- name: "ipv4 static host port",
- ctx: ctxWithCor,
- setup: []func(tcpTarget target.Target) target.Target{ipv4HostWithHostPort},
- wantErrContains: "error when parsing the chosen endpoint host address: unknown: error #0: address contains a port",
- useTargetId: true,
- },
- {
- name: "ipv6 static host port",
- ctx: ctxWithCor,
- setup: []func(tcpTarget target.Target) target.Target{ipv6HostWithHostPort},
- wantErrContains: "error when parsing the chosen endpoint host address: unknown: error #0: address contains a port",
+ wantErrContains: "Address specified for use unexpectedly contains a port",
useTargetId: true,
},
{
name: "no hosts",
ctx: ctxWithCor,
- setup: []func(tcpTarget target.Target) target.Target{workerExists, hostSetNoHostExists, libraryExists},
+ setup: []func(tcpTarget target.Target) uint32{workerExists, hostSetNoHostExists, libraryExists},
useTargetId: true,
wantErrContains: "No host sources or address found for given target",
},
{
name: "bad library configuration",
ctx: ctxWithCor,
- setup: []func(tcpTarget target.Target) target.Target{workerExists, hostExists, misConfiguredlibraryExists},
+ setup: []func(tcpTarget target.Target) uint32{workerExists, hostExists, misConfiguredlibraryExists},
useTargetId: true,
wantErrContains: "external system issue: error #3014: Error making API request",
},
{
name: "expired token library",
ctx: ctxWithCor,
- setup: []func(tcpTarget target.Target) target.Target{workerExists, hostExists, expiredTokenLibrary},
+ setup: []func(tcpTarget target.Target) uint32{workerExists, hostExists, expiredTokenLibrary},
useTargetId: true,
wantErrContains: "vault.newClient: invalid configuration",
},
{
name: "no correaltion id",
ctx: ctx,
- setup: []func(tcpTarget target.Target) target.Target{workerExists, hostExists, libraryExists},
+ setup: []func(tcpTarget target.Target) uint32{workerExists, hostExists, libraryExists},
useTargetId: true,
wantErrContains: "authorize session: missing correlation id",
},
@@ -4715,7 +4626,8 @@ func TestAuthorizeSession_Errors(t *testing.T) {
tar := tcp.TestTarget(ctx, t, conn, proj.GetPublicId(), fmt.Sprintf("test-%d", i), target.WithDefaultPort(22))
for _, fn := range tc.setup {
- tar = fn(tar)
+ ver := fn(tar)
+ tar.SetVersion(ver)
}
id := tar.GetPublicId()
diff --git a/internal/daemon/controller/testing.go b/internal/daemon/controller/testing.go
index abf2e76759..41dc57d2ba 100644
--- a/internal/daemon/controller/testing.go
+++ b/internal/daemon/controller/testing.go
@@ -503,8 +503,6 @@ type TestControllerOpts struct {
WorkerAuthDebuggingEnabled *atomic.Bool
DisableRateLimiting bool
-
- EnableIPv6 bool
}
func NewTestController(t testing.TB, opts *TestControllerOpts) *TestController {
@@ -589,8 +587,7 @@ func TestControllerConfig(t testing.TB, ctx context.Context, tc *TestController,
opts.Config = cfg
case opts.Config == nil:
- cfgOpts := append([]config.Option{}, config.WithIPv6Enabled(true))
- opts.Config, err = config.DevController(cfgOpts...)
+ opts.Config, err = config.DevController()
if err != nil {
t.Fatal(err)
}
diff --git a/internal/daemon/controller/testing_test.go b/internal/daemon/controller/testing_test.go
index 52e0bc4eeb..57af31cb5d 100644
--- a/internal/daemon/controller/testing_test.go
+++ b/internal/daemon/controller/testing_test.go
@@ -7,9 +7,7 @@ import (
"bytes"
"context"
"io"
- "net"
"os"
- "strings"
"testing"
"github.com/hashicorp/boundary/globals"
@@ -101,26 +99,3 @@ func Test_TestController(t *testing.T) {
assert.NotNil(ws.Bsr())
})
}
-
-func Test_TestControllerIPv6(t *testing.T) {
- require, assert := require.New(t), assert.New(t)
- c := NewTestController(t, &TestControllerOpts{
- EnableIPv6: true,
- })
- require.NotNil(c)
- validateIPv6 := func(addr, name string) {
- host, _, err := net.SplitHostPort(addr)
- require.NoError(err)
- require.NotEmpty(host, "missing host")
- ip := net.ParseIP(host)
- assert.NotNil(ip, "failed to parse %s", name)
- assert.NotNil(ip.To16(), "%s is not IPv6 %s", name, addr)
- }
- for _, addr := range c.ClusterAddrs() {
- validateIPv6(addr, "cluster addr")
- }
- for _, addr := range c.ApiAddrs() {
- addr = strings.ReplaceAll(addr, "http://", "")
- validateIPv6(addr, "api addr")
- }
-}
diff --git a/internal/daemon/worker/controller_connection.go b/internal/daemon/worker/controller_connection.go
index d766ae00c5..33bd766f4d 100644
--- a/internal/daemon/worker/controller_connection.go
+++ b/internal/daemon/worker/controller_connection.go
@@ -14,6 +14,7 @@ import (
"sync/atomic"
"time"
+ "github.com/hashicorp/boundary/globals"
"github.com/hashicorp/boundary/internal/cmd/base"
"github.com/hashicorp/boundary/internal/daemon/cluster"
"github.com/hashicorp/boundary/internal/daemon/cluster/handlers"
@@ -49,14 +50,14 @@ func (w *Worker) StartControllerConnections() error {
case strings.HasPrefix(addr, "/"):
initialAddrs = append(initialAddrs, addr)
default:
- host, port, err := util.SplitHostPort(addr)
+ host, port, err := net.SplitHostPort(addr)
+ if err != nil && strings.Contains(err.Error(), globals.MissingPortErrStr) {
+ host, port, err = net.SplitHostPort(net.JoinHostPort(addr, "9201"))
+ }
if err != nil {
return fmt.Errorf("error parsing upstream address: %w", err)
}
- if port == "" {
- port = "9201"
- }
- initialAddrs = append(initialAddrs, util.JoinHostPort(host, port))
+ initialAddrs = append(initialAddrs, net.JoinHostPort(host, port))
}
}
diff --git a/internal/daemon/worker/testing.go b/internal/daemon/worker/testing.go
index db47dece74..ad57f22b6c 100644
--- a/internal/daemon/worker/testing.go
+++ b/internal/daemon/worker/testing.go
@@ -236,9 +236,6 @@ type TestWorkerOpts struct {
// Enable observation events
EnableObservationEvents bool
- // Enable IPv6
- EnableIPv6 bool
-
// Enable error events
EnableErrorEvents bool
}
@@ -275,7 +272,6 @@ func NewTestWorker(t testing.TB, opts *TestWorkerOpts) *TestWorker {
configOpts = append(configOpts, config.WithAuditEventsEnabled(opts.EnableAuditEvents))
configOpts = append(configOpts, config.WithSysEventsEnabled(opts.EnableSysEvents))
configOpts = append(configOpts, config.WithObservationsEnabled(opts.EnableObservationEvents))
- configOpts = append(configOpts, config.WithIPv6Enabled(opts.EnableIPv6))
configOpts = append(configOpts, config.TestWithErrorEventsEnabled(t, opts.EnableErrorEvents))
opts.Config, err = config.DevWorker(configOpts...)
if err != nil {
@@ -565,7 +561,7 @@ func NewTestMultihopWorkers(t testing.TB,
// NewAuthorizedPkiTestWorker creates a new test worker with the provided upstreams
// and creates it in the provided repo as an authorized worker. It returns
// The TestWorker and it's boundary id.
-func NewAuthorizedPkiTestWorker(t *testing.T, repo *server.Repository, name string, upstreams []string, opt ...config.Option) (*TestWorker, string) {
+func NewAuthorizedPkiTestWorker(t *testing.T, repo *server.Repository, name string, upstreams []string) (*TestWorker, string) {
t.Helper()
logger := hclog.New(&hclog.LoggerOptions{
Level: hclog.Trace,
diff --git a/internal/daemon/worker/testing_test.go b/internal/daemon/worker/testing_test.go
index 5742bbefc2..25ae99bdd0 100644
--- a/internal/daemon/worker/testing_test.go
+++ b/internal/daemon/worker/testing_test.go
@@ -209,30 +209,6 @@ func TestNewTestMultihopWorkers(t *testing.T) {
require.NoError(t, c.WaitForNextWorkerStatusUpdate(childKmsWorker.Name()))
}
-func TestWorkerIPv6(t *testing.T) {
- require, assert := require.New(t), assert.New(t)
- w := NewTestWorker(t, &TestWorkerOpts{
- EnableIPv6: true,
- })
- require.NotNil(w)
- validateIPv6 := func(addr, name string) {
- host, _, err := net.SplitHostPort(addr)
- require.NoError(err)
- require.NotEmpty(host, "missing host")
- ip := net.ParseIP(host)
- assert.NotNil(ip, "failed to parse %s", name)
- assert.NotNil(ip.To16(), "%s is not IPv6 %s", name, addr)
- }
- for _, addr := range w.addrs {
- validateIPv6(addr, "worker addr")
- }
- for _, addr := range w.ProxyAddrs() {
- validateIPv6(addr, "proxy addr")
- }
- require.NotNil(w.Worker().proxyListener)
- validateIPv6(w.Worker().proxyListener.ProxyListener.Addr().String(), "proxy listener addr")
-}
-
func createTestCert(t *testing.T) ([]byte, ed25519.PublicKey, ed25519.PrivateKey) {
pub, priv, err := ed25519.GenerateKey(rand.Reader)
require.NoError(t, err)
diff --git a/internal/db/option.go b/internal/db/option.go
index c260c4aa37..f590fc6af0 100644
--- a/internal/db/option.go
+++ b/internal/db/option.go
@@ -137,9 +137,6 @@ func getDbwOptions(ctx context.Context, rw *Db, i any, opType OpType, opt ...Opt
if opts.withRowsAffected != nil {
dbwOpts = append(dbwOpts, dbw.WithReturnRowsAffected(opts.withRowsAffected))
}
- if opts.withTable != "" {
- dbwOpts = append(dbwOpts, dbw.WithTable(opts.withTable))
- }
return dbwOpts, nil
}
@@ -184,8 +181,6 @@ type Options struct {
withOnConflict *OnConflict
withRowsAffected *int64
-
- withTable string
}
type oplogOpts struct {
@@ -210,13 +205,6 @@ func getDefaultOptions() Options {
}
}
-// WithTable provides an optional table name for the operation.
-func WithTable(name string) Option {
- return func(o *Options) {
- o.withTable = name
- }
-}
-
// WithLookup enables a lookup.
func WithLookup(enable bool) Option {
return func(o *Options) {
diff --git a/internal/db/option_test.go b/internal/db/option_test.go
index 99feb9659e..e953b2644e 100644
--- a/internal/db/option_test.go
+++ b/internal/db/option_test.go
@@ -255,15 +255,4 @@ func Test_getOpts(t *testing.T) {
testOpts.withRowsAffected = &rowsAffected
assert.Equal(opts, testOpts)
})
- t.Run("WithTable", func(t *testing.T) {
- assert := assert.New(t)
- // test default of ""
- opts := GetOpts()
- testOpts := getDefaultOptions()
- assert.Equal(opts, testOpts)
-
- opts = GetOpts(WithTable("foo"))
- testOpts.withTable = "foo"
- assert.Equal(opts, testOpts)
- })
}
diff --git a/internal/db/read_writer.go b/internal/db/read_writer.go
index 91d63e7b8c..29f3da7b5e 100644
--- a/internal/db/read_writer.go
+++ b/internal/db/read_writer.go
@@ -471,15 +471,14 @@ func (rw *Db) IsTx(_ context.Context) bool {
}
// LookupByPublicId will lookup resource by its public_id or private_id, which
-// must be unique. WithTable and WithDebug are the only valid options, all other
-// options are ignored.
+// must be unique. WithDebug is the only valid option, all other options are ignored.
func (rw *Db) LookupById(ctx context.Context, resourceWithIder any, opt ...Option) error {
const op = "db.LookupById"
if rw.underlying == nil {
return errors.New(ctx, errors.InvalidParameter, op, "missing underlying db")
}
opts := GetOpts(opt...)
- if err := dbw.New(rw.underlying.wrapped.Load()).LookupBy(ctx, resourceWithIder, dbw.WithDebug(opts.withDebug), dbw.WithTable(opts.withTable)); err != nil {
+ if err := dbw.New(rw.underlying.wrapped.Load()).LookupBy(ctx, resourceWithIder, dbw.WithDebug(opts.withDebug)); err != nil {
var errOpts []errors.Option
if errors.Is(err, dbw.ErrRecordNotFound) {
// Not found is a common workflow in the application layer during lookup, suppress
@@ -492,21 +491,20 @@ func (rw *Db) LookupById(ctx context.Context, resourceWithIder any, opt ...Optio
}
// LookupByPublicId will lookup resource by its public_id, which must be unique.
-// WithTable and WithDebug are supported.
+// WithDebug is supported.
func (rw *Db) LookupByPublicId(ctx context.Context, resource ResourcePublicIder, opt ...Option) error {
return rw.LookupById(ctx, resource, opt...)
}
// LookupWhere will lookup the first resource using a where clause with
-// parameters (it only returns the first one). WithTable and WithDebug are
-// supported.
+// parameters (it only returns the first one). WithDebug is supported.
func (rw *Db) LookupWhere(ctx context.Context, resource any, where string, args []any, opt ...Option) error {
const op = "db.LookupWhere"
if rw.underlying == nil {
return errors.New(ctx, errors.InvalidParameter, op, "missing underlying db")
}
opts := GetOpts(opt...)
- if err := dbw.New(rw.underlying.wrapped.Load()).LookupWhere(ctx, resource, where, args, dbw.WithDebug(opts.withDebug), dbw.WithTable(opts.withTable)); err != nil {
+ if err := dbw.New(rw.underlying.wrapped.Load()).LookupWhere(ctx, resource, where, args, dbw.WithDebug(opts.withDebug)); err != nil {
var errOpts []errors.Option
if errors.Is(err, dbw.ErrRecordNotFound) {
// Not found is a common workflow in the application layer during lookup, suppress
diff --git a/internal/db/schema/migrations/oss/postgres/7/03_job.up.sql b/internal/db/schema/migrations/oss/postgres/7/03_job.up.sql
index cf7cb29de5..472762ca49 100644
--- a/internal/db/schema/migrations/oss/postgres/7/03_job.up.sql
+++ b/internal/db/schema/migrations/oss/postgres/7/03_job.up.sql
@@ -20,7 +20,6 @@ begin;
create trigger immutable_columns before update on job
for each row execute procedure immutable_columns('plugin_id', 'name');
- -- updated in 93/01_job_run_clean.up.sql
create table job_run_status_enm (
name text not null primary key
constraint only_predefined_job_status_allowed
@@ -29,7 +28,6 @@ begin;
comment on table job_run_status_enm is
'job_run_status_enm is an enumeration table where each row contains a valid job run state.';
- -- updated in 93/01_job_run_clean.up.sql
insert into job_run_status_enm (name)
values
('running'),
@@ -86,7 +84,6 @@ begin;
create trigger immutable_columns before update on job_run
for each row execute procedure immutable_columns('private_id', 'job_plugin_id', 'job_name', 'create_time');
- -- dropped in 93/02_drop_job_jobs_to_run.up.sql
create view job_jobs_to_run as
with
running_jobs (job_plugin_id, job_name) as (
diff --git a/internal/db/schema/migrations/oss/postgres/93/01_job_run_clean.up.sql b/internal/db/schema/migrations/oss/postgres/93/01_job_run_clean.up.sql
deleted file mode 100644
index d09a197775..0000000000
--- a/internal/db/schema/migrations/oss/postgres/93/01_job_run_clean.up.sql
+++ /dev/null
@@ -1,37 +0,0 @@
--- Copyright (c) HashiCorp, Inc.
--- SPDX-License-Identifier: BUSL-1.1
-
--- Boundary's design on removing entries from job_run has changed from having a
--- job that periodically cleans the table to a design where the scheduler
--- handles this by itself if the job is successful. It is possible that some
--- entries are left in the table with this change (eg: Boundary is stopped after
--- some jobs run but before the cleaner job runs).
---
--- These entries would forever be stored, so this migration cleans them to
--- ensure no dangling rows are left behind.
---
--- It also updates the valid statues enum to reflect the ones in use.
-
-begin;
- delete from job_run where status = 'completed';
-
- delete from job_run where job_name = 'job_run_cleaner';
- delete from job where name = 'job_run_cleaner';
-
- comment on index job_run_status_ix is
- 'the job_run_status_ix indexes the commonly-used status field';
-
- comment on table job_run is
- 'job_run is a table where each row represents an instance of a job run that is either actively running or has failed in some way.';
-
- -- Since we don't set completed anymore, but rather remove the job_run entry,
- -- remove 'completed' from the valid statuses.
- -- updates 7/03_job.up.sql.
- delete from job_run_status_enm where name = 'completed';
-
- alter table job_run_status_enm
- drop constraint only_predefined_job_status_allowed,
- add constraint only_predefined_job_status_allowed
- check(name in ('running', 'failed', 'interrupted'));
-
-commit;
diff --git a/internal/db/schema/migrations/oss/postgres/93/02_drop_job_jobs_to_run.up.sql b/internal/db/schema/migrations/oss/postgres/93/02_drop_job_jobs_to_run.up.sql
deleted file mode 100644
index a1be8736dc..0000000000
--- a/internal/db/schema/migrations/oss/postgres/93/02_drop_job_jobs_to_run.up.sql
+++ /dev/null
@@ -1,10 +0,0 @@
--- Copyright (c) HashiCorp, Inc.
--- SPDX-License-Identifier: BUSL-1.1
-
--- This migration removes support for the job_jobs_to_run view as it is not used
--- anymore by the job repository.
-
-begin;
- -- drops view from 7/03_job.up.sql
- drop view job_jobs_to_run;
-commit;
\ No newline at end of file
diff --git a/internal/event/eventer.go b/internal/event/eventer.go
index 11a0d5b6cb..ae33fe3514 100644
--- a/internal/event/eventer.go
+++ b/internal/event/eventer.go
@@ -794,14 +794,18 @@ func (e *Eventer) ReleaseGate() error {
if qe == nil {
continue // we may have already sent this but gotten errors later
}
+ ctx, cancel := newSendCtx(qe.ctx)
+ if cancel != nil {
+ defer cancel()
+ }
var queuedOp string
switch t := qe.event.(type) {
case *sysEvent:
queuedOp = "system"
- writeErr = e.writeSysEvent(qe.ctx, t, WithNoGateLocking(true))
+ writeErr = e.writeSysEvent(ctx, t, WithNoGateLocking(true))
case *err:
queuedOp = "error"
- writeErr = e.writeError(qe.ctx, t, WithNoGateLocking(true))
+ writeErr = e.writeError(ctx, t, WithNoGateLocking(true))
default:
// Have no idea what this is and shouldn't have gotten in here to
// begin with, so just continue, and log it
diff --git a/internal/event/eventer_gate_test.go b/internal/event/eventer_gate_test.go
index 2e821cdf4c..450eac3458 100644
--- a/internal/event/eventer_gate_test.go
+++ b/internal/event/eventer_gate_test.go
@@ -159,3 +159,48 @@ func TestEventer_Gating(t *testing.T) {
})
}
}
+
+func TestReleaseGate_NoError_CanceledContext(t *testing.T) {
+ require := require.New(t)
+
+ buffer := new(bytes.Buffer)
+ eventerConfig := EventerConfig{
+ AuditEnabled: true,
+ ObservationsEnabled: true,
+ SysEventsEnabled: true,
+ Sinks: []*SinkConfig{
+ {
+ Name: "test-sink",
+ EventTypes: []Type{EveryType},
+ Format: TextHclogSinkFormat,
+ Type: WriterSink,
+ WriterConfig: &WriterSinkTypeConfig{
+ Writer: buffer,
+ },
+ },
+ },
+ }
+ testLock := &sync.Mutex{}
+ testLogger := testLogger(t, testLock)
+
+ eventer, err := NewEventer(
+ testLogger,
+ testLock,
+ "TestEventer_Gating",
+ eventerConfig,
+ WithGating(true),
+ )
+ require.NoError(err)
+
+ ctx, cancel := context.WithCancel(context.Background())
+ t.Cleanup(cancel)
+ ctx, err = NewEventerContext(ctx, eventer)
+ require.NoError(err)
+
+ WriteError(ctx, "error-1", fmt.Errorf("error-1"))
+ _ = WriteObservation(ctx, "observation-1", WithId("observation-1"), WithHeader("foo", "bar"))
+
+ cancel()
+
+ require.NoError(eventer.ReleaseGate())
+}
diff --git a/internal/gen/controller.swagger.json b/internal/gen/controller.swagger.json
index f4d8e62c9a..d9cfdc6d25 100644
--- a/internal/gen/controller.swagger.json
+++ b/internal/gen/controller.swagger.json
@@ -3,7 +3,7 @@
"info": {
"title": "Boundary controller HTTP API",
"description": "Welcome to the Boundary controller HTTP API documentation. This page provides a reference guide for using the Boundary controller API, a JSON-based HTTP API. The API implements commonly seen HTTP API patterns for status codes, paths, and errors. See the [API overview](https://developer.hashicorp.com/boundary/docs/api-clients/api) for more information.\n\nBefore you read this page, it is useful to understand Boundary's [domain model](https://developer.hashicorp.com/boundary/docs/concepts/domain-model) and to be aware of the terminology used here. To get started, search for the service you want to interact with in the sidebar to the left. Each resource in Boundary, such as accounts and credential stores, has its own service. Each service contains all the API endpoints for the resource.\n## Status codes\n- `2XX`: Boundary returns a code between `200` and `299` on success. Generally this is `200`, but implementations should be prepared to accept any `2XX` status code as indicating success. If a call returns a `2XX` code that is not `200`, it follows well-understood semantics for those status codes.\n- `400`: Boundary returns `400` when a command cannot be completed due to invalid user input, except for a properly-formatted identifier that does not map to an existing resource, which returns a `404` as discussed below.\n- `401`: Boundary returns `401` if no authentication token is provided or if the provided token is invalid. A valid token that simply does not have permission for a resource returns a `403` instead. A token that is invalid or missing, but where the anonymous user (`u_anon`) is able to successfully perform the action, will not return a `401` but instead will return the result of the action.\n- `403`: Boundary returns `403` if a provided token was valid but does not have the grants required to perform the requested action.\n- `404`: Boundary returns `404` if a resource cannot be found. Note that this happens _prior_ to authentication/authorization checking in nearly all cases as the resource information (such as its scope, available actions, etc.) is a required part of that check. As a result, an action against a resource that does not exist returns a `404` instead of a `401` or `403`. While this could be considered an information leak, since IDs are randomly generated and this only discloses whether an ID is valid, it's tolerable as it allows for far simpler and more robust client implementation.\n- `405`: Boundary returns a `405` to indicate that the method (HTTP verb or custom action) is not implemented for the given resource.\n- `429`: Boundary returns a `429` if any of the API rate limit quotas have been exhausted for the resource and action. It includes the `Retry-After` header so that the client knows how long to wait before making a new request.\n- `500`: Boundary returns `500` if an error occurred that is not (directly) tied to invalid user input. If a `500` is generated, information about the error is logged to Boundary's server log but is not generally provided to the client.\n- `503`: Boundary returns a `503` if it is unable to store a quota due to the API rate limit being exceeded. It includes the `Retry-After` header so that the client knows how long to wait before making a new request.\n## List pagination\nBoundary uses [API pagination](https://developer.hashicorp.com/boundary/docs/api-clients/api/pagination) to support searching and filtering large lists of results efficiently.",
- "version": "0.19.0",
+ "version": "0.18.2",
"contact": {
"name": "HashiCorp Boundary",
"url": "https://www.boundaryproject.io/"
diff --git a/internal/host/plugin/host_address_test.go b/internal/host/plugin/host_address_test.go
index 599a4c9397..b1afb5dda5 100644
--- a/internal/host/plugin/host_address_test.go
+++ b/internal/host/plugin/host_address_test.go
@@ -211,7 +211,7 @@ func TestHostIpAddress_Create(t *testing.T) {
wantDbErr: true,
},
{
- name: "valid-ipv4",
+ name: "valid",
args: args{
hostId: host1.GetPublicId(),
address: "1.2.3.4",
@@ -223,64 +223,6 @@ func TestHostIpAddress_Create(t *testing.T) {
},
},
},
- {
- name: "valid-ipv6",
- args: args{
- hostId: host1.GetPublicId(),
- address: "2001:4860:4860:0:0:0:0:8888",
- },
- want: &host.IpAddress{
- IpAddress: &store.IpAddress{
- HostId: host1.GetPublicId(),
- Address: "2001:4860:4860:0:0:0:0:8888",
- },
- },
- },
- {
- name: "valid-abbreviated-ipv6",
- args: args{
- hostId: host1.GetPublicId(),
- address: "2001:4860:4860::8887",
- },
- want: &host.IpAddress{
- IpAddress: &store.IpAddress{
- HostId: host1.GetPublicId(),
- Address: "2001:4860:4860::8887",
- },
- },
- },
- {
- name: "invalid-abbreviated-[ipv6]",
- args: args{
- hostId: host1.GetPublicId(),
- address: "[2001:4860:4860::8886]",
- },
- wantNewErr: true,
- },
- {
- name: "invalid-[ipv6]",
- args: args{
- hostId: host1.GetPublicId(),
- address: "[2001:4860:4860:0:0:0:0:8885]",
- },
- wantNewErr: true,
- },
- {
- name: "invalid-abbreviated-[ipv6]:port",
- args: args{
- hostId: host1.GetPublicId(),
- address: "[2001:4860:4860::8884]:80",
- },
- wantNewErr: true,
- },
- {
- name: "invalid-[ipv6]:port",
- args: args{
- hostId: host1.GetPublicId(),
- address: "[2001:4860:4860:0:0:0:0:8883]:80",
- },
- wantNewErr: true,
- },
{
name: "duplicate-name",
args: args{
diff --git a/internal/host/static/host.go b/internal/host/static/host.go
index ece1cf832b..1fe420c3a3 100644
--- a/internal/host/static/host.go
+++ b/internal/host/static/host.go
@@ -32,9 +32,8 @@ type Host struct {
// Name and description are the only valid options. All other options are
// ignored.
func NewHost(ctx context.Context, catalogId string, opt ...Option) (*Host, error) {
- const op = "static.NewHost"
if catalogId == "" {
- return nil, errors.New(ctx, errors.InvalidParameter, op, "no catalog id")
+ return nil, errors.New(ctx, errors.InvalidParameter, "static.NewHost", "no catalog id")
}
opts := getOpts(opt...)
diff --git a/internal/host/static/host_test.go b/internal/host/static/host_test.go
index db05ddcfc3..f26239c7da 100644
--- a/internal/host/static/host_test.go
+++ b/internal/host/static/host_test.go
@@ -131,30 +131,30 @@ func TestHost_New(t *testing.T) {
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
- require, assert := require.New(t), assert.New(t)
+ assert := assert.New(t)
got, err := NewHost(ctx, tt.args.catalogId, tt.args.opts...)
if tt.wantCreateErr {
- require.Error(err)
+ assert.Error(err)
assert.Nil(got)
- return
- }
- require.NoError(err)
- require.NotNil(got)
- assert.Emptyf(got.PublicId, "PublicId set")
- assert.Equal(tt.want, got)
+ } else {
+ assert.NoError(err)
+ if assert.NotNil(got) {
+ assert.Emptyf(got.PublicId, "PublicId set")
+ assert.Equal(tt.want, got)
+
+ id, err := newHostId(ctx)
+ assert.NoError(err)
- id, err := newHostId(ctx)
- require.NoError(err)
- tt.want.PublicId = id
- got.PublicId = id
+ tt.want.PublicId = id
+ got.PublicId = id
- w := db.New(conn)
- dbWriteErr := w.Create(ctx, got)
- if tt.wantWriteErr {
- require.Error(dbWriteErr)
- return
+ w := db.New(conn)
+ err2 := w.Create(ctx, got)
+ if tt.wantWriteErr {
+ assert.Error(err2)
+ }
+ }
}
- require.NoError(dbWriteErr)
})
}
}
diff --git a/internal/host/static/repository_host.go b/internal/host/static/repository_host.go
index acf4e970c5..b4246fdf7f 100644
--- a/internal/host/static/repository_host.go
+++ b/internal/host/static/repository_host.go
@@ -15,7 +15,6 @@ import (
"github.com/hashicorp/boundary/internal/errors"
"github.com/hashicorp/boundary/internal/kms"
"github.com/hashicorp/boundary/internal/oplog"
- "github.com/hashicorp/boundary/internal/util"
"github.com/hashicorp/go-dbw"
)
@@ -45,10 +44,9 @@ func (r *Repository) CreateHost(ctx context.Context, projectId string, h *Host,
if projectId == "" {
return nil, errors.New(ctx, errors.InvalidParameter, op, "no project id")
}
- var err error
- h.Address, err = util.ParseAddress(ctx, h.Address)
- if err != nil {
- return nil, errors.Wrap(ctx, err, op, errors.WithCode(errors.InvalidAddress), errors.WithMsg("invalid address"))
+ h.Address = strings.TrimSpace(h.Address)
+ if len(h.Address) < MinHostAddressLength || len(h.Address) > MaxHostAddressLength {
+ return nil, errors.New(ctx, errors.InvalidAddress, op, "invalid address")
}
h = h.clone()
@@ -140,10 +138,9 @@ func (r *Repository) UpdateHost(ctx context.Context, projectId string, h *Host,
case strings.EqualFold("Name", f):
case strings.EqualFold("Description", f):
case strings.EqualFold("Address", f):
- var err error
- h.Address, err = util.ParseAddress(ctx, h.Address)
- if err != nil {
- return nil, db.NoRowsAffected, errors.Wrap(ctx, err, op, errors.WithCode(errors.InvalidAddress), errors.WithMsg("invalid address"))
+ h.Address = strings.TrimSpace(h.Address)
+ if len(h.Address) < MinHostAddressLength || len(h.Address) > MaxHostAddressLength {
+ return nil, db.NoRowsAffected, errors.New(ctx, errors.InvalidAddress, op, "invalid address")
}
default:
return nil, db.NoRowsAffected, errors.New(ctx, errors.InvalidFieldMask, op, fmt.Sprintf("invalid field mask: %s", f))
diff --git a/internal/host/static/repository_host_test.go b/internal/host/static/repository_host_test.go
index cbec7485d1..88056ba1c2 100644
--- a/internal/host/static/repository_host_test.go
+++ b/internal/host/static/repository_host_test.go
@@ -69,21 +69,6 @@ func TestRepository_CreateHost(t *testing.T) {
},
wantIsErr: errors.InvalidParameter,
},
- {
- name: "valid-dns-name",
- in: &Host{
- Host: &store.Host{
- CatalogId: catalog.PublicId,
- Address: "www.google.com",
- },
- },
- want: &Host{
- Host: &store.Host{
- CatalogId: catalog.PublicId,
- Address: "www.google.com",
- },
- },
- },
{
name: "valid-ipv4-address",
in: &Host{
@@ -99,16 +84,6 @@ func TestRepository_CreateHost(t *testing.T) {
},
},
},
- {
- name: "invalid-ipv4-address-with-port",
- in: &Host{
- Host: &store.Host{
- CatalogId: catalog.PublicId,
- Address: "127.0.0.1:80",
- },
- },
- wantIsErr: errors.InvalidAddress,
- },
{
name: "valid-abbreviated-ipv6-address",
in: &Host{
@@ -124,16 +99,6 @@ func TestRepository_CreateHost(t *testing.T) {
},
},
},
- {
- name: "invalid-abbreviated-ipv6-address-with-port",
- in: &Host{
- Host: &store.Host{
- CatalogId: catalog.PublicId,
- Address: "[2001:4860:4860::8888]:80",
- },
- },
- wantIsErr: errors.InvalidAddress,
- },
{
name: "valid-ipv6-address",
in: &Host{
@@ -149,46 +114,6 @@ func TestRepository_CreateHost(t *testing.T) {
},
},
},
- {
- name: "invalid-ipv6-address-with-port",
- in: &Host{
- Host: &store.Host{
- CatalogId: catalog.PublicId,
- Address: "[2001:4860:4860:0:0:0:0:8888]:80",
- },
- },
- wantIsErr: errors.InvalidAddress,
- },
- {
- name: "valid-abbreviated-[ipv6]-address",
- in: &Host{
- Host: &store.Host{
- CatalogId: catalog.PublicId,
- Address: "[2001:4860:4860::8888]",
- },
- },
- want: &Host{
- Host: &store.Host{
- CatalogId: catalog.PublicId,
- Address: "[2001:4860:4860::8888]",
- },
- },
- },
- {
- name: "valid-[ipv6]-address",
- in: &Host{
- Host: &store.Host{
- CatalogId: catalog.PublicId,
- Address: "[2001:4860:4860:0:0:0:0:8888]",
- },
- },
- want: &Host{
- Host: &store.Host{
- CatalogId: catalog.PublicId,
- Address: "[2001:4860:4860:0:0:0:0:8888]",
- },
- },
- },
{
name: "valid-with-name",
in: &Host{
@@ -649,22 +574,6 @@ func TestRepository_UpdateHost(t *testing.T) {
},
wantCount: 1,
},
- {
- name: "change-dns-name",
- orig: &Host{
- Host: &store.Host{
- Address: "www.google.com",
- },
- },
- chgFn: changeAddress("www.hashicorp.com"),
- masks: []string{"Address"},
- want: &Host{
- Host: &store.Host{
- Address: "www.hashicorp.com",
- },
- },
- wantCount: 1,
- },
{
name: "change-ipv4-address",
orig: &Host{
@@ -681,39 +590,6 @@ func TestRepository_UpdateHost(t *testing.T) {
},
wantCount: 1,
},
- {
- name: "change-invalid-ipv4-address",
- orig: &Host{
- Host: &store.Host{
- Address: "127.0.0.1",
- },
- },
- chgFn: changeAddress("10.0.0.1:80"),
- masks: []string{"Address"},
- wantIsErr: errors.InvalidAddress,
- },
- {
- name: "change-invalid-abbreviated-ipv6-address",
- orig: &Host{
- Host: &store.Host{
- Address: "127.0.0.1",
- },
- },
- chgFn: changeAddress("[2001:4860:4860::8888]:80"),
- masks: []string{"Address"},
- wantIsErr: errors.InvalidAddress,
- },
- {
- name: "change-invalid-ipv6-address",
- orig: &Host{
- Host: &store.Host{
- Address: "127.0.0.1",
- },
- },
- chgFn: changeAddress("[2001:4860:4860:0:0:0:0:8888]:80"),
- masks: []string{"Address"},
- wantIsErr: errors.InvalidAddress,
- },
{
name: "change-abbreviated-ipv6-address",
orig: &Host{
@@ -746,38 +622,6 @@ func TestRepository_UpdateHost(t *testing.T) {
},
wantCount: 1,
},
- {
- name: "change-abbreviated-[ipv6]-address",
- orig: &Host{
- Host: &store.Host{
- Address: "127.0.0.1",
- },
- },
- chgFn: changeAddress("[2001:4860:4860::8888]"),
- masks: []string{"Address"},
- want: &Host{
- Host: &store.Host{
- Address: "[2001:4860:4860::8888]",
- },
- },
- wantCount: 1,
- },
- {
- name: "change-[ipv6]-address",
- orig: &Host{
- Host: &store.Host{
- Address: "127.0.0.1",
- },
- },
- chgFn: changeAddress("[2001:4860:4860:0:0:0:0:8888]"),
- masks: []string{"Address"},
- want: &Host{
- Host: &store.Host{
- Address: "[2001:4860:4860:0:0:0:0:8888]",
- },
- },
- wantCount: 1,
- },
{
name: "change-short-address",
orig: &Host{
diff --git a/internal/host/static/testing.go b/internal/host/static/testing.go
index a3dc7b1d58..0e34bb7603 100644
--- a/internal/host/static/testing.go
+++ b/internal/host/static/testing.go
@@ -37,30 +37,6 @@ func TestCatalogs(t testing.TB, conn *db.DB, projectId string, count int) []*Hos
return cats
}
-// TestHost creates a static host to the provided DB with the provided catalog id.
-// The catalog must have been created previously. If any errors are encountered
-// during the creation of the host, the test will fail.
-func TestHost(t testing.TB, conn *db.DB, catalogId string, opt ...Option) *Host {
- t.Helper()
- ctx := context.Background()
- assert := assert.New(t)
-
- host, err := NewHost(ctx, catalogId, opt...)
- assert.NoError(err)
- assert.NotNil(host)
-
- id, err := newHostId(ctx)
- assert.NoError(err)
- assert.NotEmpty(id)
- host.PublicId = id
-
- w := db.New(conn)
- err2 := w.Create(ctx, host)
- assert.NoError(err2)
-
- return host
-}
-
// TestHosts creates count number of static hosts to the provided DB
// with the provided catalog id. The catalog must have been created previously.
// If any errors are encountered during the creation of the host, the test will fail.
diff --git a/internal/proto/controller/storage/job/store/v1/job.proto b/internal/proto/controller/storage/job/store/v1/job.proto
index e362b79ff5..949c249270 100644
--- a/internal/proto/controller/storage/job/store/v1/job.proto
+++ b/internal/proto/controller/storage/job/store/v1/job.proto
@@ -72,7 +72,7 @@ message JobRun {
// @inject_tag: `gorm:"default:0"`
uint32 retries_count = 12;
- // status of the job run (running, failed or interrupted).
+ // status of the job run (running, completed, failed or interrupted).
// @inject_tag: `gorm:"not_null"`
string status = 10;
diff --git a/internal/scheduler/additional_verification_test.go b/internal/scheduler/additional_verification_test.go
index 2d1bf498f8..cacab68ea1 100644
--- a/internal/scheduler/additional_verification_test.go
+++ b/internal/scheduler/additional_verification_test.go
@@ -35,7 +35,7 @@ func TestSchedulerWorkflow(t *testing.T) {
})
err := event.InitSysEventer(testLogger, testLock, "TestSchedulerWorkflow", event.WithEventerConfig(testConfig))
require.NoError(err)
- sched := TestScheduler(t, conn, wrapper, WithRunJobsInterval(time.Second))
+ sched := TestScheduler(t, conn, wrapper, WithRunJobsLimit(10), WithRunJobsInterval(time.Second))
job1Ch := make(chan error)
job1Ready := make(chan struct{})
@@ -118,7 +118,7 @@ func TestSchedulerCancelCtx(t *testing.T) {
err := event.InitSysEventer(testLogger, testLock, "TestSchedulerCancelCtx", event.WithEventerConfig(testConfig))
require.NoError(err)
- sched := TestScheduler(t, conn, wrapper, WithRunJobsInterval(time.Second))
+ sched := TestScheduler(t, conn, wrapper, WithRunJobsLimit(10), WithRunJobsInterval(time.Second))
fn, jobReady, jobDone := testJobFn()
tj := testJob{name: "name", description: "desc", fn: fn, nextRunIn: time.Hour}
@@ -168,7 +168,7 @@ func TestSchedulerInterruptedCancelCtx(t *testing.T) {
err := event.InitSysEventer(testLogger, testLock, "TestSchedulerInterruptedCancelCtx", event.WithEventerConfig(testConfig))
require.NoError(err)
- sched := TestScheduler(t, conn, wrapper, WithRunJobsInterval(time.Second), WithMonitorInterval(time.Second))
+ sched := TestScheduler(t, conn, wrapper, WithRunJobsLimit(10), WithRunJobsInterval(time.Second), WithMonitorInterval(time.Second))
fn, job1Ready, job1Done := testJobFn()
tj1 := testJob{name: "name1", description: "desc", fn: fn, nextRunIn: time.Hour}
@@ -270,7 +270,7 @@ func TestSchedulerJobProgress(t *testing.T) {
err := event.InitSysEventer(testLogger, testLock, "TestSchedulerJobProgress", event.WithEventerConfig(testConfig))
require.NoError(err)
- sched := TestScheduler(t, conn, wrapper, WithRunJobsInterval(time.Second), WithMonitorInterval(time.Second))
+ sched := TestScheduler(t, conn, wrapper, WithRunJobsLimit(10), WithRunJobsInterval(time.Second), WithMonitorInterval(time.Second))
jobReady := make(chan struct{})
done := make(chan struct{})
@@ -380,7 +380,7 @@ func TestSchedulerMonitorLoop(t *testing.T) {
err := event.InitSysEventer(testLogger, testLock, "TestSchedulerMonitorLoop", event.WithEventerConfig(testConfig))
require.NoError(err)
- sched := TestScheduler(t, conn, wrapper, WithInterruptThreshold(time.Second), WithRunJobsInterval(time.Second), WithMonitorInterval(time.Second))
+ sched := TestScheduler(t, conn, wrapper, WithRunJobsLimit(10), WithInterruptThreshold(time.Second), WithRunJobsInterval(time.Second), WithMonitorInterval(time.Second))
jobReady := make(chan struct{})
jobDone := make(chan struct{})
@@ -446,7 +446,7 @@ func TestSchedulerFinalStatusUpdate(t *testing.T) {
err := event.InitSysEventer(testLogger, testLock, "TestSchedulerFinalStatusUpdate", event.WithEventerConfig(testConfig))
require.NoError(err)
- sched := TestScheduler(t, conn, wrapper, WithRunJobsInterval(time.Second))
+ sched := TestScheduler(t, conn, wrapper, WithRunJobsLimit(10), WithRunJobsInterval(time.Second))
jobReady := make(chan struct{})
jobErr := make(chan error)
@@ -489,7 +489,7 @@ func TestSchedulerFinalStatusUpdate(t *testing.T) {
repo, err := job.NewRepository(ctx, rw, rw, kmsCache)
require.NoError(err)
- run := waitForRunStatus(t, repo, runId, job.Failed)
+ run := waitForRunStatus(t, repo, runId, string(job.Failed))
assert.Equal(uint32(10), run.TotalCount)
assert.Equal(uint32(10), run.CompletedCount)
@@ -502,9 +502,17 @@ func TestSchedulerFinalStatusUpdate(t *testing.T) {
runId = runJob.(*runningJob).runId
// Complete job without error so CompleteRun is called
- completeFn := waitForRunComplete(t, sched, repo, runId, tj.name)
jobErr <- nil
- completeFn()
+
+ // Report status
+ jobStatus <- JobStatus{Total: 20, Completed: 20}
+
+ repo, err = job.NewRepository(ctx, rw, rw, kmsCache)
+ require.NoError(err)
+
+ run = waitForRunStatus(t, repo, runId, string(job.Completed))
+ assert.Equal(uint32(20), run.TotalCount)
+ assert.Equal(uint32(20), run.CompletedCount)
baseCnl()
close(testDone)
@@ -530,7 +538,7 @@ func TestSchedulerRunNow(t *testing.T) {
require.NoError(err)
// Create test scheduler that only runs jobs every hour
- sched := TestScheduler(t, conn, wrapper, WithRunJobsInterval(time.Hour))
+ sched := TestScheduler(t, conn, wrapper, WithRunJobsLimit(10), WithRunJobsInterval(time.Hour))
jobCh := make(chan struct{})
jobReady := make(chan struct{})
@@ -562,13 +570,12 @@ func TestSchedulerRunNow(t *testing.T) {
require.True(ok)
runId := runJob.(*runningJob).runId
- repo, err := job.NewRepository(ctx, rw, rw, kmsCache)
- require.NoError(err)
-
// Complete job
- completeFn := waitForRunComplete(t, sched, repo, runId, tj.name)
jobCh <- struct{}{}
- completeFn()
+
+ repo, err := job.NewRepository(ctx, rw, rw, kmsCache)
+ require.NoError(err)
+ waitForRunStatus(t, repo, runId, string(job.Completed))
// Update job to run immediately once scheduling loop is called
err = sched.UpdateJobNextRunInAtLeast(context.Background(), tj.name, 0)
@@ -593,9 +600,9 @@ func TestSchedulerRunNow(t *testing.T) {
runId = runJob.(*runningJob).runId
// Complete job
- completeFn = waitForRunComplete(t, sched, repo, runId, tj.name)
jobCh <- struct{}{}
- completeFn()
+
+ waitForRunStatus(t, repo, runId, string(job.Completed))
// Update job to run again with RunNow option
err = sched.UpdateJobNextRunInAtLeast(context.Background(), tj.name, 0, WithRunNow(true))
@@ -613,34 +620,7 @@ func TestSchedulerRunNow(t *testing.T) {
close(jobCh)
}
-func waitForRunComplete(t *testing.T, sched *Scheduler, repo *job.Repository, runId, jobName string) func() {
- r, err := repo.LookupRun(context.Background(), runId)
- require.NoError(t, err)
- require.EqualValues(t, job.Running, r.Status)
-
- return func() {
- timeout := time.NewTimer(5 * time.Second)
- for {
- select {
- case <-timeout.C:
- t.Fatal(fmt.Errorf("timed out waiting for job run %q to be completed", runId))
- case <-time.After(100 * time.Millisecond):
- }
-
- // A run is complete when we don't find it in the scheduler's
- // running jobs list and also not in the job_run table.
- _, ok := sched.runningJobs.Load(jobName)
- if !ok {
- r, err = repo.LookupRun(context.Background(), runId)
- require.Nil(t, r)
- require.Nil(t, err)
- break
- }
- }
- }
-}
-
-func waitForRunStatus(t *testing.T, repo *job.Repository, runId string, status job.Status) *job.Run {
+func waitForRunStatus(t *testing.T, repo *job.Repository, runId, status string) *job.Run {
t.Helper()
var run *job.Run
@@ -656,7 +636,7 @@ func waitForRunStatus(t *testing.T, repo *job.Repository, runId string, status j
var err error
run, err = repo.LookupRun(context.Background(), runId)
require.NoError(t, err)
- if run.Status == string(status) {
+ if run.Status == status {
break
}
}
diff --git a/internal/scheduler/batch/batch_test.go b/internal/scheduler/batch/batch_test.go
index 8fc60f4054..b82352b6af 100644
--- a/internal/scheduler/batch/batch_test.go
+++ b/internal/scheduler/batch/batch_test.go
@@ -7,7 +7,6 @@ import (
"context"
"errors"
"fmt"
- "sync"
"testing"
"time"
@@ -301,25 +300,18 @@ type recorder struct {
execBatchSize int
storeBatchSize int
status scheduler.JobStatus
- mu sync.Mutex
}
func (r *recorder) setup(c *Config) {
- r.mu.Lock()
- defer r.mu.Unlock()
c.Store = r.Store
}
func (r *recorder) Store(ctx context.Context, batchSize int) error {
- r.mu.Lock()
- defer r.mu.Unlock()
r.storeBatchSize = batchSize
return nil
}
func (r *recorder) Exec(ctx context.Context, batchSize int) (int, error) {
- r.mu.Lock()
- defer r.mu.Unlock()
r.execBatchSize = batchSize
return 0, nil
}
@@ -328,7 +320,6 @@ type testRun struct {
ret func(context.Context, int, *Config) (int, error)
chk func(*testing.T, *recorder)
rec *recorder
- mu sync.Mutex
}
func (tr *testRun) validate(t *testing.T) {
@@ -338,8 +329,6 @@ func (tr *testRun) validate(t *testing.T) {
}
func (tr *testRun) recorder(cf *Config) *recorder {
- tr.mu.Lock()
- defer tr.mu.Unlock()
if tr.rec == nil {
tr.rec = &recorder{}
tr.rec.setup(cf)
diff --git a/internal/scheduler/cleaner/cleaner.go b/internal/scheduler/cleaner/cleaner.go
new file mode 100644
index 0000000000..86358cb586
--- /dev/null
+++ b/internal/scheduler/cleaner/cleaner.go
@@ -0,0 +1,30 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+
+package cleaner
+
+import (
+ "context"
+
+ "github.com/hashicorp/boundary/internal/db"
+ "github.com/hashicorp/boundary/internal/errors"
+ "github.com/hashicorp/boundary/internal/scheduler"
+ "github.com/hashicorp/boundary/internal/util"
+)
+
+// RegisterJob registers the cleaner job with the provided scheduler.
+func RegisterJob(ctx context.Context, s *scheduler.Scheduler, w db.Writer) error {
+ const op = "cleaner.RegisterJob"
+ if s == nil {
+ return errors.New(ctx, errors.Internal, "nil scheduler", op, errors.WithoutEvent())
+ }
+ if util.IsNil(w) {
+ return errors.New(ctx, errors.Internal, "nil DB writer", op, errors.WithoutEvent())
+ }
+
+ if err := s.RegisterJob(ctx, newCleanerJob(w)); err != nil {
+ return errors.Wrap(ctx, err, op)
+ }
+
+ return nil
+}
diff --git a/internal/scheduler/cleaner/cleaner_job.go b/internal/scheduler/cleaner/cleaner_job.go
new file mode 100644
index 0000000000..a7fa39abd9
--- /dev/null
+++ b/internal/scheduler/cleaner/cleaner_job.go
@@ -0,0 +1,57 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+
+package cleaner
+
+import (
+ "context"
+ "time"
+
+ "github.com/hashicorp/boundary/internal/db"
+ "github.com/hashicorp/boundary/internal/errors"
+ "github.com/hashicorp/boundary/internal/scheduler"
+)
+
+type cleanerJob struct {
+ w db.Writer
+}
+
+func newCleanerJob(w db.Writer) *cleanerJob {
+ return &cleanerJob{
+ w: w,
+ }
+}
+
+// Status reports the job’s current status.
+func (c *cleanerJob) Status() scheduler.JobStatus {
+ return scheduler.JobStatus{}
+}
+
+// Run performs the required work depending on the implementation.
+// The context is used to notify the job that it should exit early.
+func (c *cleanerJob) Run(ctx context.Context, _ time.Duration) error {
+ const op = "cleaner.(cleanerJob).Run"
+
+ if _, err := c.w.Exec(ctx, "delete from job_run where status='completed'", nil); err != nil {
+ return errors.Wrap(ctx, err, op)
+ }
+
+ return nil
+}
+
+// NextRunIn returns the duration until the next job run should be scheduled.
+// We report as ready immediately after a successful run. This doesn't mean that
+// this job will run immediately, only about as often as the configured scheduler interval.
+func (c *cleanerJob) NextRunIn(_ context.Context) (time.Duration, error) {
+ return 0, nil
+}
+
+// Name is the unique name of the job.
+func (c *cleanerJob) Name() string {
+ return "job_run_cleaner"
+}
+
+// Description is the human readable description of the job.
+func (c *cleanerJob) Description() string {
+ return "Cleans completed job runs"
+}
diff --git a/internal/scheduler/cleaner/cleaner_test.go b/internal/scheduler/cleaner/cleaner_test.go
new file mode 100644
index 0000000000..13eb4bbbdf
--- /dev/null
+++ b/internal/scheduler/cleaner/cleaner_test.go
@@ -0,0 +1,64 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+
+package cleaner_test
+
+import (
+ "context"
+ "sync"
+ "testing"
+ "time"
+
+ "github.com/hashicorp/boundary/internal/db"
+ "github.com/hashicorp/boundary/internal/scheduler"
+ "github.com/hashicorp/boundary/internal/scheduler/cleaner"
+ "github.com/hashicorp/boundary/internal/scheduler/job"
+ "github.com/stretchr/testify/require"
+)
+
+func TestCleanerJob(t *testing.T) {
+ conn, _ := db.TestSetup(t, "postgres")
+ rw := db.New(conn)
+ wrapper := db.TestWrapper(t)
+ s := scheduler.TestScheduler(t, conn, wrapper, scheduler.WithMonitorInterval(10*time.Millisecond))
+ err := cleaner.RegisterJob(context.Background(), s, rw)
+ require.NoError(t, err)
+ wg := &sync.WaitGroup{}
+ err = s.Start(context.Background(), wg)
+ require.NoError(t, err)
+
+ // Trigger some runs, waiting for the cleaner to run
+ for i := 0; i < 10; i++ {
+ s.RunNow()
+ // Wait to allow for the job to finish
+ time.Sleep(50 * time.Millisecond)
+ }
+
+ var jobRuns []*job.Run
+ err = rw.SearchWhere(context.Background(), &jobRuns, "", nil)
+ require.NoError(t, err)
+
+ // We should have run 10 times, as long as some of them
+ // have been cleaned we should succeed.
+ require.True(t, len(jobRuns) < 10, "expected fewer than 10 job_run rows, found %d", len(jobRuns))
+}
+
+func TestRegisterJob(t *testing.T) {
+ conn, _ := db.TestSetup(t, "postgres")
+ rw := db.New(conn)
+ wrapper := db.TestWrapper(t)
+ s := scheduler.TestScheduler(t, conn, wrapper)
+
+ t.Run("succeeds", func(t *testing.T) {
+ err := cleaner.RegisterJob(context.Background(), s, rw)
+ require.NoError(t, err)
+ })
+ t.Run("fails-on-nil-scheduler", func(t *testing.T) {
+ err := cleaner.RegisterJob(context.Background(), nil, rw)
+ require.Error(t, err)
+ })
+ t.Run("fails-on-nil-db-writer", func(t *testing.T) {
+ err := cleaner.RegisterJob(context.Background(), s, nil)
+ require.Error(t, err)
+ })
+}
diff --git a/internal/scheduler/job/additional_verification_test.go b/internal/scheduler/job/additional_verification_test.go
index 6ec748efe6..0e9c351fd2 100644
--- a/internal/scheduler/job/additional_verification_test.go
+++ b/internal/scheduler/job/additional_verification_test.go
@@ -54,8 +54,9 @@ func TestJobWorkflow(t *testing.T) {
require.NoError(err)
assert.Nil(newRuns)
- err = repo.CompleteRun(ctx, run.PrivateId, time.Hour)
+ run, err = repo.CompleteRun(ctx, run.PrivateId, time.Hour, 0, 0, 0)
require.NoError(err)
+ assert.Equal(Completed.string(), run.Status)
job, err = repo.LookupJob(ctx, job.Name)
require.NoError(err)
diff --git a/internal/scheduler/job/doc.go b/internal/scheduler/job/doc.go
index b67e53e999..dce76363e9 100644
--- a/internal/scheduler/job/doc.go
+++ b/internal/scheduler/job/doc.go
@@ -45,5 +45,5 @@
// nextJobRun = time.Now().Add(time.Hour)
//
// repo, _ = job.NewRepository(db, db, wrapper)
-// _ = repo.CompleteRun(ctx, run.PrivateId nextJobRun)
+// run, _ = repo.CompleteRun(ctx, run.PrivateId, job.Completed, nextJobRun)
package job
diff --git a/internal/scheduler/job/options.go b/internal/scheduler/job/options.go
index 4d68ca4b6a..9dd8521333 100644
--- a/internal/scheduler/job/options.go
+++ b/internal/scheduler/job/options.go
@@ -8,7 +8,8 @@ import (
)
const (
- defaultPluginId = "pi_system"
+ defaultRunJobsLimit = 1
+ defaultPluginId = "pi_system"
)
// getOpts - iterate the inbound Options and return a struct
@@ -26,13 +27,16 @@ type Option func(*options)
// options = how options are represented
type options struct {
withNextRunIn time.Duration
+ withRunJobsLimit int
withLimit int
withName string
withControllerId string
}
func getDefaultOptions() options {
- return options{} // No default options.
+ return options{
+ withRunJobsLimit: defaultRunJobsLimit,
+ }
}
// WithNextRunIn provides an option to provide the duration until the next run is scheduled.
@@ -44,6 +48,18 @@ func WithNextRunIn(d time.Duration) Option {
}
}
+// WithRunJobsLimit provides an option to provide the number of jobs to run.
+// If WithRunJobsLimit == 0, then default run jobs limit is used.
+// If WithRunJobsLimit < 0, then no limit is used.
+func WithRunJobsLimit(l int) Option {
+ return func(o *options) {
+ o.withRunJobsLimit = l
+ if o.withRunJobsLimit == 0 {
+ o.withRunJobsLimit = defaultRunJobsLimit
+ }
+ }
+}
+
// WithLimit provides an option to provide a limit for ListJobs. Intentionally
// allowing negative integers. If WithLimit < 0, then unlimited results are
// returned. If WithLimit == 0, then default limits are used for results.
diff --git a/internal/scheduler/job/options_test.go b/internal/scheduler/job/options_test.go
index 115381b6e4..ca0a53c88a 100644
--- a/internal/scheduler/job/options_test.go
+++ b/internal/scheduler/job/options_test.go
@@ -21,6 +21,21 @@ func Test_GetOpts(t *testing.T) {
testOpts.withNextRunIn = time.Hour
assert.Equal(opts, testOpts)
})
+ t.Run("WithRunJobsLimit", func(t *testing.T) {
+ assert := assert.New(t)
+ opts := getOpts(WithRunJobsLimit(10))
+ testOpts := getDefaultOptions()
+ assert.NotEqual(opts, testOpts)
+ testOpts.withRunJobsLimit = 10
+ assert.Equal(opts, testOpts)
+ })
+ t.Run("WithZeroRunJobsLimit", func(t *testing.T) {
+ assert := assert.New(t)
+ opts := getOpts(WithRunJobsLimit(0))
+ testOpts := getDefaultOptions()
+ assert.Equal(opts, testOpts)
+ assert.Equal(defaultRunJobsLimit, opts.withRunJobsLimit)
+ })
t.Run("WithLimit", func(t *testing.T) {
assert := assert.New(t)
opts := getOpts(WithLimit(100))
diff --git a/internal/scheduler/job/query.go b/internal/scheduler/job/query.go
index 686fb9b9cc..41bd0c3185 100644
--- a/internal/scheduler/job/query.go
+++ b/internal/scheduler/job/query.go
@@ -7,13 +7,13 @@ const runJobsQuery = `
insert into job_run (
job_plugin_id, job_name, controller_id
)
- select
- j.plugin_id, j."name", ?
- from job j
- where next_scheduled_run <= current_timestamp
+ select
+ job_plugin_id, job_name, ?
+ from job_jobs_to_run
order by next_scheduled_run asc
- on conflict
- (job_plugin_id, job_name)
+ %s
+ on conflict
+ (job_plugin_id, job_name)
where status = 'running'
do nothing
returning *;
@@ -74,7 +74,14 @@ const updateProgressQuery = `
`
const completeRunQuery = `
- delete from job_run
+ update
+ job_run
+ set
+ completed_count = ?,
+ total_count = ?,
+ retries_count = ?,
+ status = 'completed',
+ end_time = current_timestamp
where
private_id = ?
and status = 'running'
diff --git a/internal/scheduler/job/repository_run.go b/internal/scheduler/job/repository_run.go
index b5c0eec419..e31044e995 100644
--- a/internal/scheduler/job/repository_run.go
+++ b/internal/scheduler/job/repository_run.go
@@ -17,17 +17,29 @@ import (
// If there are not jobs to run, an empty slice will be returned with a nil error.
//
// • serverId is required and is the private_id of the server that will run the jobs.
-// No options are supported.
-func (r *Repository) RunJobs(ctx context.Context, serverId string, _ ...Option) ([]*Run, error) {
+//
+// The only valid option is WithRunJobsLimit, if not provided RunJobs will run only 1 job.
+func (r *Repository) RunJobs(ctx context.Context, serverId string, opt ...Option) ([]*Run, error) {
const op = "job.(Repository).RunJobs"
if serverId == "" {
return nil, errors.New(ctx, errors.InvalidParameter, op, "missing server id")
}
+ opts := getOpts(opt...)
+ var limit string
+ switch {
+ case opts.withRunJobsLimit == 0:
+ // zero signals the defaults should be used.
+ limit = fmt.Sprintf("limit %d", defaultRunJobsLimit)
+ case opts.withRunJobsLimit > 0:
+ limit = fmt.Sprintf("limit %d", opts.withRunJobsLimit)
+ }
+
+ query := fmt.Sprintf(runJobsQuery, limit)
var runs []*Run
_, err := r.writer.DoTx(ctx, db.StdRetryCnt, db.ExpBackoff{},
func(r db.Reader, w db.Writer) error {
- rows, err := w.Query(ctx, runJobsQuery, []any{serverId})
+ rows, err := w.Query(ctx, query, []any{serverId})
if err != nil {
return errors.Wrap(ctx, err, op)
}
@@ -56,7 +68,7 @@ func (r *Repository) RunJobs(ctx context.Context, serverId string, _ ...Option)
// UpdateProgress updates the repository entry's completed and total counts for the provided runId.
//
-// Once a run has been persisted with a final run status (failed or interrupted),
+// Once a run has been persisted with a final run status (completed, failed or interrupted),
// any future UpdateProgress attempts will return an error with Code errors.InvalidJobRunState.
// All options are ignored.
func (r *Repository) UpdateProgress(ctx context.Context, runId string, completed, total, retries int, _ ...Option) (*Run, error) {
@@ -111,26 +123,32 @@ func (r *Repository) UpdateProgress(ctx context.Context, runId string, completed
return run, nil
}
-// CompleteRun is intended to be called when a job completes successfully. It
-// deletes the job_run entry for the provided runId. It also updates the Job
-// repository entry that is associated with this run, setting the job's
-// NextScheduledRun to the current database time incremented by the nextRunIn
+// CompleteRun updates the Run repository entry for the provided runId.
+// It sets the status to 'completed', updates the run's EndTime to the current database
+// time, and sets the completed and total counts.
+// CompleteRun also updates the Job repository entry that is associated with this run,
+// setting the job's NextScheduledRun to the current database time incremented by the nextRunIn
// parameter.
//
-// If a run is persisted with a final run status (failed or interrupted), any
-// calls to CompleteRun will return an error with Code
-// errors.InvalidJobRunState. All options are ignored.
-func (r *Repository) CompleteRun(ctx context.Context, runId string, nextRunIn time.Duration, _ ...Option) error {
+// Once a run has been persisted with a final run status (completed, failed
+// or interrupted), any future calls to CompleteRun will return an error with Code
+// errors.InvalidJobRunState.
+// All options are ignored.
+func (r *Repository) CompleteRun(ctx context.Context, runId string, nextRunIn time.Duration, completed, total, retries int, _ ...Option) (*Run, error) {
const op = "job.(Repository).CompleteRun"
if runId == "" {
- return errors.New(ctx, errors.InvalidParameter, op, "missing run id")
+ return nil, errors.New(ctx, errors.InvalidParameter, op, "missing run id")
}
run := allocRun()
run.PrivateId = runId
_, err := r.writer.DoTx(ctx, db.StdRetryCnt, db.ExpBackoff{},
func(r db.Reader, w db.Writer) error {
- rows, err := w.Query(ctx, completeRunQuery, []any{runId})
+ // TODO (lcr 07/2021) this can potentially overwrite completed and total values
+ // persisted by the scheduler's monitor jobs loop.
+ // Add an on update sql trigger to protect the job_run table, once progress
+ // values are used in the critical path.
+ rows, err := w.Query(ctx, completeRunQuery, []any{completed, total, retries, runId})
if err != nil {
return errors.Wrap(ctx, err, op)
}
@@ -151,8 +169,7 @@ func (r *Repository) CompleteRun(ctx context.Context, runId string, nextRunIn ti
return errors.Wrap(ctx, err, op, errors.WithMsg("unable to get next row for job run"))
}
if rowCnt == 0 {
- // No rows returned from the query: Either it's already been
- // removed or was in a final state (not 'running').
+ // Failed to update run, either it does not exist or was in an invalid state
if err = r.LookupById(ctx, run); err != nil {
if errors.IsNotFoundError(err) {
return errors.Wrap(ctx, err, op, errors.WithMsg(fmt.Sprintf("job run %q does not exist", runId)))
@@ -189,17 +206,17 @@ func (r *Repository) CompleteRun(ctx context.Context, runId string, nextRunIn ti
},
)
if err != nil {
- return errors.Wrap(ctx, err, op)
+ return nil, errors.Wrap(ctx, err, op)
}
- return nil
+ return run, nil
}
// FailRun updates the Run repository entry for the provided runId.
// It sets the status to 'failed' and updates the run's EndTime to the current database
// time, and sets the completed and total counts.
//
-// Once a run has been persisted with a final run status (failed
+// Once a run has been persisted with a final run status (completed, failed
// or interrupted), any future calls to FailRun will return an error with Code
// errors.InvalidJobRunState.
// All options are ignored.
@@ -263,7 +280,7 @@ func (r *Repository) FailRun(ctx context.Context, runId string, completed, total
// updated for the provided interruptThreshold. It sets the status to 'interrupted' and
// updates the run's EndTime to the current database time.
//
-// Once a run has been persisted with a final run status (failed
+// Once a run has been persisted with a final run status (completed, failed
// or interrupted), any future calls to InterruptRuns will return an error with Code
// errors.InvalidJobRunState.
// WithControllerId is the only valid option
diff --git a/internal/scheduler/job/repository_run_test.go b/internal/scheduler/job/repository_run_test.go
index a5565520a3..fcc415e251 100644
--- a/internal/scheduler/job/repository_run_test.go
+++ b/internal/scheduler/job/repository_run_test.go
@@ -5,6 +5,7 @@ package job
import (
"context"
+ "fmt"
"sort"
"testing"
"time"
@@ -119,6 +120,73 @@ func TestRepository_RunJobs(t *testing.T) {
}
}
+func TestRepository_RunJobs_Limits(t *testing.T) {
+ t.Parallel()
+ ctx := context.Background()
+ conn, _ := db.TestSetup(t, "postgres")
+ rw := db.New(conn)
+ wrapper := db.TestWrapper(t)
+ kms := kms.TestKms(t, conn, wrapper)
+ iam.TestRepo(t, conn, wrapper)
+
+ numJobs := 20
+ server := testController(t, conn, wrapper)
+
+ tests := []struct {
+ name string
+ opts []Option
+ wantLen int
+ }{
+ {
+ name: "with-more-than-available",
+ opts: []Option{WithRunJobsLimit(numJobs * 2)},
+ wantLen: numJobs,
+ },
+ {
+ name: "with-no-option",
+ wantLen: defaultRunJobsLimit,
+ },
+ {
+ name: "with-limit",
+ opts: []Option{WithRunJobsLimit(3)},
+ wantLen: 3,
+ },
+ {
+ name: "with-zero-limit",
+ opts: []Option{WithRunJobsLimit(0)},
+ wantLen: defaultRunJobsLimit,
+ },
+ {
+ name: "unlimited",
+ opts: []Option{WithRunJobsLimit(-1)},
+ wantLen: numJobs,
+ },
+ }
+
+ for _, tt := range tests {
+ tt := tt
+ t.Run(tt.name, func(t *testing.T) {
+ assert, require := assert.New(t), require.New(t)
+ repo, err := NewRepository(ctx, rw, rw, kms)
+ assert.NoError(err)
+ require.NotNil(repo)
+
+ for i := 0; i < numJobs; i++ {
+ testJob(t, conn, fmt.Sprintf("%v-%d", tt.name, i), "description", wrapper)
+ }
+
+ got, err := repo.RunJobs(ctx, server.PrivateId, tt.opts...)
+ require.NoError(err)
+ assert.Len(got, tt.wantLen)
+
+ // Clean up jobs for next run
+ rows, err := rw.Query(ctx, "delete from job", nil)
+ require.NoError(err)
+ _ = rows.Close()
+ })
+ }
+}
+
func TestRepository_RunJobsOrder(t *testing.T) {
t.Parallel()
ctx := context.Background()
@@ -142,18 +210,41 @@ func TestRepository_RunJobsOrder(t *testing.T) {
runs, err := repo.RunJobs(ctx, server.PrivateId)
require.NoError(err)
- require.Len(runs, 3)
+ require.Len(runs, 1)
+ run := runs[0]
+ assert.Equal(run.JobName, firstJob.Name)
+ assert.Equal(run.JobPluginId, firstJob.PluginId)
+
+ // End first job with time between last and middle
+ _, err = repo.CompleteRun(ctx, run.PrivateId, -6*time.Hour, 0, 0, 0)
+ require.NoError(err)
+
+ runs, err = repo.RunJobs(ctx, server.PrivateId)
+ require.NoError(err)
+ require.Len(runs, 1)
+ run = runs[0]
+ assert.Equal(run.JobName, middleJob.Name)
+ assert.Equal(run.JobPluginId, middleJob.PluginId)
- // We should see the job runs ordered by scheduled time.
- // firstJob > middleJob > lastJob
- assert.Equal(firstJob.Name, runs[0].JobName)
- assert.Equal(firstJob.PluginId, runs[0].JobPluginId)
+ // firstJob should be up again, as it is scheduled before lastJob
+ runs, err = repo.RunJobs(ctx, server.PrivateId)
+ require.NoError(err)
+ require.Len(runs, 1)
+ run = runs[0]
+ assert.Equal(run.JobName, firstJob.Name)
+ assert.Equal(run.JobPluginId, firstJob.PluginId)
- assert.Equal(middleJob.Name, runs[1].JobName)
- assert.Equal(middleJob.PluginId, runs[1].JobPluginId)
+ runs, err = repo.RunJobs(ctx, server.PrivateId)
+ require.NoError(err)
+ require.Len(runs, 1)
+ run = runs[0]
+ assert.Equal(run.JobName, lastJob.Name)
+ assert.Equal(run.JobPluginId, lastJob.PluginId)
- assert.Equal(lastJob.Name, runs[2].JobName)
- assert.Equal(lastJob.PluginId, runs[2].JobPluginId)
+ // All jobs are running no work should be returned
+ runs, err = repo.RunJobs(ctx, server.PrivateId)
+ require.NoError(err)
+ require.Len(runs, 0)
}
func TestRepository_UpdateProgress(t *testing.T) {
@@ -215,6 +306,20 @@ func TestRepository_UpdateProgress(t *testing.T) {
wantErrCode: errors.InvalidJobRunState,
wantErrMsg: "job.(Repository).UpdateProgress: db.DoTx: job.(Repository).UpdateProgress: job run was in a final run state: failed: integrity violation: error #115",
},
+ {
+ name: "status-already-completed",
+ orig: &Run{
+ JobRun: &store.JobRun{
+ JobName: job.Name,
+ JobPluginId: job.PluginId,
+ ControllerId: server.PrivateId,
+ Status: Completed.string(),
+ },
+ },
+ wantErr: true,
+ wantErrCode: errors.InvalidJobRunState,
+ wantErrMsg: "job.(Repository).UpdateProgress: db.DoTx: job.(Repository).UpdateProgress: job run was in a final run state: completed: integrity violation: error #115",
+ },
{
name: "valid-no-changes",
orig: &Run{
@@ -374,10 +479,14 @@ func TestRepository_CompleteRun(t *testing.T) {
server := testController(t, conn, wrapper)
job := testJob(t, conn, "name", "description", wrapper)
+ type args struct {
+ completed, total, retries int
+ }
tests := []struct {
name string
orig *Run
nextRunIn time.Duration
+ args args
wantErr bool
wantErrCode errors.Code
wantErrMsg string
@@ -416,6 +525,20 @@ func TestRepository_CompleteRun(t *testing.T) {
wantErrCode: errors.InvalidJobRunState,
wantErrMsg: "job.(Repository).CompleteRun: db.DoTx: job.(Repository).CompleteRun: job run was in a final run state: failed: integrity violation: error #115",
},
+ {
+ name: "status-already-completed",
+ orig: &Run{
+ JobRun: &store.JobRun{
+ JobName: job.Name,
+ JobPluginId: job.PluginId,
+ ControllerId: server.PrivateId,
+ Status: Completed.string(),
+ },
+ },
+ wantErr: true,
+ wantErrCode: errors.InvalidJobRunState,
+ wantErrMsg: "job.(Repository).CompleteRun: db.DoTx: job.(Repository).CompleteRun: job run was in a final run state: completed: integrity violation: error #115",
+ },
{
name: "valid",
orig: &Run{
@@ -438,6 +561,7 @@ func TestRepository_CompleteRun(t *testing.T) {
Status: Running.string(),
},
},
+ args: args{completed: 10, total: 20, retries: 1},
},
}
@@ -455,13 +579,9 @@ func TestRepository_CompleteRun(t *testing.T) {
require.NoError(err)
assert.Empty(tt.orig.EndTime)
privateId = tt.orig.PrivateId
-
- r, err := repo.LookupRun(ctx, privateId)
- require.NoError(err)
- require.NotNil(r)
}
- err = repo.CompleteRun(ctx, privateId, tt.nextRunIn)
+ got, err := repo.CompleteRun(ctx, privateId, tt.nextRunIn, tt.args.completed, tt.args.total, tt.args.retries)
if tt.wantErr {
require.Error(err)
assert.Truef(errors.Match(errors.T(tt.wantErrCode), err), "Unexpected error %s", err)
@@ -476,21 +596,27 @@ func TestRepository_CompleteRun(t *testing.T) {
return
}
assert.NoError(err)
+ require.NotNil(got)
+ assert.NotEmpty(got.EndTime)
+ assert.Equal(Completed.string(), got.Status)
+ assert.Equal(tt.args.completed, int(got.CompletedCount))
+ assert.Equal(tt.args.total, int(got.TotalCount))
+ assert.Equal(tt.args.retries, int(got.RetriesCount))
updatedJob, err := repo.LookupJob(ctx, tt.orig.JobName)
assert.NoError(err)
require.NotNil(updatedJob)
- // The next run is expected to be ~ now + whatever duration was
- // passed into CompleteRun.
- expectedNextRunIn := time.Now().Add(tt.nextRunIn).Round(time.Minute).UTC()
- actualNextRunIn := updatedJob.NextScheduledRun.AsTime().Round(time.Minute).UTC()
- require.EqualValues(expectedNextRunIn, actualNextRunIn)
+ // The previous run is ended before the next run is scheduled, therefore the previous
+ // run end time incremented by the nextRunIn duration, should be less than or equal to the
+ // NextScheduledRun time that is persisted in the repo.
+ nextRunAt := updatedJob.NextScheduledRun.AsTime()
+ previousRunEnd := got.EndTime.AsTime()
+ assert.Equal(nextRunAt.Round(time.Minute), previousRunEnd.Add(tt.nextRunIn).Round(time.Minute))
- // If we can't find the run, it means it was complete.
- r, err := repo.LookupRun(ctx, privateId)
- require.NoError(err)
- require.Nil(r)
+ // Delete job run so it does not clash with future runs
+ _, err = repo.deleteRun(ctx, privateId)
+ assert.NoError(err)
})
}
@@ -500,8 +626,9 @@ func TestRepository_CompleteRun(t *testing.T) {
require.NoError(err)
require.NotNil(repo)
- err = repo.CompleteRun(ctx, "fake-run-id", time.Hour)
+ got, err := repo.CompleteRun(ctx, "fake-run-id", time.Hour, 0, 0, 0)
require.Error(err)
+ require.Nil(got)
assert.Truef(errors.Match(errors.T(errors.RecordNotFound), err), "Unexpected error %s", err)
assert.Equal("job.(Repository).CompleteRun: db.DoTx: job.(Repository).CompleteRun: job run \"fake-run-id\" does not exist: db.LookupById: record not found, search issue: error #1100: dbw.LookupById: record not found", err.Error())
})
@@ -564,6 +691,20 @@ func TestRepository_FailRun(t *testing.T) {
wantErrCode: errors.InvalidJobRunState,
wantErrMsg: "job.(Repository).FailRun: db.DoTx: job.(Repository).FailRun: job run was in a final run state: failed: integrity violation: error #115",
},
+ {
+ name: "status-already-completed",
+ orig: &Run{
+ JobRun: &store.JobRun{
+ JobName: job.Name,
+ JobPluginId: job.PluginId,
+ ControllerId: server.PrivateId,
+ Status: Completed.string(),
+ },
+ },
+ wantErr: true,
+ wantErrCode: errors.InvalidJobRunState,
+ wantErrMsg: "job.(Repository).FailRun: db.DoTx: job.(Repository).FailRun: job run was in a final run state: completed: integrity violation: error #115",
+ },
{
name: "valid",
orig: &Run{
@@ -771,6 +912,7 @@ func TestRepository_InterruptServerRuns(t *testing.T) {
runs: []args{
{
ControllerId: server1.PrivateId,
+ opts: []Option{WithRunJobsLimit(3)},
expectedJobs: []*Job{job1, job2, job3},
},
},
@@ -785,6 +927,7 @@ func TestRepository_InterruptServerRuns(t *testing.T) {
runs: []args{
{
ControllerId: server2.PrivateId,
+ opts: []Option{WithRunJobsLimit(3)},
expectedJobs: []*Job{job1, job2, job3},
},
},
@@ -830,6 +973,124 @@ func TestRepository_InterruptServerRuns(t *testing.T) {
},
},
},
+ {
+ name: "multiple-servers-interrupt-all",
+ runs: []args{
+ {
+ ControllerId: server1.PrivateId,
+ opts: []Option{WithRunJobsLimit(1)},
+ expectedJobs: []*Job{job1},
+ },
+ {
+ ControllerId: server2.PrivateId,
+ opts: []Option{WithRunJobsLimit(1)},
+ expectedJobs: []*Job{job2},
+ },
+ {
+ ControllerId: server3.PrivateId,
+ opts: []Option{WithRunJobsLimit(1)},
+ expectedJobs: []*Job{job3},
+ },
+ },
+ interrupts: []args{
+ {
+ expectedJobs: []*Job{job1, job2, job3},
+ },
+ },
+ },
+ {
+ name: "multiple-servers-with-server-id",
+ runs: []args{
+ {
+ ControllerId: server1.PrivateId,
+ opts: []Option{WithRunJobsLimit(1)},
+ expectedJobs: []*Job{job1},
+ },
+ {
+ ControllerId: server2.PrivateId,
+ opts: []Option{WithRunJobsLimit(1)},
+ expectedJobs: []*Job{job2},
+ },
+ {
+ ControllerId: server3.PrivateId,
+ opts: []Option{WithRunJobsLimit(1)},
+ expectedJobs: []*Job{job3},
+ },
+ },
+ interrupts: []args{
+ {
+ opts: []Option{WithControllerId(server1.PrivateId)},
+ expectedJobs: []*Job{job1},
+ },
+ {
+ opts: []Option{WithControllerId(server2.PrivateId)},
+ expectedJobs: []*Job{job2},
+ },
+ {
+ opts: []Option{WithControllerId(server3.PrivateId)},
+ expectedJobs: []*Job{job3},
+ },
+ },
+ },
+ {
+ name: "multiple-servers-distributed-runs",
+ runs: []args{
+ {
+ ControllerId: server1.PrivateId,
+ opts: []Option{WithRunJobsLimit(2)},
+ expectedJobs: []*Job{job1, job2},
+ },
+ {
+ ControllerId: server2.PrivateId,
+ opts: []Option{WithRunJobsLimit(1)},
+ expectedJobs: []*Job{job3},
+ },
+ {
+ ControllerId: server3.PrivateId,
+ opts: []Option{WithRunJobsLimit(1)},
+ expectedJobs: []*Job{},
+ },
+ },
+ interrupts: []args{
+ {
+ opts: []Option{WithControllerId(server1.PrivateId)},
+ expectedJobs: []*Job{job1, job2},
+ },
+ {
+ opts: []Option{WithControllerId(server2.PrivateId)},
+ expectedJobs: []*Job{job3},
+ },
+ {
+ opts: []Option{WithControllerId(server3.PrivateId)},
+ expectedJobs: []*Job{},
+ },
+ },
+ },
+ {
+ name: "multiple-servers-distributed-runs-interrupt-all",
+ runs: []args{
+ {
+ ControllerId: server1.PrivateId,
+ opts: []Option{WithRunJobsLimit(2)},
+ expectedJobs: []*Job{job1, job2},
+ },
+ {
+ ControllerId: server2.PrivateId,
+ opts: []Option{WithRunJobsLimit(1)},
+ expectedJobs: []*Job{job3},
+ },
+ {
+ ControllerId: server3.PrivateId,
+ opts: []Option{WithRunJobsLimit(1)},
+ expectedJobs: []*Job{},
+ },
+ },
+ interrupts: []args{
+ {
+ expectedJobs: []*Job{job1, job2, job3},
+ },
+ },
+ },
}
for _, tt := range tests {
tt := tt
@@ -838,7 +1099,7 @@ func TestRepository_InterruptServerRuns(t *testing.T) {
require.NoError(err)
for _, r := range tt.runs {
- runs, err := repo.RunJobs(ctx, r.ControllerId)
+ runs, err := repo.RunJobs(ctx, r.ControllerId, r.opts...)
require.NoError(err)
assert.Len(runs, len(r.expectedJobs))
sort.Slice(runs, func(i, j int) bool { return runs[i].JobName < runs[j].JobName })
diff --git a/internal/scheduler/job/run.go b/internal/scheduler/job/run.go
index 0229c18fe0..2128af7b48 100644
--- a/internal/scheduler/job/run.go
+++ b/internal/scheduler/job/run.go
@@ -8,7 +8,7 @@ import (
"google.golang.org/protobuf/proto"
)
-// Run represents an instance of a job that is either actively running or has failed in some way.
+// Run represents an instance of a job that is either actively running or has already completed.
type Run struct {
*store.JobRun
tableName string `gorm:"-"`
diff --git a/internal/scheduler/job/status.go b/internal/scheduler/job/status.go
index 4fe5df0077..5db19ff0d0 100644
--- a/internal/scheduler/job/status.go
+++ b/internal/scheduler/job/status.go
@@ -9,6 +9,9 @@ const (
// Running represents that the job run is actively running on a server
Running Status = "running"
+ // Completed represents that the job run has successfully finished
+ Completed Status = "completed"
+
// Failed represent that the job run had an error during execution
Failed Status = "failed"
diff --git a/internal/scheduler/job/store/job.pb.go b/internal/scheduler/job/store/job.pb.go
index f64fae2c2c..c6d4020a84 100644
--- a/internal/scheduler/job/store/job.pb.go
+++ b/internal/scheduler/job/store/job.pb.go
@@ -138,7 +138,7 @@ type JobRun struct {
// a job has retried work.
// @inject_tag: `gorm:"default:0"`
RetriesCount uint32 `protobuf:"varint,12,opt,name=retries_count,json=retriesCount,proto3" json:"retries_count,omitempty" gorm:"default:0"`
- // status of the job run (running, failed or interrupted).
+ // status of the job run (running, completed, failed or interrupted).
// @inject_tag: `gorm:"not_null"`
Status string `protobuf:"bytes,10,opt,name=status,proto3" json:"status,omitempty" gorm:"not_null"`
// The controller_id of the controller running the job and must be set.
diff --git a/internal/scheduler/options.go b/internal/scheduler/options.go
index 056ced1861..c9a3c1d424 100644
--- a/internal/scheduler/options.go
+++ b/internal/scheduler/options.go
@@ -6,6 +6,7 @@ package scheduler
import "time"
const (
+ defaultRunJobsLimit = 1
defaultRunJobsInterval = time.Minute
defaultMonitorInterval = 30 * time.Second
defaultInterruptThreshold = 5 * time.Minute
@@ -26,6 +27,7 @@ type Option func(*options)
// options = how options are represented
type options struct {
withNextRunIn time.Duration
+ withRunJobsLimit int
withRunJobInterval time.Duration
withMonitorInterval time.Duration
withInterruptThreshold time.Duration
@@ -34,12 +36,26 @@ type options struct {
func getDefaultOptions() options {
return options{
+ withRunJobsLimit: defaultRunJobsLimit,
withRunJobInterval: defaultRunJobsInterval,
withMonitorInterval: defaultMonitorInterval,
withInterruptThreshold: defaultInterruptThreshold,
}
}
+// WithRunJobsLimit provides an option to provide the number of jobs that will be requested
+// by the scheduler when querying for jobs to run.
+// If WithRunJobsLimit == 0, then default run jobs limit is used.
+// If WithRunJobsLimit < 0, then no limit is used.
+func WithRunJobsLimit(l int) Option {
+ return func(o *options) {
+ o.withRunJobsLimit = l
+ if o.withRunJobsLimit == 0 {
+ o.withRunJobsLimit = defaultRunJobsLimit
+ }
+ }
+}
+
// WithRunJobsInterval provides an option to provide the interval at which the scheduler
// will query the repository for jobs to run.
// If WithRunJobsInterval == 0, then default interval is used.
diff --git a/internal/scheduler/options_test.go b/internal/scheduler/options_test.go
index 5b3fc4733a..d5e872a67c 100644
--- a/internal/scheduler/options_test.go
+++ b/internal/scheduler/options_test.go
@@ -13,6 +13,20 @@ import (
// Test_GetOpts provides unit tests for GetOpts and all the options
func Test_GetOpts(t *testing.T) {
t.Parallel()
+ t.Run("WithRunJobsLimit", func(t *testing.T) {
+ assert := assert.New(t)
+ opts := getOpts(WithRunJobsLimit(10))
+ testOpts := getDefaultOptions()
+ assert.NotEqual(opts, testOpts)
+ testOpts.withRunJobsLimit = 10
+ assert.Equal(opts, testOpts)
+ })
+ t.Run("WithZeroRunJobsLimit", func(t *testing.T) {
+ assert := assert.New(t)
+ opts := getOpts(WithRunJobsLimit(0))
+ testOpts := getDefaultOptions()
+ assert.Equal(opts, testOpts)
+ })
t.Run("WithRunJobsInterval", func(t *testing.T) {
assert := assert.New(t)
opts := getOpts(WithRunJobsInterval(time.Hour))
diff --git a/internal/scheduler/scheduler.go b/internal/scheduler/scheduler.go
index 66592fe7b8..b71f77b93d 100644
--- a/internal/scheduler/scheduler.go
+++ b/internal/scheduler/scheduler.go
@@ -32,6 +32,7 @@ type Scheduler struct {
runningJobs *sync.Map
started ua.Bool
+ runJobsLimit int
runJobsInterval time.Duration
monitorInterval time.Duration
interruptThreshold time.Duration
@@ -44,7 +45,7 @@ type Scheduler struct {
//
// • jobRepoFn must be provided and is a function that returns the job repository
//
-// WithRunJobsInterval, WithMonitorInterval and WithInterruptThreshold are
+// WithRunJobsLimit, WithRunJobsInterval, WithMonitorInterval and WithInterruptThreshold are
// the only valid options.
func New(ctx context.Context, serverId string, jobRepoFn jobRepoFactory, opt ...Option) (*Scheduler, error) {
const op = "scheduler.New"
@@ -61,6 +62,7 @@ func New(ctx context.Context, serverId string, jobRepoFn jobRepoFactory, opt ...
jobRepoFn: jobRepoFn,
registeredJobs: new(sync.Map),
runningJobs: new(sync.Map),
+ runJobsLimit: opts.withRunJobsLimit,
runJobsInterval: opts.withRunJobInterval,
monitorInterval: opts.withMonitorInterval,
interruptThreshold: opts.withInterruptThreshold,
@@ -188,7 +190,7 @@ func (s *Scheduler) start(ctx context.Context) {
event.WriteSysEvent(ctx, op, "scheduling loop running",
"server id", s.serverId,
"run interval", s.runJobsInterval.String(),
- )
+ "run limit", s.runJobsLimit)
timer := time.NewTimer(0)
var wg sync.WaitGroup
for {
@@ -216,7 +218,7 @@ func (s *Scheduler) schedule(ctx context.Context, wg *sync.WaitGroup) {
return
}
- runs, err := repo.RunJobs(ctx, s.serverId)
+ runs, err := repo.RunJobs(ctx, s.serverId, job.WithRunJobsLimit(s.runJobsLimit))
if err != nil {
event.WriteError(ctx, op, err, event.WithInfoMsg("error getting jobs to run from repo"))
return
@@ -260,6 +262,8 @@ func (s *Scheduler) runJob(ctx context.Context, wg *sync.WaitGroup, r *job.Run)
defer wg.Done()
runErr := j.Run(jobContext, s.interruptThreshold)
+ // Get final status report to update run progress with
+ status := j.Status()
var updateErr error
switch {
case ctx.Err() != nil:
@@ -269,11 +273,9 @@ func (s *Scheduler) runJob(ctx context.Context, wg *sync.WaitGroup, r *job.Run)
if inner != nil {
event.WriteError(ctx, op, inner, event.WithInfoMsg("error getting next run time", "name", j.Name()))
}
- updateErr = repo.CompleteRun(ctx, r.PrivateId, nextRun)
+ _, updateErr = repo.CompleteRun(ctx, r.PrivateId, nextRun, status.Completed, status.Total, status.Retries)
default:
event.WriteError(ctx, op, runErr, event.WithInfoMsg("job run failed", "run id", r.PrivateId, "name", j.Name()))
-
- status := j.Status() // Get final status report to update run progress with
_, updateErr = repo.FailRun(ctx, r.PrivateId, status.Completed, status.Total, status.Retries)
}
diff --git a/internal/scheduler/scheduler_test.go b/internal/scheduler/scheduler_test.go
index b96a55cdb3..c9b22bcbcb 100644
--- a/internal/scheduler/scheduler_test.go
+++ b/internal/scheduler/scheduler_test.go
@@ -34,6 +34,7 @@ func TestScheduler_New(t *testing.T) {
type args struct {
serverId string
jobRepo jobRepoFactory
+ runLimit int
runInterval time.Duration
monitorInterval time.Duration
}
@@ -69,6 +70,7 @@ func TestScheduler_New(t *testing.T) {
},
want: args{
serverId: "test-server",
+ runLimit: defaultRunJobsLimit,
runInterval: defaultRunJobsInterval,
monitorInterval: defaultMonitorInterval,
},
@@ -84,6 +86,7 @@ func TestScheduler_New(t *testing.T) {
},
want: args{
serverId: "test-server",
+ runLimit: defaultRunJobsLimit,
monitorInterval: defaultMonitorInterval,
runInterval: time.Hour,
},
@@ -94,9 +97,12 @@ func TestScheduler_New(t *testing.T) {
serverId: "test-server",
jobRepo: jobRepoFn,
},
- opts: []Option{},
+ opts: []Option{
+ WithRunJobsLimit(-1),
+ },
want: args{
serverId: "test-server",
+ runLimit: -1,
runInterval: defaultRunJobsInterval,
monitorInterval: defaultMonitorInterval,
},
@@ -107,9 +113,12 @@ func TestScheduler_New(t *testing.T) {
serverId: "test-server",
jobRepo: jobRepoFn,
},
- opts: []Option{},
+ opts: []Option{
+ WithRunJobsLimit(20),
+ },
want: args{
serverId: "test-server",
+ runLimit: 20,
runInterval: defaultRunJobsInterval,
monitorInterval: defaultMonitorInterval,
},
@@ -125,6 +134,7 @@ func TestScheduler_New(t *testing.T) {
},
want: args{
serverId: "test-server",
+ runLimit: defaultRunJobsLimit,
runInterval: defaultRunJobsInterval,
monitorInterval: time.Hour,
},
@@ -137,10 +147,12 @@ func TestScheduler_New(t *testing.T) {
},
opts: []Option{
WithRunJobsInterval(time.Hour),
+ WithRunJobsLimit(20),
WithMonitorInterval(2 * time.Hour),
},
want: args{
serverId: "test-server",
+ runLimit: 20,
runInterval: time.Hour,
monitorInterval: 2 * time.Hour,
},
@@ -162,6 +174,7 @@ func TestScheduler_New(t *testing.T) {
require.NoError(err)
assert.Equal(tt.want.serverId, got.serverId)
+ assert.Equal(tt.want.runLimit, got.runJobsLimit)
assert.Equal(tt.want.runInterval, got.runJobsInterval)
assert.Equal(tt.want.monitorInterval, got.monitorInterval)
assert.NotNil(got.jobRepoFn)
diff --git a/internal/server/repository_controller.go b/internal/server/repository_controller.go
index 4ecc229894..5e5ac77cba 100644
--- a/internal/server/repository_controller.go
+++ b/internal/server/repository_controller.go
@@ -46,7 +46,7 @@ func (r *Repository) listControllersWithReader(ctx context.Context, reader db.Re
}
func (r *Repository) UpsertController(ctx context.Context, controller *store.Controller) (int, error) {
- const op = "server.(Repository).UpsertController"
+ const op = "server.UpsertController"
if controller == nil {
return db.NoRowsAffected, errors.New(ctx, errors.InvalidParameter, op, "controller is nil")
diff --git a/internal/server/repository_nonce.go b/internal/server/repository_nonce.go
index 90626f0e28..c72fe659e4 100644
--- a/internal/server/repository_nonce.go
+++ b/internal/server/repository_nonce.go
@@ -30,7 +30,7 @@ const (
// AddNonce adds a nonce
func (r *Repository) AddNonce(ctx context.Context, nonce, purpose string, opt ...Option) error {
- const op = "server.(Repository).AddNonce"
+ const op = "server.AddNonce"
if nonce == "" {
return errors.New(ctx, errors.InvalidParameter, op, "empty nonce")
}
diff --git a/internal/server/repository_worker.go b/internal/server/repository_worker.go
index fbb9af0ee5..f3e95b161c 100644
--- a/internal/server/repository_worker.go
+++ b/internal/server/repository_worker.go
@@ -303,7 +303,7 @@ func ListWorkers(ctx context.Context, reader db.Reader, scopeIds []string, opt .
// the only ones used. All others are ignored.
// Workers are intentionally not oplogged.
func (r *Repository) UpsertWorkerStatus(ctx context.Context, worker *Worker, opt ...Option) (*Worker, error) {
- const op = "server.(Repository).UpsertWorkerStatus"
+ const op = "server.UpsertWorkerStatus"
opts := GetOpts(opt...)
switch {
@@ -519,10 +519,10 @@ func setWorkerTags(ctx context.Context, w db.Writer, id string, ts TagSource, ta
// via the old registration method or pki-kms) name updates will be disallowed.
func (r *Repository) UpdateWorker(ctx context.Context, worker *Worker, version uint32, fieldMaskPaths []string, opt ...Option) (*Worker, int, error) {
const (
- op = "server.(Repository).UpdateWorker"
nameField = "name"
descField = "description"
)
+ const op = "server.(Repository).UpdateWorker"
switch {
case worker == nil:
return nil, db.NoRowsAffected, errors.New(ctx, errors.InvalidParameter, op, "worker is nil")
@@ -631,7 +631,7 @@ func (r *Repository) UpdateWorker(ctx context.Context, worker *Worker, version u
// WithCreateControllerLedActivationToken. The latter two are mutually
// exclusive.
func (r *Repository) CreateWorker(ctx context.Context, worker *Worker, opt ...Option) (*Worker, error) {
- const op = "server.(Repository).CreateWorker"
+ const op = "server.CreateWorker"
opts := GetOpts(opt...)
diff --git a/internal/server/worker_auth.go b/internal/server/worker_auth.go
index 490986bb3f..08b91c3f4f 100644
--- a/internal/server/worker_auth.go
+++ b/internal/server/worker_auth.go
@@ -215,7 +215,7 @@ func (w *WorkerCertBundle) clone() *WorkerCertBundle {
// Validate is called before storing a WorkerCertBundle in the db
func (w *WorkerCertBundle) ValidateNewWorkerCertBundle(ctx context.Context) error {
- const op = "server.(WorkerCertBundle).validateNewWorkerCertBundle"
+ const op = "server.(WorkerAuth).validateNewWorkerCertBundle"
if w.RootCertificatePublicKey == nil {
return errors.New(ctx, errors.InvalidParameter, op, "missing CertificatePublicKey")
}
diff --git a/internal/session/connection.go b/internal/session/connection.go
index 3941b34904..b4697ad7f9 100644
--- a/internal/session/connection.go
+++ b/internal/session/connection.go
@@ -5,7 +5,6 @@ package session
import (
"context"
- "net"
"github.com/hashicorp/boundary/internal/db"
"github.com/hashicorp/boundary/internal/db/timestamp"
@@ -186,14 +185,5 @@ func (c *Connection) validateNewConnection(ctx context.Context) error {
if c.UserClientIp == "" {
return errors.New(ctx, errors.InvalidParameter, op, "missing user client ip")
}
- if ip := net.ParseIP(c.ClientTcpAddress); ip == nil {
- return errors.New(ctx, errors.InvalidParameter, op, "given client tcp address is not an ip address")
- }
- if ip := net.ParseIP(c.EndpointTcpAddress); ip == nil {
- return errors.New(ctx, errors.InvalidParameter, op, "given endpoint tcp address is not an ip address")
- }
- if ip := net.ParseIP(c.UserClientIp); ip == nil {
- return errors.New(ctx, errors.InvalidParameter, op, "given user client ip is not an ip address")
- }
return nil
}
diff --git a/internal/session/connection_test.go b/internal/session/connection_test.go
index b5f515b1ad..0dbe2f8c93 100644
--- a/internal/session/connection_test.go
+++ b/internal/session/connection_test.go
@@ -31,24 +31,23 @@ func TestConnection_Create(t *testing.T) {
userClientIp string
}
tests := []struct {
- name string
- args args
- want *Connection
- wantErr bool
- wantIsErr errors.Code
- create bool
- wantCreateErr bool
- expectedErrMsg string
+ name string
+ args args
+ want *Connection
+ wantErr bool
+ wantIsErr errors.Code
+ create bool
+ wantCreateErr bool
}{
{
- name: "valid-ipv4",
+ name: "valid",
args: args{
sessionId: s.PublicId,
clientTcpAddress: "127.0.0.1",
clientTcpPort: 22,
endpointTcpAddress: "127.0.0.1",
endpointTcpPort: 2222,
- userClientIp: "127.0.0.2",
+ userClientIp: "::1",
},
want: &Connection{
SessionId: s.PublicId,
@@ -56,134 +55,10 @@ func TestConnection_Create(t *testing.T) {
ClientTcpPort: 22,
EndpointTcpAddress: "127.0.0.1",
EndpointTcpPort: 2222,
- UserClientIp: "127.0.0.2",
+ UserClientIp: "::1",
},
create: true,
},
- {
- name: "valid-ipv6",
- args: args{
- sessionId: s.PublicId,
- clientTcpAddress: "2001:4860:4860:0:0:0:0:8887",
- clientTcpPort: 22,
- endpointTcpAddress: "2001:4860:4860:0:0:0:0:8886",
- endpointTcpPort: 2222,
- userClientIp: "2001:4860:4860:0:0:0:0:8885",
- },
- want: &Connection{
- SessionId: s.PublicId,
- ClientTcpAddress: "2001:4860:4860:0:0:0:0:8887",
- ClientTcpPort: 22,
- EndpointTcpAddress: "2001:4860:4860:0:0:0:0:8886",
- EndpointTcpPort: 2222,
- UserClientIp: "2001:4860:4860:0:0:0:0:8885",
- },
- create: true,
- },
- {
- name: "valid-abbreviated-ipv6",
- args: args{
- sessionId: s.PublicId,
- clientTcpAddress: "2001:4860:4860::8887",
- clientTcpPort: 22,
- endpointTcpAddress: "2001:4860:4860::8886",
- endpointTcpPort: 2222,
- userClientIp: "2001:4860:4860::8885",
- },
- want: &Connection{
- SessionId: s.PublicId,
- ClientTcpAddress: "2001:4860:4860::8887",
- ClientTcpPort: 22,
- EndpointTcpAddress: "2001:4860:4860::8886",
- EndpointTcpPort: 2222,
- UserClientIp: "2001:4860:4860::8885",
- },
- create: true,
- },
- {
- name: "invalid-[ipv6]-client-tcp-address",
- args: args{
- sessionId: s.PublicId,
- clientTcpAddress: "[2001:4860:4860:0:0:0:0:8887]",
- clientTcpPort: 22,
- endpointTcpAddress: "2001:4860:4860:0:0:0:0:8886",
- endpointTcpPort: 2222,
- userClientIp: "2001:4860:4860:0:0:0:0:8885",
- },
- wantErr: true,
- wantIsErr: errors.InvalidParameter,
- expectedErrMsg: "given client tcp address is not an ip address",
- },
- {
- name: "invalid-[ipv6]-endpoint-tcp-address",
- args: args{
- sessionId: s.PublicId,
- clientTcpAddress: "2001:4860:4860:0:0:0:0:8887",
- clientTcpPort: 22,
- endpointTcpAddress: "[2001:4860:4860:0:0:0:0:8886]",
- endpointTcpPort: 2222,
- userClientIp: "2001:4860:4860:0:0:0:0:8885",
- },
- wantErr: true,
- wantIsErr: errors.InvalidParameter,
- expectedErrMsg: "given endpoint tcp address is not an ip address",
- },
- {
- name: "invalid-[ipv6]-user-client-ip",
- args: args{
- sessionId: s.PublicId,
- clientTcpAddress: "2001:4860:4860:0:0:0:0:8887",
- clientTcpPort: 22,
- endpointTcpAddress: "2001:4860:4860:0:0:0:0:8886",
- endpointTcpPort: 2222,
- userClientIp: "[2001:4860:4860:0:0:0:0:8885]",
- },
- wantErr: true,
- wantIsErr: errors.InvalidParameter,
- expectedErrMsg: "given user client ip is not an ip address",
- },
- {
- name: "invalid-abbreviated-[ipv6]-client-tcp-address",
- args: args{
- sessionId: s.PublicId,
- clientTcpAddress: "[2001:4860:4860::8887]",
- clientTcpPort: 22,
- endpointTcpAddress: "2001:4860:4860::8886",
- endpointTcpPort: 2222,
- userClientIp: "2001:4860:4860::8885",
- },
- wantErr: true,
- wantIsErr: errors.InvalidParameter,
- expectedErrMsg: "given client tcp address is not an ip address",
- },
- {
- name: "invalid-abbreviated-[ipv6]-endpoint-tcp-address",
- args: args{
- sessionId: s.PublicId,
- clientTcpAddress: "2001:4860:4860::8887",
- clientTcpPort: 22,
- endpointTcpAddress: "[2001:4860:4860::8886]",
- endpointTcpPort: 2222,
- userClientIp: "2001:4860:4860::8885",
- },
- wantErr: true,
- wantIsErr: errors.InvalidParameter,
- expectedErrMsg: "given endpoint tcp address is not an ip address",
- },
- {
- name: "invalid-abbreviated-[ipv6]-user-client-ip",
- args: args{
- sessionId: s.PublicId,
- clientTcpAddress: "2001:4860:4860::8887",
- clientTcpPort: 22,
- endpointTcpAddress: "2001:4860:4860::8886",
- endpointTcpPort: 2222,
- userClientIp: "[2001:4860:4860::8885]",
- },
- wantErr: true,
- wantIsErr: errors.InvalidParameter,
- expectedErrMsg: "given user client ip is not an ip address",
- },
{
name: "empty-session-id",
args: args{
@@ -272,9 +147,6 @@ func TestConnection_Create(t *testing.T) {
if tt.wantErr {
require.Error(err)
assert.True(errors.Match(errors.T(tt.wantIsErr), err))
- if tt.expectedErrMsg != "" {
- assert.ErrorContains(err, tt.expectedErrMsg)
- }
return
}
require.NoError(err)
diff --git a/internal/session/session.go b/internal/session/session.go
index 5f8b7b9994..6cbf75fb60 100644
--- a/internal/session/session.go
+++ b/internal/session/session.go
@@ -472,9 +472,13 @@ func newCert(ctx context.Context, jobId string, addresses []string, exp time.Tim
for _, addr := range addresses {
// First ensure we aren't looking at ports, regardless of IP or not
- host, _, err := util.SplitHostPort(addr)
+ host, _, err := net.SplitHostPort(addr)
if err != nil {
- return nil, nil, errors.Wrap(ctx, err, op)
+ if strings.Contains(err.Error(), "missing port") {
+ host = addr
+ } else {
+ return nil, nil, errors.Wrap(ctx, err, op)
+ }
}
// Now figure out if it's an IP address or not. If ParseIP likes it, add
// to IP SANs. Otherwise DNS SANs.
diff --git a/internal/target/repository.go b/internal/target/repository.go
index d1ec66708c..c91624dba5 100644
--- a/internal/target/repository.go
+++ b/internal/target/repository.go
@@ -22,7 +22,6 @@ import (
"github.com/hashicorp/boundary/internal/types/action"
"github.com/hashicorp/boundary/internal/types/resource"
"github.com/hashicorp/boundary/internal/types/scope"
- "github.com/hashicorp/boundary/internal/util"
"github.com/hashicorp/go-dbw"
)
@@ -551,11 +550,7 @@ func (r *Repository) CreateTarget(ctx context.Context, target Target, opt ...Opt
var address *Address
var err error
if t.GetAddress() != "" {
- host, err := util.ParseAddress(ctx, t.GetAddress())
- if err != nil {
- return nil, errors.Wrap(ctx, err, op, errors.WithCode(errors.InvalidAddress), errors.WithMsg("invalid address"))
- }
- t.SetAddress(host)
+ t.SetAddress(strings.TrimSpace(t.GetAddress()))
address, err = NewAddress(ctx, t.GetPublicId(), t.GetAddress())
if err != nil {
return nil, errors.Wrap(ctx, err, op)
@@ -655,6 +650,7 @@ func (r *Repository) UpdateTarget(ctx context.Context, target Target, version ui
return nil, db.NoRowsAffected, err
}
+ var addressEndpoint string
for _, f := range fieldMaskPaths {
switch {
case strings.EqualFold("name", f):
@@ -667,6 +663,8 @@ func (r *Repository) UpdateTarget(ctx context.Context, target Target, version ui
case strings.EqualFold("egressworkerfilter", f):
case strings.EqualFold("ingressworkerfilter", f):
case strings.EqualFold("address", f):
+ target.SetAddress(strings.TrimSpace(target.GetAddress()))
+ addressEndpoint = target.GetAddress()
case strings.EqualFold("storagebucketid", f):
case strings.EqualFold("enablesessionrecording", f):
default:
@@ -700,19 +698,12 @@ func (r *Repository) UpdateTarget(ctx context.Context, target Target, version ui
// The Address field is not a part of the target schema in the database. It
// is a part of a different table called target_address, which is why the
// Address field must be filtered out of the dbMask & nullFields slices.
- var addressEndpoint string
var updateAddress, deleteAddress bool
var filteredDbMask, filteredNullFields []string
for _, f := range dbMask {
switch {
case strings.EqualFold("Address", f):
updateAddress = true
- address, err := util.ParseAddress(ctx, target.GetAddress())
- if err != nil {
- return nil, db.NoRowsAffected, errors.Wrap(ctx, err, op, errors.WithCode(errors.InvalidAddress), errors.WithMsg("invalid address"))
- }
- target.SetAddress(address)
- addressEndpoint = target.GetAddress()
default:
filteredDbMask = append(filteredDbMask, f)
}
diff --git a/internal/target/tcp/repository_tcp_target_test.go b/internal/target/tcp/repository_tcp_target_test.go
index 807578e318..6341c86dbf 100644
--- a/internal/target/tcp/repository_tcp_target_test.go
+++ b/internal/target/tcp/repository_tcp_target_test.go
@@ -70,23 +70,6 @@ func TestRepository_CreateTarget(t *testing.T) {
},
wantErr: false,
},
- {
- name: "with-dns-name",
- args: args{
- target: func() *tcp.Target {
- target, err := target.New(ctx, tcp.Subtype, proj.PublicId,
- target.WithName("with-dns-name"),
- target.WithDescription("with-dns-name"),
- target.WithDefaultPort(uint32(22)),
- target.WithAddress("www.google.com"),
- )
- require.NoError(t, err)
- return target.(*tcp.Target)
- }(),
- },
- wantErr: false,
- wantAddress: "www.google.com",
- },
{
name: "with-ipv4-address",
args: args{
@@ -100,24 +83,7 @@ func TestRepository_CreateTarget(t *testing.T) {
return target
}(),
},
- wantErr: false,
- wantAddress: "8.8.8.8",
- },
- {
- name: "with-invalid-ipv4-address-with-port",
- args: args{
- target: func() target.Target {
- target, err := target.New(ctx, tcp.Subtype, proj.PublicId,
- target.WithName("with-invalid-ipv4-address-with-port"),
- target.WithDescription("with-invalid-ipv4-address-with-port"),
- target.WithDefaultPort(80),
- target.WithAddress("8.8.8.8:80"))
- require.NoError(t, err)
- return target
- }(),
- },
- wantErr: true,
- wantIsError: errors.InvalidAddress,
+ wantErr: false,
},
{
name: "with-abbreviated-ipv6-address",
@@ -132,8 +98,7 @@ func TestRepository_CreateTarget(t *testing.T) {
return target
}(),
},
- wantErr: false,
- wantAddress: "2001:4860:4860::8888",
+ wantErr: false,
},
{
name: "with-ipv6-address",
@@ -148,72 +113,7 @@ func TestRepository_CreateTarget(t *testing.T) {
return target
}(),
},
- wantErr: false,
- wantAddress: "2001:4860:4860::8888",
- },
- {
- name: "with-abbreviated-[ipv6]-address",
- args: args{
- target: func() target.Target {
- target, err := target.New(ctx, tcp.Subtype, proj.PublicId,
- target.WithName("with-abbreviated-[ipv6]-address"),
- target.WithDescription("with-abbreviated-[ipv6]-address"),
- target.WithDefaultPort(80),
- target.WithAddress("[2001:4860:4860::8888]"))
- require.NoError(t, err)
- return target
- }(),
- },
- wantErr: false,
- wantAddress: "2001:4860:4860::8888",
- },
- {
- name: "with-invalid-abbreviated-[ipv6]-address-with-port",
- args: args{
- target: func() target.Target {
- target, err := target.New(ctx, tcp.Subtype, proj.PublicId,
- target.WithName("with-invalid-abbreviated-[ipv6]-address-with-port"),
- target.WithDescription("with-invalid-abbreviated-[ipv6]-address-with-port"),
- target.WithDefaultPort(80),
- target.WithAddress("[2001:4860:4860::8888]:80"))
- require.NoError(t, err)
- return target
- }(),
- },
- wantErr: true,
- wantIsError: errors.InvalidAddress,
- },
- {
- name: "with-[ipv6]-address",
- args: args{
- target: func() target.Target {
- target, err := target.New(ctx, tcp.Subtype, proj.PublicId,
- target.WithName("with-[ipv6]-address"),
- target.WithDescription("with-[ipv6]-address"),
- target.WithDefaultPort(80),
- target.WithAddress("[2001:4860:4860:0:0:0:0:8888]"))
- require.NoError(t, err)
- return target
- }(),
- },
- wantErr: false,
- wantAddress: "2001:4860:4860:0:0:0:0:8888",
- },
- {
- name: "with-invalid-[ipv6]-address-with-port",
- args: args{
- target: func() target.Target {
- target, err := target.New(ctx, tcp.Subtype, proj.PublicId,
- target.WithName("with-invalid-[ipv6]-address-with-port"),
- target.WithDescription("with-invalid-[ipv6]-address-with-port"),
- target.WithDefaultPort(80),
- target.WithAddress("[2001:4860:4860:0:0:0:0:8888]:80"))
- require.NoError(t, err)
- return target
- }(),
- },
- wantErr: true,
- wantIsError: errors.InvalidAddress,
+ wantErr: false,
},
{
name: "with-address-whitespace",
@@ -488,6 +388,7 @@ func TestRepository_UpdateTcpTarget(t *testing.T) {
wantRowsUpdate: 1,
wantHostSources: true,
},
+
{
name: "valid-ipv4-address",
args: args{
@@ -500,20 +401,6 @@ func TestRepository_UpdateTcpTarget(t *testing.T) {
wantErr: false,
wantRowsUpdate: 1,
wantHostSources: false,
- wantAddress: "8.8.8.8",
- },
- {
- name: "invalid-ipv4-address-with-port",
- args: args{
- name: "invalid-ipv4-address-with-port" + id,
- fieldMaskPaths: []string{"Name", "Address"},
- ProjectId: proj.PublicId,
- address: "8.8.8.8:80",
- },
- newProjectId: proj.PublicId,
- wantErr: true,
- wantIsError: errors.InvalidAddress,
- wantErrMsg: "invalid address",
},
{
name: "valid-abbreviated-ipv6-address",
@@ -527,7 +414,6 @@ func TestRepository_UpdateTcpTarget(t *testing.T) {
wantErr: false,
wantRowsUpdate: 1,
wantHostSources: false,
- wantAddress: "2001:4860:4860::8888",
},
{
name: "valid-ipv6-address",
@@ -541,61 +427,6 @@ func TestRepository_UpdateTcpTarget(t *testing.T) {
wantErr: false,
wantRowsUpdate: 1,
wantHostSources: false,
- wantAddress: "2001:4860:4860::8888",
- },
- {
- name: "valid-abbreviated-[ipv6]-address",
- args: args{
- name: "valid-abbreviated-[ipv6]-address" + id,
- fieldMaskPaths: []string{"Name", "Address"},
- ProjectId: proj.PublicId,
- address: "[2001:4860:4860::8888]",
- },
- newProjectId: proj.PublicId,
- wantErr: false,
- wantRowsUpdate: 1,
- wantHostSources: false,
- wantAddress: "2001:4860:4860::8888",
- },
- {
- name: "invalid-abbreviated-[ipv6]-address-with-port",
- args: args{
- name: "invalid-abbreviated-[ipv6]-address-with-port" + id,
- fieldMaskPaths: []string{"Name", "Address"},
- ProjectId: proj.PublicId,
- address: "[2001:4860:4860::8888]:80",
- },
- newProjectId: proj.PublicId,
- wantErr: true,
- wantIsError: errors.InvalidAddress,
- wantErrMsg: "invalid address",
- },
- {
- name: "valid-[ipv6]-address",
- args: args{
- name: "valid-[ipv6]-address" + id,
- fieldMaskPaths: []string{"Name", "Address"},
- ProjectId: proj.PublicId,
- address: "[2001:4860:4860:0:0:0:0:8888]",
- },
- newProjectId: proj.PublicId,
- wantErr: false,
- wantRowsUpdate: 1,
- wantHostSources: false,
- wantAddress: "2001:4860:4860:0:0:0:0:8888",
- },
- {
- name: "invalid-[ipv6]-address-with-port",
- args: args{
- name: "invalid-[ipv6]-address-with-port" + id,
- fieldMaskPaths: []string{"Name", "Address"},
- ProjectId: proj.PublicId,
- address: "[2001:4860:4860:0:0:0:0:8888]:80",
- },
- newProjectId: proj.PublicId,
- wantErr: true,
- wantIsError: errors.InvalidAddress,
- wantErrMsg: "invalid address",
},
{
name: "null-address",
diff --git a/internal/target/tcp/testing_test.go b/internal/target/tcp/testing_test.go
index 24dc2a8b04..757657cc1e 100644
--- a/internal/target/tcp/testing_test.go
+++ b/internal/target/tcp/testing_test.go
@@ -19,116 +19,39 @@ import (
)
func Test_TestTcpTarget(t *testing.T) {
- t.Parallel()
-
+ require := require.New(t)
conn, _ := db.TestSetup(t, "postgres")
rw := db.New(conn)
wrapper := db.TestWrapper(t)
testKms := kms.TestKms(t, conn, wrapper)
iamRepo := iam.TestRepo(t, conn, wrapper)
+ _, proj := iam.TestScopes(t, iamRepo)
+
ctx := context.Background()
repo, err := target.NewRepository(ctx, rw, rw, testKms)
- require.NoError(t, err)
-
- t.Run("with-host-source", func(t *testing.T) {
- assert, require := assert.New(t), require.New(t)
- _, proj := iam.TestScopes(t, iamRepo)
- cats := static.TestCatalogs(t, conn, proj.PublicId, 1)
- hsets := static.TestSets(t, conn, cats[0].GetPublicId(), 2)
- var sets []string
- for _, s := range hsets {
- sets = append(sets, s.PublicId)
- }
- name := tcp.TestTargetName(t, proj.PublicId)
- tar := tcp.TestTarget(ctx, t, conn, proj.PublicId, name, target.WithHostSources(sets))
- require.NotNil(t)
- assert.NotEmpty(tar.GetPublicId())
- assert.Equal(name, tar.GetName())
- assert.Empty(tar.GetAddress())
+ require.NoError(err)
- foundTarget, err := repo.LookupTarget(context.Background(), tar.GetPublicId())
- require.NoError(err)
+ cats := static.TestCatalogs(t, conn, proj.PublicId, 1)
+ hsets := static.TestSets(t, conn, cats[0].GetPublicId(), 2)
+ var sets []string
+ for _, s := range hsets {
+ sets = append(sets, s.PublicId)
+ }
+ name := tcp.TestTargetName(t, proj.PublicId)
+ tar := tcp.TestTarget(ctx, t, conn, proj.PublicId, name, target.WithHostSources(sets))
+ require.NotNil(t)
+ require.NotEmpty(tar.GetPublicId())
+ require.Equal(name, tar.GetName())
- foundSources := foundTarget.GetHostSources()
- foundIds := make([]string, 0, len(foundSources))
- for _, s := range foundSources {
- foundIds = append(foundIds, s.Id())
- }
- assert.ElementsMatch(sets, foundIds)
- })
+ foundTarget, err := repo.LookupTarget(context.Background(), tar.GetPublicId())
+ foundSources := foundTarget.GetHostSources()
- tests := []struct {
- name string
- opt []target.Option
- wantAddress string
- }{
- {
- name: "dns-name",
- opt: []target.Option{
- target.WithAddress("www.google.com"),
- },
- wantAddress: "www.google.com",
- },
- {
- name: "ipv4-address",
- opt: []target.Option{
- target.WithAddress("8.8.8.8"),
- },
- wantAddress: "8.8.8.8",
- },
- {
- name: "ipv4-address-with-port",
- opt: []target.Option{
- target.WithAddress("8.8.8.8:80"),
- },
- wantAddress: "8.8.8.8:80",
- },
- {
- name: "ipv6-address",
- opt: []target.Option{
- target.WithAddress("2001:4860:4860:0:0:0:0:8888"),
- },
- wantAddress: "2001:4860:4860:0:0:0:0:8888",
- },
- {
- name: "ipv6-address-with-port",
- opt: []target.Option{
- target.WithAddress("[2001:4860:4860:0:0:0:0:8888]:80"),
- },
- wantAddress: "[2001:4860:4860:0:0:0:0:8888]:80",
- },
- {
- name: "abbreviated-ipv6-address",
- opt: []target.Option{
- target.WithAddress("2001:4860:4860::8888"),
- },
- wantAddress: "2001:4860:4860::8888",
- },
- {
- name: "abbreviated-ipv6-address-with-port",
- opt: []target.Option{
- target.WithAddress("[2001:4860:4860::8888]:80"),
- },
- wantAddress: "[2001:4860:4860::8888]:80",
- },
- }
- for _, tt := range tests {
- t.Run(tt.name, func(t *testing.T) {
- assert, require := assert.New(t), require.New(t)
- _, proj := iam.TestScopes(t, iamRepo)
- name := tcp.TestTargetName(t, proj.PublicId)
- tar := tcp.TestTarget(ctx, t, conn, proj.PublicId, name, tt.opt...)
- require.NotNil(t)
- assert.NotEmpty(tar.GetPublicId())
- assert.Equal(name, tar.GetName())
- if tt.wantAddress != "" {
- assert.Equal(tt.wantAddress, tar.GetAddress())
- assert.Empty(tar.GetHostSources())
- } else {
- assert.Empty(tar.GetAddress())
- }
- })
+ require.NoError(err)
+ foundIds := make([]string, 0, len(foundSources))
+ for _, s := range foundSources {
+ foundIds = append(foundIds, s.Id())
}
+ require.ElementsMatch(sets, foundIds)
}
func Test_TestCredentialLibrary(t *testing.T) {
diff --git a/internal/tests/api/targets/target_test.go b/internal/tests/api/targets/target_test.go
index d00cc28d95..72a6bb1ea9 100644
--- a/internal/tests/api/targets/target_test.go
+++ b/internal/tests/api/targets/target_test.go
@@ -383,7 +383,7 @@ func TestTarget_AddressMutualExclusiveRelationship(t *testing.T) {
targets.WithName("test-address"), targets.WithAddress("[::1]"), targets.WithTcpTargetDefaultPort(22))
require.NoError(t, err)
require.NotNil(t, targetResp)
- require.Equal(t, "::1", targetResp.GetItem().Address)
+ require.Equal(t, "[::1]", targetResp.GetItem().Address)
// Setup host catalog, host set, & host resources
hc, err := hostcatalogs.NewClient(client).Create(tc.Context(), "static", proj.GetPublicId())
@@ -477,7 +477,7 @@ func TestTarget_HostSourceMutualExclusiveRelationship(t *testing.T) {
updateResp, err = tClient.Update(tc.Context(), targetId, version, targets.WithAddress("[::1]"))
require.NoError(t, err)
require.NotNil(t, updateResp)
- require.Equal(t, "::1", updateResp.GetItem().Address)
+ require.Equal(t, "[::1]", updateResp.GetItem().Address)
require.Empty(t, updateResp.GetItem().HostSourceIds)
}
@@ -491,29 +491,24 @@ func TestCreateTarget_DirectlyAttachedAddress(t *testing.T) {
tClient := targets.NewClient(client)
tests := []struct {
- name string
- address string
- expectedAddress string
+ name string
+ address string
}{
{
- name: "target-ipv4-address",
- address: "127.0.0.1",
- expectedAddress: "127.0.0.1",
+ name: "target-ipv4-address",
+ address: "127.0.0.1",
},
{
- name: "target-ipv6-address",
- address: "[2001:4860:4860:0:0:0:0:8888]",
- expectedAddress: "2001:4860:4860:0:0:0:0:8888",
+ name: "target-ipv6-address",
+ address: "[2001:4860:4860:0:0:0:0:8888]",
},
{
- name: "target-abbreviated-ipv6-address",
- address: "[2001:4860:4860::8888]",
- expectedAddress: "2001:4860:4860::8888",
+ name: "target-abbreviated-ipv6-address",
+ address: "[2001:4860:4860::8888]",
},
{
- name: "target-dns-address",
- address: "www.google.com",
- expectedAddress: "www.google.com",
+ name: "target-dns-address",
+ address: "null",
},
}
for _, tt := range tests {
@@ -523,14 +518,14 @@ func TestCreateTarget_DirectlyAttachedAddress(t *testing.T) {
targets.WithName(tt.name), targets.WithAddress(tt.address), targets.WithTcpTargetDefaultPort(22))
require.NoError(err)
require.NotNil(createResp)
- assert.Equal(tt.expectedAddress, createResp.GetItem().Address)
+ assert.Equal(tt.address, createResp.GetItem().Address)
targetId := createResp.GetItem().Id
version := createResp.GetItem().Version
readResp, err := tClient.Read(tc.Context(), targetId)
require.NoError(err)
require.NotNil(readResp)
- assert.Equal(tt.expectedAddress, readResp.GetItem().Address)
+ assert.Equal(tt.address, readResp.GetItem().Address)
updateResp, err := tClient.Update(tc.Context(), targetId, version, targets.DefaultAddress())
require.NoError(err)
diff --git a/internal/tests/cluster/ipv6_listener_test.go b/internal/tests/cluster/ipv6_listener_test.go
index 9d45422193..8274de0e16 100644
--- a/internal/tests/cluster/ipv6_listener_test.go
+++ b/internal/tests/cluster/ipv6_listener_test.go
@@ -5,8 +5,8 @@ package cluster
import (
"context"
- "sync"
"testing"
+ "time"
"github.com/hashicorp/boundary/api"
"github.com/hashicorp/boundary/api/scopes"
@@ -19,73 +19,58 @@ import (
)
func TestIPv6Listener(t *testing.T) {
- t.Parallel()
require := require.New(t)
logger := hclog.New(&hclog.LoggerOptions{
Level: hclog.Trace,
})
- conf, err := config.DevController(config.WithIPv6Enabled(true))
+ conf, err := config.DevController()
require.NoError(err)
+ for _, l := range conf.Listeners {
+ switch l.Purpose[0] {
+ case "api":
+ l.Address = "[::1]:9200"
+
+ case "cluster":
+ l.Address = "[::1]:9201"
+ }
+ }
+
c1 := controller.NewTestController(t, &controller.TestControllerOpts{
Config: conf,
Logger: logger.Named("c1"),
})
defer c1.Shutdown()
- c2 := c1.AddClusterControllerMember(t, &controller.TestControllerOpts{
- Config: conf,
- Logger: c1.Config().Logger.ResetNamed("c2"),
- })
- defer c2.Shutdown()
+ helper.ExpectWorkers(t, c1)
- wg := new(sync.WaitGroup)
- wg.Add(2)
- go func() {
- defer wg.Done()
- helper.ExpectWorkers(t, c1)
- }()
- go func() {
- defer wg.Done()
- helper.ExpectWorkers(t, c2)
- }()
- wg.Wait()
-
- wconf, err := config.DevWorker(config.WithIPv6Enabled(true))
+ wconf, err := config.DevWorker()
require.NoError(err)
w1 := worker.NewTestWorker(t, &worker.TestWorkerOpts{
Config: wconf,
WorkerAuthKms: c1.Config().WorkerAuthKms,
- InitialUpstreams: append(c1.ClusterAddrs(), c2.ClusterAddrs()...),
+ InitialUpstreams: c1.ClusterAddrs(),
Logger: logger.Named("w1"),
})
defer w1.Shutdown()
- wg.Add(2)
- go func() {
- defer wg.Done()
- helper.ExpectWorkers(t, c1, w1)
- }()
- go func() {
- defer wg.Done()
- helper.ExpectWorkers(t, c2, w1)
- }()
- wg.Wait()
+ time.Sleep(10 * time.Second)
+ helper.ExpectWorkers(t, c1, w1)
- require.NoError(w1.Worker().Shutdown())
+ c2 := c1.AddClusterControllerMember(t, &controller.TestControllerOpts{
+ Logger: c1.Config().Logger.ResetNamed("c2"),
+ })
+ defer c2.Shutdown()
+
+ time.Sleep(10 * time.Second)
+ helper.ExpectWorkers(t, c2, w1)
- wg.Add(2)
- go func() {
- defer wg.Done()
- helper.ExpectWorkers(t, c1)
- }()
- go func() {
- defer wg.Done()
- helper.ExpectWorkers(t, c2)
- }()
- wg.Wait()
+ require.NoError(w1.Worker().Shutdown())
+ time.Sleep(10 * time.Second)
+ helper.ExpectWorkers(t, c1)
+ helper.ExpectWorkers(t, c2)
client, err := api.NewClient(nil)
require.NoError(err)
diff --git a/internal/tests/cluster/multi_controller_worker_test.go b/internal/tests/cluster/multi_controller_worker_test.go
index 9380fda0b9..80b3c6613f 100644
--- a/internal/tests/cluster/multi_controller_worker_test.go
+++ b/internal/tests/cluster/multi_controller_worker_test.go
@@ -5,7 +5,6 @@ package cluster
import (
"context"
- "sync"
"testing"
"time"
@@ -39,64 +38,33 @@ func TestMultiControllerMultiWorkerConnections(t *testing.T) {
})
defer c2.Shutdown()
- wg := new(sync.WaitGroup)
- wg.Add(2)
- go func() {
- defer wg.Done()
- helper.ExpectWorkers(t, c1)
- }()
- go func() {
- defer wg.Done()
- helper.ExpectWorkers(t, c2)
- }()
- wg.Wait()
+ helper.ExpectWorkers(t, c1)
+ helper.ExpectWorkers(t, c2)
w1 := worker.NewTestWorker(t, &worker.TestWorkerOpts{
WorkerAuthKms: c1.Config().WorkerAuthKms,
- InitialUpstreams: append(c1.ClusterAddrs(), c2.ClusterAddrs()...),
+ InitialUpstreams: c1.ClusterAddrs(),
Logger: logger.Named("w1"),
})
defer w1.Shutdown()
- wg.Add(2)
- go func() {
- defer wg.Done()
- helper.ExpectWorkers(t, c1, w1)
- }()
- go func() {
- defer wg.Done()
- helper.ExpectWorkers(t, c2, w1)
- }()
- wg.Wait()
+ time.Sleep(10 * time.Second)
+ helper.ExpectWorkers(t, c1, w1)
+ helper.ExpectWorkers(t, c2, w1)
w2 := w1.AddClusterWorkerMember(t, &worker.TestWorkerOpts{
Logger: logger.Named("w2"),
})
defer w2.Shutdown()
- wg.Add(2)
- go func() {
- defer wg.Done()
- helper.ExpectWorkers(t, c1, w1, w2)
- }()
- go func() {
- defer wg.Done()
- helper.ExpectWorkers(t, c2, w1, w2)
- }()
- wg.Wait()
+ time.Sleep(10 * time.Second)
+ helper.ExpectWorkers(t, c1, w1, w2)
+ helper.ExpectWorkers(t, c2, w1, w2)
require.NoError(w1.Worker().Shutdown())
-
- wg.Add(2)
- go func() {
- defer wg.Done()
- helper.ExpectWorkers(t, c1, w2)
- }()
- go func() {
- defer wg.Done()
- helper.ExpectWorkers(t, c2, w2)
- }()
- wg.Wait()
+ time.Sleep(10 * time.Second)
+ helper.ExpectWorkers(t, c1, w2)
+ helper.ExpectWorkers(t, c2, w2)
w1 = worker.NewTestWorker(t, &worker.TestWorkerOpts{
WorkerAuthKms: c1.Config().WorkerAuthKms,
@@ -105,41 +73,22 @@ func TestMultiControllerMultiWorkerConnections(t *testing.T) {
})
defer w1.Shutdown()
- wg.Add(2)
- go func() {
- defer wg.Done()
- helper.ExpectWorkers(t, c1, w1, w2)
- }()
- go func() {
- defer wg.Done()
- helper.ExpectWorkers(t, c2, w1, w2)
- }()
- wg.Wait()
+ time.Sleep(10 * time.Second)
+ helper.ExpectWorkers(t, c1, w1, w2)
+ helper.ExpectWorkers(t, c2, w1, w2)
require.NoError(c2.Controller().Shutdown())
-
- wg.Add(1)
- go func() {
- defer wg.Done()
- helper.ExpectWorkers(t, c1, w1, w2)
- }()
- wg.Wait()
+ time.Sleep(10 * time.Second)
+ helper.ExpectWorkers(t, c1, w1, w2)
c2 = c1.AddClusterControllerMember(t, &controller.TestControllerOpts{
Logger: c1.Config().Logger.ResetNamed("c2"),
})
defer c2.Shutdown()
- wg.Add(2)
- go func() {
- defer wg.Done()
- helper.ExpectWorkers(t, c1, w1, w2)
- }()
- go func() {
- defer wg.Done()
- helper.ExpectWorkers(t, c2, w1, w2)
- }()
- wg.Wait()
+ time.Sleep(10 * time.Second)
+ helper.ExpectWorkers(t, c1, w1, w2)
+ helper.ExpectWorkers(t, c2, w1, w2)
}
func TestWorkerAppendInitialUpstreams(t *testing.T) {
diff --git a/internal/tests/cluster/worker_bytesupdown_test.go b/internal/tests/cluster/worker_bytesupdown_test.go
index 77e734587f..e9867074cb 100644
--- a/internal/tests/cluster/worker_bytesupdown_test.go
+++ b/internal/tests/cluster/worker_bytesupdown_test.go
@@ -31,23 +31,16 @@ func TestWorkerBytesUpDown(t *testing.T) {
Level: hclog.Trace,
})
- conf, err := config.DevController(config.WithIPv6Enabled(true))
+ conf, err := config.DevController()
require.NoError(err)
- pl, err := net.Listen("tcp", "[::1]:")
+ pl, err := net.Listen("tcp", "localhost:0")
require.NoError(err)
-
- // update cluster listener to utilize proxy listener address
- for _, l := range conf.Listeners {
- if l.Purpose[0] == "cluster" {
- l.Address = pl.Addr().String()
- }
- }
-
c1 := controller.NewTestController(t, &controller.TestControllerOpts{
Config: conf,
InitialResourcesSuffix: "1234567890",
Logger: logger.Named("c1"),
+ PublicClusterAddr: pl.Addr().String(),
WorkerStatusGracePeriodDuration: helper.DefaultWorkerStatusGracePeriod,
})
@@ -69,9 +62,10 @@ func TestWorkerBytesUpDown(t *testing.T) {
InitialUpstreams: []string{proxy.ListenerAddr()},
Logger: logger.Named("w1"),
SuccessfulStatusGracePeriodDuration: helper.DefaultSuccessfulStatusGracePeriod,
- EnableIPv6: true,
})
+ require.NoError(w1.Worker().WaitForNextSuccessfulStatusUpdate())
+ require.NoError(c1.WaitForNextWorkerStatusUpdate(w1.Name()))
helper.ExpectWorkers(t, c1, w1)
// Use an independent context for test things that take a context so
@@ -96,12 +90,7 @@ func TestWorkerBytesUpDown(t *testing.T) {
require.NotNil(tgt)
// Authorize a session, connect and send/recv some traffic
- workerInfo := []*targets.WorkerInfo{
- {
- Address: w1.ProxyAddrs()[0],
- },
- }
- sess := helper.NewTestSession(ctx, t, tcl, "ttcp_1234567890", helper.WithWorkerInfo(workerInfo))
+ sess := helper.NewTestSession(ctx, t, tcl, "ttcp_1234567890")
conn := sess.Connect(ctx, t)
conn.TestSendRecvAll(t)
diff --git a/internal/tests/cluster/worker_proxy_test.go b/internal/tests/cluster/worker_proxy_test.go
index 7948aebf2c..585d6452f0 100644
--- a/internal/tests/cluster/worker_proxy_test.go
+++ b/internal/tests/cluster/worker_proxy_test.go
@@ -32,23 +32,16 @@ func TestWorkerSessionProxyMultipleConnections(t *testing.T) {
Level: hclog.Trace,
})
- pl, err := net.Listen("tcp", "[::1]:")
+ conf, err := config.DevController()
require.NoError(err)
- conf, err := config.DevController(config.WithIPv6Enabled(true))
+ pl, err := net.Listen("tcp", "localhost:0")
require.NoError(err)
-
- // update cluster listener to utilize proxy listener address
- for _, l := range conf.Listeners {
- if l.Purpose[0] == "cluster" {
- l.Address = pl.Addr().String()
- }
- }
-
c1 := controller.NewTestController(t, &controller.TestControllerOpts{
Config: conf,
InitialResourcesSuffix: "1234567890",
Logger: logger.Named("c1"),
+ PublicClusterAddr: pl.Addr().String(),
WorkerStatusGracePeriodDuration: helper.DefaultWorkerStatusGracePeriod,
})
t.Cleanup(c1.Shutdown)
@@ -73,10 +66,13 @@ func TestWorkerSessionProxyMultipleConnections(t *testing.T) {
InitialUpstreams: []string{proxy.ListenerAddr()},
Logger: logger.Named("w1"),
SuccessfulStatusGracePeriodDuration: helper.DefaultWorkerStatusGracePeriod,
- EnableIPv6: true,
})
t.Cleanup(w1.Shutdown)
+ err = w1.Worker().WaitForNextSuccessfulStatusUpdate()
+ require.NoError(err)
+ err = c1.WaitForNextWorkerStatusUpdate(w1.Name())
+ require.NoError(err)
helper.ExpectWorkers(t, c1, w1)
// Use an independent context for test things that take a context so
@@ -103,12 +99,7 @@ func TestWorkerSessionProxyMultipleConnections(t *testing.T) {
require.NotNil(tgt)
// Authorize and connect
- workerInfo := []*targets.WorkerInfo{
- {
- Address: w1.ProxyAddrs()[0],
- },
- }
- sess := helper.NewTestSession(ctx, t, tcl, "ttcp_1234567890", helper.WithWorkerInfo(workerInfo))
+ sess := helper.NewTestSession(ctx, t, tcl, "ttcp_1234567890")
sConn := sess.Connect(ctx, t)
// Run initial send/receive test, make sure things are working
diff --git a/internal/tests/helper/option.go b/internal/tests/helper/option.go
index 4ce8e321b2..28e9b8be5f 100644
--- a/internal/tests/helper/option.go
+++ b/internal/tests/helper/option.go
@@ -3,8 +3,6 @@
package helper
-import "github.com/hashicorp/boundary/api/targets"
-
// getOpts iterates the inbound Options and returns a struct and any errors
func getOpts(opt ...Option) (*Options, error) {
opts := getDefaultOptions()
@@ -24,7 +22,6 @@ func getOpts(opt ...Option) (*Options, error) {
// are parsed in various other packages.
type Options struct {
WithSkipSessionTeardown bool
- WithWorkerInfo []*targets.WorkerInfo
}
// Option is a function that takes in an options struct and sets values or
@@ -46,13 +43,3 @@ func WithSkipSessionTeardown(with bool) Option {
return nil
}
}
-
-// WithWorkerInfo can be used to override the default worker address localhost:9202
-// for SessionAuthroizationData. This is useful when testing session connection with
-// dev workers that are not utilizing default addresses.
-func WithWorkerInfo(workerInfo []*targets.WorkerInfo) Option {
- return func(o *Options) error {
- o.WithWorkerInfo = workerInfo
- return nil
- }
-}
diff --git a/internal/tests/helper/testing_helper.go b/internal/tests/helper/testing_helper.go
index ed916a4421..0392eb3f62 100644
--- a/internal/tests/helper/testing_helper.go
+++ b/internal/tests/helper/testing_helper.go
@@ -11,7 +11,6 @@ import (
"net"
"reflect"
"strconv"
- "sync"
"testing"
"time"
@@ -77,18 +76,11 @@ func NewTestSession(
sessAuth, err := sar.GetSessionAuthorization()
require.NoError(err)
- sessAuthData, err := sessAuth.GetSessionAuthorizationData()
- if len(opts.WithWorkerInfo) != 0 {
- sessAuthData.WorkerInfo = opts.WithWorkerInfo
- }
- require.NoError(err)
-
proxy, err := apiproxy.New(
ctx,
sessAuth.AuthorizationToken,
apiproxy.WithWorkerHost(sessAuth.SessionId),
apiproxy.WithSkipSessionTeardown(opts.WithSkipSessionTeardown),
- apiproxy.WithSessionAuthorizationData(sessAuthData),
)
require.NoError(err)
@@ -439,36 +431,23 @@ func NewTestTcpServer(t *testing.T) *TestTcpServer {
return ts
}
-// ExpectWorkers is a blocking call, where the method validates that the expected workers
-// can be found in the controllers status update. If the provided list of workers is empty,
-// this method will sleep for 10 seconds and then validate that the controller worker status
-// is empty.
func ExpectWorkers(t *testing.T, c *controller.TestController, workers ...*worker.TestWorker) {
- // validate the controller has no reported workers
- if len(workers) == 0 {
- c.Controller().WorkerStatusUpdateTimes().Clear()
- time.Sleep(10 * time.Second)
- assert.Eventually(t, func() bool {
- empty := true
- c.Controller().WorkerStatusUpdateTimes().Range(func(k, v any) bool {
- empty = false
- return false
- })
- return empty
- }, 30*time.Second, 2*time.Second)
- return
- }
-
- // validate the controller has expected workers
- wg := new(sync.WaitGroup)
+ updateTimes := c.Controller().WorkerStatusUpdateTimes()
+ workerMap := map[string]*worker.TestWorker{}
for _, w := range workers {
- wg.Add(1)
- go func() {
- defer wg.Done()
- require.NoError(t, c.WaitForNextWorkerStatusUpdate(w.Name()))
- _, ok := c.Controller().WorkerStatusUpdateTimes().Load(w.Name())
- assert.True(t, ok)
- }()
+ workerMap[w.Name()] = w
}
- wg.Wait()
+ updateTimes.Range(func(k, v any) bool {
+ require.NotNil(t, k)
+ require.NotNil(t, v)
+ if workerMap[k.(string)] == nil {
+ // We don't remove from updateTimes currently so if we're not
+ // expecting it we'll see an out-of-date entry
+ return true
+ }
+ assert.WithinDuration(t, time.Now(), v.(time.Time), 30*time.Second)
+ delete(workerMap, k.(string))
+ return true
+ })
+ assert.Empty(t, workerMap)
}
diff --git a/internal/util/net.go b/internal/util/net.go
deleted file mode 100644
index 874929906a..0000000000
--- a/internal/util/net.go
+++ /dev/null
@@ -1,72 +0,0 @@
-// Copyright (c) HashiCorp, Inc.
-// SPDX-License-Identifier: BUSL-1.1
-
-package util
-
-import (
- "context"
- "errors"
- "net"
- "regexp"
- "strings"
-
- "github.com/hashicorp/boundary/globals"
-)
-
-const (
- // MinAddressLength
- MinAddressLength = 3
- // MaxAddressLength
- MaxAddressLength = 255
-)
-
-// This regular expression is used to find all instances of square brackets within a string.
-// This regular expression is used to remove the square brackets from an IPv6 address.
-var squareBrackets = regexp.MustCompile("\\[|\\]")
-
-// JoinHostPort combines host and port into a network address of the form "host:port".
-// If host contains a colon, as found in literal IPv6 addresses, then JoinHostPort returns "[host]:port".
-func JoinHostPort(host, port string) string {
- host = squareBrackets.ReplaceAllString(host, "")
- return net.JoinHostPort(host, port)
-}
-
-// SplitHostPort splits a network address of the form "host:port", "host%zone:port", "[host]:port" or "[host%zone]:port" into host or host%zone and port.
-//
-// A literal IPv6 address in hostport must be enclosed in square brackets, as in "[::1]:80", "[::1%lo0]:80".
-func SplitHostPort(hostport string) (host string, port string, err error) {
- host, port, err = net.SplitHostPort(hostport)
- // use the hostport value as a backup when we have a missing port error
- if err != nil && strings.Contains(err.Error(), globals.MissingPortErrStr) {
- // incase the hostport value is an ipv6, we must remove the enclosed square
- // brackets to retain the same behavior as the net.SplitHostPort() method
- host = squareBrackets.ReplaceAllString(hostport, "")
- err = nil
- }
- return
-}
-
-// ParseAddress trims and validates the input address string. It checks whether
-// the address is within the allowed length and attempts to split it into a host and
-// port. If the address contains a port, it returns an error. The function supports
-// both valid IP addresses (IPv4 or IPv6) and DNS names. If the address is valid
-// and does not include a port, it returns the host (either an IP or a DNS name).
-func ParseAddress(ctx context.Context, address string) (string, error) {
- const op = "util.ParseAddress"
- address = strings.TrimSpace(address)
- if len(address) < MinAddressLength || len(address) > MaxAddressLength {
- return "", errors.New("invalid address length")
- }
- host, port, err := SplitHostPort(address)
- if err != nil {
- ip := net.ParseIP(address)
- if ip.To4() == nil && ip.To16() == nil {
- return "", err
- }
- host = ip.String()
- }
- if port != "" {
- return "", errors.New("address contains a port")
- }
- return host, nil
-}
diff --git a/internal/util/net_test.go b/internal/util/net_test.go
deleted file mode 100644
index 1767a9bfe9..0000000000
--- a/internal/util/net_test.go
+++ /dev/null
@@ -1,385 +0,0 @@
-// Copyright (c) HashiCorp, Inc.
-// SPDX-License-Identifier: BUSL-1.1
-
-package util
-
-import (
- "context"
- "net"
- "strings"
- "testing"
-
- "github.com/stretchr/testify/assert"
- "github.com/stretchr/testify/require"
-)
-
-func Test_JoinHostPort(t *testing.T) {
- t.Parallel()
-
- // The wrapper function is used to ensure that the
- // host input value is not already enclosed with
- // square brackets for ipv6 addresses. This is because
- // the underlying JoinHostPort() method will enclose the
- // existing square brackets with another pair of square
- // brackets.
- t.Run("ensure-net.JoinHostPort()-behavior", func(t *testing.T) {
- assert := assert.New(t)
- hostport := net.JoinHostPort("[2001:4860:4860:0:0:0:0:8888]", "80")
- assert.Equal("[[2001:4860:4860:0:0:0:0:8888]]:80", hostport)
- })
-
- tests := []struct {
- name string
- host string
- port string
- expectedAddress string
- }{
- {
- name: "local-ipv4",
- host: "127.0.0.1",
- port: "80",
- expectedAddress: "127.0.0.1:80",
- },
- {
- name: "ipv4",
- host: "8.8.8.8",
- port: "80",
- expectedAddress: "8.8.8.8:80",
- },
- {
- name: "ipv4-empty-port",
- host: "8.8.8.8",
- expectedAddress: "8.8.8.8:",
- },
- {
- name: "ipv4-square-brackets",
- host: "[8.8.8.8]",
- port: "80",
- expectedAddress: "8.8.8.8:80",
- },
- {
- name: "missing-left-square-bracket",
- host: "::1]",
- port: "80",
- expectedAddress: "[::1]:80",
- },
- {
- name: "missing-right-square-bracket",
- host: "[::1",
- port: "80",
- expectedAddress: "[::1]:80",
- },
- {
- name: "local-no-square-brackets",
- host: "::1",
- port: "80",
- expectedAddress: "[::1]:80",
- },
- {
- name: "local-no-square-brackets-missing-port",
- host: "::1",
- expectedAddress: "[::1]:",
- },
- {
- name: "ipv6-no-square-brackets",
- host: "2001:4860:4860:0:0:0:0:8888",
- port: "80",
- expectedAddress: "[2001:4860:4860:0:0:0:0:8888]:80",
- },
- {
- name: "ipv6-no-square-brackets-missing-port",
- host: "2001:4860:4860:0:0:0:0:8888",
- expectedAddress: "[2001:4860:4860:0:0:0:0:8888]:",
- },
- {
- name: "abbreviated-ipv6-no-square-brackets",
- host: "2001:4860:4860::8888",
- port: "80",
- expectedAddress: "[2001:4860:4860::8888]:80",
- },
- {
- name: "abbreviated-ipv6-no-square-brackets-missing-port",
- host: "2001:4860:4860::8888",
- expectedAddress: "[2001:4860:4860::8888]:",
- },
- {
- name: "local-square-brackets",
- host: "[::1]",
- port: "80",
- expectedAddress: "[::1]:80",
- },
- {
- name: "local-double-square-brackets",
- host: "[[::1]]",
- port: "80",
- expectedAddress: "[::1]:80",
- },
- {
- name: "local-square-brackets-missing-port",
- host: "[::1]",
- expectedAddress: "[::1]:",
- },
- {
- name: "local-double-square-brackets-missing-port",
- host: "[[::1]]",
- expectedAddress: "[::1]:",
- },
- {
- name: "ipv6-square-brackets",
- host: "[2001:4860:4860:0:0:0:0:8888]",
- port: "80",
- expectedAddress: "[2001:4860:4860:0:0:0:0:8888]:80",
- },
- {
- name: "ipv6-dobule-square-brackets",
- host: "[[2001:4860:4860:0:0:0:0:8888]]",
- port: "80",
- expectedAddress: "[2001:4860:4860:0:0:0:0:8888]:80",
- },
- {
- name: "ipv6-square-brackets-missing-port",
- host: "[2001:4860:4860:0:0:0:0:8888]",
- expectedAddress: "[2001:4860:4860:0:0:0:0:8888]:",
- },
- {
- name: "ipv6-double-square-brackets-missing-port",
- host: "[[2001:4860:4860:0:0:0:0:8888]]",
- expectedAddress: "[2001:4860:4860:0:0:0:0:8888]:",
- },
- {
- name: "abbreviated-ipv6-square-brackets",
- host: "[2001:4860:4860::8888]",
- port: "80",
- expectedAddress: "[2001:4860:4860::8888]:80",
- },
- {
- name: "abbreviated-ipv6-double-square-brackets",
- host: "[[2001:4860:4860::8888]]",
- port: "80",
- expectedAddress: "[2001:4860:4860::8888]:80",
- },
- {
- name: "abbreviated-ipv6-square-brackets-missing-port",
- host: "[2001:4860:4860::8888]",
- expectedAddress: "[2001:4860:4860::8888]:",
- },
- {
- name: "abbreviated-ipv6-double-square-brackets-missing-port",
- host: "[[2001:4860:4860::8888]]",
- expectedAddress: "[2001:4860:4860::8888]:",
- },
- }
- for _, tt := range tests {
- tt := tt
- t.Run(tt.name, func(t *testing.T) {
- assert := assert.New(t)
- actualAddress := JoinHostPort(tt.host, tt.port)
- assert.Equal(tt.expectedAddress, actualAddress)
- })
- }
-}
-
-func Test_SplitHostPort(t *testing.T) {
- t.Parallel()
-
- // The wrapper function is used to ignore missing port error.
- // We need to validate the behavior of the underlying
- // SplitHostPort() method hasn't changed.
- t.Run("ensure-net.SplitHostPort()-behavior", func(t *testing.T) {
- require, assert := require.New(t), assert.New(t)
- host, port, err := net.SplitHostPort("[2001:4860:4860:0:0:0:0:8888]")
- require.Error(err)
- assert.ErrorContains(err, "missing port in address")
- assert.Empty(host)
- assert.Empty(port)
- })
-
- tests := []struct {
- name string
- hostport string
- expectedHost string
- expectedPort string
- expectedErrMsg string
- }{
- {
- name: "local-ipv4",
- hostport: "127.0.0.1:80",
- expectedHost: "127.0.0.1",
- expectedPort: "80",
- },
- {
- name: "ipv4",
- hostport: "8.8.8.8:80",
- expectedHost: "8.8.8.8",
- expectedPort: "80",
- },
- {
- name: "ipv4-ignore-missing-port",
- hostport: "8.8.8.8",
- expectedHost: "8.8.8.8",
- },
- {
- name: "ipv4-empty-port",
- hostport: "8.8.8.8:",
- expectedHost: "8.8.8.8",
- },
- {
- name: "ipv4-square-bracket",
- hostport: "[8.8.8.8]:80",
- expectedHost: "8.8.8.8",
- expectedPort: "80",
- },
- {
- name: "ipv6-missing-square-brackets",
- hostport: "::1:80",
- expectedErrMsg: "address ::1:80: too many colons in address",
- },
- {
- name: "ipv6-ignore-missing-port",
- hostport: "[::1]",
- expectedHost: "::1",
- },
- {
- name: "ipv6-empty-port",
- hostport: "[::1]:",
- expectedHost: "::1",
- },
- {
- name: "local-ipv6",
- hostport: "[::1]:80",
- expectedHost: "::1",
- expectedPort: "80",
- },
- {
- name: "ipv6",
- hostport: "[2001:4860:4860:0:0:0:0:8888]:80",
- expectedHost: "2001:4860:4860:0:0:0:0:8888",
- expectedPort: "80",
- },
- {
- name: "abbreviated-ipv6",
- hostport: "[2001:4860:4860::8888]:80",
- expectedHost: "2001:4860:4860::8888",
- expectedPort: "80",
- },
- }
- for _, tt := range tests {
- tt := tt
- t.Run(tt.name, func(t *testing.T) {
- require, assert := require.New(t), assert.New(t)
- actualHost, actualPort, err := SplitHostPort(tt.hostport)
- if tt.expectedErrMsg != "" {
- require.Error(err)
- assert.ErrorContains(err, tt.expectedErrMsg)
- return
- }
- require.NoError(err)
- assert.Equal(tt.expectedHost, actualHost)
- assert.Equal(tt.expectedPort, actualPort)
- })
- }
-}
-
-func Test_ParseAddress(t *testing.T) {
- t.Parallel()
- tests := []struct {
- name string
- address string
- expectedAddress string
- expectedErrMsg string
- }{
- {
- name: "empty-address",
- expectedErrMsg: "invalid address length",
- },
- {
- name: "empty-spaces",
- address: " ",
- expectedErrMsg: "invalid address length",
- },
- {
- name: "invalid-short-address",
- address: "ab",
- expectedErrMsg: "invalid address length",
- },
- {
- name: "invalid-long-address",
- address: strings.Repeat("a", 256),
- expectedErrMsg: "invalid address length",
- },
- {
- name: "valid-dns-name",
- address: "www.google.com",
- expectedAddress: "www.google.com",
- },
- {
- name: "valid-dns-name-trim-empty-spaces",
- address: " www.google.com ",
- expectedAddress: "www.google.com",
- },
- {
- name: "valid-ipv4",
- address: "127.0.0.1",
- expectedAddress: "127.0.0.1",
- },
- {
- name: "invalid-ipv4-with-port",
- address: "127.0.0.1:80",
- expectedErrMsg: "address contains a port",
- },
- {
- name: "valid-ipv6",
- address: "2001:4860:4860:0:0:0:0:8888",
- expectedAddress: "2001:4860:4860::8888",
- },
- {
- name: "valid-[ipv6]",
- address: "[2001:4860:4860:0:0:0:0:8888]",
- expectedAddress: "2001:4860:4860:0:0:0:0:8888",
- },
- {
- name: "valid-[ipv6]:",
- address: "[2001:4860:4860:0:0:0:0:8888]:",
- expectedAddress: "2001:4860:4860:0:0:0:0:8888",
- },
- {
- name: "invalid-ipv6-with-port",
- address: "[2001:4860:4860:0:0:0:0:8888]:80",
- expectedErrMsg: "address contains a port",
- },
- {
- name: "valid-abbreviated-ipv6",
- address: "2001:4860:4860::8888",
- expectedAddress: "2001:4860:4860::8888",
- },
- {
- name: "valid-abbreviated-[ipv6]",
- address: "[2001:4860:4860::8888]",
- expectedAddress: "2001:4860:4860::8888",
- },
- {
- name: "valid-abbreviated-[ipv6]:",
- address: "[2001:4860:4860::8888]:",
- expectedAddress: "2001:4860:4860::8888",
- },
- {
- name: "invalid-abbreviated-[ipv6]-with-port",
- address: "[2001:4860:4860::8888]:80",
- expectedErrMsg: "address contains a port",
- },
- }
- for _, tt := range tests {
- tt := tt
- t.Run(tt.name, func(t *testing.T) {
- require, assert := require.New(t), assert.New(t)
- actualAddress, err := ParseAddress(context.Background(), tt.address)
- if tt.expectedErrMsg != "" {
- require.Error(err)
- assert.ErrorContains(err, tt.expectedErrMsg)
- return
- }
- require.NoError(err)
- assert.Equal(tt.expectedAddress, actualAddress)
- })
- }
-}
diff --git a/plugins/boundary/mains/aws/go.mod b/plugins/boundary/mains/aws/go.mod
index 88ec6c5950..e96ecef430 100644
--- a/plugins/boundary/mains/aws/go.mod
+++ b/plugins/boundary/mains/aws/go.mod
@@ -1,67 +1,66 @@
module github.com/hashicorp/boundary/plugins/boundary/mains/aws
-go 1.23.1
+go 1.23.3
require (
- github.com/hashicorp/boundary-plugin-aws v0.4.1-0.20241028185018-899c62ce0694
+ github.com/hashicorp/boundary-plugin-aws v0.4.1
github.com/hashicorp/boundary/sdk v0.0.49
)
require (
- github.com/aws/aws-sdk-go-v2 v1.32.2 // indirect
- github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.6 // indirect
- github.com/aws/aws-sdk-go-v2/config v1.28.0 // indirect
- github.com/aws/aws-sdk-go-v2/credentials v1.17.41 // indirect
- github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.17 // indirect
- github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.21 // indirect
- github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.21 // indirect
+ github.com/aws/aws-sdk-go-v2 v1.32.5 // indirect
+ github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.7 // indirect
+ github.com/aws/aws-sdk-go-v2/config v1.28.5 // indirect
+ github.com/aws/aws-sdk-go-v2/credentials v1.17.46 // indirect
+ github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.20 // indirect
+ github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.24 // indirect
+ github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.24 // indirect
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 // indirect
- github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.21 // indirect
- github.com/aws/aws-sdk-go-v2/service/ec2 v1.186.0 // indirect
- github.com/aws/aws-sdk-go-v2/service/iam v1.37.2 // indirect
- github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.0 // indirect
- github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.2 // indirect
- github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.2 // indirect
- github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.2 // indirect
- github.com/aws/aws-sdk-go-v2/service/s3 v1.66.1 // indirect
- github.com/aws/aws-sdk-go-v2/service/sso v1.24.2 // indirect
- github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.2 // indirect
- github.com/aws/aws-sdk-go-v2/service/sts v1.32.2 // indirect
- github.com/aws/smithy-go v1.22.0 // indirect
+ github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.24 // indirect
+ github.com/aws/aws-sdk-go-v2/service/ec2 v1.193.0 // indirect
+ github.com/aws/aws-sdk-go-v2/service/iam v1.38.1 // indirect
+ github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1 // indirect
+ github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.5 // indirect
+ github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.5 // indirect
+ github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.5 // indirect
+ github.com/aws/aws-sdk-go-v2/service/s3 v1.69.0 // indirect
+ github.com/aws/aws-sdk-go-v2/service/sso v1.24.6 // indirect
+ github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.5 // indirect
+ github.com/aws/aws-sdk-go-v2/service/sts v1.33.1 // indirect
+ github.com/aws/smithy-go v1.22.1 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
- github.com/fatih/color v1.18.0 // indirect
+ github.com/fatih/color v1.15.0 // indirect
github.com/golang/protobuf v1.5.4 // indirect
github.com/google/uuid v1.6.0 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
- github.com/hashicorp/eventlogger v0.2.10 // indirect
+ github.com/hashicorp/eventlogger v0.2.6-0.20231025104552-802587e608f0 // indirect
github.com/hashicorp/eventlogger/filters/encrypt v0.1.8-0.20231025104552-802587e608f0 // indirect
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
github.com/hashicorp/go-hclog v1.6.3 // indirect
- github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 // indirect
+ github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 // indirect
github.com/hashicorp/go-multierror v1.1.1 // indirect
github.com/hashicorp/go-plugin v1.6.2 // indirect
- github.com/hashicorp/go-secure-stdlib/awsutil/v2 v2.0.0 // indirect
+ github.com/hashicorp/go-secure-stdlib/awsutil/v2 v2.1.0 // indirect
github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 // indirect
- github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.7 // indirect
+ github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.6 // indirect
github.com/hashicorp/go-uuid v1.0.3 // indirect
- github.com/hashicorp/yamux v0.1.2 // indirect
- github.com/kr/text v0.2.0 // indirect
+ github.com/hashicorp/yamux v0.1.1 // indirect
github.com/mattn/go-colorable v0.1.13 // indirect
- github.com/mattn/go-isatty v0.0.20 // indirect
+ github.com/mattn/go-isatty v0.0.19 // indirect
github.com/mitchellh/copystructure v1.2.0 // indirect
github.com/mitchellh/mapstructure v1.5.0 // indirect
github.com/mitchellh/pointerstructure v1.2.1 // indirect
github.com/mitchellh/reflectwalk v1.0.2 // indirect
github.com/oklog/run v1.1.0 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
- github.com/stretchr/testify v1.9.0 // indirect
+ github.com/stretchr/testify v1.10.0 // indirect
golang.org/x/crypto v0.28.0 // indirect
golang.org/x/net v0.30.0 // indirect
golang.org/x/sys v0.26.0 // indirect
golang.org/x/text v0.19.0 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20241021214115-324edc3d5d38 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20241021214115-324edc3d5d38 // indirect
- google.golang.org/grpc v1.67.1 // indirect
- google.golang.org/protobuf v1.35.1 // indirect
+ google.golang.org/grpc v1.68.0 // indirect
+ google.golang.org/protobuf v1.35.2 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)
diff --git a/plugins/boundary/mains/aws/go.sum b/plugins/boundary/mains/aws/go.sum
index 96a3497489..db0c86dfea 100644
--- a/plugins/boundary/mains/aws/go.sum
+++ b/plugins/boundary/mains/aws/go.sum
@@ -6,46 +6,46 @@ github.com/Masterminds/sprig/v3 v3.2.3 h1:eL2fZNezLomi0uOLqjQoN6BfsDD+fyLtgbJMAj
github.com/Masterminds/sprig/v3 v3.2.3/go.mod h1:rXcFaZ2zZbLRJv/xSysmlgIM1u11eBaRMhvYXJNkGuM=
github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI=
github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
-github.com/aws/aws-sdk-go-v2 v1.32.2 h1:AkNLZEyYMLnx/Q/mSKkcMqwNFXMAvFto9bNsHqcTduI=
-github.com/aws/aws-sdk-go-v2 v1.32.2/go.mod h1:2SK5n0a2karNTv5tbP1SjsX0uhttou00v/HpXKM1ZUo=
-github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.6 h1:pT3hpW0cOHRJx8Y0DfJUEQuqPild8jRGmSFmBgvydr0=
-github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.6/go.mod h1:j/I2++U0xX+cr44QjHay4Cvxj6FUbnxrgmqN3H1jTZA=
-github.com/aws/aws-sdk-go-v2/config v1.28.0 h1:FosVYWcqEtWNxHn8gB/Vs6jOlNwSoyOCA/g/sxyySOQ=
-github.com/aws/aws-sdk-go-v2/config v1.28.0/go.mod h1:pYhbtvg1siOOg8h5an77rXle9tVG8T+BWLWAo7cOukc=
-github.com/aws/aws-sdk-go-v2/credentials v1.17.41 h1:7gXo+Axmp+R4Z+AK8YFQO0ZV3L0gizGINCOWxSLY9W8=
-github.com/aws/aws-sdk-go-v2/credentials v1.17.41/go.mod h1:u4Eb8d3394YLubphT4jLEwN1rLNq2wFOlT6OuxFwPzU=
-github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.17 h1:TMH3f/SCAWdNtXXVPPu5D6wrr4G5hI1rAxbcocKfC7Q=
-github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.17/go.mod h1:1ZRXLdTpzdJb9fwTMXiLipENRxkGMTn1sfKexGllQCw=
-github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.21 h1:UAsR3xA31QGf79WzpG/ixT9FZvQlh5HY1NRqSHBNOCk=
-github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.21/go.mod h1:JNr43NFf5L9YaG3eKTm7HQzls9J+A9YYcGI5Quh1r2Y=
-github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.21 h1:6jZVETqmYCadGFvrYEQfC5fAQmlo80CeL5psbno6r0s=
-github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.21/go.mod h1:1SR0GbLlnN3QUmYaflZNiH1ql+1qrSiB2vwcJ+4UM60=
+github.com/aws/aws-sdk-go-v2 v1.32.5 h1:U8vdWJuY7ruAkzaOdD7guwJjD06YSKmnKCJs7s3IkIo=
+github.com/aws/aws-sdk-go-v2 v1.32.5/go.mod h1:P5WJBrYqqbWVaOxgH0X/FYYD47/nooaPOZPlQdmiN2U=
+github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.7 h1:lL7IfaFzngfx0ZwUGOZdsFFnQ5uLvR0hWqqhyE7Q9M8=
+github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.7/go.mod h1:QraP0UcVlQJsmHfioCrveWOC1nbiWUl3ej08h4mXWoc=
+github.com/aws/aws-sdk-go-v2/config v1.28.5 h1:Za41twdCXbuyyWv9LndXxZZv3QhTG1DinqlFsSuvtI0=
+github.com/aws/aws-sdk-go-v2/config v1.28.5/go.mod h1:4VsPbHP8JdcdUDmbTVgNL/8w9SqOkM5jyY8ljIxLO3o=
+github.com/aws/aws-sdk-go-v2/credentials v1.17.46 h1:AU7RcriIo2lXjUfHFnFKYsLCwgbz1E7Mm95ieIRDNUg=
+github.com/aws/aws-sdk-go-v2/credentials v1.17.46/go.mod h1:1FmYyLGL08KQXQ6mcTlifyFXfJVCNJTVGuQP4m0d/UA=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.20 h1:sDSXIrlsFSFJtWKLQS4PUWRvrT580rrnuLydJrCQ/yA=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.20/go.mod h1:WZ/c+w0ofps+/OUqMwWgnfrgzZH1DZO1RIkktICsqnY=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.24 h1:4usbeaes3yJnCFC7kfeyhkdkPtoRYPa/hTmCqMpKpLI=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.24/go.mod h1:5CI1JemjVwde8m2WG3cz23qHKPOxbpkq0HaoreEgLIY=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.24 h1:N1zsICrQglfzaBnrfM0Ys00860C+QFwu6u/5+LomP+o=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.24/go.mod h1:dCn9HbJ8+K31i8IQ8EWmWj0EiIk0+vKiHNMxTTYveAg=
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 h1:VaRN3TlFdd6KxX1x3ILT5ynH6HvKgqdiXoTxAF4HQcQ=
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1/go.mod h1:FbtygfRFze9usAadmnGJNc8KsP346kEe+y2/oyhGAGc=
-github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.21 h1:7edmS3VOBDhK00b/MwGtGglCm7hhwNYnjJs/PgFdMQE=
-github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.21/go.mod h1:Q9o5h4HoIWG8XfzxqiuK/CGUbepCJ8uTlaE3bAbxytQ=
-github.com/aws/aws-sdk-go-v2/service/ec2 v1.186.0 h1:n2l2WeV+lEABrGwG/4MsE0WFEbd3j7yKsmZzbnEm5CY=
-github.com/aws/aws-sdk-go-v2/service/ec2 v1.186.0/go.mod h1:kYXaB4FzyhEJjvrJ84oPnMElLiEAjGxxUunVW2tBSng=
-github.com/aws/aws-sdk-go-v2/service/iam v1.37.2 h1:E7vCDUFeDN8uOk8Nb2d4E1howWS1TR4HrKABXsvttIs=
-github.com/aws/aws-sdk-go-v2/service/iam v1.37.2/go.mod h1:QzMecFrIFYJ1cyxjlUoIFRzYSDX19gdqYUd0Tyws2J8=
-github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.0 h1:TToQNkvGguu209puTojY/ozlqy2d/SFNcoLIqTFi42g=
-github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.0/go.mod h1:0jp+ltwkf+SwG2fm/PKo8t4y8pJSgOCO4D8Lz3k0aHQ=
-github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.2 h1:4FMHqLfk0efmTqhXVRL5xYRqlEBNBiRI7N6w4jsEdd4=
-github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.2/go.mod h1:LWoqeWlK9OZeJxsROW2RqrSPvQHKTpp69r/iDjwsSaw=
-github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.2 h1:s7NA1SOw8q/5c0wr8477yOPp0z+uBaXBnLE0XYb0POA=
-github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.2/go.mod h1:fnjjWyAW/Pj5HYOxl9LJqWtEwS7W2qgcRLWP+uWbss0=
-github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.2 h1:t7iUP9+4wdc5lt3E41huP+GvQZJD38WLsgVp4iOtAjg=
-github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.2/go.mod h1:/niFCtmuQNxqx9v8WAPq5qh7EH25U4BF6tjoyq9bObM=
-github.com/aws/aws-sdk-go-v2/service/s3 v1.66.1 h1:MkQ4unegQEStiQYmfFj+Aq5uTp265ncSmm0XTQwDwi0=
-github.com/aws/aws-sdk-go-v2/service/s3 v1.66.1/go.mod h1:cB6oAuus7YXRZhWCc1wIwPywwZ1XwweNp2TVAEGYeB8=
-github.com/aws/aws-sdk-go-v2/service/sso v1.24.2 h1:bSYXVyUzoTHoKalBmwaZxs97HU9DWWI3ehHSAMa7xOk=
-github.com/aws/aws-sdk-go-v2/service/sso v1.24.2/go.mod h1:skMqY7JElusiOUjMJMOv1jJsP7YUg7DrhgqZZWuzu1U=
-github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.2 h1:AhmO1fHINP9vFYUE0LHzCWg/LfUWUF+zFPEcY9QXb7o=
-github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.2/go.mod h1:o8aQygT2+MVP0NaV6kbdE1YnnIM8RRVQzoeUH45GOdI=
-github.com/aws/aws-sdk-go-v2/service/sts v1.32.2 h1:CiS7i0+FUe+/YY1GvIBLLrR/XNGZ4CtM1Ll0XavNuVo=
-github.com/aws/aws-sdk-go-v2/service/sts v1.32.2/go.mod h1:HtaiBI8CjYoNVde8arShXb94UbQQi9L4EMr6D+xGBwo=
-github.com/aws/smithy-go v1.22.0 h1:uunKnWlcoL3zO7q+gG2Pk53joueEOsnNB28QdMsmiMM=
-github.com/aws/smithy-go v1.22.0/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg=
+github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.24 h1:JX70yGKLj25+lMC5Yyh8wBtvB01GDilyRuJvXJ4piD0=
+github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.24/go.mod h1:+Ln60j9SUTD0LEwnhEB0Xhg61DHqplBrbZpLgyjoEHg=
+github.com/aws/aws-sdk-go-v2/service/ec2 v1.193.0 h1:RhSoBFT5/8tTmIseJUXM6INTXTQDF8+0oyxWBnozIms=
+github.com/aws/aws-sdk-go-v2/service/ec2 v1.193.0/go.mod h1:mzj8EEjIHSN2oZRXiw1Dd+uB4HZTl7hC8nBzX9IZMWw=
+github.com/aws/aws-sdk-go-v2/service/iam v1.38.1 h1:hfkzDZHBp9jAT4zcd5mtqckpU4E3Ax0LQaEWWk1VgN8=
+github.com/aws/aws-sdk-go-v2/service/iam v1.38.1/go.mod h1:u36ahDtZcQHGmVm/r+0L1sfKX4fzLEMdCqiKRKkUMVM=
+github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1 h1:iXtILhvDxB6kPvEXgsDhGaZCSC6LQET5ZHSdJozeI0Y=
+github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1/go.mod h1:9nu0fVANtYiAePIBh2/pFUSwtJ402hLnp854CNoDOeE=
+github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.5 h1:gvZOjQKPxFXy1ft3QnEyXmT+IqneM9QAUWlM3r0mfqw=
+github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.5/go.mod h1:DLWnfvIcm9IET/mmjdxeXbBKmTCm0ZB8p1za9BVteM8=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.5 h1:wtpJ4zcwrSbwhECWQoI/g6WM9zqCcSpHDJIWSbMLOu4=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.5/go.mod h1:qu/W9HXQbbQ4+1+JcZp0ZNPV31ym537ZJN+fiS7Ti8E=
+github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.5 h1:P1doBzv5VEg1ONxnJss1Kh5ZG/ewoIE4MQtKKc6Crgg=
+github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.5/go.mod h1:NOP+euMW7W3Ukt28tAxPuoWao4rhhqJD3QEBk7oCg7w=
+github.com/aws/aws-sdk-go-v2/service/s3 v1.69.0 h1:Q2ax8S21clKOnHhhr933xm3JxdJebql+R7aNo7p7GBQ=
+github.com/aws/aws-sdk-go-v2/service/s3 v1.69.0/go.mod h1:ralv4XawHjEMaHOWnTFushl0WRqim/gQWesAMF6hTow=
+github.com/aws/aws-sdk-go-v2/service/sso v1.24.6 h1:3zu537oLmsPfDMyjnUS2g+F2vITgy5pB74tHI+JBNoM=
+github.com/aws/aws-sdk-go-v2/service/sso v1.24.6/go.mod h1:WJSZH2ZvepM6t6jwu4w/Z45Eoi75lPN7DcydSRtJg6Y=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.5 h1:K0OQAsDywb0ltlFrZm0JHPY3yZp/S9OaoLU33S7vPS8=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.5/go.mod h1:ORITg+fyuMoeiQFiVGoqB3OydVTLkClw/ljbblMq6Cc=
+github.com/aws/aws-sdk-go-v2/service/sts v1.33.1 h1:6SZUVRQNvExYlMLbHdlKB48x0fLbc2iVROyaNEwBHbU=
+github.com/aws/aws-sdk-go-v2/service/sts v1.33.1/go.mod h1:GqWyYCwLXnlUB1lOAXQyNSPqPLQJvmo8J0DWBzp9mtg=
+github.com/aws/smithy-go v1.22.1 h1:/HPHZQ0g7f4eUeK6HKglFz8uwVfZKgoI25rb/J+dnro=
+github.com/aws/smithy-go v1.22.1/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg=
github.com/bgentry/speakeasy v0.1.0 h1:ByYyxL9InA1OWqxJqqp2A5pYHUrCiAL6K3J+LKSsQkY=
github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
github.com/bufbuild/protocompile v0.4.0 h1:LbFKd2XowZvQ/kajzguUp2DC9UEIQhIq77fZZlaQsNA=
@@ -55,27 +55,27 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk=
-github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM=
-github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU=
-github.com/go-test/deep v1.1.1 h1:0r/53hagsehfO4bzD2Pgr/+RgHqhmf+k1Bpse2cTu1U=
-github.com/go-test/deep v1.1.1/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE=
+github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs=
+github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw=
+github.com/go-test/deep v1.0.4 h1:u2CU3YKy9I2pmu9pX0eq50wCgjfGIt539SqR7FbHiho=
+github.com/go-test/deep v1.0.4/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA=
github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
+github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/hashicorp/boundary-plugin-aws v0.4.1-0.20241028041804-97aae6ebc3e0 h1:GANG5VxXVClV5FIh7OQEQ7BIWpf8uZgs48+dkPL/cmE=
-github.com/hashicorp/boundary-plugin-aws v0.4.1-0.20241028041804-97aae6ebc3e0/go.mod h1:v5i02mEC5W5n/mHpdGbU3VNYUJggv0NMsOvnZQUAeak=
-github.com/hashicorp/boundary-plugin-aws v0.4.1-0.20241028185018-899c62ce0694 h1:2CNa55lFiTbT+J7yY0AeRGHKYz7oCIV9zGn1g/A8Ooo=
-github.com/hashicorp/boundary-plugin-aws v0.4.1-0.20241028185018-899c62ce0694/go.mod h1:v5i02mEC5W5n/mHpdGbU3VNYUJggv0NMsOvnZQUAeak=
+github.com/hashicorp/boundary-plugin-aws v0.4.1 h1:I64eZcRLhndx5PnuaCFNt9B30Bb0c9WV1S+HaZzBHhE=
+github.com/hashicorp/boundary-plugin-aws v0.4.1/go.mod h1:LLNJ6K149OTGteink8xatHKsWohT1cZ8lqLM0kfGolQ=
github.com/hashicorp/boundary/sdk v0.0.49 h1:XOb6mSKyrU/wI20+5xTYBHQUP7eIeKcLxKSCpCs4yzM=
github.com/hashicorp/boundary/sdk v0.0.49/go.mod h1:IHP79to8aIi22FiY58pgBqJL96/U9D8ZAUhS2DdC+Us=
github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
-github.com/hashicorp/eventlogger v0.2.10 h1:Dddth3KVSribGE1rInGToM30tRNblvL0G1OG6N+i2pk=
-github.com/hashicorp/eventlogger v0.2.10/go.mod h1:imHMTfJH4qfb8Knh9nZw4iLfL9J1bX6TJKEurSB4t+U=
+github.com/hashicorp/eventlogger v0.2.6-0.20231025104552-802587e608f0 h1:f9oX8/3zxiQrfrWnBeyjDm4S02GAU02OBtCRoZOUwlo=
+github.com/hashicorp/eventlogger v0.2.6-0.20231025104552-802587e608f0/go.mod h1://CHt6/j+Q2lc0NlUB5af4aS2M0c0aVBg9/JfcpAyhM=
github.com/hashicorp/eventlogger/filters/encrypt v0.1.8-0.20231025104552-802587e608f0 h1:iAb287bq0TaWTnhDYuN/zVqdD2EwanQg9ncVelC60Xc=
github.com/hashicorp/eventlogger/filters/encrypt v0.1.8-0.20231025104552-802587e608f0/go.mod h1:tMywUTIvdB/FXhwm6HMTt61C8/eODY6gitCHhXtyojg=
github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ=
@@ -84,14 +84,15 @@ github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB1
github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM=
github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ=
+github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw=
+github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ=
github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
github.com/hashicorp/go-plugin v1.6.2 h1:zdGAEd0V1lCaU0u+MxWQhtSDQmahpkwOun8U8EiRVog=
github.com/hashicorp/go-plugin v1.6.2/go.mod h1:CkgLQ5CZqNmdL9U9JzM532t8ZiYQ35+pj3b1FD37R0Q=
-github.com/hashicorp/go-secure-stdlib/awsutil/v2 v2.0.0 h1:ca5TSI4AgaOncPpyzLDtCGjVEtKukONpeM95vFxXCOQ=
-github.com/hashicorp/go-secure-stdlib/awsutil/v2 v2.0.0/go.mod h1:7CUvZtfTp2U0CYQCLzMtS2ngckjAZePSfwrE2aeDP1M=
+github.com/hashicorp/go-secure-stdlib/awsutil/v2 v2.1.0 h1:V3TJFolOHYSDqQLbTUBygXtbX4jKXyBcDoU+KNZE1Ak=
+github.com/hashicorp/go-secure-stdlib/awsutil/v2 v2.1.0/go.mod h1:OeRwM2eWNW62L1Z+8GvoZM5nQJMRWBewHSoo77qmb4Y=
+github.com/hashicorp/go-secure-stdlib/base62 v0.1.1/go.mod h1:EdWO6czbmthiwZ3/PUsDV+UD1D5IRU4ActiaWGwt0Yw=
github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 h1:ET4pqyjiGmY09R5y+rSd70J2w45CtbWDNvGqWp/R3Ng=
github.com/hashicorp/go-secure-stdlib/base62 v0.1.2/go.mod h1:EdWO6czbmthiwZ3/PUsDV+UD1D5IRU4ActiaWGwt0Yw=
github.com/hashicorp/go-secure-stdlib/configutil/v2 v2.0.11 h1:uPW2Wn0YlmI9RGSkZpcIplnVRwJ7BCiGpk1vnF2TMw4=
@@ -100,10 +101,11 @@ github.com/hashicorp/go-secure-stdlib/listenerutil v0.1.9 h1:0S0ctJ7Ra8O7ap+/3fZ
github.com/hashicorp/go-secure-stdlib/listenerutil v0.1.9/go.mod h1:TNNdgtjLgVDbrgFcyCKrlAicIl3dZF94swJltyGUX2M=
github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8 h1:iBt4Ew4XEGLfh6/bPk4rSYmuZJGizr6/x/AEizP0CQc=
github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8/go.mod h1:aiJI+PIApBRQG7FZTEBx5GiiX+HbOHilUdNxUZi4eV0=
-github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.7 h1:oYEPhztZRmZCETTxxIo5MNa+I+DDqSDZ+biJt2o4Ncw=
-github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.7/go.mod h1:ggFN8dlaLWS2R1gymBbCrvXM/bkZP7hEAa4seqDwhyg=
+github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.6 h1:ZYv2XA+tEfFXIToR2jmBgVqQU9gERt0APbWqmUoNGnY=
+github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.6/go.mod h1:ggFN8dlaLWS2R1gymBbCrvXM/bkZP7hEAa4seqDwhyg=
github.com/hashicorp/go-secure-stdlib/reloadutil v0.1.1 h1:SMGUnbpAcat8rIKHkBPjfv81yC46a8eCNZ2hsR2l1EI=
github.com/hashicorp/go-secure-stdlib/reloadutil v0.1.1/go.mod h1:Ch/bf00Qnx77MZd49JRgHYqHQjtEmTgGU2faufpVZb0=
+github.com/hashicorp/go-secure-stdlib/strutil v0.1.1/go.mod h1:gKOamz3EwoIoJq7mlMIRBpVTAUn8qPCrEclOKKWhD3U=
github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 h1:kes8mmyCpxJsI7FTwtzRqEy9CdjCtrXrXGuOpxEA7Ts=
github.com/hashicorp/go-secure-stdlib/strutil v0.1.2/go.mod h1:Gou2R9+il93BqX25LAKCLuM+y9U2T4hlwvT1yprcna4=
github.com/hashicorp/go-secure-stdlib/tlsutil v0.1.3 h1:xbrxd0U9XQW8qL1BAz2XrAjAF/P2vcqUTAues9c24B8=
@@ -115,8 +117,8 @@ github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/C
github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
-github.com/hashicorp/yamux v0.1.2 h1:XtB8kyFOyHXYVFnwT5C3+Bdo8gArse7j2AQ0DA0Uey8=
-github.com/hashicorp/yamux v0.1.2/go.mod h1:C+zze2n6e/7wshOZep2A70/aQU6QBRWJO/G6FT1wIns=
+github.com/hashicorp/yamux v0.1.1 h1:yrQxtgseBDrq9Y652vSRDvsKCJKOUD+GzTS4Y0Y8pvE=
+github.com/hashicorp/yamux v0.1.1/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ=
github.com/huandu/xstrings v1.4.0 h1:D17IlohoQq4UcpqD7fDk80P7l+lwAmlFaBHgOipl2FU=
github.com/huandu/xstrings v1.4.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE=
github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk=
@@ -125,8 +127,12 @@ github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f h1:E87tDTVS5W
github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f/go.mod h1:3J2qVK16Lq8V+wfiL2lPeDZ7UWMxk5LemerHa1p6N00=
github.com/jhump/protoreflect v1.15.1 h1:HUMERORf3I3ZdX05WaQ6MIpd/NJ434hTp5YiKgfCL6c=
github.com/jhump/protoreflect v1.15.1/go.mod h1:jD/2GMKKE6OqX8qTjhADU1e6DShO+gavG9e0Q693nKo=
+github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0=
github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
@@ -136,8 +142,8 @@ github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovk
github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94=
github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
-github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
-github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA=
+github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
github.com/mitchellh/cli v1.1.5 h1:OxRIeJXpAMztws/XHlN2vu6imG5Dpq+j61AzAX5fLng=
github.com/mitchellh/cli v1.1.5/go.mod h1:v8+iFts2sPIKUV1ltktPXMCC8fumSKFItNcD2cLtRR4=
github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw=
@@ -155,6 +161,7 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/posener/complete v1.2.3 h1:NP0eAhjcjImqslEwo/1hq7gpajME0fTLTezBKDqfXqo=
github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSgv7Sy7s/s=
+github.com/rogpeppe/go-internal v1.6.2/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8=
github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk=
@@ -164,17 +171,38 @@ github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFR
github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w=
github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals=
-github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
-github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
-go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
-go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
+github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
+github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+go.uber.org/goleak v1.0.0/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A=
+go.uber.org/goleak v1.1.12 h1:gZAh5/EyT/HQwlpkCy6wTpqfH9H8Lz8zbm3dZh+OyzA=
+go.uber.org/goleak v1.1.12/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw=
golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U=
+golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
+golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
+golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4=
golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
@@ -182,18 +210,35 @@ golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBc
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo=
golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM=
golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
+golang.org/x/tools v0.0.0-20210101214203-2dba1e4ea05c/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
google.golang.org/genproto/googleapis/api v0.0.0-20241021214115-324edc3d5d38 h1:2oV8dfuIkM1Ti7DwXc0BJfnwr9csz4TDXI9EmiI+Rbw=
google.golang.org/genproto/googleapis/api v0.0.0-20241021214115-324edc3d5d38/go.mod h1:vuAjtvlwkDKF6L1GQ0SokiRLCGFfeBUXWr/aFFkHACc=
google.golang.org/genproto/googleapis/rpc v0.0.0-20241021214115-324edc3d5d38 h1:zciRKQ4kBpFgpfC5QQCVtnnNAcLIqweL7plyZRQHVpI=
google.golang.org/genproto/googleapis/rpc v0.0.0-20241021214115-324edc3d5d38/go.mod h1:GX3210XPVPUjJbTUbvwI8f2IpZDMZuPJWDzDuebbviI=
-google.golang.org/grpc v1.67.1 h1:zWnc1Vrcno+lHZCOofnIMvycFcc0QRGIzm9dhnDX68E=
-google.golang.org/grpc v1.67.1/go.mod h1:1gLDyUQU7CTLJI90u3nXZ9ekeghjeM7pTDZlqFNg2AA=
-google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA=
-google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
+google.golang.org/grpc v1.68.0 h1:aHQeeJbo8zAkAa3pRzrVjZlbz6uSfeOXlJNQM0RAbz0=
+google.golang.org/grpc v1.68.0/go.mod h1:fmSPC5AsjSBCK54MyHRx48kpOti1/jRfOlwEWywNjWA=
+google.golang.org/protobuf v1.35.2 h1:8Ar7bF+apOIoThw1EdZl0p1oWvMqTHmpA2fRTyZO8io=
+google.golang.org/protobuf v1.35.2/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+mvdan.cc/gofumpt v0.1.1/go.mod h1:yXG1r1WqZVKWbVRtBWKWX9+CxGYfA51nSomhM0woR48=
diff --git a/plugins/boundary/mains/azure/go.mod b/plugins/boundary/mains/azure/go.mod
index 50066de573..024576c752 100644
--- a/plugins/boundary/mains/azure/go.mod
+++ b/plugins/boundary/mains/azure/go.mod
@@ -21,18 +21,18 @@ require (
github.com/Azure/go-autorest/tracing v0.6.0 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/dimchansky/utfbom v1.1.1 // indirect
- github.com/fatih/color v1.16.0 // indirect
- github.com/golang-jwt/jwt/v4 v4.5.1 // indirect
+ github.com/fatih/color v1.14.1 // indirect
+ github.com/golang-jwt/jwt/v4 v4.2.0 // indirect
github.com/golang/protobuf v1.5.3 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/hashicorp/eventlogger v0.2.6-0.20231025104552-802587e608f0 // indirect
github.com/hashicorp/eventlogger/filters/encrypt v0.1.8-0.20231025104552-802587e608f0 // indirect
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
github.com/hashicorp/go-hclog v1.6.3 // indirect
- github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 // indirect
+ github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 // indirect
github.com/hashicorp/go-multierror v1.1.1 // indirect
github.com/hashicorp/go-plugin v1.5.2 // indirect
- github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
+ github.com/hashicorp/go-retryablehttp v0.7.0 // indirect
github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 // indirect
github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.6 // indirect
github.com/hashicorp/go-uuid v1.0.3 // indirect
@@ -40,7 +40,7 @@ require (
github.com/hashicorp/yamux v0.1.1 // indirect
github.com/manicminer/hamilton v0.46.0 // indirect
github.com/mattn/go-colorable v0.1.13 // indirect
- github.com/mattn/go-isatty v0.0.20 // indirect
+ github.com/mattn/go-isatty v0.0.17 // indirect
github.com/mitchellh/copystructure v1.2.0 // indirect
github.com/mitchellh/go-homedir v1.1.0 // indirect
github.com/mitchellh/go-testing-interface v1.14.1 // indirect
@@ -51,14 +51,14 @@ require (
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/rogpeppe/go-internal v1.8.1 // indirect
github.com/stretchr/testify v1.8.4 // indirect
- golang.org/x/crypto v0.29.0 // indirect
- golang.org/x/net v0.31.0 // indirect
+ golang.org/x/crypto v0.17.0 // indirect
+ golang.org/x/net v0.17.0 // indirect
golang.org/x/oauth2 v0.11.0 // indirect
- golang.org/x/sys v0.27.0 // indirect
- golang.org/x/text v0.20.0 // indirect
+ golang.org/x/sys v0.15.0 // indirect
+ golang.org/x/text v0.14.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20231016165738-49dd2c1f3d0b // indirect
google.golang.org/grpc v1.59.0 // indirect
- google.golang.org/protobuf v1.34.2 // indirect
+ google.golang.org/protobuf v1.31.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)
diff --git a/plugins/boundary/mains/azure/go.sum b/plugins/boundary/mains/azure/go.sum
index cf15b59632..bf8d673665 100644
--- a/plugins/boundary/mains/azure/go.sum
+++ b/plugins/boundary/mains/azure/go.sum
@@ -88,17 +88,16 @@ github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.m
github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk=
-github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM=
-github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE=
+github.com/fatih/color v1.14.1 h1:qfhVLaG5s+nCROl1zJsZRxFeYrHLqWroPOQ8BWiNb4w=
+github.com/fatih/color v1.14.1/go.mod h1:2oHN61fhTpgcxD3TSWCgKDiH1+x4OiDVVGH8WlgGZGg=
github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
github.com/go-test/deep v1.0.4 h1:u2CU3YKy9I2pmu9pX0eq50wCgjfGIt539SqR7FbHiho=
github.com/go-test/deep v1.0.4/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA=
github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
+github.com/golang-jwt/jwt/v4 v4.2.0 h1:besgBTC8w8HjP6NzQdxwKH9Z5oQMZ24ThTrHp3cZ8eU=
github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
-github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo=
-github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
@@ -173,15 +172,14 @@ github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB1
github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM=
github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ=
+github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0=
+github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ=
github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
github.com/hashicorp/go-plugin v1.5.2 h1:aWv8eimFqWlsEiMrYZdPYl+FdHaBJSN4AWwGWfT1G2Y=
github.com/hashicorp/go-plugin v1.5.2/go.mod h1:w1sAEES3g3PuV/RzUrgow20W2uErMly84hhD3um1WL4=
+github.com/hashicorp/go-retryablehttp v0.7.0 h1:eu1EI/mbirUgP5C8hVsTNaGZreBDlYiwC1FZWkvQPQ4=
github.com/hashicorp/go-retryablehttp v0.7.0/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY=
-github.com/hashicorp/go-retryablehttp v0.7.7 h1:C8hUCYzor8PIfXHa4UrZkU4VvK8o9ISHxT2Q8+VepXU=
-github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk=
github.com/hashicorp/go-secure-stdlib/base62 v0.1.1/go.mod h1:EdWO6czbmthiwZ3/PUsDV+UD1D5IRU4ActiaWGwt0Yw=
github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 h1:ET4pqyjiGmY09R5y+rSd70J2w45CtbWDNvGqWp/R3Ng=
github.com/hashicorp/go-secure-stdlib/base62 v0.1.2/go.mod h1:EdWO6czbmthiwZ3/PUsDV+UD1D5IRU4ActiaWGwt0Yw=
@@ -242,8 +240,8 @@ github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovk
github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94=
github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
-github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
-github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng=
+github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
github.com/mitchellh/cli v1.1.5 h1:OxRIeJXpAMztws/XHlN2vu6imG5Dpq+j61AzAX5fLng=
github.com/mitchellh/cli v1.1.5/go.mod h1:v8+iFts2sPIKUV1ltktPXMCC8fumSKFItNcD2cLtRR4=
github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw=
@@ -304,8 +302,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
-golang.org/x/crypto v0.29.0 h1:L5SG1JTTXupVV3n6sUqMTeWbjAyfPwoda2DLX8J8FrQ=
-golang.org/x/crypto v0.29.0/go.mod h1:+F4F4N5hv6v38hfeYwTdx20oUvLLc+QfrE9Ax9HtgRg=
+golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
+golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -368,8 +366,8 @@ golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81R
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo=
-golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM=
+golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
+golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -421,9 +419,8 @@ golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBc
golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s=
-golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
+golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -431,8 +428,8 @@ golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug=
-golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
+golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@@ -478,8 +475,8 @@ golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc
golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
golang.org/x/tools v0.0.0-20210101214203-2dba1e4ea05c/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg=
-golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
+golang.org/x/tools v0.6.0 h1:BOw41kyTf3PuCW1pVQf8+Cyg8pMlkYB1oo9iJ6D/lKM=
+golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -565,8 +562,8 @@ google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGj
google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
-google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
+google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
+google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
diff --git a/plugins/boundary/mains/gcp/go.mod b/plugins/boundary/mains/gcp/go.mod
deleted file mode 100644
index f3bffc58a2..0000000000
--- a/plugins/boundary/mains/gcp/go.mod
+++ /dev/null
@@ -1,70 +0,0 @@
-module github.com/hashicorp/boundary/plugins/boundary/mains/aws
-
-go 1.23.1
-
-require (
- github.com/hashicorp/boundary-plugin-gcp v0.0.0-20241120152221-baa2c7a2e742
- github.com/hashicorp/boundary/sdk v0.0.47
-)
-
-require (
- cloud.google.com/go v0.115.1 // indirect
- cloud.google.com/go/auth v0.9.3 // indirect
- cloud.google.com/go/auth/oauth2adapt v0.2.4 // indirect
- cloud.google.com/go/compute v1.28.0 // indirect
- cloud.google.com/go/compute/metadata v0.5.0 // indirect
- cloud.google.com/go/iam v1.2.0 // indirect
- cloud.google.com/go/longrunning v0.6.0 // indirect
- cloud.google.com/go/resourcemanager v1.10.1 // indirect
- github.com/davecgh/go-spew v1.1.1 // indirect
- github.com/fatih/color v1.15.0 // indirect
- github.com/felixge/httpsnoop v1.0.4 // indirect
- github.com/go-logr/logr v1.4.2 // indirect
- github.com/go-logr/stdr v1.2.2 // indirect
- github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
- github.com/golang/protobuf v1.5.4 // indirect
- github.com/google/s2a-go v0.1.8 // indirect
- github.com/googleapis/enterprise-certificate-proxy v0.3.3 // indirect
- github.com/googleapis/gax-go/v2 v2.13.0 // indirect
- github.com/hashicorp/errwrap v1.1.0 // indirect
- github.com/hashicorp/eventlogger v0.2.9 // indirect
- github.com/hashicorp/eventlogger/filters/encrypt v0.1.8-0.20231025104552-802587e608f0 // indirect
- github.com/hashicorp/go-hclog v1.5.0 // indirect
- github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 // indirect
- github.com/hashicorp/go-multierror v1.1.1 // indirect
- github.com/hashicorp/go-plugin v1.5.2 // indirect
- github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 // indirect
- github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.6 // indirect
- github.com/hashicorp/go-uuid v1.0.3 // indirect
- github.com/hashicorp/yamux v0.1.1 // indirect
- github.com/mattn/go-colorable v0.1.13 // indirect
- github.com/mattn/go-isatty v0.0.19 // indirect
- github.com/mitchellh/copystructure v1.2.0 // indirect
- github.com/mitchellh/go-testing-interface v1.14.1 // indirect
- github.com/mitchellh/mapstructure v1.5.0 // indirect
- github.com/mitchellh/pointerstructure v1.2.1 // indirect
- github.com/mitchellh/reflectwalk v1.0.2 // indirect
- github.com/oklog/run v1.1.0 // indirect
- github.com/pmezard/go-difflib v1.0.0 // indirect
- github.com/stretchr/testify v1.9.0 // indirect
- go.opencensus.io v0.24.0 // indirect
- go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.54.0 // indirect
- go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0 // indirect
- go.opentelemetry.io/otel v1.29.0 // indirect
- go.opentelemetry.io/otel/metric v1.29.0 // indirect
- go.opentelemetry.io/otel/trace v1.29.0 // indirect
- golang.org/x/crypto v0.29.0 // indirect
- golang.org/x/net v0.31.0 // indirect
- golang.org/x/oauth2 v0.22.0 // indirect
- golang.org/x/sync v0.9.0 // indirect
- golang.org/x/sys v0.27.0 // indirect
- golang.org/x/text v0.20.0 // indirect
- golang.org/x/time v0.6.0 // indirect
- google.golang.org/api v0.196.0 // indirect
- google.golang.org/genproto v0.0.0-20240903143218-8af14fe29dc1 // indirect
- google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1 // indirect
- google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 // indirect
- google.golang.org/grpc v1.66.0 // indirect
- google.golang.org/protobuf v1.34.2 // indirect
- gopkg.in/yaml.v3 v3.0.1 // indirect
-)
diff --git a/plugins/boundary/mains/gcp/go.sum b/plugins/boundary/mains/gcp/go.sum
deleted file mode 100644
index ce777b6637..0000000000
--- a/plugins/boundary/mains/gcp/go.sum
+++ /dev/null
@@ -1,327 +0,0 @@
-cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
-cloud.google.com/go v0.115.1 h1:Jo0SM9cQnSkYfp44+v+NQXHpcHqlnRJk2qxh6yvxxxQ=
-cloud.google.com/go v0.115.1/go.mod h1:DuujITeaufu3gL68/lOFIirVNJwQeyf5UXyi+Wbgknc=
-cloud.google.com/go/auth v0.9.3 h1:VOEUIAADkkLtyfr3BLa3R8Ed/j6w1jTBmARx+wb5w5U=
-cloud.google.com/go/auth v0.9.3/go.mod h1:7z6VY+7h3KUdRov5F1i8NDP5ZzWKYmEPO842BgCsmTk=
-cloud.google.com/go/auth/oauth2adapt v0.2.4 h1:0GWE/FUsXhf6C+jAkWgYm7X9tK8cuEIfy19DBn6B6bY=
-cloud.google.com/go/auth/oauth2adapt v0.2.4/go.mod h1:jC/jOpwFP6JBxhB3P5Rr0a9HLMC/Pe3eaL4NmdvqPtc=
-cloud.google.com/go/compute v1.28.0 h1:OPtBxMcheSS+DWfci803qvPly3d4w7Eu5ztKBcFfzwk=
-cloud.google.com/go/compute v1.28.0/go.mod h1:DEqZBtYrDnD5PvjsKwb3onnhX+qjdCVM7eshj1XdjV4=
-cloud.google.com/go/compute/metadata v0.5.0 h1:Zr0eK8JbFv6+Wi4ilXAR8FJ3wyNdpxHKJNPos6LTZOY=
-cloud.google.com/go/compute/metadata v0.5.0/go.mod h1:aHnloV2TPI38yx4s9+wAZhHykWvVCfu7hQbF+9CWoiY=
-cloud.google.com/go/iam v1.2.0 h1:kZKMKVNk/IsSSc/udOb83K0hL/Yh/Gcqpz+oAkoIFN8=
-cloud.google.com/go/iam v1.2.0/go.mod h1:zITGuWgsLZxd8OwAlX+eMFgZDXzBm7icj1PVTYG766Q=
-cloud.google.com/go/longrunning v0.6.0 h1:mM1ZmaNsQsnb+5n1DNPeL0KwQd9jQRqSqSDEkBZr+aI=
-cloud.google.com/go/longrunning v0.6.0/go.mod h1:uHzSZqW89h7/pasCWNYdUpwGz3PcVWhrWupreVPYLts=
-cloud.google.com/go/resourcemanager v1.10.1 h1:fO/QoSJ1lepmTM9dCbSXYWgTIhecmQkpY0mM1X9OGN0=
-cloud.google.com/go/resourcemanager v1.10.1/go.mod h1:A/ANV/Sv7y7fcjd4LSH7PJGTZcWRkO/69yN5UhYUmvE=
-github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
-github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI=
-github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU=
-github.com/Masterminds/semver/v3 v3.2.0 h1:3MEsd0SM6jqZojhjLWWeBY+Kcjy9i6MQAeY7YgDP83g=
-github.com/Masterminds/semver/v3 v3.2.0/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ=
-github.com/Masterminds/sprig/v3 v3.2.3 h1:eL2fZNezLomi0uOLqjQoN6BfsDD+fyLtgbJMAj9n6YA=
-github.com/Masterminds/sprig/v3 v3.2.3/go.mod h1:rXcFaZ2zZbLRJv/xSysmlgIM1u11eBaRMhvYXJNkGuM=
-github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI=
-github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
-github.com/bgentry/speakeasy v0.1.0 h1:ByYyxL9InA1OWqxJqqp2A5pYHUrCiAL6K3J+LKSsQkY=
-github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
-github.com/bufbuild/protocompile v0.4.0 h1:LbFKd2XowZvQ/kajzguUp2DC9UEIQhIq77fZZlaQsNA=
-github.com/bufbuild/protocompile v0.4.0/go.mod h1:3v93+mbWn/v3xzN+31nwkJfrEpAUwp+BagBSZWx+TP8=
-github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
-github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
-github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
-github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
-github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
-github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
-github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
-github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
-github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
-github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk=
-github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs=
-github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw=
-github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
-github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
-github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
-github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
-github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
-github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
-github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
-github.com/go-test/deep v1.0.4 h1:u2CU3YKy9I2pmu9pX0eq50wCgjfGIt539SqR7FbHiho=
-github.com/go-test/deep v1.0.4/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA=
-github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
-github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
-github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
-github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
-github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
-github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
-github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
-github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
-github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
-github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
-github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
-github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
-github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
-github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
-github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
-github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
-github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
-github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
-github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
-github.com/google/s2a-go v0.1.8 h1:zZDs9gcbt9ZPLV0ndSyQk6Kacx2g/X+SKYovpnz3SMM=
-github.com/google/s2a-go v0.1.8/go.mod h1:6iNWHTpQ+nfNRN5E00MSdfDwVesa8hhS32PhPO8deJA=
-github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
-github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/googleapis/enterprise-certificate-proxy v0.3.3 h1:QRje2j5GZimBzlbhGA2V2QlGNgL8G6e+wGo/+/2bWI0=
-github.com/googleapis/enterprise-certificate-proxy v0.3.3/go.mod h1:YKe7cfqYXjKGpGvmSg28/fFvhNzinZQm8DGnaburhGA=
-github.com/googleapis/gax-go/v2 v2.13.0 h1:yitjD5f7jQHhyDsnhKEBU52NdvvdSeGzlAnDPT0hH1s=
-github.com/googleapis/gax-go/v2 v2.13.0/go.mod h1:Z/fvTZXF8/uw7Xu5GuslPw+bplx6SS338j1Is2S+B7A=
-github.com/hashicorp/boundary-plugin-gcp v0.0.0-20241120152221-baa2c7a2e742 h1:c4pftmjCNl8E58gxRo1pNmY63pGVz8qHDejeKKDtq34=
-github.com/hashicorp/boundary-plugin-gcp v0.0.0-20241120152221-baa2c7a2e742/go.mod h1:HC8FEkYf/kC0m1w0UiGcxDG6DsmEaVSNDSqFPWyspHc=
-github.com/hashicorp/boundary/sdk v0.0.47 h1:h5AXOASS2duHkCYEmNKnI9AR6YBZxD7VbFPV8BoE0z0=
-github.com/hashicorp/boundary/sdk v0.0.47/go.mod h1:9iOT7kDM6mYcSkKxNuZlv8rP7U5BG1kXoevjLLL8lNQ=
-github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
-github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
-github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
-github.com/hashicorp/eventlogger v0.2.9 h1:QO8hPXNngadMp72FVNTwIduLAG9fcLP7t59bSFd7gDY=
-github.com/hashicorp/eventlogger v0.2.9/go.mod h1://CHt6/j+Q2lc0NlUB5af4aS2M0c0aVBg9/JfcpAyhM=
-github.com/hashicorp/eventlogger/filters/encrypt v0.1.8-0.20231025104552-802587e608f0 h1:iAb287bq0TaWTnhDYuN/zVqdD2EwanQg9ncVelC60Xc=
-github.com/hashicorp/eventlogger/filters/encrypt v0.1.8-0.20231025104552-802587e608f0/go.mod h1:tMywUTIvdB/FXhwm6HMTt61C8/eODY6gitCHhXtyojg=
-github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c=
-github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
-github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM=
-github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ=
-github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
-github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
-github.com/hashicorp/go-plugin v1.5.2 h1:aWv8eimFqWlsEiMrYZdPYl+FdHaBJSN4AWwGWfT1G2Y=
-github.com/hashicorp/go-plugin v1.5.2/go.mod h1:w1sAEES3g3PuV/RzUrgow20W2uErMly84hhD3um1WL4=
-github.com/hashicorp/go-secure-stdlib/base62 v0.1.1/go.mod h1:EdWO6czbmthiwZ3/PUsDV+UD1D5IRU4ActiaWGwt0Yw=
-github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 h1:ET4pqyjiGmY09R5y+rSd70J2w45CtbWDNvGqWp/R3Ng=
-github.com/hashicorp/go-secure-stdlib/base62 v0.1.2/go.mod h1:EdWO6czbmthiwZ3/PUsDV+UD1D5IRU4ActiaWGwt0Yw=
-github.com/hashicorp/go-secure-stdlib/configutil/v2 v2.0.11 h1:uPW2Wn0YlmI9RGSkZpcIplnVRwJ7BCiGpk1vnF2TMw4=
-github.com/hashicorp/go-secure-stdlib/configutil/v2 v2.0.11/go.mod h1:uis9dCmOzXuOaRyXq+1Foh31kcvXKoWogjNnhfjHfW8=
-github.com/hashicorp/go-secure-stdlib/listenerutil v0.1.9 h1:0S0ctJ7Ra8O7ap+/3fZUnzJ3VzJyirWS/WnNCuOYtZY=
-github.com/hashicorp/go-secure-stdlib/listenerutil v0.1.9/go.mod h1:TNNdgtjLgVDbrgFcyCKrlAicIl3dZF94swJltyGUX2M=
-github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8 h1:iBt4Ew4XEGLfh6/bPk4rSYmuZJGizr6/x/AEizP0CQc=
-github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8/go.mod h1:aiJI+PIApBRQG7FZTEBx5GiiX+HbOHilUdNxUZi4eV0=
-github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.6 h1:ZYv2XA+tEfFXIToR2jmBgVqQU9gERt0APbWqmUoNGnY=
-github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.6/go.mod h1:ggFN8dlaLWS2R1gymBbCrvXM/bkZP7hEAa4seqDwhyg=
-github.com/hashicorp/go-secure-stdlib/reloadutil v0.1.1 h1:SMGUnbpAcat8rIKHkBPjfv81yC46a8eCNZ2hsR2l1EI=
-github.com/hashicorp/go-secure-stdlib/reloadutil v0.1.1/go.mod h1:Ch/bf00Qnx77MZd49JRgHYqHQjtEmTgGU2faufpVZb0=
-github.com/hashicorp/go-secure-stdlib/strutil v0.1.1/go.mod h1:gKOamz3EwoIoJq7mlMIRBpVTAUn8qPCrEclOKKWhD3U=
-github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 h1:kes8mmyCpxJsI7FTwtzRqEy9CdjCtrXrXGuOpxEA7Ts=
-github.com/hashicorp/go-secure-stdlib/strutil v0.1.2/go.mod h1:Gou2R9+il93BqX25LAKCLuM+y9U2T4hlwvT1yprcna4=
-github.com/hashicorp/go-secure-stdlib/tlsutil v0.1.3 h1:xbrxd0U9XQW8qL1BAz2XrAjAF/P2vcqUTAues9c24B8=
-github.com/hashicorp/go-secure-stdlib/tlsutil v0.1.3/go.mod h1:LWq2Sy8UoKKuK4lFuCNWSjJj57MhNNf2zzBWMtkAIX4=
-github.com/hashicorp/go-sockaddr v1.0.5 h1:dvk7TIXCZpmfOlM+9mlcrWmWjw/wlKT+VDq2wMvfPJU=
-github.com/hashicorp/go-sockaddr v1.0.5/go.mod h1:uoUUmtwU7n9Dv3O4SNLeFvg0SxQ3lyjsj6+CCykpaxI=
-github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
-github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8=
-github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
-github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
-github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
-github.com/hashicorp/yamux v0.1.1 h1:yrQxtgseBDrq9Y652vSRDvsKCJKOUD+GzTS4Y0Y8pvE=
-github.com/hashicorp/yamux v0.1.1/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ=
-github.com/huandu/xstrings v1.4.0 h1:D17IlohoQq4UcpqD7fDk80P7l+lwAmlFaBHgOipl2FU=
-github.com/huandu/xstrings v1.4.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE=
-github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk=
-github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg=
-github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f h1:E87tDTVS5W65euzixn7clSzK66puSt1H4I5SC0EmHH4=
-github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f/go.mod h1:3J2qVK16Lq8V+wfiL2lPeDZ7UWMxk5LemerHa1p6N00=
-github.com/jhump/protoreflect v1.15.1 h1:HUMERORf3I3ZdX05WaQ6MIpd/NJ434hTp5YiKgfCL6c=
-github.com/jhump/protoreflect v1.15.1/go.mod h1:jD/2GMKKE6OqX8qTjhADU1e6DShO+gavG9e0Q693nKo=
-github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
-github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
-github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0=
-github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk=
-github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
-github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
-github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
-github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
-github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
-github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4=
-github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
-github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
-github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
-github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94=
-github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
-github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA=
-github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
-github.com/mitchellh/cli v1.1.5 h1:OxRIeJXpAMztws/XHlN2vu6imG5Dpq+j61AzAX5fLng=
-github.com/mitchellh/cli v1.1.5/go.mod h1:v8+iFts2sPIKUV1ltktPXMCC8fumSKFItNcD2cLtRR4=
-github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw=
-github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s=
-github.com/mitchellh/go-testing-interface v1.14.1 h1:jrgshOhYAUVNMAJiKbEu7EqAwgJJ2JqpQmpLJOu07cU=
-github.com/mitchellh/go-testing-interface v1.14.1/go.mod h1:gfgS7OtZj6MA4U1UrDRp04twqAjfvlZyCfX3sDjEym8=
-github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
-github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
-github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
-github.com/mitchellh/pointerstructure v1.2.1 h1:ZhBBeX8tSlRpu/FFhXH4RC4OJzFlqsQhoHZAz4x7TIw=
-github.com/mitchellh/pointerstructure v1.2.1/go.mod h1:BRAsLI5zgXmw97Lf6s25bs8ohIXc3tViBH44KcwB2g4=
-github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ=
-github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw=
-github.com/oklog/run v1.1.0 h1:GEenZ1cK0+q0+wsJew9qUg/DyD8k3JzYsZAi5gYi2mA=
-github.com/oklog/run v1.1.0/go.mod h1:sVPdnTZT1zYwAJeCMu2Th4T21pA3FPOQRfWjQlk7DVU=
-github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
-github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/posener/complete v1.2.3 h1:NP0eAhjcjImqslEwo/1hq7gpajME0fTLTezBKDqfXqo=
-github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSgv7Sy7s/s=
-github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
-github.com/rogpeppe/go-internal v1.6.2/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
-github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8=
-github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
-github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk=
-github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc=
-github.com/shopspring/decimal v1.3.1 h1:2Usl1nmF/WZucqkFZhnfFYxxxu8LG21F6nPQBE5gKV8=
-github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=
-github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w=
-github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU=
-github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
-github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
-github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
-github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals=
-github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
-github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
-github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
-github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
-go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
-go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
-go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.54.0 h1:r6I7RJCN86bpD/FQwedZ0vSixDpwuWREjW9oRMsmqDc=
-go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.54.0/go.mod h1:B9yO6b04uB80CzjedvewuqDhxJxi11s7/GtiGa8bAjI=
-go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0 h1:TT4fX+nBOA/+LUkobKGW1ydGcn+G3vRw9+g5HwCphpk=
-go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0/go.mod h1:L7UH0GbB0p47T4Rri3uHjbpCFYrVrwc1I25QhNPiGK8=
-go.opentelemetry.io/otel v1.29.0 h1:PdomN/Al4q/lN6iBJEN3AwPvUiHPMlt93c8bqTG5Llw=
-go.opentelemetry.io/otel v1.29.0/go.mod h1:N/WtXPs1CNCUEx+Agz5uouwCba+i+bJGFicT8SR4NP8=
-go.opentelemetry.io/otel/metric v1.29.0 h1:vPf/HFWTNkPu1aYeIsc98l4ktOQaL6LeSoeV2g+8YLc=
-go.opentelemetry.io/otel/metric v1.29.0/go.mod h1:auu/QWieFVWx+DmQOUMgj0F8LHWdgalxXqvp7BII/W8=
-go.opentelemetry.io/otel/sdk v1.28.0 h1:b9d7hIry8yZsgtbmM0DKyPWMMUMlK9NEKuIG4aBqWyE=
-go.opentelemetry.io/otel/sdk v1.28.0/go.mod h1:oYj7ClPUA7Iw3m+r7GeEjz0qckQRJK2B8zjcZEfu7Pg=
-go.opentelemetry.io/otel/trace v1.29.0 h1:J/8ZNK4XgR7a21DZUAsbF8pZ5Jcw1VhACmnYt39JTi4=
-go.opentelemetry.io/otel/trace v1.29.0/go.mod h1:eHl3w0sp3paPkYstJOmAimxhiFXPg+MMTlEh3nsQgWQ=
-go.uber.org/goleak v1.0.0/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A=
-go.uber.org/goleak v1.1.12 h1:gZAh5/EyT/HQwlpkCy6wTpqfH9H8Lz8zbm3dZh+OyzA=
-go.uber.org/goleak v1.1.12/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ=
-golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.29.0 h1:L5SG1JTTXupVV3n6sUqMTeWbjAyfPwoda2DLX8J8FrQ=
-golang.org/x/crypto v0.29.0/go.mod h1:+F4F4N5hv6v38hfeYwTdx20oUvLLc+QfrE9Ax9HtgRg=
-golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
-golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
-golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
-golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
-golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
-golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
-golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
-golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo=
-golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM=
-golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
-golang.org/x/oauth2 v0.22.0 h1:BzDx2FehcG7jJwgWLELCdmLuxk2i+x9UDpSiss2u0ZA=
-golang.org/x/oauth2 v0.22.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
-golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.9.0 h1:fEo0HyrW1GIgZdpbhCRO0PkJajUS5H9IFUztCgEo2jQ=
-golang.org/x/sync v0.9.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s=
-golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug=
-golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
-golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U=
-golang.org/x/time v0.6.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
-golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
-golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
-golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
-golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
-golang.org/x/tools v0.0.0-20210101214203-2dba1e4ea05c/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-google.golang.org/api v0.196.0 h1:k/RafYqebaIJBO3+SMnfEGtFVlvp5vSgqTUF54UN/zg=
-google.golang.org/api v0.196.0/go.mod h1:g9IL21uGkYgvQ5BZg6BAtoGJQIm8r6EgaAbpNey5wBE=
-google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
-google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
-google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
-google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
-google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
-google.golang.org/genproto v0.0.0-20240903143218-8af14fe29dc1 h1:BulPr26Jqjnd4eYDVe+YvyR7Yc2vJGkO5/0UxD0/jZU=
-google.golang.org/genproto v0.0.0-20240903143218-8af14fe29dc1/go.mod h1:hL97c3SYopEHblzpxRL4lSs523++l8DYxGM1FQiYmb4=
-google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1 h1:hjSy6tcFQZ171igDaN5QHOw2n6vx40juYbC/x67CEhc=
-google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1/go.mod h1:qpvKtACPCQhAdu3PyQgV4l3LMXZEtft7y8QcarRsp9I=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 h1:pPJltXNxVzT4pK9yD8vR9X75DaWYYmLGMsEvBfFQZzQ=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1/go.mod h1:UqMtugtsSgubUsoxbuAoiCXvqvErP7Gf0so0mK9tHxU=
-google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
-google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
-google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
-google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
-google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
-google.golang.org/grpc v1.66.0 h1:DibZuoBznOxbDQxRINckZcUvnCEvrW9pcWIE2yF9r1c=
-google.golang.org/grpc v1.66.0/go.mod h1:s3/l6xSSCURdVfAnL+TqCNMyTDAGN6+lZeVxnZR128Y=
-google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
-google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
-google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
-google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
-google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
-google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
-google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
-google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
-gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
-gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
-gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
-gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
-honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
-mvdan.cc/gofumpt v0.1.1/go.mod h1:yXG1r1WqZVKWbVRtBWKWX9+CxGYfA51nSomhM0woR48=
diff --git a/plugins/boundary/mains/gcp/main.go b/plugins/boundary/mains/gcp/main.go
deleted file mode 100644
index 813d553184..0000000000
--- a/plugins/boundary/mains/gcp/main.go
+++ /dev/null
@@ -1,20 +0,0 @@
-// Copyright (c) HashiCorp, Inc.
-// SPDX-License-Identifier: BUSL-1.1
-
-package main
-
-import (
- "fmt"
- "os"
-
- gcp "github.com/hashicorp/boundary-plugin-gcp/plugin"
- hp "github.com/hashicorp/boundary/sdk/plugins"
-)
-
-func main() {
- if err := hp.ServePlugin(gcp.NewGCPPlugin()); err != nil {
- fmt.Println("Error serving plugin", err)
- os.Exit(1)
- }
- os.Exit(0)
-}
diff --git a/plugins/boundary/mains/minio/go.mod b/plugins/boundary/mains/minio/go.mod
index 0a53674b62..8f685f59bf 100644
--- a/plugins/boundary/mains/minio/go.mod
+++ b/plugins/boundary/mains/minio/go.mod
@@ -12,14 +12,14 @@ require (
github.com/dustin/go-humanize v1.0.1 // indirect
github.com/fatih/color v1.15.0 // indirect
github.com/go-ole/go-ole v1.2.6 // indirect
- github.com/golang-jwt/jwt/v4 v4.5.1 // indirect
+ github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
github.com/golang/protobuf v1.5.3 // indirect
github.com/google/uuid v1.5.0 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/hashicorp/eventlogger v0.2.6-0.20231025104552-802587e608f0 // indirect
github.com/hashicorp/eventlogger/filters/encrypt v0.1.8-0.20231025104552-802587e608f0 // indirect
github.com/hashicorp/go-hclog v1.5.0 // indirect
- github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 // indirect
+ github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 // indirect
github.com/hashicorp/go-multierror v1.1.1 // indirect
github.com/hashicorp/go-plugin v1.5.2 // indirect
github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 // indirect
@@ -72,7 +72,7 @@ require (
google.golang.org/genproto/googleapis/api v0.0.0-20240125205218-1f4bbc51befe // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20240125205218-1f4bbc51befe // indirect
google.golang.org/grpc v1.61.0 // indirect
- google.golang.org/protobuf v1.34.2 // indirect
+ google.golang.org/protobuf v1.33.0 // indirect
gopkg.in/ini.v1 v1.67.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)
diff --git a/plugins/boundary/mains/minio/go.sum b/plugins/boundary/mains/minio/go.sum
index abcaf6229b..f6eca6efdd 100644
--- a/plugins/boundary/mains/minio/go.sum
+++ b/plugins/boundary/mains/minio/go.sum
@@ -43,8 +43,8 @@ github.com/go-test/deep v1.0.4 h1:u2CU3YKy9I2pmu9pX0eq50wCgjfGIt539SqR7FbHiho=
github.com/go-test/deep v1.0.4/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA=
github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
-github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo=
-github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
+github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
+github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
@@ -75,8 +75,8 @@ github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+
github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM=
github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ=
+github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0=
+github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ=
github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
github.com/hashicorp/go-plugin v1.5.2 h1:aWv8eimFqWlsEiMrYZdPYl+FdHaBJSN4AWwGWfT1G2Y=
@@ -346,8 +346,8 @@ google.golang.org/grpc v1.61.0 h1:TOvOcuXn30kRao+gfcvsebNEa5iZIiLkisYEkf7R7o0=
google.golang.org/grpc v1.61.0/go.mod h1:VUbo7IFqmF1QtCAstipjG0GIoq49KvMe9+h1jFLBNJs=
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
-google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
+google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
+google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
diff --git a/plugins/kms/mains/alicloudkms/go.mod b/plugins/kms/mains/alicloudkms/go.mod
index 4b04fb9264..4a9b39af4d 100644
--- a/plugins/kms/mains/alicloudkms/go.mod
+++ b/plugins/kms/mains/alicloudkms/go.mod
@@ -3,8 +3,8 @@ module github.com/hashicorp/boundary/plugins/kms/mains/alicloudkms
go 1.23.0
require (
- github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5
- github.com/hashicorp/go-kms-wrapping/wrappers/alicloudkms/v2 v2.0.2
+ github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7
+ github.com/hashicorp/go-kms-wrapping/wrappers/alicloudkms/v2 v2.0.3
)
require (
@@ -13,7 +13,7 @@ require (
github.com/fatih/color v1.14.1 // indirect
github.com/golang/protobuf v1.5.3 // indirect
github.com/hashicorp/go-hclog v1.5.0 // indirect
- github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 // indirect
+ github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 // indirect
github.com/hashicorp/go-plugin v1.5.2 // indirect
github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 // indirect
github.com/hashicorp/go-uuid v1.0.3 // indirect
@@ -30,12 +30,12 @@ require (
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/rogpeppe/go-internal v1.8.1 // indirect
github.com/stretchr/testify v1.8.4 // indirect
- golang.org/x/net v0.31.0 // indirect
- golang.org/x/sys v0.27.0 // indirect
- golang.org/x/text v0.20.0 // indirect
+ golang.org/x/net v0.17.0 // indirect
+ golang.org/x/sys v0.15.0 // indirect
+ golang.org/x/text v0.14.0 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect
google.golang.org/grpc v1.59.0 // indirect
- google.golang.org/protobuf v1.34.2 // indirect
+ google.golang.org/protobuf v1.31.0 // indirect
gopkg.in/ini.v1 v1.67.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)
diff --git a/plugins/kms/mains/alicloudkms/go.sum b/plugins/kms/mains/alicloudkms/go.sum
index 6127fb0646..7d776eeab5 100644
--- a/plugins/kms/mains/alicloudkms/go.sum
+++ b/plugins/kms/mains/alicloudkms/go.sum
@@ -18,12 +18,12 @@ github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeN
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c=
github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
-github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM=
-github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ=
-github.com/hashicorp/go-kms-wrapping/wrappers/alicloudkms/v2 v2.0.2 h1:j/2W4nWgzUMGrtRnfvFj60PdwooKBGDY4/fec7vvjhc=
-github.com/hashicorp/go-kms-wrapping/wrappers/alicloudkms/v2 v2.0.2/go.mod h1:heY2PS1SGU0cMamgv+zId/sKT+XFHaf61bLOSnP1Gb8=
+github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 h1:gM4OwbF16Cmfxt2QMkoGMQbRTfYFZLvDMPgU3rM3KIo=
+github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7/go.mod h1:7ZMHVluyqgHgEuTADeDzFNWoA9mnyPfdiK8Tk2Bct1c=
+github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0=
+github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ=
+github.com/hashicorp/go-kms-wrapping/wrappers/alicloudkms/v2 v2.0.3 h1:36Pxy8BQd7DAJ2Mk6vuJlIjqQ80e20vlO7a4Ep3RTOg=
+github.com/hashicorp/go-kms-wrapping/wrappers/alicloudkms/v2 v2.0.3/go.mod h1:heY2PS1SGU0cMamgv+zId/sKT+XFHaf61bLOSnP1Gb8=
github.com/hashicorp/go-plugin v1.5.2 h1:aWv8eimFqWlsEiMrYZdPYl+FdHaBJSN4AWwGWfT1G2Y=
github.com/hashicorp/go-plugin v1.5.2/go.mod h1:w1sAEES3g3PuV/RzUrgow20W2uErMly84hhD3um1WL4=
github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 h1:ET4pqyjiGmY09R5y+rSd70J2w45CtbWDNvGqWp/R3Ng=
@@ -90,18 +90,18 @@ github.com/uber/jaeger-lib v2.4.1+incompatible h1:td4jdvLcExb4cBISKIpHuGoVXh+dVK
github.com/uber/jaeger-lib v2.4.1+incompatible/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U=
go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE=
go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
-golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo=
-golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM=
+golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
+golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s=
-golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug=
-golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
+golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
+golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d h1:uvYuEyMHKNt+lT4K3bN6fGswmK8qSvcreM3BwjDh+y4=
google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M=
@@ -111,8 +111,6 @@ google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp0
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
-google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
-google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
diff --git a/plugins/kms/mains/awskms/go.mod b/plugins/kms/mains/awskms/go.mod
index 290679c118..e40d6daed4 100644
--- a/plugins/kms/mains/awskms/go.mod
+++ b/plugins/kms/mains/awskms/go.mod
@@ -3,19 +3,19 @@ module github.com/hashicorp/boundary/plugins/kms/mains/awskms
go 1.23.0
require (
- github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5
- github.com/hashicorp/go-kms-wrapping/wrappers/awskms/v2 v2.0.8
+ github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7
+ github.com/hashicorp/go-kms-wrapping/wrappers/awskms/v2 v2.0.10
)
require (
- github.com/aws/aws-sdk-go v1.44.214 // indirect
+ github.com/aws/aws-sdk-go v1.55.5 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/fatih/color v1.14.1 // indirect
github.com/golang/protobuf v1.5.3 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
github.com/hashicorp/go-hclog v1.5.0 // indirect
- github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 // indirect
+ github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 // indirect
github.com/hashicorp/go-multierror v1.1.1 // indirect
github.com/hashicorp/go-plugin v1.5.2 // indirect
github.com/hashicorp/go-secure-stdlib/awsutil v0.1.6 // indirect
@@ -31,11 +31,11 @@ require (
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/rogpeppe/go-internal v1.8.1 // indirect
github.com/stretchr/testify v1.8.4 // indirect
- golang.org/x/net v0.31.0 // indirect
- golang.org/x/sys v0.27.0 // indirect
- golang.org/x/text v0.20.0 // indirect
+ golang.org/x/net v0.17.0 // indirect
+ golang.org/x/sys v0.15.0 // indirect
+ golang.org/x/text v0.14.0 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect
google.golang.org/grpc v1.59.0 // indirect
- google.golang.org/protobuf v1.34.2 // indirect
+ google.golang.org/protobuf v1.33.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)
diff --git a/plugins/kms/mains/awskms/go.sum b/plugins/kms/mains/awskms/go.sum
index 493f70eb1b..0bcde58051 100644
--- a/plugins/kms/mains/awskms/go.sum
+++ b/plugins/kms/mains/awskms/go.sum
@@ -1,6 +1,6 @@
github.com/aws/aws-sdk-go v1.30.27/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
-github.com/aws/aws-sdk-go v1.44.214 h1:YzDuC+9UtrAOUkItlK7l3BvKI9o6qAog9X8i289HORc=
-github.com/aws/aws-sdk-go v1.44.214/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
+github.com/aws/aws-sdk-go v1.55.5 h1:KKUZBfBoyqy5d3swXyiC7Q76ic40rYcbqH7qjh59kzU=
+github.com/aws/aws-sdk-go v1.55.5/go.mod h1:eRwEWoyTWFMVYVQzKMNHWP5/RV4xIUGMQfXQHfHkpNU=
github.com/bufbuild/protocompile v0.4.0 h1:LbFKd2XowZvQ/kajzguUp2DC9UEIQhIq77fZZlaQsNA=
github.com/bufbuild/protocompile v0.4.0/go.mod h1:3v93+mbWn/v3xzN+31nwkJfrEpAUwp+BagBSZWx+TP8=
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
@@ -26,12 +26,12 @@ github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/S
github.com/hashicorp/go-hclog v0.16.2/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ=
github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c=
github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
-github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM=
-github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ=
-github.com/hashicorp/go-kms-wrapping/wrappers/awskms/v2 v2.0.8 h1:/x3Vx8+G2bcx5J4euSphPy/5OeDC2i7C4Vtak5r8qAw=
-github.com/hashicorp/go-kms-wrapping/wrappers/awskms/v2 v2.0.8/go.mod h1:DcXbvVpgNWbxGmxgmu3QN64bEydMu14Cpe34RRR30HY=
+github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 h1:gM4OwbF16Cmfxt2QMkoGMQbRTfYFZLvDMPgU3rM3KIo=
+github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7/go.mod h1:7ZMHVluyqgHgEuTADeDzFNWoA9mnyPfdiK8Tk2Bct1c=
+github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0=
+github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ=
+github.com/hashicorp/go-kms-wrapping/wrappers/awskms/v2 v2.0.10 h1:YOSmJpqZt2X3KL0JUlKdih3WjpDlS9jQPyr6Etdh1GE=
+github.com/hashicorp/go-kms-wrapping/wrappers/awskms/v2 v2.0.10/go.mod h1:eX4b0InOUfJ3NjfNWlJruBDT3rHXxOVw+7qNFmtjNbo=
github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
github.com/hashicorp/go-plugin v1.5.2 h1:aWv8eimFqWlsEiMrYZdPYl+FdHaBJSN4AWwGWfT1G2Y=
@@ -90,49 +90,25 @@ github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5
github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals=
github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
-github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
-golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
-golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
-golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco=
-golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo=
-golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM=
-golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
+golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20191008105621-543471e840be/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200602225109-6fdc65e7d980/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s=
-golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
-golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
-golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
+golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
-golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
-golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug=
-golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
-golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
-golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d h1:uvYuEyMHKNt+lT4K3bN6fGswmK8qSvcreM3BwjDh+y4=
google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M=
@@ -140,8 +116,8 @@ google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk=
google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98=
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
-google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
+google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
+google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
diff --git a/plugins/kms/mains/azurekeyvault/go.mod b/plugins/kms/mains/azurekeyvault/go.mod
index 58f708ba7b..c36962dc52 100644
--- a/plugins/kms/mains/azurekeyvault/go.mod
+++ b/plugins/kms/mains/azurekeyvault/go.mod
@@ -3,14 +3,14 @@ module github.com/hashicorp/boundary/plugins/kms/mains/azurekeyvault
go 1.23.0
require (
- github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5
- github.com/hashicorp/go-kms-wrapping/wrappers/azurekeyvault/v2 v2.0.10
+ github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7
+ github.com/hashicorp/go-kms-wrapping/wrappers/azurekeyvault/v2 v2.0.11
)
require (
- github.com/Azure/azure-sdk-for-go/sdk/azcore v1.14.0 // indirect
- github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.0 // indirect
- github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect
+ github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.0 // indirect
+ github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0 // indirect
+ github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.0 // indirect
github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys v0.10.0 // indirect
github.com/Azure/azure-sdk-for-go/sdk/keyvault/internal v0.7.1 // indirect
github.com/Azure/go-autorest v14.2.0+incompatible // indirect
@@ -20,15 +20,15 @@ require (
github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect
github.com/Azure/go-autorest/logger v0.2.1 // indirect
github.com/Azure/go-autorest/tracing v0.6.0 // indirect
- github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect
+ github.com/AzureAD/microsoft-authentication-library-for-go v1.1.1 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/fatih/color v1.15.0 // indirect
- github.com/golang-jwt/jwt/v4 v4.5.1 // indirect
- github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
+ github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
+ github.com/golang-jwt/jwt/v5 v5.0.0 // indirect
github.com/golang/protobuf v1.5.3 // indirect
- github.com/google/uuid v1.6.0 // indirect
+ github.com/google/uuid v1.3.1 // indirect
github.com/hashicorp/go-hclog v1.5.0 // indirect
- github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 // indirect
+ github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 // indirect
github.com/hashicorp/go-plugin v1.5.2 // indirect
github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 // indirect
github.com/hashicorp/go-uuid v1.0.3 // indirect
@@ -38,15 +38,16 @@ require (
github.com/mattn/go-isatty v0.0.19 // indirect
github.com/mitchellh/go-testing-interface v1.14.1 // indirect
github.com/oklog/run v1.1.0 // indirect
- github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
+ github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
- github.com/stretchr/testify v1.9.0 // indirect
- golang.org/x/crypto v0.27.0 // indirect
- golang.org/x/net v0.29.0 // indirect
- golang.org/x/sys v0.25.0 // indirect
- golang.org/x/text v0.18.0 // indirect
+ github.com/rogpeppe/go-internal v1.8.1 // indirect
+ github.com/stretchr/testify v1.8.4 // indirect
+ golang.org/x/crypto v0.17.0 // indirect
+ golang.org/x/net v0.18.0 // indirect
+ golang.org/x/sys v0.15.0 // indirect
+ golang.org/x/text v0.14.0 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect
google.golang.org/grpc v1.59.0 // indirect
- google.golang.org/protobuf v1.34.2 // indirect
+ google.golang.org/protobuf v1.31.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)
diff --git a/plugins/kms/mains/azurekeyvault/go.sum b/plugins/kms/mains/azurekeyvault/go.sum
index 61ed7bf438..ee346e702d 100644
--- a/plugins/kms/mains/azurekeyvault/go.sum
+++ b/plugins/kms/mains/azurekeyvault/go.sum
@@ -1,11 +1,9 @@
-github.com/Azure/azure-sdk-for-go/sdk/azcore v1.14.0 h1:nyQWyZvwGTvunIMxi1Y9uXkcyr+I7TeNrr/foo4Kpk8=
-github.com/Azure/azure-sdk-for-go/sdk/azcore v1.14.0/go.mod h1:l38EPgmsp71HHLq9j7De57JcKOWPyhrsW1Awm1JS6K0=
-github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.0 h1:B/dfvscEQtew9dVuoxqxrUKKv8Ih2f55PydknDamU+g=
-github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.0/go.mod h1:fiPSssYvltE08HJchL04dOy+RD4hgrjph0cwGGMntdI=
-github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.0 h1:+m0M/LFxN43KvULkDNfdXOgrjtg6UYJPFBJyuEcRCAw=
-github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.0/go.mod h1:PwOyop78lveYMRs6oCxjiVyBdyCgIYH6XHIVZO9/SFQ=
-github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 h1:ywEEhmNahHBihViHepv3xPBn1663uRv2t2q/ESv9seY=
-github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0/go.mod h1:iZDifYGJTIgIIkYRNWPENUnqx6bJ2xnSDFI2tjwZNuY=
+github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.0 h1:fb8kj/Dh4CSwgsOzHeZY4Xh68cFVbzXx+ONXGMY//4w=
+github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.0/go.mod h1:uReU2sSxZExRPBAg3qKzmAucSi51+SP1OhohieR821Q=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0 h1:BMAjVKJM0U/CYF27gA0ZMmXGkOcvfFtD0oHVZ1TIPRI=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0/go.mod h1:1fXstnBMas5kzG+S3q8UoJcmyU6nUeunJcMDHcRYHhs=
+github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.0 h1:d81/ng9rET2YqdVkVwkb6EXeRrLJIwyGnJcAlAWKwhs=
+github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.0/go.mod h1:s4kgfzA0covAXNicZHDMN58jExvcng2mC/DepXiF1EI=
github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys v0.10.0 h1:m/sWOGCREuSBqg2htVQTBY8nOZpyajYztF0vUvSZTuM=
github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys v0.10.0/go.mod h1:Pu5Zksi2KrU7LPbZbNINx6fuVrUp/ffvpxdDj+i8LeE=
github.com/Azure/azure-sdk-for-go/sdk/keyvault/internal v0.7.1 h1:FbH3BbSb4bvGluTesZZ+ttN/MDsnMmQP36OSnDuSXqw=
@@ -28,44 +26,39 @@ github.com/Azure/go-autorest/logger v0.2.1 h1:IG7i4p/mDa2Ce4TRyAO8IHnVhAVF3RFU+Z
github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8=
github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo=
github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU=
-github.com/AzureAD/microsoft-authentication-extensions-for-go/cache v0.1.1 h1:WJTmL004Abzc5wDB5VtZG2PJk5ndYDgVacGqfirKxjM=
-github.com/AzureAD/microsoft-authentication-extensions-for-go/cache v0.1.1/go.mod h1:tCcJZ0uHAmvjsVYzEFivsRTN00oz5BEsRgQHu5JZ9WE=
-github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 h1:XHOnouVk1mxXfQidrMEnLlPk9UMeRtyBTnEFtxkV0kU=
-github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI=
+github.com/AzureAD/microsoft-authentication-library-for-go v1.1.1 h1:WpB/QDNLpMw72xHJc34BNNykqSOeEJDAWkhf0u12/Jk=
+github.com/AzureAD/microsoft-authentication-library-for-go v1.1.1/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI=
github.com/bufbuild/protocompile v0.4.0 h1:LbFKd2XowZvQ/kajzguUp2DC9UEIQhIq77fZZlaQsNA=
github.com/bufbuild/protocompile v0.4.0/go.mod h1:3v93+mbWn/v3xzN+31nwkJfrEpAUwp+BagBSZWx+TP8=
-github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
-github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78=
-github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc=
+github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI=
+github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ=
github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk=
github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs=
github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw=
github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
+github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
-github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo=
-github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
-github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk=
-github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
+github.com/golang-jwt/jwt/v5 v5.0.0 h1:1n1XNM9hk7O9mnQoNBGolZvzebBQ7p93ULHRc28XJUE=
+github.com/golang-jwt/jwt/v5 v5.0.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
-github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
-github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4=
+github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c=
github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
-github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM=
-github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ=
-github.com/hashicorp/go-kms-wrapping/wrappers/azurekeyvault/v2 v2.0.10 h1:g4F+mrwvfCJJIrLHbKhClClFLz/+T42zASm6S1Av38s=
-github.com/hashicorp/go-kms-wrapping/wrappers/azurekeyvault/v2 v2.0.10/go.mod h1:+nZqburV15IZlvfxk29XUdwWour3PkYxRaOFesx37OI=
+github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 h1:gM4OwbF16Cmfxt2QMkoGMQbRTfYFZLvDMPgU3rM3KIo=
+github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7/go.mod h1:7ZMHVluyqgHgEuTADeDzFNWoA9mnyPfdiK8Tk2Bct1c=
+github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0=
+github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ=
+github.com/hashicorp/go-kms-wrapping/wrappers/azurekeyvault/v2 v2.0.11 h1:/7SKkYIhA8cr3l8m1EKT6Q90bPoSVqqVBuQ6HgoMIkw=
+github.com/hashicorp/go-kms-wrapping/wrappers/azurekeyvault/v2 v2.0.11/go.mod h1:LepS5s6ESGE0qQMpYaui5lX+mQYeiYiy06VzwWRioO8=
github.com/hashicorp/go-plugin v1.5.2 h1:aWv8eimFqWlsEiMrYZdPYl+FdHaBJSN4AWwGWfT1G2Y=
github.com/hashicorp/go-plugin v1.5.2/go.mod h1:w1sAEES3g3PuV/RzUrgow20W2uErMly84hhD3um1WL4=
github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 h1:ET4pqyjiGmY09R5y+rSd70J2w45CtbWDNvGqWp/R3Ng=
@@ -77,10 +70,11 @@ github.com/hashicorp/yamux v0.1.1 h1:yrQxtgseBDrq9Y652vSRDvsKCJKOUD+GzTS4Y0Y8pvE
github.com/hashicorp/yamux v0.1.1/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ=
github.com/jhump/protoreflect v1.15.1 h1:HUMERORf3I3ZdX05WaQ6MIpd/NJ434hTp5YiKgfCL6c=
github.com/jhump/protoreflect v1.15.1/go.mod h1:jD/2GMKKE6OqX8qTjhADU1e6DShO+gavG9e0Q693nKo=
-github.com/keybase/go-keychain v0.0.0-20231219164618-57a3676c3af6 h1:IsMZxCuZqKuao2vNdfD82fjjgPLfyHLpR41Z88viRWs=
-github.com/keybase/go-keychain v0.0.0-20231219164618-57a3676c3af6/go.mod h1:3VeWNIJaW+O5xpRQbPp0Ybqu1vJd/pm7s2F473HRrkw=
-github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
-github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
+github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0=
+github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
@@ -98,14 +92,13 @@ github.com/mitchellh/go-testing-interface v1.14.1 h1:jrgshOhYAUVNMAJiKbEu7EqAwgJ
github.com/mitchellh/go-testing-interface v1.14.1/go.mod h1:gfgS7OtZj6MA4U1UrDRp04twqAjfvlZyCfX3sDjEym8=
github.com/oklog/run v1.1.0 h1:GEenZ1cK0+q0+wsJew9qUg/DyD8k3JzYsZAi5gYi2mA=
github.com/oklog/run v1.1.0/go.mod h1:sVPdnTZT1zYwAJeCMu2Th4T21pA3FPOQRfWjQlk7DVU=
-github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ=
-github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU=
+github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 h1:KoWmjvw+nsYOo29YJK9vDA65RGE3NrOnUtO7a+RF9HU=
+github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8/go.mod h1:HKlIX3XHQyzLZPlr7++PzdhaXEj94dEiJgZDTsxEqUI=
+github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/redis/go-redis/v9 v9.6.1 h1:HHDteefn6ZkTtY5fGUE8tj8uy85AHk6zP7CpzIAM0y4=
-github.com/redis/go-redis/v9 v9.6.1/go.mod h1:0C0c6ycQsdpVNQpxb1njEQIqkx5UcsM8FJCQLgE9+RA=
-github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
-github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
+github.com/rogpeppe/go-internal v1.8.1 h1:geMPLpDpQOgVyCg5z5GoRwLHepNdb71NXb67XFkP+Eg=
+github.com/rogpeppe/go-internal v1.8.1/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4nPKWu0nJ5d+o=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
@@ -113,23 +106,23 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals=
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
-github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58=
-golang.org/x/crypto v0.27.0 h1:GXm2NjJrPaiv/h1tb2UH8QfgC/hOf/+z0p6PT8o1w7A=
-golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70=
+golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
+golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
-golang.org/x/net v0.29.0 h1:5ORfpBpCs4HzDYoodCDBbwHzdR5UrLBZ3sOnUJmFoHo=
-golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0=
+golang.org/x/net v0.18.0 h1:mIYleuAkSbHh0tCv7RvjL3F6ZVbLjq4+R7zbOn3Kokg=
+golang.org/x/net v0.18.0/go.mod h1:/czyP5RqHAH4odGYxBJ1qz0+CE5WZ+2j1YgoEo8F2jQ=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -138,17 +131,17 @@ golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210616045830-e2b7044e8c71/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34=
-golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
+golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
@@ -157,8 +150,8 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
-golang.org/x/text v0.18.0 h1:XvMDiNzPAl0jr17s6W9lcaIhGUfUORdGCNsuLmPG224=
-golang.org/x/text v0.18.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
+golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
@@ -170,11 +163,15 @@ google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk=
google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98=
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
-google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
+google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
+google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
-gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
+gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
+gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
+gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
diff --git a/plugins/kms/mains/gcpckms/go.mod b/plugins/kms/mains/gcpckms/go.mod
index ca1a2e21e2..98b71b61a4 100644
--- a/plugins/kms/mains/gcpckms/go.mod
+++ b/plugins/kms/mains/gcpckms/go.mod
@@ -3,8 +3,8 @@ module github.com/hashicorp/boundary/plugins/kms/mains/gcpckms
go 1.23.0
require (
- github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5
- github.com/hashicorp/go-kms-wrapping/wrappers/gcpckms/v2 v2.0.10
+ github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7
+ github.com/hashicorp/go-kms-wrapping/wrappers/gcpckms/v2 v2.0.12
)
require (
@@ -20,7 +20,7 @@ require (
github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
github.com/googleapis/gax-go/v2 v2.12.0 // indirect
github.com/hashicorp/go-hclog v1.5.0 // indirect
- github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 // indirect
+ github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 // indirect
github.com/hashicorp/go-plugin v1.5.2 // indirect
github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 // indirect
github.com/hashicorp/go-uuid v1.0.3 // indirect
@@ -33,18 +33,18 @@ require (
github.com/rogpeppe/go-internal v1.8.1 // indirect
github.com/stretchr/testify v1.8.4 // indirect
go.opencensus.io v0.24.0 // indirect
- golang.org/x/crypto v0.29.0 // indirect
- golang.org/x/net v0.31.0 // indirect
+ golang.org/x/crypto v0.17.0 // indirect
+ golang.org/x/net v0.17.0 // indirect
golang.org/x/oauth2 v0.13.0 // indirect
- golang.org/x/sync v0.9.0 // indirect
- golang.org/x/sys v0.27.0 // indirect
- golang.org/x/text v0.20.0 // indirect
+ golang.org/x/sync v0.4.0 // indirect
+ golang.org/x/sys v0.15.0 // indirect
+ golang.org/x/text v0.14.0 // indirect
google.golang.org/api v0.149.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/genproto v0.0.0-20231016165738-49dd2c1f3d0b // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20231016165738-49dd2c1f3d0b // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20231016165738-49dd2c1f3d0b // indirect
google.golang.org/grpc v1.59.0 // indirect
- google.golang.org/protobuf v1.34.2 // indirect
+ google.golang.org/protobuf v1.31.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)
diff --git a/plugins/kms/mains/gcpckms/go.sum b/plugins/kms/mains/gcpckms/go.sum
index 06850f031d..33783840ab 100644
--- a/plugins/kms/mains/gcpckms/go.sum
+++ b/plugins/kms/mains/gcpckms/go.sum
@@ -61,12 +61,12 @@ github.com/googleapis/gax-go/v2 v2.12.0 h1:A+gCJKdRfqXkr+BIRGtZLibNXf0m1f9E4HG56
github.com/googleapis/gax-go/v2 v2.12.0/go.mod h1:y+aIqrI5eb1YGMVJfuV3185Ts/D7qKpsEkdD5+I6QGU=
github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c=
github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
-github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM=
-github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ=
-github.com/hashicorp/go-kms-wrapping/wrappers/gcpckms/v2 v2.0.10 h1:/HAAj2i/jeo2GqdWO1XjlutpaKzZaeBe3scvuujAJPg=
-github.com/hashicorp/go-kms-wrapping/wrappers/gcpckms/v2 v2.0.10/go.mod h1:HSaOaX/lv3ShCdilUYbOTPnSvmoZ9xtQhgw+8hYcZkg=
+github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 h1:gM4OwbF16Cmfxt2QMkoGMQbRTfYFZLvDMPgU3rM3KIo=
+github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7/go.mod h1:7ZMHVluyqgHgEuTADeDzFNWoA9mnyPfdiK8Tk2Bct1c=
+github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0=
+github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ=
+github.com/hashicorp/go-kms-wrapping/wrappers/gcpckms/v2 v2.0.12 h1:PCqWzT/Hii0KL07JsBZ3lJbv/wx02IAHYlhWQq8rxRY=
+github.com/hashicorp/go-kms-wrapping/wrappers/gcpckms/v2 v2.0.12/go.mod h1:HSaOaX/lv3ShCdilUYbOTPnSvmoZ9xtQhgw+8hYcZkg=
github.com/hashicorp/go-plugin v1.5.2 h1:aWv8eimFqWlsEiMrYZdPYl+FdHaBJSN4AWwGWfT1G2Y=
github.com/hashicorp/go-plugin v1.5.2/go.mod h1:w1sAEES3g3PuV/RzUrgow20W2uErMly84hhD3um1WL4=
github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 h1:ET4pqyjiGmY09R5y+rSd70J2w45CtbWDNvGqWp/R3Ng=
@@ -117,8 +117,8 @@ go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.29.0 h1:L5SG1JTTXupVV3n6sUqMTeWbjAyfPwoda2DLX8J8FrQ=
-golang.org/x/crypto v0.29.0/go.mod h1:+F4F4N5hv6v38hfeYwTdx20oUvLLc+QfrE9Ax9HtgRg=
+golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
+golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
@@ -130,16 +130,16 @@ golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo=
-golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM=
+golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
+golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.13.0 h1:jDDenyj+WgFtmV3zYVoi8aE2BwtXFLWOA67ZfNWftiY=
golang.org/x/oauth2 v0.13.0/go.mod h1:/JMhi4ZRXAf4HG9LiNmxvk+45+96RUlVThiH8FzNBn0=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.9.0 h1:fEo0HyrW1GIgZdpbhCRO0PkJajUS5H9IFUztCgEo2jQ=
-golang.org/x/sync v0.9.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sync v0.4.0 h1:zxkM55ReGkDlKSM+Fu41A+zmbZuaPVbGMzvvdUPznYQ=
+golang.org/x/sync v0.4.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -150,13 +150,13 @@ golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBc
golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s=
-golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
+golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug=
-golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
+golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
@@ -196,8 +196,8 @@ google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpAD
google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
-google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
+google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
+google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
diff --git a/plugins/kms/mains/ocikms/go.mod b/plugins/kms/mains/ocikms/go.mod
index 2c535977ef..08deba64ff 100644
--- a/plugins/kms/mains/ocikms/go.mod
+++ b/plugins/kms/mains/ocikms/go.mod
@@ -3,7 +3,7 @@ module github.com/hashicorp/boundary/plugins/kms/mains/ocikms
go 1.23.0
require (
- github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5
+ github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7
github.com/hashicorp/go-kms-wrapping/wrappers/ocikms/v2 v2.0.8
)
@@ -12,7 +12,7 @@ require (
github.com/fatih/color v1.14.1 // indirect
github.com/golang/protobuf v1.5.3 // indirect
github.com/hashicorp/go-hclog v1.5.0 // indirect
- github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 // indirect
+ github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 // indirect
github.com/hashicorp/go-plugin v1.5.2 // indirect
github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 // indirect
github.com/hashicorp/go-uuid v1.0.3 // indirect
@@ -26,11 +26,11 @@ require (
github.com/rogpeppe/go-internal v1.8.1 // indirect
github.com/sony/gobreaker v0.5.0 // indirect
github.com/stretchr/testify v1.8.4 // indirect
- golang.org/x/net v0.31.0 // indirect
- golang.org/x/sys v0.27.0 // indirect
- golang.org/x/text v0.20.0 // indirect
+ golang.org/x/net v0.17.0 // indirect
+ golang.org/x/sys v0.15.0 // indirect
+ golang.org/x/text v0.14.0 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect
google.golang.org/grpc v1.59.0 // indirect
- google.golang.org/protobuf v1.34.2 // indirect
+ google.golang.org/protobuf v1.31.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)
diff --git a/plugins/kms/mains/ocikms/go.sum b/plugins/kms/mains/ocikms/go.sum
index 1161e2d719..d38972d215 100644
--- a/plugins/kms/mains/ocikms/go.sum
+++ b/plugins/kms/mains/ocikms/go.sum
@@ -14,10 +14,10 @@ github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c=
github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
-github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM=
-github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ=
+github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 h1:gM4OwbF16Cmfxt2QMkoGMQbRTfYFZLvDMPgU3rM3KIo=
+github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7/go.mod h1:7ZMHVluyqgHgEuTADeDzFNWoA9mnyPfdiK8Tk2Bct1c=
+github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0=
+github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ=
github.com/hashicorp/go-kms-wrapping/wrappers/ocikms/v2 v2.0.8 h1:F2RNYvXq9yJKbXRxfHBSzOCx0YxRdkaQ8qu0EECeu5U=
github.com/hashicorp/go-kms-wrapping/wrappers/ocikms/v2 v2.0.8/go.mod h1:ULlMyM1QKNuq1JIENcNCRAkgo/RYxxCkm26pjR6w/ko=
github.com/hashicorp/go-plugin v1.5.2 h1:aWv8eimFqWlsEiMrYZdPYl+FdHaBJSN4AWwGWfT1G2Y=
@@ -69,18 +69,18 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals=
github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
-golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo=
-golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM=
+golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
+golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s=
-golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug=
-golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
+golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
+golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d h1:uvYuEyMHKNt+lT4K3bN6fGswmK8qSvcreM3BwjDh+y4=
google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M=
@@ -88,8 +88,8 @@ google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk=
google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98=
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
-google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
+google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
+google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
diff --git a/plugins/kms/mains/transit/go.mod b/plugins/kms/mains/transit/go.mod
index 4151643d19..f259248138 100644
--- a/plugins/kms/mains/transit/go.mod
+++ b/plugins/kms/mains/transit/go.mod
@@ -3,23 +3,23 @@ module github.com/hashicorp/boundary/plugins/kms/mains/transit
go 1.23.0
require (
- github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5
- github.com/hashicorp/go-kms-wrapping/wrappers/transit/v2 v2.0.12-0.20240510224000-05c77e842118
+ github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7
+ github.com/hashicorp/go-kms-wrapping/wrappers/transit/v2 v2.0.12
)
require (
github.com/cenkalti/backoff/v3 v3.2.2 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
- github.com/fatih/color v1.16.0 // indirect
+ github.com/fatih/color v1.15.0 // indirect
github.com/go-jose/go-jose/v3 v3.0.3 // indirect
github.com/golang/protobuf v1.5.3 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
github.com/hashicorp/go-hclog v1.6.3 // indirect
- github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 // indirect
+ github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 // indirect
github.com/hashicorp/go-multierror v1.1.1 // indirect
github.com/hashicorp/go-plugin v1.5.2 // indirect
- github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
+ github.com/hashicorp/go-retryablehttp v0.7.2 // indirect
github.com/hashicorp/go-rootcerts v1.0.2 // indirect
github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 // indirect
github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7 // indirect
@@ -30,7 +30,7 @@ require (
github.com/hashicorp/vault/api v1.10.0 // indirect
github.com/hashicorp/yamux v0.1.1 // indirect
github.com/mattn/go-colorable v0.1.13 // indirect
- github.com/mattn/go-isatty v0.0.20 // indirect
+ github.com/mattn/go-isatty v0.0.17 // indirect
github.com/mitchellh/go-homedir v1.1.0 // indirect
github.com/mitchellh/go-testing-interface v1.14.1 // indirect
github.com/mitchellh/mapstructure v1.5.0 // indirect
@@ -40,11 +40,11 @@ require (
github.com/stretchr/testify v1.8.4 // indirect
golang.org/x/crypto v0.21.0 // indirect
golang.org/x/net v0.23.0 // indirect
- golang.org/x/sys v0.20.0 // indirect
+ golang.org/x/sys v0.18.0 // indirect
golang.org/x/text v0.14.0 // indirect
golang.org/x/time v0.3.0 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect
google.golang.org/grpc v1.59.0 // indirect
- google.golang.org/protobuf v1.34.2 // indirect
+ google.golang.org/protobuf v1.31.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)
diff --git a/plugins/kms/mains/transit/go.sum b/plugins/kms/mains/transit/go.sum
index 5307055bc5..1e9ca25c2b 100644
--- a/plugins/kms/mains/transit/go.sum
+++ b/plugins/kms/mains/transit/go.sum
@@ -9,8 +9,8 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk=
-github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM=
-github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE=
+github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs=
+github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw=
github.com/go-jose/go-jose/v3 v3.0.3 h1:fFKWeig/irsp7XD2zBxvnmA/XaRWp5V3CBsZXJF7G7k=
github.com/go-jose/go-jose/v3 v3.0.3/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQrVfLAMboGkQ=
github.com/go-test/deep v1.0.2 h1:onZX1rnHT3Wv6cqNgYyFOOlgVKJrksuCMCRvJStbMYw=
@@ -26,21 +26,22 @@ github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY
github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ=
github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48=
+github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ=
github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k=
github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
-github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM=
-github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ=
-github.com/hashicorp/go-kms-wrapping/wrappers/transit/v2 v2.0.12-0.20240510224000-05c77e842118 h1:Znp4cktSGpDSk3CQvdmluVoozB8VsgUDKEUNrmzy/Uk=
-github.com/hashicorp/go-kms-wrapping/wrappers/transit/v2 v2.0.12-0.20240510224000-05c77e842118/go.mod h1:YRqguGarF7kbHeojTPkanH3qvjbEP2pelq5b0ifaQ1M=
+github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 h1:gM4OwbF16Cmfxt2QMkoGMQbRTfYFZLvDMPgU3rM3KIo=
+github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7/go.mod h1:7ZMHVluyqgHgEuTADeDzFNWoA9mnyPfdiK8Tk2Bct1c=
+github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0=
+github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ=
+github.com/hashicorp/go-kms-wrapping/wrappers/transit/v2 v2.0.12 h1:E8pzzF7i44OZCYDol+U7VbTBmHe65/6dx1nYxS0P1k0=
+github.com/hashicorp/go-kms-wrapping/wrappers/transit/v2 v2.0.12/go.mod h1:YRqguGarF7kbHeojTPkanH3qvjbEP2pelq5b0ifaQ1M=
github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk=
github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
github.com/hashicorp/go-plugin v1.5.2 h1:aWv8eimFqWlsEiMrYZdPYl+FdHaBJSN4AWwGWfT1G2Y=
github.com/hashicorp/go-plugin v1.5.2/go.mod h1:w1sAEES3g3PuV/RzUrgow20W2uErMly84hhD3um1WL4=
-github.com/hashicorp/go-retryablehttp v0.7.7 h1:C8hUCYzor8PIfXHa4UrZkU4VvK8o9ISHxT2Q8+VepXU=
-github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk=
+github.com/hashicorp/go-retryablehttp v0.7.2 h1:AcYqCvkpalPnPF2pn0KamgwamS42TqUDDYFRKq/RAd0=
+github.com/hashicorp/go-retryablehttp v0.7.2/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8=
github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc=
github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8=
github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 h1:ET4pqyjiGmY09R5y+rSd70J2w45CtbWDNvGqWp/R3Ng=
@@ -77,8 +78,8 @@ github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNx
github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94=
github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
-github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
-github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng=
+github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc=
github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
@@ -99,6 +100,7 @@ github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFo
github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk=
github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals=
github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
@@ -134,11 +136,10 @@ golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBc
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y=
-golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
+golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
@@ -167,8 +168,6 @@ google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp0
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
-google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
-google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
diff --git a/sdk/go.mod b/sdk/go.mod
index 528e9dfd46..1cb1fd78da 100644
--- a/sdk/go.mod
+++ b/sdk/go.mod
@@ -1,6 +1,6 @@
module github.com/hashicorp/boundary/sdk
-go 1.23.1
+go 1.23.3
require (
github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1
@@ -13,14 +13,14 @@ require (
github.com/stretchr/testify v1.8.4
google.golang.org/genproto/googleapis/api v0.0.0-20240125205218-1f4bbc51befe
google.golang.org/grpc v1.61.0
- google.golang.org/protobuf v1.34.2
+ google.golang.org/protobuf v1.33.0
nhooyr.io/websocket v1.8.10
)
require (
github.com/Masterminds/semver/v3 v3.2.0 // indirect
github.com/Masterminds/sprig/v3 v3.2.3 // indirect
- github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 // indirect
+ github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 // indirect
github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 // indirect
github.com/rogpeppe/go-internal v1.9.0 // indirect
github.com/shopspring/decimal v1.3.1 // indirect
@@ -39,7 +39,7 @@ require (
github.com/golang/protobuf v1.5.3 // indirect
github.com/google/uuid v1.4.0 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
- github.com/hashicorp/go-kms-wrapping/v2 v2.0.14
+ github.com/hashicorp/go-kms-wrapping/v2 v2.0.16
github.com/hashicorp/go-multierror v1.1.1 // indirect
github.com/hashicorp/go-secure-stdlib/configutil/v2 v2.0.11
github.com/hashicorp/go-secure-stdlib/listenerutil v0.1.9 // indirect
@@ -65,9 +65,9 @@ require (
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/posener/complete v1.2.3 // indirect
github.com/ryanuber/go-glob v1.0.0 // indirect
- golang.org/x/crypto v0.29.0 // indirect
- golang.org/x/net v0.31.0 // indirect
- golang.org/x/sys v0.27.0 // indirect
- golang.org/x/text v0.20.0 // indirect
+ golang.org/x/crypto v0.18.0 // indirect
+ golang.org/x/net v0.20.0 // indirect
+ golang.org/x/sys v0.16.0 // indirect
+ golang.org/x/text v0.14.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)
diff --git a/sdk/go.sum b/sdk/go.sum
index 0c06ef4977..63b5ca51bd 100644
--- a/sdk/go.sum
+++ b/sdk/go.sum
@@ -49,8 +49,10 @@ github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+
github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM=
github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw=
-github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ=
+github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 h1:gM4OwbF16Cmfxt2QMkoGMQbRTfYFZLvDMPgU3rM3KIo=
+github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7/go.mod h1:7ZMHVluyqgHgEuTADeDzFNWoA9mnyPfdiK8Tk2Bct1c=
+github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0=
+github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ=
github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk=
github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
@@ -169,8 +171,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh
golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4=
-golang.org/x/crypto v0.29.0 h1:L5SG1JTTXupVV3n6sUqMTeWbjAyfPwoda2DLX8J8FrQ=
-golang.org/x/crypto v0.29.0/go.mod h1:+F4F4N5hv6v38hfeYwTdx20oUvLLc+QfrE9Ax9HtgRg=
+golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc=
+golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
@@ -186,8 +188,8 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v
golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
-golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo=
-golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM=
+golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo=
+golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -209,8 +211,8 @@ golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBc
golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s=
-golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU=
+golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
@@ -218,8 +220,8 @@ golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
-golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug=
-golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
+golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
@@ -242,8 +244,8 @@ google.golang.org/grpc v1.61.0 h1:TOvOcuXn30kRao+gfcvsebNEa5iZIiLkisYEkf7R7o0=
google.golang.org/grpc v1.61.0/go.mod h1:VUbo7IFqmF1QtCAstipjG0GIoq49KvMe9+h1jFLBNJs=
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
-google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
+google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
+google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
diff --git a/testing/internal/e2e/tests/base/search_test.go b/testing/internal/e2e/tests/base/search_test.go
index 5a1c9e8aad..56594ece79 100644
--- a/testing/internal/e2e/tests/base/search_test.go
+++ b/testing/internal/e2e/tests/base/search_test.go
@@ -33,11 +33,11 @@ func TestCliSearch(t *testing.T) {
ctx := context.Background()
- // If cache is already running, stop it so that we can start it with a
+ // If daemon is already running, stop it so that we can start it with a
// shorter refresh interval
output := e2e.RunCommand(ctx, "boundary", e2e.WithArgs("cache", "status", "-format", "json"))
if output.Err == nil {
- t.Log("Stopping cache...")
+ t.Log("Stopping daemon...")
output := e2e.RunCommand(ctx, "boundary", e2e.WithArgs("cache", "stop"))
require.NoError(t, output.Err, string(output.Stderr))
}
@@ -54,8 +54,8 @@ func TestCliSearch(t *testing.T) {
require.NoError(t, output.Err, string(output.Stderr))
})
- // Wait for cache to be up and running
- t.Log("Waiting for cache to start...")
+ // Wait for daemon to be up and running
+ t.Log("Waiting for daemon to start...")
var statusResult clientcache.StatusResult
err = backoff.RetryNotify(
func() error {
@@ -80,7 +80,7 @@ func TestCliSearch(t *testing.T) {
require.Equal(t, statusResult.StatusCode, 200)
require.GreaterOrEqual(t, statusResult.Item.Uptime, 0*time.Second)
- // Confirm cache version matches CLI version
+ // Confirm daemon version matches CLI version
output = e2e.RunCommand(ctx, "boundary", e2e.WithArgs("version", "-format", "json"))
require.NoError(t, output.Err, string(output.Stderr))
var versionResult version.Info
@@ -102,48 +102,19 @@ func TestCliSearch(t *testing.T) {
require.NoError(t, err)
// Get current number of targets
- var currentCount int
- err = backoff.RetryNotify(
- func() error {
- output = e2e.RunCommand(ctx, "boundary", e2e.WithArgs("cache", "status", "-format", "json"))
- if output.Err != nil {
- return backoff.Permanent(errors.New(string(output.Stderr)))
- }
-
- statusResult = clientcache.StatusResult{}
- err = json.Unmarshal(output.Stdout, &statusResult)
- if err != nil {
- return errors.New("Failed to unmarshal status result")
- }
-
- if len(statusResult.Item.Users) == 0 {
- output = e2e.RunCommand(ctx, "cat", e2e.WithArgs(statusResult.Item.LogLocation))
- t.Log("Printing cache log...")
- t.Log(string(output.Stdout))
- return errors.New("No users are appearing in the status")
- }
- idx := slices.IndexFunc(
- statusResult.Item.Users[0].Resources,
- func(r clientcache.ResourceStatus) bool {
- return r.Name == "target"
- },
- )
- if idx == -1 {
- output = e2e.RunCommand(ctx, "cat", e2e.WithArgs(statusResult.Item.LogLocation))
- t.Log("Printing cache log...")
- t.Log(string(output.Stdout))
- return errors.New("Targets not found in cache")
- }
- currentCount = statusResult.Item.Users[0].Resources[idx].Count
-
- return nil
- },
- backoff.WithMaxRetries(backoff.NewConstantBackOff(3*time.Second), 5),
- func(err error, td time.Duration) {
- t.Logf("%s. Retrying...", err.Error())
+ output = e2e.RunCommand(ctx, "boundary", e2e.WithArgs("cache", "status", "-format", "json"))
+ require.NoError(t, output.Err, string(output.Stderr))
+ statusResult = clientcache.StatusResult{}
+ err = json.Unmarshal(output.Stdout, &statusResult)
+ require.Len(t, statusResult.Item.Users, 1)
+ idx := slices.IndexFunc(
+ statusResult.Item.Users[0].Resources,
+ func(r clientcache.ResourceStatus) bool {
+ return r.Name == "target"
},
)
- require.NoError(t, err)
+ require.NotEqual(t, idx, -1)
+ currentCount := statusResult.Item.Users[0].Resources[idx].Count
// Create enough targets to overflow a single page.
// Use the API to make creation faster.
@@ -195,9 +166,6 @@ func TestCliSearch(t *testing.T) {
}
if len(statusResult.Item.Users) == 0 {
- output = e2e.RunCommand(ctx, "cat", e2e.WithArgs(statusResult.Item.LogLocation))
- t.Log("Printing cache log...")
- t.Log(string(output.Stdout))
return errors.New("No users are appearing in the status")
}
@@ -208,9 +176,6 @@ func TestCliSearch(t *testing.T) {
},
)
if idx == -1 {
- output = e2e.RunCommand(ctx, "cat", e2e.WithArgs(statusResult.Item.LogLocation))
- t.Log("Printing cache log...")
- t.Log(string(output.Stdout))
return errors.New("No targets are appearing in the status")
}
@@ -235,7 +200,7 @@ func TestCliSearch(t *testing.T) {
require.NoError(t, err)
// Search for targets that contain the target prefix.
- // This requests data from the client cache.
+ // This requests data from the client cache daemon.
t.Log("Searching targets...")
output = e2e.RunCommand(ctx, "boundary",
e2e.WithArgs(
diff --git a/version/VERSION b/version/VERSION
index 3f46c4d182..7211b157c6 100644
--- a/version/VERSION
+++ b/version/VERSION
@@ -1 +1 @@
-0.19.0
\ No newline at end of file
+0.18.2
\ No newline at end of file
diff --git a/website/content/docs/api-clients/api/index.mdx b/website/content/docs/api-clients/api/index.mdx
index 7281f4f12d..613c0d738b 100644
--- a/website/content/docs/api-clients/api/index.mdx
+++ b/website/content/docs/api-clients/api/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: API
-description: |-
- Boundary's HTTP API standards
+page_title: API overview
+description: >-
+ Learn about Boundary's HTTP API standards, status codes, path layout, methods, and headers. Understand how rate limiting helps manage system resources.
---
# API
diff --git a/website/content/docs/api-clients/api/pagination.mdx b/website/content/docs/api-clients/api/pagination.mdx
index 1f21fd1ff7..bfd2e80c65 100644
--- a/website/content/docs/api-clients/api/pagination.mdx
+++ b/website/content/docs/api-clients/api/pagination.mdx
@@ -1,7 +1,8 @@
---
layout: docs
page_title: API list pagination
-description: Learn how the API pagination and cache works in Boundary to prevent system resources from being overwhlemed and to help you find resources.
+description: >-
+ Learn about API pagination and how the cache works in Boundary to prevent system resources from being overwhelmed and to help you find resources.
---
# API list pagination
diff --git a/website/content/docs/api-clients/api/rate-limiting.mdx b/website/content/docs/api-clients/api/rate-limiting.mdx
index 16d5feedaf..fdaa13293d 100644
--- a/website/content/docs/api-clients/api/rate-limiting.mdx
+++ b/website/content/docs/api-clients/api/rate-limiting.mdx
@@ -1,7 +1,8 @@
---
layout: docs
page_title: API rate limiting
-description: Learn how API rate limiting lets you configure limits on the rates of API requests in Boundary to help manage resources and prevent them from being overwhelmed.
+description: >-
+ Learn how API rate limiting lets you configure limits on the rates of API requests in Boundary to help manage resources and prevent them from being overwhelmed.
---
# Rate limiting
diff --git a/website/content/docs/api-clients/client-agent.mdx b/website/content/docs/api-clients/client-agent.mdx
index 6a31ecfeec..2e75365493 100644
--- a/website/content/docs/api-clients/client-agent.mdx
+++ b/website/content/docs/api-clients/client-agent.mdx
@@ -1,7 +1,7 @@
---
layout: docs
-page_title: Client Agent
-description: |-
+page_title: Client Agent overview
+description: >-
Learn how the Boundary Client Agent intercepts DNS requests as the primary resolver on the system, allowing Boundary to proxy connections transparently.
---
@@ -274,7 +274,13 @@ If you want to disable the Boundary Client Agent, you can stop it with the follo
```shell-session
-$ sudo launchctl stop com.hashicorp.boundary.boundary-client-agent
+$ sudo launchctl unload -w /Library/LaunchDaemons/com.hashicorp.boundary.boundary-client-agent.plist
+```
+
+Unloading the Boundary Client Agent removes its launch daemon configuration. To restart the Client Agent, use:
+
+```shell-session
+$ sudo launchctl load -w /Library/LaunchDaemons/com.hashicorp.boundary.boundary-client-agent.plist
```
diff --git a/website/content/docs/api-clients/client-cache.mdx b/website/content/docs/api-clients/client-cache.mdx
index fcbe7b4911..ce8daae1ed 100644
--- a/website/content/docs/api-clients/client-cache.mdx
+++ b/website/content/docs/api-clients/client-cache.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Client cache
-description: |-
- Learn how the client cache enables Boundary to quickly retrieve local information about session and target resources.
+page_title: Client cache overview
+description: >-
+ Learn how the client cache enables Boundary to quickly retrieve local information about session and target resources. Manage startup and other cache functions.
---
# Client cache
diff --git a/website/content/docs/api-clients/desktop.mdx b/website/content/docs/api-clients/desktop.mdx
index e87acccbcc..ba74487f21 100644
--- a/website/content/docs/api-clients/desktop.mdx
+++ b/website/content/docs/api-clients/desktop.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Boundary Desktop
-description: |-
- Get up and running with Boundary Desktop
+page_title: Boundary Desktop overview
+description: >-
+ Learn how to install the Boundary Desktop application to browse and connect to targets.
---
# Boundary Desktop
diff --git a/website/content/docs/api-clients/go-sdk.mdx b/website/content/docs/api-clients/go-sdk.mdx
index d71f39cb47..b1d6232ee9 100644
--- a/website/content/docs/api-clients/go-sdk.mdx
+++ b/website/content/docs/api-clients/go-sdk.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Go SDK
-description: |-
- Boundary's Go SDK
+page_title: Go SDK overview
+description: >-
+ Learn about Boundary's Go SDK. Use the Go SDK to authenticate to Boundary with an auth method or a recovery KMS workflow.
---
# Go SDK
diff --git a/website/content/docs/api-clients/index.mdx b/website/content/docs/api-clients/index.mdx
index b5e9dd6361..a78d5c5b38 100644
--- a/website/content/docs/api-clients/index.mdx
+++ b/website/content/docs/api-clients/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: API/Clients
-description: |-
- An introduction to Boundary's API and clients.
+description: >-
+ Discover resources to learn more about Boundary's API and clients.
---
# API and clients
diff --git a/website/content/docs/common-workflows/manage-roles.mdx b/website/content/docs/common-workflows/manage-roles.mdx
index 0c0781928c..f45f162be9 100644
--- a/website/content/docs/common-workflows/manage-roles.mdx
+++ b/website/content/docs/common-workflows/manage-roles.mdx
@@ -1,7 +1,8 @@
---
layout: docs
page_title: Manage roles and permissions
-description: How to manage roles, permissions, and grants.
+description: >-
+ Use roles to manage permissions assigned to users and groups. Create roles and assign principals and grants to them. Add grant scopes and configure inheritance.
---
# Manage roles and permissions
diff --git a/website/content/docs/concepts/aliases.mdx b/website/content/docs/concepts/aliases.mdx
index cf4a2bb726..5df5666c93 100644
--- a/website/content/docs/concepts/aliases.mdx
+++ b/website/content/docs/concepts/aliases.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Aliases
-description: |-
- Aliases let you associate a string with a Boundary resource. Learn how to use an alias instead of a target ID when you connect.
+description: >-
+ Aliases let you associate a string with a resource. Learn how to use an alias instead of an ID when you connect to a target.
---
# Aliases
diff --git a/website/content/docs/concepts/auditing.mdx b/website/content/docs/concepts/auditing.mdx
index 6f72970528..a31912e7fc 100644
--- a/website/content/docs/concepts/auditing.mdx
+++ b/website/content/docs/concepts/auditing.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Auditing
-description: |-
- An overview of using Boundary to audit for compliance and threat management
+description: >-
+ Learn how Boundary can help improve compliance and threat management by using session recording to audit user access and actions. Understand the BSR format.
---
# Auditing
diff --git a/website/content/docs/concepts/connection-workflows/connect-helpers.mdx b/website/content/docs/concepts/connection-workflows/connect-helpers.mdx
index a1611f0b05..5b5dfb16b7 100644
--- a/website/content/docs/concepts/connection-workflows/connect-helpers.mdx
+++ b/website/content/docs/concepts/connection-workflows/connect-helpers.mdx
@@ -1,7 +1,8 @@
---
layout: docs
page_title: Connect helpers
-description: Learn how connect helpers enable Boundary to automatically accept host key prompts to facilitate connections for HTTP, Kubernetes, PostgreSQL, RDP, and SSH.
+description: >-
+ Learn how to use connect helpers to automatically accept host key prompts and facilitate connections for HTTP, Kubernetes, PostgreSQL, RDP, and SSH.
---
# Connect helpers
diff --git a/website/content/docs/concepts/connection-workflows/exec-flag.mdx b/website/content/docs/concepts/connection-workflows/exec-flag.mdx
index 4593a1b1c0..1d79e1cd07 100644
--- a/website/content/docs/concepts/connection-workflows/exec-flag.mdx
+++ b/website/content/docs/concepts/connection-workflows/exec-flag.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: -exec flag
-description: |-
- Learn how the `-exec` flag enables you to execute Boundary TCP sessions using your preferred client, even when there is no built-in support for it.
+description: >-
+ Learn how to use the `-exec` flag to execute TCP sessions or pass flags using your preferred client.
---
# Exec flag
diff --git a/website/content/docs/concepts/connection-workflows/index.mdx b/website/content/docs/concepts/connection-workflows/index.mdx
index 5f935236c8..fae371eef5 100644
--- a/website/content/docs/concepts/connection-workflows/index.mdx
+++ b/website/content/docs/concepts/connection-workflows/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Connection workflows
-description: |-
- Workflows that you can use to connect to targets. Learn how connect helpers, the `-exec` flag, and SSH ProxyCommand can help facilitate connections to targets.
+description: >-
+ Learn how transparent sessions, connect helpers, the `-exec` flag, SSH ProxyCommand, and multi-hop sessions can help facilitate connections to targets.
---
# Connection workflows
diff --git a/website/content/docs/concepts/connection-workflows/multi-hop.mdx b/website/content/docs/concepts/connection-workflows/multi-hop.mdx
index 9816810408..9479388995 100644
--- a/website/content/docs/concepts/connection-workflows/multi-hop.mdx
+++ b/website/content/docs/concepts/connection-workflows/multi-hop.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Multi-hop sessions
-description: |-
- Learn how multi-hop sessions enable you to chain together two or more Boundary workers across multiple networks.
+description: >-
+ Learn how multi-hop sessions let you chain together two or more workers across multiple networks to reach a target without exposing private networks.
---
# Multi-hop sessions
@@ -135,9 +135,9 @@ intermediary workers have the following requirements.
### Ingress worker requirements
To proxy target connections, ingress workers require outbound access to the
-Boundary control plane and inbound access from clients.
+Boundary control plane and inbound access from clients.
-HCP Boundary clusters automatically deploy HCP-managed workers which can be used as ingress workers. Using HCP-managed workers as ingress workers is helpful when organizations have strict networks security policies that prohibit any inbound access. In this scenario, intermediary or egress workers within the private network can establish a reverse proxy connection to the HCP-managed ingress worker.
+HCP Boundary clusters automatically deploy HCP-managed workers which can be used as ingress workers. Using HCP-managed workers as ingress workers is helpful when organizations have strict networks security policies that prohibit any inbound access. In this scenario, intermediary or egress workers within the private network can establish a reverse proxy connection to the HCP-managed ingress worker.
### Intermediary worker requirements
diff --git a/website/content/docs/concepts/connection-workflows/workflow-ssh-proxycommand.mdx b/website/content/docs/concepts/connection-workflows/workflow-ssh-proxycommand.mdx
index 0823c47263..75378a02d6 100644
--- a/website/content/docs/concepts/connection-workflows/workflow-ssh-proxycommand.mdx
+++ b/website/content/docs/concepts/connection-workflows/workflow-ssh-proxycommand.mdx
@@ -1,7 +1,8 @@
---
layout: docs
page_title: SSH ProxyCommand
-description: Learn how SSH ProxyCommand enables you to proxy an SSH connection in Boundary using a configuration file. Configure connections using the target's ID or domain.
+description: >-
+ Learn how to use SSH ProxyCommand to proxy an SSH connection using a configuration file. Configure hosts using the target's ID or domain.
---
# SSH ProxyCommand
diff --git a/website/content/docs/concepts/credential-management.mdx b/website/content/docs/concepts/credential-management.mdx
index 9a7f934277..a35dfb6c43 100644
--- a/website/content/docs/concepts/credential-management.mdx
+++ b/website/content/docs/concepts/credential-management.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Credential management
-description: |-
- An overview of credential management in Boundary
+description: >-
+ Learn about using credential brokering or credential injection to authenticate users. Understand the benefits and security considerations of each method.
---
# Credential management
diff --git a/website/content/docs/concepts/domain-model/accounts.mdx b/website/content/docs/concepts/domain-model/accounts.mdx
index d2b1ce4660..d527d5bde6 100644
--- a/website/content/docs/concepts/domain-model/accounts.mdx
+++ b/website/content/docs/concepts/domain-model/accounts.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Domain model - accounts
-description: |-
- The anatomy of a Boundary account
+page_title: Account resource
+description: >-
+ Learn about using the accounts resource to establish the identities of users. Understand how to configure general, password, and LDAP account attributes.
---
# Accounts
diff --git a/website/content/docs/concepts/domain-model/aliases.mdx b/website/content/docs/concepts/domain-model/aliases.mdx
index 5f9d4569aa..248fe91f6b 100644
--- a/website/content/docs/concepts/domain-model/aliases.mdx
+++ b/website/content/docs/concepts/domain-model/aliases.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Domain model - aliases
-description: |-
- The anatomy of a Boundary alias
+page_title: Alias resource
+description: >-
+ Learn about using the alias resource to transparently connect to targets without having to provide the target ID or target name and scope ID.
---
# Aliases
diff --git a/website/content/docs/concepts/domain-model/auth-methods.mdx b/website/content/docs/concepts/domain-model/auth-methods.mdx
index b030fefc3c..02f88eb1b1 100644
--- a/website/content/docs/concepts/domain-model/auth-methods.mdx
+++ b/website/content/docs/concepts/domain-model/auth-methods.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Domain model - auth methods
-description: |-
- Use auth methods to authenticate users to Boundary. Learn which attributes you can configure for password, OIDC, and LDAP auth methods in Boundary.
+page_title: Auth method resource
+description: >-
+ Learn about using the auth method resource to authenticate users. Understand which attributes you can configure for password, OIDC, and LDAP auth methods.
---
# Auth methods
diff --git a/website/content/docs/concepts/domain-model/credential-libraries.mdx b/website/content/docs/concepts/domain-model/credential-libraries.mdx
index b0599552ef..b521822588 100644
--- a/website/content/docs/concepts/domain-model/credential-libraries.mdx
+++ b/website/content/docs/concepts/domain-model/credential-libraries.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Domain model - credential libraries
-description: |-
- The anatomy of a Boundary credential library
+page_title: Credential library resource
+description: >-
+ Learn about using the credential library resource to provide credentials from a credential store. Understand the credential library attributes you can configure.
---
# Credential libraries
diff --git a/website/content/docs/concepts/domain-model/credential-stores.mdx b/website/content/docs/concepts/domain-model/credential-stores.mdx
index 02f78565ee..ac803c9000 100644
--- a/website/content/docs/concepts/domain-model/credential-stores.mdx
+++ b/website/content/docs/concepts/domain-model/credential-stores.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Domain model - credential stores
-description: |-
- The anatomy of a Boundary credential store
+page_title: Credential store resource
+description: >-
+ Learn about using the credential store resource to store and retrieve credentials. Understand the Vault and static credential store attributes you can configure.
---
# Credential stores
diff --git a/website/content/docs/concepts/domain-model/credentials.mdx b/website/content/docs/concepts/domain-model/credentials.mdx
index 55bad83262..99fefbbcb8 100644
--- a/website/content/docs/concepts/domain-model/credentials.mdx
+++ b/website/content/docs/concepts/domain-model/credentials.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Domain model - credentials
-description: |-
- The anatomy of a Boundary credential
+page_title: Credential resource
+description: >-
+ Learn about using the credential resource to define secrets for a host. Understand username password, SSH private key, SSH certificate, and JSON credential types.
---
# Credentials
diff --git a/website/content/docs/concepts/domain-model/groups.mdx b/website/content/docs/concepts/domain-model/groups.mdx
index 7c0045333e..5da4dfb2bb 100644
--- a/website/content/docs/concepts/domain-model/groups.mdx
+++ b/website/content/docs/concepts/domain-model/groups.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Domain model - groups
-description: |-
- The anatomy of a Boundary group
+page_title: Group resource
+description: >-
+ Learn about using the group resource to create collections of users with the same access control. Any role assigned to a group is assigned to the group's users.
---
# Groups
diff --git a/website/content/docs/concepts/domain-model/host-catalogs.mdx b/website/content/docs/concepts/domain-model/host-catalogs.mdx
index f10d505419..883af093cc 100644
--- a/website/content/docs/concepts/domain-model/host-catalogs.mdx
+++ b/website/content/docs/concepts/domain-model/host-catalogs.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Domain model - host catalogs
-description: |-
- The anatomy of a Boundary host catalog
+page_title: Host catalog resource
+description: >-
+ Learn about using the host catalog resource to organize and manage hosts and host sets within a project based on their function, environment, or other criteria.
---
# Host catalogs
diff --git a/website/content/docs/concepts/domain-model/host-sets.mdx b/website/content/docs/concepts/domain-model/host-sets.mdx
index 551d60ad48..e8d01513b7 100644
--- a/website/content/docs/concepts/domain-model/host-sets.mdx
+++ b/website/content/docs/concepts/domain-model/host-sets.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Domain model - host sets
-description: |-
- The anatomy of a Boundary host set
+page_title: Host set resource
+description: >-
+ Learn about using the host set resource to organize and manage hosts that have the same level of access control and belong to the same host catalog.
---
# Host sets
diff --git a/website/content/docs/concepts/domain-model/hosts.mdx b/website/content/docs/concepts/domain-model/hosts.mdx
index e4c493ba14..d2f53a9103 100644
--- a/website/content/docs/concepts/domain-model/hosts.mdx
+++ b/website/content/docs/concepts/domain-model/hosts.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Domain model - hosts
-description: |-
- The anatomy of a Boundary host
+page_title: Host resource
+description: >-
+ Learn about using host resources to represent computing elements that are reachable from Boundary. You can organize hosts in host sets and host catalogs.
---
# Hosts
diff --git a/website/content/docs/concepts/domain-model/index.mdx b/website/content/docs/concepts/domain-model/index.mdx
index 81baa342c1..40cd8d7eb7 100644
--- a/website/content/docs/concepts/domain-model/index.mdx
+++ b/website/content/docs/concepts/domain-model/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Domain model index
-description: |-
- Reference documentation for Boundary's domain model.
+page_title: Domain model overview
+description: >-
+ Learn about using the domain model to organize identity and access management and target resources for secure access. Understand how resources work together.
---
# Overview
diff --git a/website/content/docs/concepts/domain-model/managed-groups.mdx b/website/content/docs/concepts/domain-model/managed-groups.mdx
index 9309f07785..e845a129b0 100644
--- a/website/content/docs/concepts/domain-model/managed-groups.mdx
+++ b/website/content/docs/concepts/domain-model/managed-groups.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Domain model - managed groups
-description: |-
- The anatomy of a Boundary managed group
+page_title: Managed group resource
+description: >-
+ Learn about using the managed group resource to organize identity provider accounts and assign them grants. Understand how to configure OIDC and LDAP attributes.
---
# Managed groups
diff --git a/website/content/docs/concepts/domain-model/roles.mdx b/website/content/docs/concepts/domain-model/roles.mdx
index 42164cffb6..5da68d81b2 100644
--- a/website/content/docs/concepts/domain-model/roles.mdx
+++ b/website/content/docs/concepts/domain-model/roles.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Domain model - roles
-description: |-
- The anatomy of a Boundary role
+page_title: Role resource
+description: >-
+ Learn about using the role resource to group permissions which are then granted to any principal assigned to the role. Understand role attributes.
---
# Roles
diff --git a/website/content/docs/concepts/domain-model/scopes.mdx b/website/content/docs/concepts/domain-model/scopes.mdx
index 134fd4eb6b..92fbd39916 100644
--- a/website/content/docs/concepts/domain-model/scopes.mdx
+++ b/website/content/docs/concepts/domain-model/scopes.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Domain model - scopes
-description: |-
- Use scopes to group and manage resources in Boundary. Learn how to configure global scopes, org scopes, and projects to logically group resources.
+page_title: Scope resource
+description: >-
+ Learn about using the scope resource to organize and manage resources. Understand how to configure global, org, and project scopes to logically group resources.
---
# Scopes
diff --git a/website/content/docs/concepts/domain-model/session-connections.mdx b/website/content/docs/concepts/domain-model/session-connections.mdx
index cbf3b20a0e..a5f9c555e3 100644
--- a/website/content/docs/concepts/domain-model/session-connections.mdx
+++ b/website/content/docs/concepts/domain-model/session-connections.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Domain model - session connections
-description: |-
- The anatomy of a Boundary session connection
+page_title: Session connection resource
+description: >-
+ Learn how the session connection resource represents the proxy Boundary creates between user and host. Understand how connections are established and terminated.
---
# Session connections
diff --git a/website/content/docs/concepts/domain-model/session-recordings.mdx b/website/content/docs/concepts/domain-model/session-recordings.mdx
index d0f00eb602..33f74a0500 100644
--- a/website/content/docs/concepts/domain-model/session-recordings.mdx
+++ b/website/content/docs/concepts/domain-model/session-recordings.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Domain model - session recordings
-description: |-
- Use session recordings to audit user sessions in Boundary. Learn how to configure session recordings to monitor usage.
+page_title: Session recording resource
+description: >-
+ Learn about using the session recording resource to audit user sessions. Understand how storage policy retention periods help you meet your compliance needs.
---
# Session recordings
diff --git a/website/content/docs/concepts/domain-model/sessions.mdx b/website/content/docs/concepts/domain-model/sessions.mdx
index a328fc0723..ba3d99e5dd 100644
--- a/website/content/docs/concepts/domain-model/sessions.mdx
+++ b/website/content/docs/concepts/domain-model/sessions.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Domain model - sessions
-description: |-
- The anatomy of a Boundary session
+page_title: Session resource
+description: >-
+ Learn how the session resource is a set of connections between users and hosts that may include credentials. Understand how sessions are created and terminated.
---
# Sessions
diff --git a/website/content/docs/concepts/domain-model/storage-buckets.mdx b/website/content/docs/concepts/domain-model/storage-buckets.mdx
index b759328321..7b3240cd6f 100644
--- a/website/content/docs/concepts/domain-model/storage-buckets.mdx
+++ b/website/content/docs/concepts/domain-model/storage-buckets.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Domain model - storage bucket
-description: |-
- The anatomy of a Boundary storage bucket
+page_title: Storage bucket resource
+description: >-
+ Learn how to use the storage bucket resource to retain session recordings for compliance. Understand storage bucket attributes and how scopes affect storage.
---
# Storage buckets
diff --git a/website/content/docs/concepts/domain-model/storage-policy.mdx b/website/content/docs/concepts/domain-model/storage-policy.mdx
index b2a7665203..4f7c19eeb3 100644
--- a/website/content/docs/concepts/domain-model/storage-policy.mdx
+++ b/website/content/docs/concepts/domain-model/storage-policy.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Domain model - storage policies
-description: |-
- Use storage policies to manage session recording retention in Boundary. Learn how to configure policies for global and org scopes, and specify retention periods.
+page_title: Storae policy resource
+description: >-
+ Learn about using the storage policy resource to manage session recording retention. Understand how to configure policies for scopes and specify retention.
---
# Storage policies
diff --git a/website/content/docs/concepts/domain-model/targets.mdx b/website/content/docs/concepts/domain-model/targets.mdx
index e1796e7149..1c66b78b85 100644
--- a/website/content/docs/concepts/domain-model/targets.mdx
+++ b/website/content/docs/concepts/domain-model/targets.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Domain model - targets
-description: |-
- The anatomy of a Boundary target
+page_title: Target resource
+description: >-
+ Learn about using the target resource to configure a networked service a user can connect to. Understand the TCP and SSH target type requirements and attributes.
---
# Targets
diff --git a/website/content/docs/concepts/domain-model/users.mdx b/website/content/docs/concepts/domain-model/users.mdx
index 0750e105da..8a7753f9fc 100644
--- a/website/content/docs/concepts/domain-model/users.mdx
+++ b/website/content/docs/concepts/domain-model/users.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Domain model - users
-description: |-
- The anatomy of a Boundary user
+page_title: User resource
+description: >-
+ Learn how the user resource identifies a person or entity for access control purposes. Understand how to assign groups and roles so users inherit permissions.
---
# Users
diff --git a/website/content/docs/concepts/filtering/events.mdx b/website/content/docs/concepts/filtering/events.mdx
index bf7833fe35..7f7b1e8b94 100644
--- a/website/content/docs/concepts/filtering/events.mdx
+++ b/website/content/docs/concepts/filtering/events.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Filtering - events
-description: |-
- How to filter events emitted by Boundary.
+description: >-
+ Learn how to filter audit, observation, system, and telemetry events to find information written to any event sinks you configured.
---
# Filter events
diff --git a/website/content/docs/concepts/filtering/index.mdx b/website/content/docs/concepts/filtering/index.mdx
index 3d63b32853..ad6d473d35 100644
--- a/website/content/docs/concepts/filtering/index.mdx
+++ b/website/content/docs/concepts/filtering/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Filtering
-description: |-
- An introduction to the filtering syntax used in Boundary.
+description: >-
+ Learn how to use filters to match and find data. Understand how to create filter expressions using matching operators composed with selectors and values.
---
# Filter expressions
diff --git a/website/content/docs/concepts/filtering/managed-groups.mdx b/website/content/docs/concepts/filtering/managed-groups.mdx
index 98e1d0fa79..3298e1bf42 100644
--- a/website/content/docs/concepts/filtering/managed-groups.mdx
+++ b/website/content/docs/concepts/filtering/managed-groups.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Filtering - managed groups
-description: |-
- How to configure filters for managed groups within the OIDC or LDAP auth methods.
+description: >-
+ Learn how to configure filters for managed groups. View search filter attributes and examples of filters for OIDC and LDAP managed groups.
---
[filter syntax]: /boundary/docs/concepts/filtering
diff --git a/website/content/docs/concepts/filtering/resource-listing.mdx b/website/content/docs/concepts/filtering/resource-listing.mdx
index 527fad7872..e53af6bd52 100644
--- a/website/content/docs/concepts/filtering/resource-listing.mdx
+++ b/website/content/docs/concepts/filtering/resource-listing.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Filtering - resource listing
-description: |-
- How to use filter list responses coming back from Boundary.
+description: >-
+ Learn how to use filters to reduce the set of resources returned when you perform a list operation. Filtering list results helps you find information.
---
# Filter resource listings
diff --git a/website/content/docs/concepts/filtering/worker-tags.mdx b/website/content/docs/concepts/filtering/worker-tags.mdx
index d09ba13434..da3a94a96e 100644
--- a/website/content/docs/concepts/filtering/worker-tags.mdx
+++ b/website/content/docs/concepts/filtering/worker-tags.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Filtering - worker tags
-description: |-
- How to use worker tags to control which workers can handle a given resource.
+description: >-
+ Learn about using worker tags to designate worker roles. Examples include serving specific regions or functions, such as credential stores or storage buckets.
---
# Worker tags
diff --git a/website/content/docs/concepts/host-discovery/aws.mdx b/website/content/docs/concepts/host-discovery/aws.mdx
index a79c884f9c..0a25143c4a 100644
--- a/website/content/docs/concepts/host-discovery/aws.mdx
+++ b/website/content/docs/concepts/host-discovery/aws.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: AWS dynamic host catalogs
-description: |-
- An overview of AWS host discovery in Boundary
+description: >-
+ Use dynamic host catalogs to automatically discover AWS EC2 instances and add them as hosts. Create a host catalog and host set for AWS resources.
---
# AWS dynamic host catalogs
Boundary uses dynamic host catalogs to automatically discover AWS EC2 instances and add them as hosts.
diff --git a/website/content/docs/concepts/host-discovery/azure.mdx b/website/content/docs/concepts/host-discovery/azure.mdx
index c401237528..397e212351 100644
--- a/website/content/docs/concepts/host-discovery/azure.mdx
+++ b/website/content/docs/concepts/host-discovery/azure.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Azure dynamic host catalogs
-description: |-
- An overview of Azure host discovery in Boundary
+description: >-
+ Use dynamic host catalogs to automatically discover Azure resources and add them as hosts. Create a host catalog and host set for Azure resources.
---
# Azure dynamic host catalogs
Boundary uses dynamic host catalogs to automatically discover Azure resources available through Azure Resource Manager (ARM) and add them as hosts.
@@ -10,7 +10,7 @@ Boundary uses dynamic host catalogs to automatically discover Azure resources av
## Create a host catalog to connect with Azure
Boundary uses plugins to integrate with a variety of providers. To use a
dynamic host catalog to integrate with Azure, you create a host catalog of the
-`plugin` type and set the `plugin-name` value to `azure`. You must also provide the
+`plugin` type and set the `plugin-name` value to `azure`. You must also provide the
specific fields needed for Boundary to authenticate with Azure.
diff --git a/website/content/docs/concepts/host-discovery/index.mdx b/website/content/docs/concepts/host-discovery/index.mdx
index 121c27872f..543aa6672c 100644
--- a/website/content/docs/concepts/host-discovery/index.mdx
+++ b/website/content/docs/concepts/host-discovery/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Host discovery
-description: |-
- An overview of host discovery in Boundary
+description: >-
+ Learn how host discovery workflows let Boundary discover and onboard new resources. Understand how dynamic host catalogs enable automated host discovery.
---
# Host discovery
diff --git a/website/content/docs/concepts/iam.mdx b/website/content/docs/concepts/iam.mdx
index 565fab08d8..e117143394 100644
--- a/website/content/docs/concepts/iam.mdx
+++ b/website/content/docs/concepts/iam.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Identity and access management (IAM)
-description: |-
- Identity and access management in Boundary
+description: >-
+ Learn how scopes, auth methods, accounts, users, groups, and roles make up the identity and access management (IAM) system. View examples of grant strings.
---
# Identity and access management (IAM)
diff --git a/website/content/docs/concepts/index.mdx b/website/content/docs/concepts/index.mdx
index 0bfc944f89..6b1890569e 100644
--- a/website/content/docs/concepts/index.mdx
+++ b/website/content/docs/concepts/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Concepts
-description: |-
- An introduction to Boundary concepts and architecture.
+description: >-
+ Discover resources to help you understand Boundary concepts and architecture.
---
# Concepts
diff --git a/website/content/docs/concepts/security/connections-tls.mdx b/website/content/docs/concepts/security/connections-tls.mdx
index 9336b5afd8..3ec5dfa06a 100644
--- a/website/content/docs/concepts/security/connections-tls.mdx
+++ b/website/content/docs/concepts/security/connections-tls.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Connections/TLS
-description: |-
- How Boundary secures its connections
+description: >-
+ Learn how Boundary uses transport layer security (TLS) to secure connections and establish sessions. Understand how workers authenticate to resources.
---
# TLS in Boundary
diff --git a/website/content/docs/concepts/security/data-encryption.mdx b/website/content/docs/concepts/security/data-encryption.mdx
index d21fc2f115..d066779635 100644
--- a/website/content/docs/concepts/security/data-encryption.mdx
+++ b/website/content/docs/concepts/security/data-encryption.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Data encryption
-description: |-
- How Boundary secures data at rest
+description: >-
+ Learn how key management services protect the encryption keys used for securing data. Understand key lifecycle management best practices.
---
# Data security in Boundary
@@ -15,7 +15,7 @@ Boundary supports and how they are used within the system.
## The `worker-auth-storage` KMS key
-The `worker-auth-storage` KMS key can be used by [Workers registered using worker-led or controller-led
+The `worker-auth-storage` KMS key can be used by [Workers registered using worker-led or controller-led
methods](/boundary/docs/configuration/worker/worker-configuration) for storage of authentication
keys. It is optional for workers; if not specified the authentication keys
will not be encrypted on disk. This can not used by workers registered using an external KMS.
diff --git a/website/content/docs/concepts/security/index.mdx b/website/content/docs/concepts/security/index.mdx
index 7332c6745f..ded4fb5da9 100644
--- a/website/content/docs/concepts/security/index.mdx
+++ b/website/content/docs/concepts/security/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Security
-description: |-
- Boundary security overview.
+description: >-
+ Discover resources to help you understand Boundary's security.
---
# Security
diff --git a/website/content/docs/concepts/transparent-sessions.mdx b/website/content/docs/concepts/transparent-sessions.mdx
index 3e6a66b9b5..f774fd3b1d 100644
--- a/website/content/docs/concepts/transparent-sessions.mdx
+++ b/website/content/docs/concepts/transparent-sessions.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Transparent sessions
-description: |-
- Learn how transparent sessions enable you to connect to Boundary resources without remembering resource IDs or port numbers.
+description: >-
+ Learn how transparent sessions enable you to connect to target resources without entering resource IDs or port numbers.
---
# Transparent sessions
diff --git a/website/content/docs/concepts/workers.mdx b/website/content/docs/concepts/workers.mdx
index 06f49674fc..969c485785 100644
--- a/website/content/docs/concepts/workers.mdx
+++ b/website/content/docs/concepts/workers.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Workers
-description: |-
- Introduction to Boundary workers
+description: >-
+ Workers let you proxy traffic to private targets. Learn about worker capabilities, using tags to filter tasks, worker health, and best practices for deployment.
---
# Workers
diff --git a/website/content/docs/configuration/controller.mdx b/website/content/docs/configuration/controller.mdx
index 0f29811505..7388608448 100644
--- a/website/content/docs/configuration/controller.mdx
+++ b/website/content/docs/configuration/controller.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Controller - configuration
-description: |-
- The controller stanza configures controller-specifc parameters.
+page_title: Controller configuration
+description: >-
+ Learn about configuring controller-specific parameters. Understand how to configure the required KMS stanzas, and view a complete configuration example.
---
# `controller` stanza
@@ -81,7 +81,7 @@ description will be read.
bind a publicly accessible IP to a NIC on the host directly, such as an Amazon
EIP. This value can be a direct address string, can refer to a file on disk (file://)
from which an address will be read; an env var (env://) from which the
- address will be read; or a [go-sockaddr template](https://godoc.org/github.com/hashicorp/go-sockaddr/template).
+ address will be read; or a [go-sockaddr template](https://godoc.org/github.com/hashicorp/go-sockaddr/template).
Note that the address should not include the protocol prefixes like `http://` or `https://`.
- `auth_token_time_to_live` - Maximum time to live (TTL) for all auth tokens globally (pertains
diff --git a/website/content/docs/configuration/credential-management/configure-credential-brokering.mdx b/website/content/docs/configuration/credential-management/configure-credential-brokering.mdx
index 3829f99981..b5c9f9f76a 100644
--- a/website/content/docs/configuration/credential-management/configure-credential-brokering.mdx
+++ b/website/content/docs/configuration/credential-management/configure-credential-brokering.mdx
@@ -1,7 +1,7 @@
---
layout: docs
page_title: Configure targets with credential brokering
-description: |-
+description: >-
Configure credential brokering workflows so that Boundary centrally manages credentials and returns them to users when they successfully connect to a target.
---
diff --git a/website/content/docs/configuration/credential-management/configure-credential-injection.mdx b/website/content/docs/configuration/credential-management/configure-credential-injection.mdx
index 6c76b3868a..70bbdeb22f 100644
--- a/website/content/docs/configuration/credential-management/configure-credential-injection.mdx
+++ b/website/content/docs/configuration/credential-management/configure-credential-injection.mdx
@@ -1,7 +1,7 @@
---
layout: docs
page_title: Configure targets with credential injection
-description: |-
+description: >-
Configure credential injection so Boundary provides users with a passwordless experience when connecting to targets. Availabile exclusively for Enterprise users.
---
diff --git a/website/content/docs/configuration/credential-management/index.mdx b/website/content/docs/configuration/credential-management/index.mdx
index e0ab55b775..d77b714928 100644
--- a/website/content/docs/configuration/credential-management/index.mdx
+++ b/website/content/docs/configuration/credential-management/index.mdx
@@ -1,7 +1,7 @@
---
layout: docs
-page_title: Configure credentials with Boundary
-description: |-
+page_title: Credential management with Boundary
+description: >-
Credential stores let you store and manage credentials in Boundary. Learn about configuring user workflows with credential management or credential injection.
---
diff --git a/website/content/docs/configuration/credential-management/static-cred-boundary.mdx b/website/content/docs/configuration/credential-management/static-cred-boundary.mdx
index 3f3c719235..26cf542ba3 100644
--- a/website/content/docs/configuration/credential-management/static-cred-boundary.mdx
+++ b/website/content/docs/configuration/credential-management/static-cred-boundary.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Manage static credentials with Boundary
-description: |-
- Create a static credential store to manage static credentials in Boundary. Credential stores let you configure targets for credential brokering or injection.
+description: >-
+ Create a static credential store to manage static credentials. Credential stores let you configure targets for credential brokering or injection.
---
# Create a static credential store
diff --git a/website/content/docs/configuration/credential-management/static-cred-vault.mdx b/website/content/docs/configuration/credential-management/static-cred-vault.mdx
index ab4101f9a7..6cb82cff08 100644
--- a/website/content/docs/configuration/credential-management/static-cred-vault.mdx
+++ b/website/content/docs/configuration/credential-management/static-cred-vault.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Manage static credentials with Vault
-description: |-
- Create a Vault credential store to manage credentials in Boundary. Credential stores let you configure targets for credential brokering or credential injection.
+description: >-
+ Create a Vault credential store to manage credentials. Credential stores let you configure targets for credential brokering or credential injection.
---
# Create a Vault credential store
diff --git a/website/content/docs/configuration/identity-access-management/assignable-permissions.mdx b/website/content/docs/configuration/identity-access-management/assignable-permissions.mdx
index a7100acc29..ad38c10135 100644
--- a/website/content/docs/configuration/identity-access-management/assignable-permissions.mdx
+++ b/website/content/docs/configuration/identity-access-management/assignable-permissions.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Assignable permissions
-description: |-
- Assignable permissions
+description: >-
+ Learn about using actions and output fields to grant users permissions to any resources that are identified by ID or Type.
---
# Assignable permissions
diff --git a/website/content/docs/configuration/identity-access-management/index.mdx b/website/content/docs/configuration/identity-access-management/index.mdx
index db15d7abe3..8eedea3e57 100644
--- a/website/content/docs/configuration/identity-access-management/index.mdx
+++ b/website/content/docs/configuration/identity-access-management/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Permissions index
-description: |-
- Boundary's permissions model
+description: >-
+ Learn about Boundary's RBAC (Role-based access control), allow-only permissions model. Understand how permissions are configured using grant strings and roles.
---
# Permissions in Boundary
diff --git a/website/content/docs/configuration/identity-access-management/permission-grant-formats.mdx b/website/content/docs/configuration/identity-access-management/permission-grant-formats.mdx
index d7ad3599f6..1a6d1ee56d 100644
--- a/website/content/docs/configuration/identity-access-management/permission-grant-formats.mdx
+++ b/website/content/docs/configuration/identity-access-management/permission-grant-formats.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Permission grant formats
-description: |-
- Permission grant formats
+description: >-
+ Learn how to construct grant strings that map resources and permissions. Understand ID, Type, Pinned, and Wildcard grant formats. View possible grant templates.
---
# Permission grant formats
diff --git a/website/content/docs/configuration/identity-access-management/resource-table.mdx b/website/content/docs/configuration/identity-access-management/resource-table.mdx
index 87ce7b6309..39bee9e133 100644
--- a/website/content/docs/configuration/identity-access-management/resource-table.mdx
+++ b/website/content/docs/configuration/identity-access-management/resource-table.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Resource table
-description: |-
- Resource table
+description: >-
+ View a list of resources and their available permissions parameters and actions to help you configure and manage permissions.
---
# Resource tables
diff --git a/website/content/docs/configuration/index.mdx b/website/content/docs/configuration/index.mdx
index 13c8939ce4..99b31e0d07 100644
--- a/website/content/docs/configuration/index.mdx
+++ b/website/content/docs/configuration/index.mdx
@@ -1,7 +1,8 @@
---
layout: docs
-page_title: Overview/top-level parameters
-description: Boundary configuration reference.
+page_title: Top-level configuration parameters
+description: >-
+ Learn about the parameters that make up the Boundary HCL configuration file. View parameters for HCP and self-managed installations.
---
# Configuration
diff --git a/website/content/docs/configuration/kms/aead.mdx b/website/content/docs/configuration/kms/aead.mdx
index d17e51d8d3..d6e29dd4bf 100644
--- a/website/content/docs/configuration/kms/aead.mdx
+++ b/website/content/docs/configuration/kms/aead.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: AEAD - configuration
-description: |-
- The AEAD KMS configures AEAD-specific parameters.
+page_title: AEAD KMS configuration
+description: >-
+ Learn about using the Authenticated Encryption with Associated Data (AEAD) KMS for key management. AEAD is typically used for development workflows or testing.
---
# `aead` KMS
diff --git a/website/content/docs/configuration/kms/alicloudkms.mdx b/website/content/docs/configuration/kms/alicloudkms.mdx
index 08d52f3731..5c941ef8fa 100644
--- a/website/content/docs/configuration/kms/alicloudkms.mdx
+++ b/website/content/docs/configuration/kms/alicloudkms.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: AliCloud KMS - KMSs - configuration
+page_title: AliCloud KMS configuration
description: >-
- The AliCloud KMS configures Boundary to use AliCloud KMS for key management.
+ Learn about using the AliCloud KMS for key management and configuring parameters and authentication. View an example alicloudkms configuration.
---
# `alicloudkms` KMS
diff --git a/website/content/docs/configuration/kms/awskms.mdx b/website/content/docs/configuration/kms/awskms.mdx
index 96d75320da..4b97367930 100644
--- a/website/content/docs/configuration/kms/awskms.mdx
+++ b/website/content/docs/configuration/kms/awskms.mdx
@@ -1,9 +1,8 @@
---
layout: docs
-page_title: AWS KMS - KMSs - Configuration
-description: |-
- The AWS KMS configures Boundary to use AWS KMS for key management.
- mechanism.
+page_title: AWS KMS Configuration
+description: >-
+ Learn about using the AWS KMS for key management, configuring parameters and authentication, and best practices for key rotation. View an example configuration.
---
# `awskms`
diff --git a/website/content/docs/configuration/kms/azurekeyvault.mdx b/website/content/docs/configuration/kms/azurekeyvault.mdx
index 889b69996f..66b9275f16 100644
--- a/website/content/docs/configuration/kms/azurekeyvault.mdx
+++ b/website/content/docs/configuration/kms/azurekeyvault.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Azure Key Vault - seals - configuration
+page_title: Azure Key Vault configuration
description: >-
- The Azure Key Vault seal configures Boundary to use Azure Key Vault for key management.
+ Learn about using the Azure Key Vault KMS for key management and configuring parameters and authentication. View an example azurekeyvault configuration.
---
# `azurekeyvault` KMS
diff --git a/website/content/docs/configuration/kms/gcpckms.mdx b/website/content/docs/configuration/kms/gcpckms.mdx
index 23056c896e..5ff0f21ab5 100644
--- a/website/content/docs/configuration/kms/gcpckms.mdx
+++ b/website/content/docs/configuration/kms/gcpckms.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: GCP Cloud KMS - KMSs - configuration
+page_title: GCP Cloud KMS configuration
description: >-
- The GCP Cloud KMS configures Boundary to use GCP Cloud KMS for key management.
+ Learn about using the GCP Cloud KMS for key management and configuring parameters and authentication. View an example gcpkms configuration.
---
# `gcpckms` KMS
diff --git a/website/content/docs/configuration/kms/index.mdx b/website/content/docs/configuration/kms/index.mdx
index 13238667f5..685146deb6 100644
--- a/website/content/docs/configuration/kms/index.mdx
+++ b/website/content/docs/configuration/kms/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: KMS - configuration
-description: |-
- The KMS stanza configures KMS-specific parameters.
+page_title: KMS configuration
+description: >-
+ Learn about using the kms stanza to configure key management system parameters. Discover resources for learning about specific KMS technologies.
---
# `kms` stanza
diff --git a/website/content/docs/configuration/kms/ocikms.mdx b/website/content/docs/configuration/kms/ocikms.mdx
index 95da4158cc..9b2656a7a7 100644
--- a/website/content/docs/configuration/kms/ocikms.mdx
+++ b/website/content/docs/configuration/kms/ocikms.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: OCI KMS - KMSs - configuration
-description: |-
- The OCI KMS configures Boundary to use OCI KMS for key management.
+page_title: OCI KMS configuration
+description: >-
+ Learn about using the OCI KMS for key management and configuring parameters and authentication. View an example configuration. Understand OCI KMS key rotation.
---
# `ocikms` KMS
diff --git a/website/content/docs/configuration/kms/transit.mdx b/website/content/docs/configuration/kms/transit.mdx
index b6e59940df..891ea9b16a 100644
--- a/website/content/docs/configuration/kms/transit.mdx
+++ b/website/content/docs/configuration/kms/transit.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Vault Transit - seals - configuration
-description: |-
- The Transit configures Boundary to use Vault's Transit Secret Engine for key management.
+page_title: Vault Transit configuration
+description: >-
+ Learn about using the Vault transit secrets engine for key management and configuring parameters and authentication. View an example Transit KMS configuration.
---
# `transit` seal
diff --git a/website/content/docs/configuration/listener/index.mdx b/website/content/docs/configuration/listener/index.mdx
index c7042eb260..2f5b93347a 100644
--- a/website/content/docs/configuration/listener/index.mdx
+++ b/website/content/docs/configuration/listener/index.mdx
@@ -1,9 +1,8 @@
---
layout: docs
-page_title: Listeners - configuration
-description: |-
- The listener stanza configures the addresses and ports on which Boundary will
- respond to requests.
+page_title: Listener configuration
+description: >-
+ Learn about TCP and Unix listener configuration settings. Understand where to change the default addresses and ports on which Boundary responds to requests.
---
# `listener` stanza
diff --git a/website/content/docs/configuration/listener/tcp.mdx b/website/content/docs/configuration/listener/tcp.mdx
index 566a9de0fc..849ca97f2f 100644
--- a/website/content/docs/configuration/listener/tcp.mdx
+++ b/website/content/docs/configuration/listener/tcp.mdx
@@ -1,9 +1,8 @@
---
layout: docs
-page_title: TCP - listeners - configuration
-description: |-
- The TCP listener configures Boundary to listen on the specified TCP address and
- port.
+page_title: TCP listener configuration
+description: >-
+ Learn about using the TCP listener on a TCP address and port, and view configurable parameters. Understand custom response headers. View example configurations.
---
# `tcp` listener
diff --git a/website/content/docs/configuration/listener/unix.mdx b/website/content/docs/configuration/listener/unix.mdx
index c080d304db..4f60862598 100644
--- a/website/content/docs/configuration/listener/unix.mdx
+++ b/website/content/docs/configuration/listener/unix.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Unix domain socket - listeners - configuration
-description: |-
- The Unix listener configures Boundary to listen on the specified Unix domain socket.
+page_title: Unix domain socket listener configuration
+description: >-
+ Learn about using the Unix listener on a specified Unix domain socket, and view configurable parameters. View example Unix listener configurations.
---
# `unix` listener
diff --git a/website/content/docs/configuration/plugins.mdx b/website/content/docs/configuration/plugins.mdx
index 1c4e5d1485..67d5a00db4 100644
--- a/website/content/docs/configuration/plugins.mdx
+++ b/website/content/docs/configuration/plugins.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Plugins - configuration
-description: |-
- The plugins stanza configures plugin-specific parameters.
+page_title: Plugin configuration
+description: >-
+ Learn about the plugin-specific parameter that configures a directory for Boundary to use for writing and executing its built-in plugins.
---
# `plugin` stanza
diff --git a/website/content/docs/configuration/session-recording/configure-storage-policy.mdx b/website/content/docs/configuration/session-recording/configure-storage-policy.mdx
index 6b924097d0..6e9ddfd72e 100644
--- a/website/content/docs/configuration/session-recording/configure-storage-policy.mdx
+++ b/website/content/docs/configuration/session-recording/configure-storage-policy.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Configure storage bucket policies
-description: |-
- How to configure storage bucket lifecycle policies for session recording in Boundary
+description: >-
+ Configure storage bucket policies to manage the lifecycles of session recordings. Specify retention and deletion policies to codify compliance periods.
---
# Configure storage bucket policies
@@ -50,7 +50,7 @@ Complete the following steps to create a storage policy in Boundary for session
1. Complete the following fields to create the Boundary storage policy:
- **Name**: (Optional) The name field is optional, but if you enter a name it must be unique.
- **Description**: (Optional) An optional description of the Boundary storage policy for identification purposes.
- - **Retention Policy**: (Required) Specifies how long a recording must be stored, in days.
+ - **Retention Policy**: (Required) Specifies how long a recording must be stored, in days.
Policy values include:
- `Forever`: If enabled, the **Deletion Policy** field is disabled.
- `Custom`: Specify a custom retention policy in days.
@@ -186,7 +186,7 @@ In this example, recordings stored within the global scope must be retained for
- Boundary does not support an undo action. Storage policies are meant to enforce compliance to a specific law or regulation. Updating the storage policy of a session recording can have immediate and possibly unexpected results such as the immediate deletion of session recordings.
+ Boundary does not support an undo action. Storage policies are meant to enforce compliance to a specific law or regulation. Updating the storage policy of a session recording can have immediate and possibly unexpected results such as the immediate deletion of session recordings.
@@ -216,7 +216,7 @@ The following example applies the policy created above to an org named `prod-dat
```shell-session
$ boundary policies list
- Policy information:
+ Policy information:
ID: pst_WZ3SQSSYJY
Version: 1
Type: storage
@@ -382,12 +382,12 @@ Check that the storage policy was successfully attached to the `prod-databases`
Storage Policy ID: pst_WZ3SQSSYJY
Updated Time: Thu, 25 Jan 2024 22:00:27 MST
Version: 7
-
+
Scope (parent):
ID: global
Name: global
Type: global
-
+
Authorized Actions:
detach-storage-policy
no-op
@@ -503,7 +503,7 @@ New session recordings under the `prod-databases` scope should now show a `retai
1. Create a new session recording on a target within the `prod-databases` org.
1. Log in to Boundary.
-1. Click **Session Recordings** in the navigation panel.
+1. Click **Session Recordings** in the navigation panel.
1. Click **View** for a new recording that was made after the storage policy was attached to the `prod-databases` scope.
1. Under **Session details**, verify that the *Retain until* and *Delete after* dates match the durations defined in the `soc2-policy`.
@@ -564,7 +564,7 @@ New session recordings under the `prod-databases` scope should now show a `retai
Storage Bucket ID: sb_DC8SPb9uc2
Type: ssh
Updated Time: Mon, 29 Jan 2024 23:25:53 MST
-
+
...
... More Output ...
...
@@ -581,18 +581,18 @@ New session recordings under the `prod-databases` scope should now show a `retai
1. The following API call is an example of reading the details of a session recording with the `soc2-policy` storage policy applied to the `prod-databases` scope.
List the available session recordings. This example recursively lists all recordings within the global scope.
-
+
```shell-session
$ curl --header "Content-Type: application/json" \
--header "Authorization: Bearer $(boundary config get-token)" \
--request GET \
$BOUNDARY_ADDR/v1/session-recordings?recursive=true&scope_id=global | jq
```
-
+
**Example output:**
-
+
-
+
```plaintext
{
"items": [
diff --git a/website/content/docs/configuration/session-recording/configure-worker-storage.mdx b/website/content/docs/configuration/session-recording/configure-worker-storage.mdx
index 0652a8aa2e..6c00f1301b 100644
--- a/website/content/docs/configuration/session-recording/configure-worker-storage.mdx
+++ b/website/content/docs/configuration/session-recording/configure-worker-storage.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Configure workers for local storage
-description: |-
- How to configure Boundary workers for session recording.
+description: >-
+ Configure workers for session recording storage. View requirements and an example configuration. Understand possible storage states for local and remote storage.
---
# Configure workers for session recording
diff --git a/website/content/docs/configuration/session-recording/create-storage-bucket.mdx b/website/content/docs/configuration/session-recording/create-storage-bucket.mdx
index f1bc270097..7fa84683c8 100644
--- a/website/content/docs/configuration/session-recording/create-storage-bucket.mdx
+++ b/website/content/docs/configuration/session-recording/create-storage-bucket.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Create a storage bucket
-description: |-
- How to create a storage bucket for session recording in Boundary
+description: >-
+ Create a storage bucket in an external storage provider to store recorded sessions. You can review recorded sessions later for compliance and threat management.
---
# Create a storage bucket
diff --git a/website/content/docs/configuration/session-recording/enable-session-recording.mdx b/website/content/docs/configuration/session-recording/enable-session-recording.mdx
index 33f4ee387e..56e310a71b 100644
--- a/website/content/docs/configuration/session-recording/enable-session-recording.mdx
+++ b/website/content/docs/configuration/session-recording/enable-session-recording.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Enable session recording on a target
-description: |-
- How to enable session recording on a target in Boundary
+description: >-
+ Enable session recording for targets so that user sessions are recorded for compliance and threat management.
---
# Enable session recording on a target
diff --git a/website/content/docs/configuration/session-recording/index.mdx b/website/content/docs/configuration/session-recording/index.mdx
index d1aaaf67cf..f0202502e8 100644
--- a/website/content/docs/configuration/session-recording/index.mdx
+++ b/website/content/docs/configuration/session-recording/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Overview
-description: |-
- An overview of session recording in Boundary
+page_title: Session recording overview
+description: >-
+ Learn about using session recording to audit user sessions for compliance and threat management. Understand considerations for local and remote storage.
---
# Overview
diff --git a/website/content/docs/configuration/session-recording/storage-providers/configure-minio.mdx b/website/content/docs/configuration/session-recording/storage-providers/configure-minio.mdx
index 988dd8cce0..35add2959e 100644
--- a/website/content/docs/configuration/session-recording/storage-providers/configure-minio.mdx
+++ b/website/content/docs/configuration/session-recording/storage-providers/configure-minio.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Configure MinIO
-description: |-
- How to configure MinIO as a storage provider for Boundary session recording.
+page_title: Configure MinIO storage
+description: >-
+ Configure MinIO as a storage provider for recorded sessions. Understand session recording and MinIO requirements. View an example configuration.
---
# Configure MinIO as a storage provider
diff --git a/website/content/docs/configuration/session-recording/storage-providers/configure-s3-compliant.mdx b/website/content/docs/configuration/session-recording/storage-providers/configure-s3-compliant.mdx
index 9e6d2c1d6d..1b5fc358db 100644
--- a/website/content/docs/configuration/session-recording/storage-providers/configure-s3-compliant.mdx
+++ b/website/content/docs/configuration/session-recording/storage-providers/configure-s3-compliant.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Configure S3-compliant storage
-description: |-
- How to configure an S3-compliant storage provider for Boundary session recording.
+description: >-
+ Configure an S3-compliant storage provider for recorded sessions. Understand session recording and storage provider requirements. View an example configuration.
---
# Configure an S3-compliant storage provider
diff --git a/website/content/docs/configuration/session-recording/storage-providers/configure-s3.mdx b/website/content/docs/configuration/session-recording/storage-providers/configure-s3.mdx
index 9df0154281..afdd30db4b 100644
--- a/website/content/docs/configuration/session-recording/storage-providers/configure-s3.mdx
+++ b/website/content/docs/configuration/session-recording/storage-providers/configure-s3.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Configure Amazon S3
-description: |-
- How to configure Amazon S3 as a storage provider for Boundary session recording.
+page_title: Configure Amazon S3 storage
+description: >-
+ Configure Amazon S3 as a storage provider for recorded sessions. Understand session recording and AWS requirements. View an example configuration.
---
# Configure Amazon S3 as a storage provider
diff --git a/website/content/docs/configuration/session-recording/update-storage-policy.mdx b/website/content/docs/configuration/session-recording/update-storage-policy.mdx
index febda9084e..8096accc7e 100644
--- a/website/content/docs/configuration/session-recording/update-storage-policy.mdx
+++ b/website/content/docs/configuration/session-recording/update-storage-policy.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Update storage bucket policies
-description: |-
- How to update a storage bucket policy for session recordings in Boundary
+description: >-
+ Update storage bucket policies to manage the lifecycles of session recordings. Understand how changing a policy affects existing and new recorded sessions.
---
# Update storage bucket policies
diff --git a/website/content/docs/configuration/worker/index.mdx b/website/content/docs/configuration/worker/index.mdx
index 24aff48b9b..e8fcb12563 100644
--- a/website/content/docs/configuration/worker/index.mdx
+++ b/website/content/docs/configuration/worker/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Worker - configuration
-description: |-
- The worker stanza configures worker-specific parameters.
+page_title: Worker configuration overview
+description: >-
+ Learn about worker configuration for proxies, storage, and tags. Understand how multi-hop configurations let you chain workers together in private networks.
---
# Worker stanza
@@ -11,19 +11,19 @@ The `worker` stanza configures Boundary worker-specific parameters.
All workers within Boundary use certificates and encryption keys to identify
themselves and protect data in transit. However, there are three different
-ways to register them so that registration of workers can fit into any workflow; controller-led, worker-led, and via external KMS.
+ways to register them so that registration of workers can fit into any workflow: controller-led, worker-led, and via external KMS.
The differences in how they are configured are in the sub-pages linked at the
bottom of this page.
-Workers registered via the worker-led or controller-led methods must be registered in
-the system via an API call, and require storage on disk to store the current set
-of credentials. Workers registering via an external KMS auto-register after successful authentication, making them an easy mechanism to
+Workers registered using the worker-led or controller-led methods must be registered in
+the system using an API call, and require storage on disk to store the current set
+of credentials. Workers registering using an external KMS auto-register after successful authentication, making them an easy mechanism to
use for automatic scaling. This also means they are not required to store
credentials locally; each time they connect the KMS is used to reauthenticate
them.
-~> Prior to version 0.15 of Boundary, there were two different types of workers, PKI & KMS workers.
+~> Prior to version 0.15 of Boundary, there were two different types of workers, PKI & KMS workers.
If you are using pre-0.15 workers, with pre-0.15 upstreams please be sure to switch the documentation
version to `0.13.x` - `0.14.x` for correct information.
@@ -87,7 +87,7 @@ worker {
Session recordings are stored in the local storage while they are in progress.
When the session is complete, Boundary moves the local session recording to remote storage and deletes the local copy.
-- `recording_storage_minimum_available_capacity` - A value measured in bytes that defines the worker's local storage state.
+- `recording_storage_minimum_available_capacity` - A value measured in bytes that defines the worker's local storage state.
Boundary compares this value with the available local disk space found in the `recording_storage_path` to determine if a worker can be used for session recording operations.
The supported suffixes are kb, kib, mb, mib, gb, gib, tb, tib, which are not case sensitive. Example: 2GB, 2gb, 2GiB, 2gib.
The possible storage states based on the `recording_storage_minimum_available_capacity` are:
diff --git a/website/content/docs/configuration/worker/worker-configuration.mdx b/website/content/docs/configuration/worker/worker-configuration.mdx
index 0adf359952..a741aabeb9 100644
--- a/website/content/docs/configuration/worker/worker-configuration.mdx
+++ b/website/content/docs/configuration/worker/worker-configuration.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Worker configuration
-description: |-
- Worker-specific parameters.
+description: >-
+ Learn about authorizing workers to the controller and configuring workers for session recording storage. View a complete worker configuration example.
---
# Worker configuration
diff --git a/website/content/docs/developing/building.mdx b/website/content/docs/developing/building.mdx
index 9c323fce8f..5b81627f51 100644
--- a/website/content/docs/developing/building.mdx
+++ b/website/content/docs/developing/building.mdx
@@ -1,7 +1,8 @@
---
layout: docs
page_title: Build Boundary
-description: Build Boundary from source
+description: >-
+ Learn how to build Boundary from the source. Discover resources to compile a cross-platform build and troubleshoot UI assets.
---
# Build Boundary
diff --git a/website/content/docs/developing/index.mdx b/website/content/docs/developing/index.mdx
index e9c285505e..465106acc0 100644
--- a/website/content/docs/developing/index.mdx
+++ b/website/content/docs/developing/index.mdx
@@ -1,7 +1,8 @@
---
layout: docs
page_title: Develop Boundary
-description: Develop Boundary
+description: >-
+ Discover resources to help you build and develop Boundary.
---
# Develop Boundary
diff --git a/website/content/docs/developing/ui.mdx b/website/content/docs/developing/ui.mdx
index 2a92cbeabc..55de5173d7 100644
--- a/website/content/docs/developing/ui.mdx
+++ b/website/content/docs/developing/ui.mdx
@@ -1,7 +1,8 @@
---
layout: docs
page_title: Develop the UI
-description: Develop the Boundary user interface
+description: >-
+ Learn how to develop the Boundary user interface locally for testing. Use dev mode to run a local fork of the UI without building it into the binary.
---
# Develop the Boundary user interface
diff --git a/website/content/docs/enterprise/automated-license-reporting.mdx b/website/content/docs/enterprise/automated-license-reporting.mdx
index 25ac7db968..8ea41e81f8 100644
--- a/website/content/docs/enterprise/automated-license-reporting.mdx
+++ b/website/content/docs/enterprise/automated-license-reporting.mdx
@@ -2,7 +2,7 @@
layout: docs
page_title: Automated license utilization reporting
description: >-
- Learn what data HashiCorp collects to meter Enterprise license utilization. Enable or disable reporting. Review sample payloads and logs.
+ Learn what data HashiCorp collects to meter Enterprise license utilization. Enable reporting or opt out. Review sample payloads and logs.
---
# Automated license utilization reporting
diff --git a/website/content/docs/enterprise/index.mdx b/website/content/docs/enterprise/index.mdx
index 3116a77779..0be3561872 100644
--- a/website/content/docs/enterprise/index.mdx
+++ b/website/content/docs/enterprise/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Boundary Enterprise
-description: |-
- An overview of Boundary Enterprise
+page_title: Boundary Enterprise overview
+description: >-
+ Learn about Boundary Enterprise. Discover resources to upgrade from Community Edition or request assistance.
---
# Boundary Enterprise
diff --git a/website/content/docs/enterprise/licensing.mdx b/website/content/docs/enterprise/licensing.mdx
index 4cec6da668..191187e753 100644
--- a/website/content/docs/enterprise/licensing.mdx
+++ b/website/content/docs/enterprise/licensing.mdx
@@ -2,7 +2,7 @@
layout: docs
page_title: License Boundary Enterprise
description: >-
- How to license Boundary Enterprise.
+ Learn how to enable Boundary Enterprise with a valid license. Request access from an account team to enable enterprise features.
---
# License Boundary Enterprise
diff --git a/website/content/docs/enterprise/supported-versions.mdx b/website/content/docs/enterprise/supported-versions.mdx
index 7b0d421953..d4d4360d06 100644
--- a/website/content/docs/enterprise/supported-versions.mdx
+++ b/website/content/docs/enterprise/supported-versions.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Boundary Enterprise supported versions
+page_title: Boundary Enterprise supported version policies
description: >-
- The supported versions policy for Boundary Enterprise. Includes information about support periods, control plane and worker compatibility, and Postgres database version support.
+ Learn about Enterprise support policies. Includes information about support periods, control plane and worker compatibility, and PostgreSQL database versions.
---
# Boundary Enterprise supported versions policy
diff --git a/website/content/docs/hcp/get-started/connect-to-target.mdx b/website/content/docs/hcp/get-started/connect-to-target.mdx
index 4674ae7802..fa905474e8 100644
--- a/website/content/docs/hcp/get-started/connect-to-target.mdx
+++ b/website/content/docs/hcp/get-started/connect-to-target.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Connect to target
-description: |-
- Connecting to your first target
+page_title: Connect to a target
+description: >-
+ Understand how to connect to targets using HCP Boundary. Learn how to select targets and use your choice of client and connect helpers to facilitate connections.
---
# Connect to your first target
diff --git a/website/content/docs/hcp/get-started/deploy-and-login.mdx b/website/content/docs/hcp/get-started/deploy-and-login.mdx
index 9d731b266c..c22dbebf3f 100644
--- a/website/content/docs/hcp/get-started/deploy-and-login.mdx
+++ b/website/content/docs/hcp/get-started/deploy-and-login.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Deploy and log in
-description: |-
- How to deploy HCP Boundary services and log in for the first time.
+description: >-
+ Learn about the requirements for using HCP Boundary. Deploy a cluster, and log in for the first time. Discover resources to learn more.
---
# Deploy HCP Boundary and log in
diff --git a/website/content/docs/hcp/index.mdx b/website/content/docs/hcp/index.mdx
index b92aef3d66..d1018de1e0 100644
--- a/website/content/docs/hcp/index.mdx
+++ b/website/content/docs/hcp/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: HCP Boundary
-description: |-
- An overview of HCP Boundary
+page_title: HCP Boundary overview
+description: >-
+ Discover resources to learn about and try HCP Boundary.
---
# HCP Boundary
diff --git a/website/content/docs/integrations/index.mdx b/website/content/docs/integrations/index.mdx
index efb5d34a5c..55a23b5213 100644
--- a/website/content/docs/integrations/index.mdx
+++ b/website/content/docs/integrations/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Integrations
-description: |-
- Integrations that extend Boundary
+description: >-
+ Discover integrations that extend Boundary's features and capabilities.
---
# Overview
diff --git a/website/content/docs/integrations/vault/index.mdx b/website/content/docs/integrations/vault/index.mdx
index 7b4c0fd289..4a296e0004 100644
--- a/website/content/docs/integrations/vault/index.mdx
+++ b/website/content/docs/integrations/vault/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Vault integration
-description: |-
- Describes the benefits of integrating HashiCorp Boundary and Vault.
+description: >-
+ Understand the security benefits of integrating Boundary and Vault to manage secrets and broker or inject credentials. Set up Vault as an OIDC bridge provider.
---
# Vault integration
diff --git a/website/content/docs/operations/health.mdx b/website/content/docs/operations/health.mdx
index 3144f5c19d..39dd46b5e5 100644
--- a/website/content/docs/operations/health.mdx
+++ b/website/content/docs/operations/health.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Boundary health endpoints
-description: |-
- Verify the Boundary controller and worker server status using health endpoints.
+description: >-
+ Learn about using health endpoints to verify controller and worker server status. Check their health using wget. View an example response and configuration.
---
# Boundary health endpoints
diff --git a/website/content/docs/operations/index.mdx b/website/content/docs/operations/index.mdx
index f933601ccf..18e44f7119 100644
--- a/website/content/docs/operations/index.mdx
+++ b/website/content/docs/operations/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Operating Boundary
-description: |-
- Operational tasks in Boundary.
+page_title: Maintaining and operating Boundary
+description: >-
+ Discover resources to help you learn more about maintaining and operating Boundary, including information about metrics and health.
---
# Maintaining and operating Boundary
diff --git a/website/content/docs/operations/metrics.mdx b/website/content/docs/operations/metrics.mdx
index c36f9329be..9a253337a8 100644
--- a/website/content/docs/operations/metrics.mdx
+++ b/website/content/docs/operations/metrics.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Boundary Metrics
-description: |-
- Obtain visibility of various components of a running Boundary
+page_title: Boundary metrics
+description: >-
+ Learn about using a metrics listener to monitor your Boundary components. View the available controller and worker metrics, and an example configuration.
---
# Boundary metrics
diff --git a/website/content/docs/operations/session-recordings/index.mdx b/website/content/docs/operations/session-recordings/index.mdx
index de85c2247f..15b8bd1c1b 100644
--- a/website/content/docs/operations/session-recordings/index.mdx
+++ b/website/content/docs/operations/session-recordings/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Recorded sessions operations
-description: |-
- How to work with Boundary's recorded sessions
+page_title: Recorded sessions format and security
+description: >-
+ Learn about asciicast, the recording format used for recorded sessions. Understand security concerns and discover resources for working with recorded sessions.
---
# Recorded sessions operations
diff --git a/website/content/docs/operations/session-recordings/manage-recorded-sessions.mdx b/website/content/docs/operations/session-recordings/manage-recorded-sessions.mdx
index 1bb0f7552d..53db89f618 100644
--- a/website/content/docs/operations/session-recordings/manage-recorded-sessions.mdx
+++ b/website/content/docs/operations/session-recordings/manage-recorded-sessions.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Manage recorded sessions
-description: |-
- How to find, download, and view Boundary's recorded sessions
+page_title: Find and view recorded sessions
+description: >-
+ Find and view recorded sessions. View a list of all recorded sessions, or search for a specific recording. Download recorded sessions to meet compliance needs.
---
# Find and view recorded sessions
diff --git a/website/content/docs/operations/session-recordings/validate-data-store.mdx b/website/content/docs/operations/session-recordings/validate-data-store.mdx
index 142a257d63..be7f20c7b7 100644
--- a/website/content/docs/operations/session-recordings/validate-data-store.mdx
+++ b/website/content/docs/operations/session-recordings/validate-data-store.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Validate the data integrity in the external object store
-description: |-
- How Boundary validates the data integrity of recorded sessions in the external object store
+page_title: Validate data integrity in the external object store
+description: >-
+ Learn about how Boundary validates the data integrity of the BSR file in the external data store to ensure that the file has not been tampered with.
---
# How Boundary validates data integrity in the external object store
diff --git a/website/content/docs/operations/session-recordings/validate-session-recordings.mdx b/website/content/docs/operations/session-recordings/validate-session-recordings.mdx
index b017fddd42..35bd05b5ba 100644
--- a/website/content/docs/operations/session-recordings/validate-session-recordings.mdx
+++ b/website/content/docs/operations/session-recordings/validate-session-recordings.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Validate the integrity recorded sessions
-description: |-
- How to validate the integrity of Boundary's recorded sessions
+page_title: Validate recorded session integrity
+description: >-
+ View the components of the Boundary Session Recording (BSR) file. Verify the integrity of the contents of a BSR cryptographically to ensure security compliance.
---
# Validate the integrity of session recordings
diff --git a/website/content/docs/release-notes/index.mdx b/website/content/docs/release-notes/index.mdx
index 6e05bfbfef..4121274893 100644
--- a/website/content/docs/release-notes/index.mdx
+++ b/website/content/docs/release-notes/index.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Release notes
-description: |-
- Boundary release notes
+description: >-
+ Discover more information about the important updates in each version of Boundary in the release notes.
---
# Release notes
diff --git a/website/content/docs/release-notes/v0_10_0.mdx b/website/content/docs/release-notes/v0_10_0.mdx
index f89a43978a..631d532f31 100644
--- a/website/content/docs/release-notes/v0_10_0.mdx
+++ b/website/content/docs/release-notes/v0_10_0.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: v0.10.0
-description: |-
- Boundary release notes for v0.10.0
+page_title: v0.10.0 release notes
+description: >-
+ Learn more about the features included in the Boundary 0.10.0 release and discover what has changed.
---
# Boundary v0.10.0
diff --git a/website/content/docs/release-notes/v0_11_0.mdx b/website/content/docs/release-notes/v0_11_0.mdx
index dab7e1e4f6..c0a285a335 100644
--- a/website/content/docs/release-notes/v0_11_0.mdx
+++ b/website/content/docs/release-notes/v0_11_0.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: v0.11.0
-description: |-
- Boundary release notes for v0.11.0
+page_title: v0.11.0 release notes
+description: >-
+ Learn more about the features included in the Boundary 0.11.0 release and discover what has changed.
---
# Boundary v0.11.0
diff --git a/website/content/docs/release-notes/v0_12_0.mdx b/website/content/docs/release-notes/v0_12_0.mdx
index 423f6faf9e..de65b24d8d 100644
--- a/website/content/docs/release-notes/v0_12_0.mdx
+++ b/website/content/docs/release-notes/v0_12_0.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: v0.12.0
-description: |-
- Boundary release notes for v0.12.0
+page_title: v0.12.0 release notes
+description: >-
+ Learn more about the new features included in the Boundary 0.12.0 release and understand deprecations and changes.
---
# Boundary v0.12.0
diff --git a/website/content/docs/release-notes/v0_13_0.mdx b/website/content/docs/release-notes/v0_13_0.mdx
index 629f461f66..d873e5cafa 100644
--- a/website/content/docs/release-notes/v0_13_0.mdx
+++ b/website/content/docs/release-notes/v0_13_0.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: v0.13.0
-description: |-
- Boundary release notes for v0.13.0
+page_title: v0.13.0 release notes
+description: >-
+ Learn more about the new features included in the Boundary 0.13.0 release. Understand any deprecations, changes, and known issues.
---
# Boundary v0.13.0
diff --git a/website/content/docs/release-notes/v0_14_0.mdx b/website/content/docs/release-notes/v0_14_0.mdx
index b95db7ce6d..06befb00e7 100644
--- a/website/content/docs/release-notes/v0_14_0.mdx
+++ b/website/content/docs/release-notes/v0_14_0.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: v0.14.0
-description: |-
- Boundary release notes for v0.14.0
+page_title: v0.14.0 release notes
+description: >-
+ Learn more about the new features included in the Boundary 0.14.0 release. Understand any deprecations, changes, and known issues.
---
# Boundary 0.14.0 release notes
diff --git a/website/content/docs/release-notes/v0_15_0.mdx b/website/content/docs/release-notes/v0_15_0.mdx
index 0695b47a59..55798a97f6 100644
--- a/website/content/docs/release-notes/v0_15_0.mdx
+++ b/website/content/docs/release-notes/v0_15_0.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: v0.15.0
-description: |-
- Boundary release notes for v0.15.0
+page_title: v0.15.0 release notes
+description: >-
+ Learn more about the new features included in the Boundary 0.15.0 release. Understand any deprecations, changes, and known issues.
---
# Boundary 0.15.0 release notes
diff --git a/website/content/docs/release-notes/v0_16_0.mdx b/website/content/docs/release-notes/v0_16_0.mdx
index c78c61ae6c..e1faa92704 100644
--- a/website/content/docs/release-notes/v0_16_0.mdx
+++ b/website/content/docs/release-notes/v0_16_0.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: v0.16.0
-description: |-
- Boundary release notes for v0.16.0
+page_title: v0.16.0 release notes
+description: >-
+ Learn more about the new features included in the Boundary 0.16.0 release. Understand any deprecations, changes, and known issues.
---
# Boundary 0.16.0 release notes
diff --git a/website/content/docs/release-notes/v0_17_0.mdx b/website/content/docs/release-notes/v0_17_0.mdx
index 0ffe2889a2..5a6add742d 100644
--- a/website/content/docs/release-notes/v0_17_0.mdx
+++ b/website/content/docs/release-notes/v0_17_0.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: v0.17.0
-description: |-
- Boundary release notes for v0.17.0
+page_title: v0.17.0 release notes
+description: >-
+ Learn more about the new features included in the Boundary 0.17.0 release. Understand any deprecations, changes, and known issues.
---
# Boundary 0.17.0 release notes
diff --git a/website/content/docs/release-notes/v0_18_0.mdx b/website/content/docs/release-notes/v0_18_0.mdx
index 20f084b0c0..8f7754237e 100644
--- a/website/content/docs/release-notes/v0_18_0.mdx
+++ b/website/content/docs/release-notes/v0_18_0.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: v0.18.0
-description: |-
- Boundary release notes for v0.18.0
+page_title: v0.18.0 release notes
+description: >-
+ Learn more about the new features included in the Boundary 0.18.0 release. Understand any deprecations, changes, and known issues.
---
# Boundary 0.18.0 release notes
diff --git a/website/content/docs/release-notes/v0_1_0.mdx b/website/content/docs/release-notes/v0_1_0.mdx
index 1f9e7ca359..c8cfd2ed9c 100644
--- a/website/content/docs/release-notes/v0_1_0.mdx
+++ b/website/content/docs/release-notes/v0_1_0.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: v0.1.0
-description: |-
- Boundary release notes for v0.1.0
+page_title: v0.1.0 release notes
+description: >-
+ Learn more about the features included in the Boundary 0.1.0 release.
---
# Boundary v0.1.0
diff --git a/website/content/docs/release-notes/v0_2_0.mdx b/website/content/docs/release-notes/v0_2_0.mdx
index 4823ff80a7..20585afeb1 100644
--- a/website/content/docs/release-notes/v0_2_0.mdx
+++ b/website/content/docs/release-notes/v0_2_0.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: v0.2.0
-description: |-
- Boundary release notes for v0.2.0
+page_title: v0.2.0 release notes
+description: >-
+ Learn more about the features included in the Boundary 0.2.0 release and discover what has changed.
---
# Boundary v0.2.0
diff --git a/website/content/docs/release-notes/v0_3_0.mdx b/website/content/docs/release-notes/v0_3_0.mdx
index 5d1c1cbd8b..dcb65886a3 100644
--- a/website/content/docs/release-notes/v0_3_0.mdx
+++ b/website/content/docs/release-notes/v0_3_0.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: v0.3.0
-description: |-
- Boundary release notes for v0.3.0
+page_title: v0.3.0 release notes
+description: >-
+ Learn more about the features included in the Boundary 0.3.0 release and discover what has changed.
---
# Boundary v0.3.0
diff --git a/website/content/docs/release-notes/v0_4_0.mdx b/website/content/docs/release-notes/v0_4_0.mdx
index e63a1e7a9b..870bd8b5d6 100644
--- a/website/content/docs/release-notes/v0_4_0.mdx
+++ b/website/content/docs/release-notes/v0_4_0.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: v0.4.0
-description: |-
- Boundary release notes for v0.4.0
+page_title: v0.4.0 release notes
+description: >-
+ Learn more about the features included in the Boundary 0.4.0 release and discover what has changed.
---
# Boundary v0.4.0
diff --git a/website/content/docs/release-notes/v0_5_0.mdx b/website/content/docs/release-notes/v0_5_0.mdx
index 349a9c12a0..95cb99f2dc 100644
--- a/website/content/docs/release-notes/v0_5_0.mdx
+++ b/website/content/docs/release-notes/v0_5_0.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: v0.5.0
-description: |-
- Boundary release notes for v0.5.0
+page_title: v0.5.0 release notes
+description: >-
+ Learn more about the features included in the Boundary 0.5.0 release and discover what has changed.
---
# Boundary v0.5.0
diff --git a/website/content/docs/release-notes/v0_6_0.mdx b/website/content/docs/release-notes/v0_6_0.mdx
index 1a90b38d76..6deceafdb8 100644
--- a/website/content/docs/release-notes/v0_6_0.mdx
+++ b/website/content/docs/release-notes/v0_6_0.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: v0.6.0
-description: |-
- Boundary release notes for v0.6.0
+page_title: v0.6.0 release notes
+description: >-
+ Learn more about the features included in the Boundary 0.6.0 release and discover what has changed.
---
# Boundary v0.6.0
diff --git a/website/content/docs/release-notes/v0_7_0.mdx b/website/content/docs/release-notes/v0_7_0.mdx
index 8df79dd7b9..ca0f111adc 100644
--- a/website/content/docs/release-notes/v0_7_0.mdx
+++ b/website/content/docs/release-notes/v0_7_0.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: v0.7.0
-description: |-
- Boundary release notes for v0.7.0
+page_title: v0.7.0 release notes
+description: >-
+ Learn more about the features included in the Boundary 0.7.0 release and discover what has changed.
---
# Boundary v0.7.0
diff --git a/website/content/docs/release-notes/v0_8_0.mdx b/website/content/docs/release-notes/v0_8_0.mdx
index 82b45e715a..bec2546d37 100644
--- a/website/content/docs/release-notes/v0_8_0.mdx
+++ b/website/content/docs/release-notes/v0_8_0.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: v0.8.0
-description: |-
- Boundary release notes for v0.8.0
+page_title: v0.8.0 release notes
+description: >-
+ Learn more about the features included in the Boundary 0.8.0 release and discover what has changed.
---
# Boundary v0.8.0
diff --git a/website/content/docs/release-notes/v0_9_0.mdx b/website/content/docs/release-notes/v0_9_0.mdx
index 4c72af145d..95fe9ef887 100644
--- a/website/content/docs/release-notes/v0_9_0.mdx
+++ b/website/content/docs/release-notes/v0_9_0.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: v0.9.0
-description: |-
- Boundary release notes for v0.9.0
+page_title: v0.9.0 release notes
+description: >-
+ Learn more about the features included in the Boundary 0.9.0 release and discover what has changed.
---
# Boundary v0.9.0
diff --git a/website/content/docs/troubleshoot/common-errors.mdx b/website/content/docs/troubleshoot/common-errors.mdx
index 5540995642..eca3738a18 100644
--- a/website/content/docs/troubleshoot/common-errors.mdx
+++ b/website/content/docs/troubleshoot/common-errors.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: Common error messages
-description: |-
- Common error messages for Boundary
+description: >-
+ View common Boundary error messages and learn how to troubleshoot them.
---
# Common error messages
diff --git a/website/content/docs/troubleshoot/faq.mdx b/website/content/docs/troubleshoot/faq.mdx
index 9d1c300a80..760350ec52 100644
--- a/website/content/docs/troubleshoot/faq.mdx
+++ b/website/content/docs/troubleshoot/faq.mdx
@@ -1,8 +1,8 @@
---
layout: docs
page_title: FAQ
-description: |-
- FAQ for Boundary
+description: >-
+ View frequently asked questions about Boundary
---
# Frequently asked questions
diff --git a/website/content/docs/troubleshoot/troubleshoot-recorded-sessions.mdx b/website/content/docs/troubleshoot/troubleshoot-recorded-sessions.mdx
index 4e7b06755d..c111182d52 100644
--- a/website/content/docs/troubleshoot/troubleshoot-recorded-sessions.mdx
+++ b/website/content/docs/troubleshoot/troubleshoot-recorded-sessions.mdx
@@ -1,8 +1,8 @@
---
layout: docs
-page_title: Manage recorded sessions
-description: |-
- How to troubleshoot issues with Boundary's recorded sessions
+page_title: Troubleshoot session recordings
+description: >-
+ View known issues and troubleshoot problems with Boundary's recorded sessions.
---
# Troubleshoot session recordings