diff --git a/GNUmakefile b/GNUmakefile
index 903b961ffbb8..b9915e1e0f6a 100644
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -12,7 +12,7 @@ tools:
@sh "$(CURDIR)/scripts/gogetcookie.sh"
go install github.com/client9/misspell/cmd/misspell@latest
go install github.com/bflad/tfproviderlint/cmd/tfproviderlint@latest
- go install github.com/bflad/tfproviderdocs@latest
+ go install github.com/YakDriver/tfproviderdocs@latest
go install github.com/katbyte/terrafmt@latest
go install golang.org/x/tools/cmd/goimports@latest
go install mvdan.cc/gofumpt@latest
diff --git a/go.mod b/go.mod
index 15678ac262d7..99e240a0fc5a 100644
--- a/go.mod
+++ b/go.mod
@@ -28,7 +28,7 @@ require (
github.com/hashicorp/terraform-plugin-go v0.25.0
github.com/hashicorp/terraform-plugin-mux v0.17.0
github.com/hashicorp/terraform-plugin-sdk/v2 v2.35.0
- github.com/hashicorp/terraform-plugin-testing v1.8.0
+ github.com/hashicorp/terraform-plugin-testing v1.11.0
github.com/jackofallops/kermit v0.20241010.1180132
github.com/magodo/terraform-provider-azurerm-example-gen v0.0.0-20220407025246-3a3ee0ab24a8
github.com/mitchellh/mapstructure v1.5.0
@@ -36,7 +36,7 @@ require (
github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3
github.com/tombuildsstuff/giovanni v0.27.0
github.com/tombuildsstuff/kermit v0.20240122.1123108
- golang.org/x/crypto v0.28.0
+ golang.org/x/crypto v0.29.0
golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d
gopkg.in/yaml.v3 v3.0.1
)
@@ -58,7 +58,7 @@ require (
github.com/hashicorp/go-plugin v1.6.2 // indirect
github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
github.com/hashicorp/hc-install v0.9.0 // indirect
- github.com/hashicorp/hcl/v2 v2.22.0 // indirect
+ github.com/hashicorp/hcl/v2 v2.23.0 // indirect
github.com/hashicorp/hcl2 v0.0.0-20191002203319-fb75b3253c80 // indirect
github.com/hashicorp/logutils v1.0.0 // indirect
github.com/hashicorp/terraform-exec v0.21.0 // indirect
@@ -84,9 +84,9 @@ require (
golang.org/x/mod v0.21.0 // indirect
golang.org/x/net v0.28.0 // indirect
golang.org/x/oauth2 v0.22.0 // indirect
- golang.org/x/sync v0.8.0 // indirect
- golang.org/x/sys v0.26.0 // indirect
- golang.org/x/text v0.19.0 // indirect
+ golang.org/x/sync v0.9.0 // indirect
+ golang.org/x/sys v0.27.0 // indirect
+ golang.org/x/text v0.20.0 // indirect
google.golang.org/appengine v1.6.8 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20240814211410-ddb44dafa142 // indirect
google.golang.org/grpc v1.67.1 // indirect
diff --git a/go.sum b/go.sum
index d0d9c3b47270..62eb49d9216e 100644
--- a/go.sum
+++ b/go.sum
@@ -121,8 +121,8 @@ github.com/hashicorp/go-version v1.7.0 h1:5tqGy27NaOTB8yJKUZELlFAS/LTKJkrmONwQKe
github.com/hashicorp/go-version v1.7.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
github.com/hashicorp/hc-install v0.9.0 h1:2dIk8LcvANwtv3QZLckxcjyF5w8KVtiMxu6G6eLhghE=
github.com/hashicorp/hc-install v0.9.0/go.mod h1:+6vOP+mf3tuGgMApVYtmsnDoKWMDcFXeTxCACYZ8SFg=
-github.com/hashicorp/hcl/v2 v2.22.0 h1:hkZ3nCtqeJsDhPRFz5EA9iwcG1hNWGePOTw6oyul12M=
-github.com/hashicorp/hcl/v2 v2.22.0/go.mod h1:62ZYHrXgPoX8xBnzl8QzbWq4dyDsDtfCRgIq1rbJEvA=
+github.com/hashicorp/hcl/v2 v2.23.0 h1:Fphj1/gCylPxHutVSEOf2fBOh1VE4AuLV7+kbJf3qos=
+github.com/hashicorp/hcl/v2 v2.23.0/go.mod h1:62ZYHrXgPoX8xBnzl8QzbWq4dyDsDtfCRgIq1rbJEvA=
github.com/hashicorp/hcl2 v0.0.0-20191002203319-fb75b3253c80 h1:PFfGModn55JA0oBsvFghhj0v93me+Ctr3uHC/UmFAls=
github.com/hashicorp/hcl2 v0.0.0-20191002203319-fb75b3253c80/go.mod h1:Cxv+IJLuBiEhQ7pBYGEuORa0nr4U994pE8mYLuFd7v0=
github.com/hashicorp/logutils v1.0.0 h1:dLEQVugN8vlakKOUE3ihGLTZJRB4j+M2cdTm/ORI65Y=
@@ -143,8 +143,8 @@ github.com/hashicorp/terraform-plugin-mux v0.17.0 h1:/J3vv3Ps2ISkbLPiZOLspFcIZ0v
github.com/hashicorp/terraform-plugin-mux v0.17.0/go.mod h1:yWuM9U1Jg8DryNfvCp+lH70WcYv6D8aooQxxxIzFDsE=
github.com/hashicorp/terraform-plugin-sdk/v2 v2.35.0 h1:wyKCCtn6pBBL46c1uIIBNUOWlNfYXfXpVo16iDyLp8Y=
github.com/hashicorp/terraform-plugin-sdk/v2 v2.35.0/go.mod h1:B0Al8NyYVr8Mp/KLwssKXG1RqnTk7FySqSn4fRuLNgw=
-github.com/hashicorp/terraform-plugin-testing v1.8.0 h1:wdYIgwDk4iO933gC4S8KbKdnMQShu6BXuZQPScmHvpk=
-github.com/hashicorp/terraform-plugin-testing v1.8.0/go.mod h1:o2kOgf18ADUaZGhtOl0YCkfIxg01MAiMATT2EtIHlZk=
+github.com/hashicorp/terraform-plugin-testing v1.11.0 h1:MeDT5W3YHbONJt2aPQyaBsgQeAIckwPX41EUHXEn29A=
+github.com/hashicorp/terraform-plugin-testing v1.11.0/go.mod h1:WNAHQ3DcgV/0J+B15WTE6hDvxcUdkPPpnB1FR3M910U=
github.com/hashicorp/terraform-registry-address v0.2.3 h1:2TAiKJ1A3MAkZlH1YI/aTVcLZRu7JseiXNRHbOAyoTI=
github.com/hashicorp/terraform-registry-address v0.2.3/go.mod h1:lFHA76T8jfQteVfT7caREqguFrW3c4MFSPhZB7HHgUM=
github.com/hashicorp/terraform-svchost v0.1.1 h1:EZZimZ1GxdqFRinZ1tpJwVxxt49xc/S52uzrw4x0jKQ=
@@ -258,8 +258,8 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58=
-golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw=
-golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U=
+golang.org/x/crypto v0.29.0 h1:L5SG1JTTXupVV3n6sUqMTeWbjAyfPwoda2DLX8J8FrQ=
+golang.org/x/crypto v0.29.0/go.mod h1:+F4F4N5hv6v38hfeYwTdx20oUvLLc+QfrE9Ax9HtgRg=
golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
golang.org/x/mod v0.21.0 h1:vvrHzRwRfVKSiLrG+d4FMl/Qi4ukBCE6kZlTUkDYRT0=
@@ -283,8 +283,8 @@ golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJ
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
-golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sync v0.9.0 h1:fEo0HyrW1GIgZdpbhCRO0PkJajUS5H9IFUztCgEo2jQ=
+golang.org/x/sync v0.9.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -303,13 +303,13 @@ golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBc
golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo=
-golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s=
+golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
-golang.org/x/term v0.25.0 h1:WtHI/ltw4NvSUig5KARz9h521QvRC8RmF/cuYqifU24=
-golang.org/x/term v0.25.0/go.mod h1:RPyXicDX+6vLxogjjRxjgD2TKtmAO6NZBsBRfrOLu7M=
+golang.org/x/term v0.26.0 h1:WEQa6V3Gja/BhNxg540hBip/kkaYtRg3cxg4oXSw4AU=
+golang.org/x/term v0.26.0/go.mod h1:Si5m1o57C5nBNQo5z1iq+XDijt21BDBDp2bK0QI8e3E=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
@@ -317,8 +317,8 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
-golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM=
-golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
+golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug=
+golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
diff --git a/internal/provider/framework/factory_builder.go b/internal/provider/framework/factory_builder.go
index 35623aecc890..f9829f95c67d 100644
--- a/internal/provider/framework/factory_builder.go
+++ b/internal/provider/framework/factory_builder.go
@@ -8,11 +8,26 @@ import (
"github.com/hashicorp/terraform-plugin-framework/providerserver"
"github.com/hashicorp/terraform-plugin-go/tfprotov5"
+ "github.com/hashicorp/terraform-plugin-go/tfprotov6"
"github.com/hashicorp/terraform-plugin-mux/tf5muxserver"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+ "github.com/hashicorp/terraform-plugin-testing/echoprovider"
"github.com/hashicorp/terraform-provider-azurerm/internal/provider"
)
+func ProtoV6ProviderFactoriesInit(_ context.Context, providerNames ...string) map[string]func() (tfprotov6.ProviderServer, error) {
+ factories := make(map[string]func() (tfprotov6.ProviderServer, error), len(providerNames))
+
+ for _, name := range providerNames {
+ // This is all we need from protoV6 for now to properly test ephemeral resources
+ if name == "echo" {
+ factories[name] = echoprovider.NewProviderServer()
+ }
+ }
+
+ return factories
+}
+
func ProtoV5ProviderFactoriesInit(ctx context.Context, providerNames ...string) map[string]func() (tfprotov5.ProviderServer, error) {
factories := make(map[string]func() (tfprotov5.ProviderServer, error), len(providerNames))
diff --git a/internal/provider/framework/provider.go b/internal/provider/framework/provider.go
index 1b59e7f187c4..8df138c548a4 100644
--- a/internal/provider/framework/provider.go
+++ b/internal/provider/framework/provider.go
@@ -488,6 +488,7 @@ func (p *azureRmFrameworkProvider) Configure(ctx context.Context, request provid
response.ResourceData = v
response.DataSourceData = v
+ response.EphemeralResourceData = v
} else {
p.Load(ctx, &data, request.TerraformVersion, &response.Diagnostics)
diff --git a/internal/provider/services.go b/internal/provider/services.go
index f3a132824732..f522fdbcf50f 100644
--- a/internal/provider/services.go
+++ b/internal/provider/services.go
@@ -337,6 +337,7 @@ func SupportedFrameworkServices() []sdk.FrameworkTypedServiceRegistration {
// Services with Framework Resources, Data Sources, or Ephemeral Resources to be listed here
// e.g.
// resource.Registration{}
+ keyvault.Registration{},
}
return services
diff --git a/internal/sdk/framework_resource.go b/internal/sdk/framework_resource.go
index ac9fb81bb8ef..1f42ec624c86 100644
--- a/internal/sdk/framework_resource.go
+++ b/internal/sdk/framework_resource.go
@@ -11,6 +11,7 @@ import (
"github.com/hashicorp/go-azure-helpers/lang/pointer"
"github.com/hashicorp/go-azure-helpers/resourcemanager/resourceids"
"github.com/hashicorp/terraform-plugin-framework/diag"
+ "github.com/hashicorp/terraform-plugin-framework/ephemeral"
"github.com/hashicorp/terraform-plugin-framework/path"
"github.com/hashicorp/terraform-plugin-framework/resource"
"github.com/hashicorp/terraform-plugin-framework/tfsdk"
@@ -139,6 +140,12 @@ func SetResponseErrorDiagnostic(resp interface{}, summary string, detail interfa
v.Diagnostics.AddError(summary, errorMsg)
case *resource.ReadResponse:
v.Diagnostics.AddError(summary, errorMsg)
+ case *ephemeral.OpenResponse:
+ v.Diagnostics.AddError(summary, errorMsg)
+ case *ephemeral.RenewResponse:
+ v.Diagnostics.AddError(summary, errorMsg)
+ case *ephemeral.CloseResponse:
+ v.Diagnostics.AddError(summary, errorMsg)
}
}
diff --git a/internal/services/keyvault/key_vault_certificate_ephemeral.go b/internal/services/keyvault/key_vault_certificate_ephemeral.go
new file mode 100644
index 000000000000..940f78ea949b
--- /dev/null
+++ b/internal/services/keyvault/key_vault_certificate_ephemeral.go
@@ -0,0 +1,299 @@
+package keyvault
+
+import (
+ "bytes"
+ "context"
+ "crypto/ecdsa"
+ "crypto/rsa"
+ "crypto/x509"
+ "encoding/base64"
+ "encoding/hex"
+ "encoding/pem"
+ "fmt"
+ "strings"
+ "time"
+
+ "github.com/hashicorp/go-azure-helpers/resourcemanager/commonids"
+ "github.com/hashicorp/terraform-plugin-framework/ephemeral"
+ "github.com/hashicorp/terraform-plugin-framework/ephemeral/schema"
+ "github.com/hashicorp/terraform-plugin-framework/schema/validator"
+ "github.com/hashicorp/terraform-plugin-framework/types"
+ "github.com/hashicorp/terraform-provider-azurerm/internal/sdk"
+ "github.com/hashicorp/terraform-provider-azurerm/internal/sdk/frameworkhelpers"
+ "github.com/hashicorp/terraform-provider-azurerm/internal/services/keyvault/parse"
+ "github.com/hashicorp/terraform-provider-azurerm/internal/tf/validation"
+ "github.com/hashicorp/terraform-provider-azurerm/utils"
+ "golang.org/x/crypto/pkcs12"
+)
+
+var _ sdk.EphemeralResource = &KeyVaultCertificateEphemeralResource{}
+
+func NewKeyVaultCertificateEphemeralResource() ephemeral.EphemeralResource {
+ return &KeyVaultCertificateEphemeralResource{}
+}
+
+type KeyVaultCertificateEphemeralResource struct {
+ sdk.EphemeralResourceMetadata
+}
+
+type KeyVaultCertificateEphemeralResourceModel struct {
+ Name types.String `tfsdk:"name"`
+ KeyVaultID types.String `tfsdk:"key_vault_id"`
+ Version types.String `tfsdk:"version"`
+ Hex types.String `tfsdk:"hex"`
+ Pem types.String `tfsdk:"pem"`
+ Key types.String `tfsdk:"key"`
+ ExpirationDate types.String `tfsdk:"expiration_date"`
+ NotBeforeDate types.String `tfsdk:"not_before_date"`
+ CertificateCount types.Int64 `tfsdk:"certificate_count"`
+}
+
+func (e *KeyVaultCertificateEphemeralResource) Metadata(_ context.Context, _ ephemeral.MetadataRequest, resp *ephemeral.MetadataResponse) {
+ resp.TypeName = "azurerm_key_vault_certificate"
+}
+
+func (e *KeyVaultCertificateEphemeralResource) Configure(_ context.Context, req ephemeral.ConfigureRequest, resp *ephemeral.ConfigureResponse) {
+ e.Defaults(req, resp)
+}
+
+func (e *KeyVaultCertificateEphemeralResource) Schema(_ context.Context, _ ephemeral.SchemaRequest, resp *ephemeral.SchemaResponse) {
+ resp.Schema = schema.Schema{
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ Required: true,
+ Validators: []validator.String{
+ frameworkhelpers.WrappedStringValidator{
+ Func: validation.StringIsNotEmpty,
+ },
+ },
+ },
+
+ "key_vault_id": schema.StringAttribute{
+ Required: true,
+ Validators: []validator.String{
+ frameworkhelpers.WrappedStringValidator{
+ Func: commonids.ValidateKeyVaultID,
+ },
+ },
+ },
+
+ "version": schema.StringAttribute{
+ Optional: true,
+ Computed: true,
+ Validators: []validator.String{
+ frameworkhelpers.WrappedStringValidator{
+ Func: validation.StringIsNotEmpty,
+ },
+ },
+ },
+
+ "hex": schema.StringAttribute{
+ Computed: true,
+ },
+
+ "pem": schema.StringAttribute{
+ Computed: true,
+ },
+
+ "key": schema.StringAttribute{
+ Computed: true,
+ },
+
+ "expiration_date": schema.StringAttribute{
+ Computed: true,
+ },
+
+ "not_before_date": schema.StringAttribute{
+ Computed: true,
+ },
+
+ "certificate_count": schema.Int64Attribute{
+ Computed: true,
+ },
+ },
+ }
+}
+
+func (e *KeyVaultCertificateEphemeralResource) Open(ctx context.Context, req ephemeral.OpenRequest, resp *ephemeral.OpenResponse) {
+ keyVaultsClient := e.Client.KeyVault
+ client := e.Client.KeyVault.ManagementClient
+ ctx, cancel := context.WithTimeout(ctx, time.Minute*5)
+ defer cancel()
+
+ var data KeyVaultCertificateEphemeralResourceModel
+
+ if ok := e.DecodeOpen(ctx, req, resp, &data); !ok {
+ return
+ }
+
+ keyVaultID, err := commonids.ParseKeyVaultID(data.KeyVaultID.ValueString())
+ if err != nil {
+ sdk.SetResponseErrorDiagnostic(resp, "", err)
+ return
+ }
+
+ keyVaultBaseUri, err := keyVaultsClient.BaseUriForKeyVault(ctx, *keyVaultID)
+ if err != nil {
+ sdk.SetResponseErrorDiagnostic(resp, fmt.Sprintf("looking up base uri for certificate %q in %s", data.Name.ValueString(), keyVaultID), err)
+ return
+ }
+
+ response, err := client.GetCertificate(ctx, *keyVaultBaseUri, data.Name.ValueString(), data.Version.ValueString())
+ if err != nil {
+ if utils.ResponseWasNotFound(response.Response) {
+ sdk.SetResponseErrorDiagnostic(resp, fmt.Sprintf("certificate %q does not exist in %s", data.Name.ValueString(), keyVaultID), err)
+ return
+ }
+ sdk.SetResponseErrorDiagnostic(resp, fmt.Sprintf("retrieving certificate %q from %s", data.Name.ValueString(), keyVaultID), err)
+ return
+ }
+
+ id, err := parse.ParseNestedItemID(*response.ID)
+ if err != nil {
+ sdk.SetResponseErrorDiagnostic(resp, "", err)
+ return
+ }
+ data.Version = types.StringValue(id.Version)
+
+ if attributes := response.Attributes; attributes != nil {
+ if expires := attributes.Expires; expires != nil {
+ data.ExpirationDate = types.StringValue(time.Time(*expires).Format(time.RFC3339))
+ }
+
+ if notBefore := attributes.NotBefore; notBefore != nil {
+ data.NotBeforeDate = types.StringValue(time.Time(*notBefore).Format(time.RFC3339))
+ }
+ }
+
+ certificateData := ""
+ if response.Cer != nil {
+ certificateData = strings.ToUpper(hex.EncodeToString(*response.Cer))
+ }
+
+ data.Hex = types.StringValue(certificateData)
+
+ pfx, err := client.GetSecret(ctx, id.KeyVaultBaseUrl, id.Name, id.Version)
+ if err != nil {
+ sdk.SetResponseErrorDiagnostic(resp, fmt.Sprintf("retrieving certificate %q from %s", data.Name.ValueString(), keyVaultID), err)
+ return
+ }
+
+ pemBlocks := make([]*pem.Block, 0)
+
+ if *pfx.ContentType == "application/x-pkcs12" {
+ bytes, err := base64.StdEncoding.DecodeString(*pfx.Value)
+ if err != nil {
+ sdk.SetResponseErrorDiagnostic(resp, fmt.Sprintf("decoding base64 certificate %q", id.Name), err)
+ return
+ }
+
+ blocks, err := pkcs12.ToPEM(bytes, "")
+ if err != nil {
+ sdk.SetResponseErrorDiagnostic(resp, fmt.Sprintf("decoding certificate %q", id.Name), err)
+ return
+ }
+ pemBlocks = blocks
+ } else {
+ block, rest := pem.Decode([]byte(*pfx.Value))
+ if block == nil {
+ sdk.SetResponseErrorDiagnostic(resp, fmt.Sprintf("decoding %q", id.Name), err)
+ return
+ }
+ pemBlocks = append(pemBlocks, block)
+ for len(rest) > 0 {
+ block, rest = pem.Decode(rest)
+ pemBlocks = append(pemBlocks, block)
+ }
+ }
+
+ var pemKey []byte
+ var pemCerts [][]byte
+
+ for _, block := range pemBlocks {
+ if strings.Contains(block.Type, "PRIVATE KEY") {
+ pemKey = block.Bytes
+ }
+
+ if strings.Contains(block.Type, "CERTIFICATE") {
+ pemCerts = append(pemCerts, block.Bytes)
+ }
+ }
+
+ var privateKey interface{}
+
+ if *pfx.ContentType == "application/x-pkcs12" {
+ rsakey, err := x509.ParsePKCS1PrivateKey(pemKey)
+ if err != nil {
+ eckey, err := x509.ParseECPrivateKey(pemKey)
+ if err != nil {
+ sdk.SetResponseErrorDiagnostic(resp, fmt.Sprintf("decoding private key %q not RSA or ECDSA type", id.Name), err)
+ return
+ }
+ privateKey = eckey
+ } else {
+ privateKey = rsakey
+ }
+ } else {
+ pkey, err := x509.ParsePKCS8PrivateKey(pemKey)
+ if err != nil {
+ sdk.SetResponseErrorDiagnostic(resp, fmt.Sprintf("decoding PKCS8 RSA private key %q", id.Name), err)
+ return
+ }
+ privateKey = pkey
+ }
+
+ var keyX509 []byte
+ var pemKeyHeader string
+ if privateKey != nil {
+ switch v := privateKey.(type) {
+ case *ecdsa.PrivateKey:
+ keyX509, err = x509.MarshalECPrivateKey(privateKey.(*ecdsa.PrivateKey))
+ if err != nil {
+ sdk.SetResponseErrorDiagnostic(resp, fmt.Sprintf("marshalling private key %q of type %+v", id.Name, v), err)
+ return
+ }
+ pemKeyHeader = "EC PRIVATE KEY"
+ case *rsa.PrivateKey:
+ keyX509 = x509.MarshalPKCS1PrivateKey(privateKey.(*rsa.PrivateKey))
+ pemKeyHeader = "RSA PRIVATE KEY"
+ default:
+ sdk.SetResponseErrorDiagnostic(resp, fmt.Sprintf("marshalling private key %q: key type %+v is not supported", id.Name, v), err)
+ return
+ }
+ }
+
+ keyBlock := &pem.Block{
+ Type: pemKeyHeader,
+ Bytes: keyX509,
+ }
+
+ var keyPEM bytes.Buffer
+ err = pem.Encode(&keyPEM, keyBlock)
+ if err != nil {
+ sdk.SetResponseErrorDiagnostic(resp, fmt.Sprintf("encoding key for %q", id.Name), err)
+ return
+ }
+
+ certs := ""
+
+ for _, pemCert := range pemCerts {
+ certBlock := &pem.Block{
+ Type: "CERTIFICATE",
+ Bytes: pemCert,
+ }
+
+ var certPEM bytes.Buffer
+ err = pem.Encode(&certPEM, certBlock)
+ if err != nil {
+ sdk.SetResponseErrorDiagnostic(resp, fmt.Sprintf("encoding PEM for %q", id.Name), err)
+ return
+ }
+ certs += certPEM.String()
+ }
+
+ data.Pem = types.StringValue(certs)
+ data.Key = types.StringValue(keyPEM.String())
+ data.CertificateCount = types.Int64Value(int64(len(pemCerts)))
+
+ resp.Diagnostics.Append(resp.Result.Set(ctx, &data)...)
+}
diff --git a/internal/services/keyvault/key_vault_certificate_ephemeral_test.go b/internal/services/keyvault/key_vault_certificate_ephemeral_test.go
new file mode 100644
index 000000000000..cceb7e98b6fe
--- /dev/null
+++ b/internal/services/keyvault/key_vault_certificate_ephemeral_test.go
@@ -0,0 +1,199 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package keyvault_test
+
+import (
+ "context"
+ "fmt"
+ "testing"
+
+ "github.com/hashicorp/go-version"
+ "github.com/hashicorp/terraform-plugin-testing/helper/resource"
+ "github.com/hashicorp/terraform-plugin-testing/knownvalue"
+ "github.com/hashicorp/terraform-plugin-testing/statecheck"
+ "github.com/hashicorp/terraform-plugin-testing/tfjsonpath"
+ "github.com/hashicorp/terraform-plugin-testing/tfversion"
+ "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance"
+ "github.com/hashicorp/terraform-provider-azurerm/internal/provider/framework"
+)
+
+type KeyVaultCertificateEphemeral struct{}
+
+func TestAccEphemeralKeyVaultCertificate_basic(t *testing.T) {
+ data := acceptance.BuildTestData(t, "ephemeral.azurerm_key_vault_certificate", "test")
+ r := KeyVaultCertificateEphemeral{}
+
+ resource.UnitTest(t, resource.TestCase{
+ TerraformVersionChecks: []tfversion.TerraformVersionCheck{
+ tfversion.SkipBelow(version.Must(version.NewVersion("1.10.0-rc1"))),
+ },
+ ProtoV5ProviderFactories: framework.ProtoV5ProviderFactoriesInit(context.Background(), "azurerm"),
+ ProtoV6ProviderFactories: framework.ProtoV6ProviderFactoriesInit(context.Background(), "azurerm", "echo"),
+ Steps: []resource.TestStep{
+ {
+ Config: r.basic(data),
+ ConfigStateChecks: []statecheck.StateCheck{
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("hex"), knownvalue.NotNull()),
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("pem"), knownvalue.NotNull()),
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("key"), knownvalue.NotNull()),
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("not_before_date"), knownvalue.StringExact("2017-10-10T08:27:55Z")),
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("expiration_date"), knownvalue.StringExact("2027-10-08T08:27:55Z")),
+ },
+ },
+ },
+ })
+}
+
+func TestAccEphemeralKeyVaultCertificate_ecdsaPFX(t *testing.T) {
+ data := acceptance.BuildTestData(t, "ephemeral.azurerm_key_vault_certificate", "test")
+ r := KeyVaultCertificateEphemeral{}
+
+ resource.UnitTest(t, resource.TestCase{
+ TerraformVersionChecks: []tfversion.TerraformVersionCheck{
+ tfversion.SkipBelow(version.Must(version.NewVersion("1.10.0-rc1"))),
+ },
+ ProtoV5ProviderFactories: framework.ProtoV5ProviderFactoriesInit(context.Background(), "azurerm"),
+ ProtoV6ProviderFactories: framework.ProtoV6ProviderFactoriesInit(context.Background(), "azurerm", "echo"),
+ Steps: []resource.TestStep{
+ {
+ Config: r.format(KeyVaultCertificateResource{}.basicImportPFX_ECDSA(data)),
+ ConfigStateChecks: []statecheck.StateCheck{
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("hex"), knownvalue.NotNull()),
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("pem"), knownvalue.NotNull()),
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("key"), knownvalue.NotNull()),
+ },
+ },
+ },
+ })
+}
+
+func TestAccEphemeralKeyVaultCertificate_ecdsaPEM(t *testing.T) {
+ data := acceptance.BuildTestData(t, "ephemeral.azurerm_key_vault_certificate", "test")
+ r := KeyVaultCertificateEphemeral{}
+
+ resource.UnitTest(t, resource.TestCase{
+ TerraformVersionChecks: []tfversion.TerraformVersionCheck{
+ tfversion.SkipBelow(version.Must(version.NewVersion("1.10.0-rc1"))),
+ },
+ ProtoV5ProviderFactories: framework.ProtoV5ProviderFactoriesInit(context.Background(), "azurerm"),
+ ProtoV6ProviderFactories: framework.ProtoV6ProviderFactoriesInit(context.Background(), "azurerm", "echo"),
+ Steps: []resource.TestStep{
+ {
+ Config: r.format(KeyVaultCertificateResource{}.basicImportPEM_ECDSA(data)),
+ ConfigStateChecks: []statecheck.StateCheck{
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("hex"), knownvalue.NotNull()),
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("pem"), knownvalue.NotNull()),
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("key"), knownvalue.NotNull()),
+ },
+ },
+ },
+ })
+}
+
+func TestAccEphemeralKeyVaultCertificate_rsaBundlePEM(t *testing.T) {
+ data := acceptance.BuildTestData(t, "ephemeral.azurerm_key_vault_certificate", "test")
+ r := KeyVaultCertificateEphemeral{}
+
+ resource.UnitTest(t, resource.TestCase{
+ TerraformVersionChecks: []tfversion.TerraformVersionCheck{
+ tfversion.SkipBelow(version.Must(version.NewVersion("1.10.0-rc1"))),
+ },
+ ProtoV5ProviderFactories: framework.ProtoV5ProviderFactoriesInit(context.Background(), "azurerm"),
+ ProtoV6ProviderFactories: framework.ProtoV6ProviderFactoriesInit(context.Background(), "azurerm", "echo"),
+ Steps: []resource.TestStep{
+ {
+ Config: r.format(KeyVaultCertificateResource{}.basicImportPEM_RSA_bundle(data)),
+ ConfigStateChecks: []statecheck.StateCheck{
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("hex"), knownvalue.NotNull()),
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("pem"), knownvalue.NotNull()),
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("key"), knownvalue.NotNull()),
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("certificate_count"), knownvalue.Int64Exact(2)),
+ },
+ },
+ },
+ })
+}
+
+func TestAccEphemeralKeyVaultCertificate_rsaSinglePEM(t *testing.T) {
+ data := acceptance.BuildTestData(t, "ephemeral.azurerm_key_vault_certificate", "test")
+ r := KeyVaultCertificateEphemeral{}
+
+ resource.UnitTest(t, resource.TestCase{
+ TerraformVersionChecks: []tfversion.TerraformVersionCheck{
+ tfversion.SkipBelow(version.Must(version.NewVersion("1.10.0-rc1"))),
+ },
+ ProtoV5ProviderFactories: framework.ProtoV5ProviderFactoriesInit(context.Background(), "azurerm"),
+ ProtoV6ProviderFactories: framework.ProtoV6ProviderFactoriesInit(context.Background(), "azurerm", "echo"),
+ Steps: []resource.TestStep{
+ {
+ Config: r.format(KeyVaultCertificateResource{}.basicImportPEM_RSA(data)),
+ ConfigStateChecks: []statecheck.StateCheck{
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("hex"), knownvalue.NotNull()),
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("pem"), knownvalue.NotNull()),
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("key"), knownvalue.NotNull()),
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("certificate_count"), knownvalue.Int64Exact(1)),
+ },
+ },
+ },
+ })
+}
+
+func TestAccEphemeralKeyVaultCertificate_rsaBundlePFX(t *testing.T) {
+ data := acceptance.BuildTestData(t, "ephemeral.azurerm_key_vault_certificate", "test")
+ r := KeyVaultCertificateEphemeral{}
+
+ resource.UnitTest(t, resource.TestCase{
+ TerraformVersionChecks: []tfversion.TerraformVersionCheck{
+ tfversion.SkipBelow(version.Must(version.NewVersion("1.10.0-rc1"))),
+ },
+ ProtoV5ProviderFactories: framework.ProtoV5ProviderFactoriesInit(context.Background(), "azurerm"),
+ ProtoV6ProviderFactories: framework.ProtoV6ProviderFactoriesInit(context.Background(), "azurerm", "echo"),
+ Steps: []resource.TestStep{
+ {
+ Config: r.format(KeyVaultCertificateResource{}.basicImportPFX_RSA_bundle(data)),
+ ConfigStateChecks: []statecheck.StateCheck{
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("hex"), knownvalue.NotNull()),
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("pem"), knownvalue.NotNull()),
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("key"), knownvalue.NotNull()),
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("certificate_count"), knownvalue.Int64Exact(2)),
+ },
+ },
+ },
+ })
+}
+
+func (KeyVaultCertificateEphemeral) basic(data acceptance.TestData) string {
+ return fmt.Sprintf(`
+%s
+
+ephemeral "azurerm_key_vault_certificate" "test" {
+ name = azurerm_key_vault_certificate.test.name
+ key_vault_id = azurerm_key_vault.test.id
+}
+
+provider "echo" {
+ data = ephemeral.azurerm_key_vault_certificate.test
+}
+
+resource "echo" "test" {}
+`, KeyVaultCertificateResource{}.basicImportPFX(data))
+}
+
+func (KeyVaultCertificateEphemeral) format(formatTemplate string) string {
+ return fmt.Sprintf(`
+%s
+
+ephemeral "azurerm_key_vault_certificate" "test" {
+ name = azurerm_key_vault_certificate.test.name
+ key_vault_id = azurerm_key_vault.test.id
+ version = azurerm_key_vault_certificate.test.version
+}
+
+provider "echo" {
+ data = ephemeral.azurerm_key_vault_certificate.test
+}
+
+resource "echo" "test" {}
+`, formatTemplate)
+}
diff --git a/internal/services/keyvault/key_vault_secret_ephemeral.go b/internal/services/keyvault/key_vault_secret_ephemeral.go
new file mode 100644
index 000000000000..03900d0c5c37
--- /dev/null
+++ b/internal/services/keyvault/key_vault_secret_ephemeral.go
@@ -0,0 +1,149 @@
+package keyvault
+
+import (
+ "context"
+ "fmt"
+ "time"
+
+ "github.com/hashicorp/go-azure-helpers/lang/pointer"
+ "github.com/hashicorp/go-azure-helpers/resourcemanager/commonids"
+ "github.com/hashicorp/terraform-plugin-framework/ephemeral"
+ "github.com/hashicorp/terraform-plugin-framework/ephemeral/schema"
+ "github.com/hashicorp/terraform-plugin-framework/schema/validator"
+ "github.com/hashicorp/terraform-plugin-framework/types"
+ "github.com/hashicorp/terraform-provider-azurerm/internal/sdk"
+ "github.com/hashicorp/terraform-provider-azurerm/internal/sdk/frameworkhelpers"
+ "github.com/hashicorp/terraform-provider-azurerm/internal/services/keyvault/parse"
+ "github.com/hashicorp/terraform-provider-azurerm/internal/tf/validation"
+ "github.com/hashicorp/terraform-provider-azurerm/utils"
+)
+
+var _ sdk.EphemeralResource = &KeyVaultSecretEphemeralResource{}
+
+func NewKeyVaultSecretEphemeralResource() ephemeral.EphemeralResource {
+ return &KeyVaultSecretEphemeralResource{}
+}
+
+type KeyVaultSecretEphemeralResource struct {
+ sdk.EphemeralResourceMetadata
+}
+
+type KeyVaultSecretEphemeralResourceModel struct {
+ Name types.String `tfsdk:"name"`
+ KeyVaultID types.String `tfsdk:"key_vault_id"`
+ Version types.String `tfsdk:"version"`
+ ExpirationDate types.String `tfsdk:"expiration_date"`
+ NotBeforeDate types.String `tfsdk:"not_before_date"`
+ Value types.String `tfsdk:"value"`
+}
+
+func (e *KeyVaultSecretEphemeralResource) Metadata(_ context.Context, _ ephemeral.MetadataRequest, resp *ephemeral.MetadataResponse) {
+ resp.TypeName = "azurerm_key_vault_secret"
+}
+
+func (e *KeyVaultSecretEphemeralResource) Configure(_ context.Context, req ephemeral.ConfigureRequest, resp *ephemeral.ConfigureResponse) {
+ e.Defaults(req, resp)
+}
+
+func (e *KeyVaultSecretEphemeralResource) Schema(_ context.Context, _ ephemeral.SchemaRequest, resp *ephemeral.SchemaResponse) {
+ resp.Schema = schema.Schema{
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ Required: true,
+ Validators: []validator.String{
+ frameworkhelpers.WrappedStringValidator{
+ Func: validation.StringIsNotEmpty,
+ },
+ },
+ },
+
+ "key_vault_id": schema.StringAttribute{
+ Required: true,
+ Validators: []validator.String{
+ frameworkhelpers.WrappedStringValidator{
+ Func: commonids.ValidateKeyVaultID,
+ },
+ },
+ },
+
+ "version": schema.StringAttribute{
+ Optional: true,
+ Computed: true,
+ Validators: []validator.String{
+ frameworkhelpers.WrappedStringValidator{
+ Func: validation.StringIsNotEmpty,
+ },
+ },
+ },
+
+ "expiration_date": schema.StringAttribute{
+ Computed: true,
+ },
+
+ "not_before_date": schema.StringAttribute{
+ Computed: true,
+ },
+
+ "value": schema.StringAttribute{
+ Computed: true,
+ },
+ },
+ }
+}
+
+func (e *KeyVaultSecretEphemeralResource) Open(ctx context.Context, req ephemeral.OpenRequest, resp *ephemeral.OpenResponse) {
+ keyVaultsClient := e.Client.KeyVault
+ client := e.Client.KeyVault.ManagementClient
+ ctx, cancel := context.WithTimeout(ctx, time.Minute*5)
+ defer cancel()
+
+ var data KeyVaultSecretEphemeralResourceModel
+
+ if ok := e.DecodeOpen(ctx, req, resp, &data); !ok {
+ return
+ }
+
+ keyVaultID, err := commonids.ParseKeyVaultID(data.KeyVaultID.ValueString())
+ if err != nil {
+ sdk.SetResponseErrorDiagnostic(resp, "", err)
+ return
+ }
+
+ keyVaultBaseUri, err := keyVaultsClient.BaseUriForKeyVault(ctx, *keyVaultID)
+ if err != nil {
+ sdk.SetResponseErrorDiagnostic(resp, fmt.Sprintf("looking up base uri for secret %q in %s", data.Name.ValueString(), keyVaultID), err)
+ return
+ }
+
+ response, err := client.GetSecret(ctx, *keyVaultBaseUri, data.Name.ValueString(), data.Version.ValueString())
+ if err != nil {
+ if utils.ResponseWasNotFound(response.Response) {
+ sdk.SetResponseErrorDiagnostic(resp, fmt.Sprintf("secret %s does not exist in %s", data.Name.ValueString(), keyVaultID), err)
+ return
+ }
+ sdk.SetResponseErrorDiagnostic(resp, fmt.Sprintf("retrieving secret %q from %s", data.Name.ValueString(), keyVaultID), err)
+ return
+ }
+
+ data.Value = types.StringValue(pointer.From(response.Value))
+
+ id, err := parse.ParseNestedItemID(*response.ID)
+ if err != nil {
+ sdk.SetResponseErrorDiagnostic(resp, "", err)
+ return
+ }
+
+ data.Version = types.StringValue(id.Version)
+
+ if attributes := response.Attributes; attributes != nil {
+ if expirationDate := attributes.Expires; expirationDate != nil {
+ data.ExpirationDate = types.StringValue(time.Time(*expirationDate).Format(time.RFC3339))
+ }
+
+ if notBeforeDate := attributes.NotBefore; notBeforeDate != nil {
+ data.NotBeforeDate = types.StringValue(time.Time(*notBeforeDate).Format(time.RFC3339))
+ }
+ }
+
+ resp.Diagnostics.Append(resp.Result.Set(ctx, &data)...)
+}
diff --git a/internal/services/keyvault/key_vault_secret_ephemeral_test.go b/internal/services/keyvault/key_vault_secret_ephemeral_test.go
new file mode 100644
index 000000000000..efcebf331170
--- /dev/null
+++ b/internal/services/keyvault/key_vault_secret_ephemeral_test.go
@@ -0,0 +1,100 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package keyvault_test
+
+import (
+ "context"
+ "fmt"
+ "testing"
+
+ "github.com/hashicorp/go-version"
+ "github.com/hashicorp/terraform-plugin-testing/helper/resource"
+ "github.com/hashicorp/terraform-plugin-testing/knownvalue"
+ "github.com/hashicorp/terraform-plugin-testing/statecheck"
+ "github.com/hashicorp/terraform-plugin-testing/tfjsonpath"
+ "github.com/hashicorp/terraform-plugin-testing/tfversion"
+ "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance"
+ "github.com/hashicorp/terraform-provider-azurerm/internal/provider/framework"
+)
+
+type KeyVaultSecretEphemeral struct{}
+
+func TestAccEphemeralKeyVaultSecret_basic(t *testing.T) {
+ data := acceptance.BuildTestData(t, "ephemeral.azurerm_key_vault_secret", "test")
+ r := KeyVaultSecretEphemeral{}
+
+ resource.UnitTest(t, resource.TestCase{
+ TerraformVersionChecks: []tfversion.TerraformVersionCheck{
+ tfversion.SkipBelow(version.Must(version.NewVersion("1.10.0-rc1"))),
+ },
+ ProtoV5ProviderFactories: framework.ProtoV5ProviderFactoriesInit(context.Background(), "azurerm"),
+ ProtoV6ProviderFactories: framework.ProtoV6ProviderFactoriesInit(context.Background(), "azurerm", "echo"),
+ Steps: []resource.TestStep{
+ {
+ Config: r.basic(data),
+ ConfigStateChecks: []statecheck.StateCheck{
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("value"), knownvalue.StringExact("rick-and-morty")),
+ },
+ },
+ },
+ })
+}
+
+func TestAccEphemeralKeyVaultSecret_complete(t *testing.T) {
+ data := acceptance.BuildTestData(t, "ephemeral.azurerm_key_vault_secret", "test")
+ r := KeyVaultSecretEphemeral{}
+
+ resource.UnitTest(t, resource.TestCase{
+ TerraformVersionChecks: []tfversion.TerraformVersionCheck{
+ tfversion.SkipBelow(version.Must(version.NewVersion("1.10.0-rc1"))),
+ },
+ ProtoV5ProviderFactories: framework.ProtoV5ProviderFactoriesInit(context.Background(), "azurerm"),
+ ProtoV6ProviderFactories: framework.ProtoV6ProviderFactoriesInit(context.Background(), "azurerm", "echo"),
+ Steps: []resource.TestStep{
+ {
+ Config: r.complete(data),
+ ConfigStateChecks: []statecheck.StateCheck{
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("value"), knownvalue.StringExact("")),
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("not_before_date"), knownvalue.StringExact("2019-01-01T01:02:03Z")),
+ statecheck.ExpectKnownValue("echo.test", tfjsonpath.New("data").AtMapKey("expiration_date"), knownvalue.StringExact("2020-01-01T01:02:03Z")),
+ },
+ },
+ },
+ })
+}
+
+func (KeyVaultSecretEphemeral) basic(data acceptance.TestData) string {
+ return fmt.Sprintf(`
+%s
+
+ephemeral "azurerm_key_vault_secret" "test" {
+ name = azurerm_key_vault_secret.test.name
+ key_vault_id = azurerm_key_vault.test.id
+}
+
+provider "echo" {
+ data = ephemeral.azurerm_key_vault_secret.test
+}
+
+resource "echo" "test" {}
+`, KeyVaultSecretResource{}.basic(data))
+}
+
+func (KeyVaultSecretEphemeral) complete(data acceptance.TestData) string {
+ return fmt.Sprintf(`
+%s
+
+ephemeral "azurerm_key_vault_secret" "test" {
+ name = azurerm_key_vault_secret.test.name
+ key_vault_id = azurerm_key_vault.test.id
+ version = azurerm_key_vault_secret.test.version
+}
+
+provider "echo" {
+ data = ephemeral.azurerm_key_vault_secret.test
+}
+
+resource "echo" "test" {}
+`, KeyVaultSecretResource{}.complete(data))
+}
diff --git a/internal/services/keyvault/registration.go b/internal/services/keyvault/registration.go
index 9b35fbb26cab..a1d1c58d880c 100644
--- a/internal/services/keyvault/registration.go
+++ b/internal/services/keyvault/registration.go
@@ -4,6 +4,9 @@
package keyvault
import (
+ "github.com/hashicorp/terraform-plugin-framework/datasource"
+ "github.com/hashicorp/terraform-plugin-framework/ephemeral"
+ "github.com/hashicorp/terraform-plugin-framework/resource"
"github.com/hashicorp/terraform-provider-azurerm/internal/sdk"
"github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk"
)
@@ -13,6 +16,7 @@ type Registration struct{}
var (
_ sdk.TypedServiceRegistrationWithAGitHubLabel = Registration{}
_ sdk.UntypedServiceRegistrationWithAGitHubLabel = Registration{}
+ _ sdk.FrameworkTypedServiceRegistration = Registration{}
)
func (r Registration) AssociatedGitHubLabel() string {
@@ -71,3 +75,18 @@ func (r Registration) Resources() []sdk.Resource {
KeyVaultCertificateContactsResource{},
}
}
+
+func (r Registration) FrameworkResources() []func() resource.Resource {
+ return []func() resource.Resource{}
+}
+
+func (r Registration) FrameworkDataSources() []func() datasource.DataSource {
+ return []func() datasource.DataSource{}
+}
+
+func (r Registration) EphemeralResources() []func() ephemeral.EphemeralResource {
+ return []func() ephemeral.EphemeralResource{
+ NewKeyVaultCertificateEphemeralResource,
+ NewKeyVaultSecretEphemeralResource,
+ }
+}
diff --git a/internal/tools/generator-services/main.go b/internal/tools/generator-services/main.go
index 5483ae7448aa..0c66eed86460 100644
--- a/internal/tools/generator-services/main.go
+++ b/internal/tools/generator-services/main.go
@@ -251,7 +251,8 @@ func (websiteCategoriesGenerator) run(outputFileName string, _ map[string]struct
// sort them
sort.Strings(websiteCategories)
- fileContents := strings.Join(websiteCategories, "\n")
+ // the file needs to start with an empty line to allow documentation without any subcategory e.g. provider function docs
+ fileContents := "\n" + strings.Join(websiteCategories, "\n")
return writeToFile(outputFileName, fileContents)
}
diff --git a/vendor/github.com/hashicorp/hcl/v2/hclsyntax/expression.go b/vendor/github.com/hashicorp/hcl/v2/hclsyntax/expression.go
index 577a50fa3b98..f4c3a6d79b56 100644
--- a/vendor/github.com/hashicorp/hcl/v2/hclsyntax/expression.go
+++ b/vendor/github.com/hashicorp/hcl/v2/hclsyntax/expression.go
@@ -788,21 +788,24 @@ func (e *ConditionalExpr) Value(ctx *hcl.EvalContext) (cty.Value, hcl.Diagnostic
})
return cty.UnknownVal(resultType), diags
}
- if !condResult.IsKnown() {
- // we use the unmarked values throughout the unknown branch
- _, condResultMarks := condResult.Unmark()
- trueResult, trueResultMarks := trueResult.Unmark()
- falseResult, falseResultMarks := falseResult.Unmark()
- // use a value to merge marks
- _, resMarks := cty.DynamicVal.WithMarks(condResultMarks, trueResultMarks, falseResultMarks).Unmark()
+ // Now that we have all three values, collect all the marks for the result.
+ // Since it's possible that a condition value could be unknown, and the
+ // consumer needs to deal with any marks from either branch anyway, we must
+ // always combine them for consistent results.
+ condResult, condResultMarks := condResult.Unmark()
+ trueResult, trueResultMarks := trueResult.Unmark()
+ falseResult, falseResultMarks := falseResult.Unmark()
+ var resMarks []cty.ValueMarks
+ resMarks = append(resMarks, condResultMarks, trueResultMarks, falseResultMarks)
+ if !condResult.IsKnown() {
trueRange := trueResult.Range()
falseRange := falseResult.Range()
// if both branches are known to be null, then the result must still be null
if trueResult.IsNull() && falseResult.IsNull() {
- return cty.NullVal(resultType).WithMarks(resMarks), diags
+ return cty.NullVal(resultType).WithMarks(resMarks...), diags
}
// We might be able to offer a refined range for the result based on
@@ -841,7 +844,7 @@ func (e *ConditionalExpr) Value(ctx *hcl.EvalContext) (cty.Value, hcl.Diagnostic
ref = ref.NumberRangeUpperBound(hi, hiInc)
}
- return ref.NewValue().WithMarks(resMarks), diags
+ return ref.NewValue().WithMarks(resMarks...), diags
}
if trueResult.Type().IsCollectionType() && falseResult.Type().IsCollectionType() {
@@ -867,7 +870,7 @@ func (e *ConditionalExpr) Value(ctx *hcl.EvalContext) (cty.Value, hcl.Diagnostic
}
ref = ref.CollectionLengthLowerBound(lo).CollectionLengthUpperBound(hi)
- return ref.NewValue().WithMarks(resMarks), diags
+ return ref.NewValue().WithMarks(resMarks...), diags
}
}
@@ -875,7 +878,7 @@ func (e *ConditionalExpr) Value(ctx *hcl.EvalContext) (cty.Value, hcl.Diagnostic
if trueRange.DefinitelyNotNull() && falseRange.DefinitelyNotNull() {
ret = ret.RefineNotNull()
}
- return ret.WithMarks(resMarks), diags
+ return ret.WithMarks(resMarks...), diags
}
condResult, err := convert.Convert(condResult, cty.Bool)
@@ -892,8 +895,6 @@ func (e *ConditionalExpr) Value(ctx *hcl.EvalContext) (cty.Value, hcl.Diagnostic
return cty.UnknownVal(resultType), diags
}
- // Unmark result before testing for truthiness
- condResult, _ = condResult.UnmarkDeep()
if condResult.True() {
diags = append(diags, trueDiags...)
if convs[0] != nil {
@@ -916,7 +917,7 @@ func (e *ConditionalExpr) Value(ctx *hcl.EvalContext) (cty.Value, hcl.Diagnostic
trueResult = cty.UnknownVal(resultType)
}
}
- return trueResult, diags
+ return trueResult.WithMarks(resMarks...), diags
} else {
diags = append(diags, falseDiags...)
if convs[1] != nil {
@@ -939,7 +940,7 @@ func (e *ConditionalExpr) Value(ctx *hcl.EvalContext) (cty.Value, hcl.Diagnostic
falseResult = cty.UnknownVal(resultType)
}
}
- return falseResult, diags
+ return falseResult.WithMarks(resMarks...), diags
}
}
@@ -1429,9 +1430,9 @@ func (e *ForExpr) Value(ctx *hcl.EvalContext) (cty.Value, hcl.Diagnostics) {
})
return cty.DynamicVal, diags
}
- if !collVal.IsKnown() {
- return cty.DynamicVal, diags
- }
+
+ // Grab the CondExpr marks when we're returning early with an unknown
+ var condMarks cty.ValueMarks
// Before we start we'll do an early check to see if any CondExpr we've
// been given is of the wrong type. This isn't 100% reliable (it may
@@ -1459,6 +1460,9 @@ func (e *ForExpr) Value(ctx *hcl.EvalContext) (cty.Value, hcl.Diagnostics) {
})
return cty.DynamicVal, diags
}
+
+ _, condMarks = result.Unmark()
+
_, err := convert.Convert(result, cty.Bool)
if err != nil {
diags = append(diags, &hcl.Diagnostic{
@@ -1477,6 +1481,10 @@ func (e *ForExpr) Value(ctx *hcl.EvalContext) (cty.Value, hcl.Diagnostics) {
}
}
+ if !collVal.IsKnown() {
+ return cty.DynamicVal.WithMarks(append(marks, condMarks)...), diags
+ }
+
if e.KeyExpr != nil {
// Producing an object
var vals map[string]cty.Value
@@ -1517,6 +1525,12 @@ func (e *ForExpr) Value(ctx *hcl.EvalContext) (cty.Value, hcl.Diagnostics) {
known = false
continue
}
+
+ // Extract and merge marks from the include expression into the
+ // main set of marks
+ _, includeMarks := includeRaw.Unmark()
+ marks = append(marks, includeMarks)
+
include, err := convert.Convert(includeRaw, cty.Bool)
if err != nil {
if known {
@@ -1540,7 +1554,7 @@ func (e *ForExpr) Value(ctx *hcl.EvalContext) (cty.Value, hcl.Diagnostics) {
// Extract and merge marks from the include expression into the
// main set of marks
- includeUnmarked, includeMarks := include.Unmark()
+ includeUnmarked, _ := include.Unmark()
marks = append(marks, includeMarks)
if includeUnmarked.False() {
// Skip this element
@@ -1565,6 +1579,10 @@ func (e *ForExpr) Value(ctx *hcl.EvalContext) (cty.Value, hcl.Diagnostics) {
known = false
continue
}
+
+ _, keyMarks := keyRaw.Unmark()
+ marks = append(marks, keyMarks)
+
if !keyRaw.IsKnown() {
known = false
continue
@@ -1587,8 +1605,7 @@ func (e *ForExpr) Value(ctx *hcl.EvalContext) (cty.Value, hcl.Diagnostics) {
continue
}
- key, keyMarks := key.Unmark()
- marks = append(marks, keyMarks)
+ key, _ = key.Unmark()
val, valDiags := e.ValExpr.Value(childCtx)
diags = append(diags, valDiags...)
@@ -1618,7 +1635,7 @@ func (e *ForExpr) Value(ctx *hcl.EvalContext) (cty.Value, hcl.Diagnostics) {
}
if !known {
- return cty.DynamicVal, diags
+ return cty.DynamicVal.WithMarks(marks...), diags
}
if e.Group {
@@ -1664,6 +1681,12 @@ func (e *ForExpr) Value(ctx *hcl.EvalContext) (cty.Value, hcl.Diagnostics) {
known = false
continue
}
+
+ // Extract and merge marks from the include expression into the
+ // main set of marks
+ _, includeMarks := includeRaw.Unmark()
+ marks = append(marks, includeMarks)
+
if !includeRaw.IsKnown() {
// We will eventually return DynamicVal, but we'll continue
// iterating in case there are other diagnostics to gather
@@ -1689,10 +1712,7 @@ func (e *ForExpr) Value(ctx *hcl.EvalContext) (cty.Value, hcl.Diagnostics) {
continue
}
- // Extract and merge marks from the include expression into the
- // main set of marks
- includeUnmarked, includeMarks := include.Unmark()
- marks = append(marks, includeMarks)
+ includeUnmarked, _ := include.Unmark()
if includeUnmarked.False() {
// Skip this element
continue
@@ -1705,7 +1725,7 @@ func (e *ForExpr) Value(ctx *hcl.EvalContext) (cty.Value, hcl.Diagnostics) {
}
if !known {
- return cty.DynamicVal, diags
+ return cty.DynamicVal.WithMarks(marks...), diags
}
return cty.TupleVal(vals).WithMarks(marks...), diags
diff --git a/vendor/github.com/hashicorp/hcl/v2/ops.go b/vendor/github.com/hashicorp/hcl/v2/ops.go
index bdf23614d673..3cd7b205effc 100644
--- a/vendor/github.com/hashicorp/hcl/v2/ops.go
+++ b/vendor/github.com/hashicorp/hcl/v2/ops.go
@@ -49,7 +49,7 @@ func Index(collection, key cty.Value, srcRange *Range) (cty.Value, Diagnostics)
ty := collection.Type()
kty := key.Type()
if kty == cty.DynamicPseudoType || ty == cty.DynamicPseudoType {
- return cty.DynamicVal, nil
+ return cty.DynamicVal.WithSameMarks(collection), nil
}
switch {
@@ -87,9 +87,9 @@ func Index(collection, key cty.Value, srcRange *Range) (cty.Value, Diagnostics)
has, _ := collection.HasIndex(key).Unmark()
if !has.IsKnown() {
if ty.IsTupleType() {
- return cty.DynamicVal, nil
+ return cty.DynamicVal.WithSameMarks(collection), nil
} else {
- return cty.UnknownVal(ty.ElementType()), nil
+ return cty.UnknownVal(ty.ElementType()).WithSameMarks(collection), nil
}
}
if has.False() {
@@ -196,10 +196,10 @@ func Index(collection, key cty.Value, srcRange *Range) (cty.Value, Diagnostics)
}
}
if !collection.IsKnown() {
- return cty.DynamicVal, nil
+ return cty.DynamicVal.WithSameMarks(collection), nil
}
if !key.IsKnown() {
- return cty.DynamicVal, nil
+ return cty.DynamicVal.WithSameMarks(collection), nil
}
key, _ = key.Unmark()
@@ -291,13 +291,13 @@ func GetAttr(obj cty.Value, attrName string, srcRange *Range) (cty.Value, Diagno
}
if !obj.IsKnown() {
- return cty.UnknownVal(ty.AttributeType(attrName)), nil
+ return cty.UnknownVal(ty.AttributeType(attrName)).WithSameMarks(obj), nil
}
return obj.GetAttr(attrName), nil
case ty.IsMapType():
if !obj.IsKnown() {
- return cty.UnknownVal(ty.ElementType()), nil
+ return cty.UnknownVal(ty.ElementType()).WithSameMarks(obj), nil
}
idx := cty.StringVal(attrName)
@@ -319,7 +319,7 @@ func GetAttr(obj cty.Value, attrName string, srcRange *Range) (cty.Value, Diagno
return obj.Index(idx), nil
case ty == cty.DynamicPseudoType:
- return cty.DynamicVal, nil
+ return cty.DynamicVal.WithSameMarks(obj), nil
case ty.IsListType() && ty.ElementType().IsObjectType():
// It seems a common mistake to try to access attributes on a whole
// list of objects rather than on a specific individual element, so
diff --git a/vendor/github.com/hashicorp/hcl/v2/spec.md b/vendor/github.com/hashicorp/hcl/v2/spec.md
index 97ef613182f7..d52ed70bb52a 100644
--- a/vendor/github.com/hashicorp/hcl/v2/spec.md
+++ b/vendor/github.com/hashicorp/hcl/v2/spec.md
@@ -96,7 +96,7 @@ of the implementation language.
### _Dynamic Attributes_ Processing
The _schema-driven_ processing model is useful when the expected structure
-of a body is known a priori by the calling application. Some blocks are
+of a body is known by the calling application. Some blocks are
instead more free-form, such as a user-provided set of arbitrary key/value
pairs.
diff --git a/vendor/github.com/hashicorp/terraform-plugin-testing/compare/doc.go b/vendor/github.com/hashicorp/terraform-plugin-testing/compare/doc.go
new file mode 100644
index 000000000000..feb4a4c0056e
--- /dev/null
+++ b/vendor/github.com/hashicorp/terraform-plugin-testing/compare/doc.go
@@ -0,0 +1,5 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+// Package compare contains the value comparer interface, and types implementing the value comparer interface.
+package compare
diff --git a/vendor/github.com/hashicorp/terraform-plugin-testing/compare/value_comparer.go b/vendor/github.com/hashicorp/terraform-plugin-testing/compare/value_comparer.go
new file mode 100644
index 000000000000..af635898b8c8
--- /dev/null
+++ b/vendor/github.com/hashicorp/terraform-plugin-testing/compare/value_comparer.go
@@ -0,0 +1,13 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package compare
+
+// ValueComparer defines an interface that is implemented to run comparison logic on multiple values. Individual
+// implementations determine how the comparison is performed (e.g., values differ, values equal).
+type ValueComparer interface {
+ // CompareValues should assert the given known values against any expectations.
+ // Values are always ordered in the order they were added. Use the error
+ // return to signal unexpected values or implementation errors.
+ CompareValues(values ...any) error
+}
diff --git a/vendor/github.com/hashicorp/terraform-plugin-testing/compare/values_differ.go b/vendor/github.com/hashicorp/terraform-plugin-testing/compare/values_differ.go
new file mode 100644
index 000000000000..24bd2ae22c13
--- /dev/null
+++ b/vendor/github.com/hashicorp/terraform-plugin-testing/compare/values_differ.go
@@ -0,0 +1,31 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package compare
+
+import (
+ "fmt"
+ "reflect"
+)
+
+var _ ValueComparer = valuesDiffer{}
+
+type valuesDiffer struct{}
+
+// CompareValues determines whether each value in the sequence of the supplied values
+// differs from the preceding value.
+func (v valuesDiffer) CompareValues(values ...any) error {
+ for i := 1; i < len(values); i++ {
+ if reflect.DeepEqual(values[i-1], values[i]) {
+ return fmt.Errorf("expected values to differ, but they are the same: %v == %v", values[i-1], values[i])
+ }
+ }
+
+ return nil
+}
+
+// ValuesDiffer returns a ValueComparer for asserting that each value in the sequence of
+// the values supplied to the CompareValues method differs from the preceding value.
+func ValuesDiffer() valuesDiffer {
+ return valuesDiffer{}
+}
diff --git a/vendor/github.com/hashicorp/terraform-plugin-testing/compare/values_same.go b/vendor/github.com/hashicorp/terraform-plugin-testing/compare/values_same.go
new file mode 100644
index 000000000000..46ee13f31222
--- /dev/null
+++ b/vendor/github.com/hashicorp/terraform-plugin-testing/compare/values_same.go
@@ -0,0 +1,31 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package compare
+
+import (
+ "fmt"
+ "reflect"
+)
+
+var _ ValueComparer = valuesSame{}
+
+type valuesSame struct{}
+
+// CompareValues determines whether each value in the sequence of the supplied values
+// is the same as the preceding value.
+func (v valuesSame) CompareValues(values ...any) error {
+ for i := 1; i < len(values); i++ {
+ if !reflect.DeepEqual(values[i-1], values[i]) {
+ return fmt.Errorf("expected values to be the same, but they differ: %v != %v", values[i-1], values[i])
+ }
+ }
+
+ return nil
+}
+
+// ValuesSame returns a ValueComparer for asserting that each value in the sequence of
+// the values supplied to the CompareValues method is the same as the preceding value.
+func ValuesSame() valuesSame {
+ return valuesSame{}
+}
diff --git a/vendor/github.com/hashicorp/terraform-plugin-testing/echoprovider/doc.go b/vendor/github.com/hashicorp/terraform-plugin-testing/echoprovider/doc.go
new file mode 100644
index 000000000000..753097f826b7
--- /dev/null
+++ b/vendor/github.com/hashicorp/terraform-plugin-testing/echoprovider/doc.go
@@ -0,0 +1,20 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+// Package echoprovider contains a protocol v6 Terraform provider that can be used to transfer data from
+// provider configuration to state via a managed resource. This is only meant for provider acceptance testing
+// of data that cannot be stored in Terraform artifacts (plan/state), such as an ephemeral resource.
+//
+// Example Usage:
+//
+// // Ephemeral resource that is under test
+// ephemeral "examplecloud_thing" "this" {
+// name = "thing-one"
+// }
+//
+// provider "echo" {
+// data = ephemeral.examplecloud_thing.this
+// }
+//
+// resource "echo" "test" {} // The `echo.test.data` attribute will contain the ephemeral data from `ephemeral.examplecloud_thing.this`
+package echoprovider
diff --git a/vendor/github.com/hashicorp/terraform-plugin-testing/echoprovider/server.go b/vendor/github.com/hashicorp/terraform-plugin-testing/echoprovider/server.go
new file mode 100644
index 000000000000..dc4d90c8b53e
--- /dev/null
+++ b/vendor/github.com/hashicorp/terraform-plugin-testing/echoprovider/server.go
@@ -0,0 +1,408 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package echoprovider
+
+import (
+ "context"
+ "fmt"
+
+ "github.com/hashicorp/terraform-plugin-go/tfprotov6"
+ "github.com/hashicorp/terraform-plugin-go/tftypes"
+)
+
+// NewProviderServer returns the "echo" provider, which is a protocol v6 Terraform provider meant only to be used for testing
+// data which cannot be stored in Terraform artifacts (plan/state), such as an ephemeral resource. The "echo" provider can be included in
+// an acceptance test with the `(resource.TestCase).ProtoV6ProviderFactories` field, for example:
+//
+// resource.UnitTest(t, resource.TestCase{
+// // .. other TestCase fields
+// ProtoV6ProviderFactories: map[string]func() (tfprotov6.ProviderServer, error){
+// "echo": echoprovider.NewProviderServer(),
+// },
+//
+// // .. TestSteps
+// })
+//
+// The "echo" provider configuration accepts in a dynamic "data" attribute, which will be stored in the "echo" managed resource "data" attribute, for example:
+//
+// // Ephemeral resource that is under test
+// ephemeral "examplecloud_thing" "this" {
+// name = "thing-one"
+// }
+//
+// provider "echo" {
+// data = ephemeral.examplecloud_thing.this
+// }
+//
+// resource "echo" "test" {} // The `echo.test.data` attribute will contain the ephemeral data from `ephemeral.examplecloud_thing.this`
+func NewProviderServer() func() (tfprotov6.ProviderServer, error) {
+ return func() (tfprotov6.ProviderServer, error) {
+ return &echoProviderServer{}, nil
+ }
+}
+
+// echoProviderServer is a lightweight protocol version 6 provider server that saves data from the provider configuration (which is considered ephemeral)
+// and then stores that data into state during ApplyResourceChange.
+//
+// As provider configuration is ephemeral, it's possible for the data to change between plan and apply. As a result of this, the echo provider
+// will never propose new changes after it has been created, making it immutable (during plan, echo will always use prior state for it's plan,
+// regardless of what the provider configuration is set to). This prevents the managed resource from continuously proposing new planned changes
+// if the ephemeral data changes.
+type echoProviderServer struct {
+ // The value of the "data" attribute during provider configuration. Will be directly echoed to the echo.data attribute.
+ providerConfigData tftypes.Value
+}
+
+const echoResourceType = "echo"
+
+func (e *echoProviderServer) providerSchema() *tfprotov6.Schema {
+ return &tfprotov6.Schema{
+ Block: &tfprotov6.SchemaBlock{
+ Description: "This provider is used to output the data attribute provided to the provider configuration into all resources instances of echo. " +
+ "This is only useful for testing ephemeral resources where the data isn't stored to state.",
+ DescriptionKind: tfprotov6.StringKindPlain,
+ Attributes: []*tfprotov6.SchemaAttribute{
+ {
+ Name: "data",
+ Type: tftypes.DynamicPseudoType,
+ Description: "Dynamic data to provide to the echo resource.",
+ DescriptionKind: tfprotov6.StringKindPlain,
+ Optional: true,
+ },
+ },
+ },
+ }
+}
+
+func (e *echoProviderServer) testResourceSchema() *tfprotov6.Schema {
+ return &tfprotov6.Schema{
+ Block: &tfprotov6.SchemaBlock{
+ Attributes: []*tfprotov6.SchemaAttribute{
+ {
+ Name: "data",
+ Type: tftypes.DynamicPseudoType,
+ Description: "Dynamic data that was provided to the provider configuration.",
+ DescriptionKind: tfprotov6.StringKindPlain,
+ Computed: true,
+ },
+ },
+ },
+ }
+}
+
+func (e *echoProviderServer) ApplyResourceChange(ctx context.Context, req *tfprotov6.ApplyResourceChangeRequest) (*tfprotov6.ApplyResourceChangeResponse, error) {
+ resp := &tfprotov6.ApplyResourceChangeResponse{}
+
+ if req.TypeName != echoResourceType {
+ resp.Diagnostics = []*tfprotov6.Diagnostic{
+ {
+ Severity: tfprotov6.DiagnosticSeverityError,
+ Summary: "Unsupported Resource",
+ Detail: fmt.Sprintf("ApplyResourceChange was called for a resource type that is not supported by this provider: %q", req.TypeName),
+ },
+ }
+
+ return resp, nil
+ }
+
+ echoTestSchema := e.testResourceSchema()
+
+ plannedState, diag := dynamicValueToValue(echoTestSchema, req.PlannedState)
+ if diag != nil {
+ resp.Diagnostics = append(resp.Diagnostics, diag)
+
+ return resp, nil
+ }
+
+ // Destroy Op, just return planned state, which is null
+ if plannedState.IsNull() {
+ resp.NewState = req.PlannedState
+ return resp, nil
+ }
+
+ // Take the provider config "data" attribute verbatim and put back into state. It shares the same type (DynamicPseudoType)
+ // as the echo "data" attribute.
+ newVal := tftypes.NewValue(echoTestSchema.ValueType(), map[string]tftypes.Value{
+ "data": e.providerConfigData,
+ })
+
+ newState, diag := valuetoDynamicValue(echoTestSchema, newVal)
+
+ if diag != nil {
+ resp.Diagnostics = append(resp.Diagnostics, diag)
+
+ return resp, nil
+ }
+
+ resp.NewState = newState
+
+ return resp, nil
+}
+
+func (e *echoProviderServer) CallFunction(ctx context.Context, req *tfprotov6.CallFunctionRequest) (*tfprotov6.CallFunctionResponse, error) {
+ return &tfprotov6.CallFunctionResponse{}, nil
+}
+
+func (e *echoProviderServer) ConfigureProvider(ctx context.Context, req *tfprotov6.ConfigureProviderRequest) (*tfprotov6.ConfigureProviderResponse, error) {
+ resp := &tfprotov6.ConfigureProviderResponse{}
+
+ configVal, diags := dynamicValueToValue(e.providerSchema(), req.Config)
+ if diags != nil {
+ resp.Diagnostics = append(resp.Diagnostics, diags)
+ return resp, nil
+ }
+
+ objVal := map[string]tftypes.Value{}
+ err := configVal.As(&objVal)
+ if err != nil {
+ diag := &tfprotov6.Diagnostic{
+ Severity: tfprotov6.DiagnosticSeverityError,
+ Summary: "Error reading Config",
+ Detail: err.Error(),
+ }
+ resp.Diagnostics = append(resp.Diagnostics, diag)
+ return resp, nil //nolint:nilerr // error via diagnostic, not gRPC
+ }
+
+ dynamicDataVal, ok := objVal["data"]
+ if !ok {
+ diag := &tfprotov6.Diagnostic{
+ Severity: tfprotov6.DiagnosticSeverityError,
+ Summary: `Attribute "data" not found in config`,
+ }
+ resp.Diagnostics = append(resp.Diagnostics, diag)
+ return resp, nil //nolint:nilerr // error via diagnostic, not gRPC
+ }
+
+ e.providerConfigData = dynamicDataVal.Copy()
+
+ return resp, nil
+}
+
+func (e *echoProviderServer) GetFunctions(ctx context.Context, req *tfprotov6.GetFunctionsRequest) (*tfprotov6.GetFunctionsResponse, error) {
+ return &tfprotov6.GetFunctionsResponse{}, nil
+}
+
+func (e *echoProviderServer) GetMetadata(ctx context.Context, req *tfprotov6.GetMetadataRequest) (*tfprotov6.GetMetadataResponse, error) {
+ return &tfprotov6.GetMetadataResponse{
+ Resources: []tfprotov6.ResourceMetadata{
+ {
+ TypeName: echoResourceType,
+ },
+ },
+ }, nil
+}
+
+func (e *echoProviderServer) GetProviderSchema(ctx context.Context, req *tfprotov6.GetProviderSchemaRequest) (*tfprotov6.GetProviderSchemaResponse, error) {
+ return &tfprotov6.GetProviderSchemaResponse{
+ Provider: e.providerSchema(),
+ // MAINTAINER NOTE: This provider is only really built to support a single special resource type ("echo"). In the future, if we want
+ // to add more resource types to this provider, we'll likely need to refactor other RPCs in the provider server to handle that.
+ ResourceSchemas: map[string]*tfprotov6.Schema{
+ echoResourceType: e.testResourceSchema(),
+ },
+ }, nil
+}
+
+func (e *echoProviderServer) ImportResourceState(ctx context.Context, req *tfprotov6.ImportResourceStateRequest) (*tfprotov6.ImportResourceStateResponse, error) {
+ return &tfprotov6.ImportResourceStateResponse{
+ Diagnostics: []*tfprotov6.Diagnostic{
+ {
+ Severity: tfprotov6.DiagnosticSeverityError,
+ Summary: "Unsupported Resource Operation",
+ Detail: "ImportResourceState is not supported by this provider.",
+ },
+ },
+ }, nil
+}
+
+func (e *echoProviderServer) MoveResourceState(ctx context.Context, req *tfprotov6.MoveResourceStateRequest) (*tfprotov6.MoveResourceStateResponse, error) {
+ return &tfprotov6.MoveResourceStateResponse{
+ Diagnostics: []*tfprotov6.Diagnostic{
+ {
+ Severity: tfprotov6.DiagnosticSeverityError,
+ Summary: "Unsupported Resource Operation",
+ Detail: "MoveResourceState is not supported by this provider.",
+ },
+ },
+ }, nil
+}
+
+func (e *echoProviderServer) PlanResourceChange(ctx context.Context, req *tfprotov6.PlanResourceChangeRequest) (*tfprotov6.PlanResourceChangeResponse, error) {
+ resp := &tfprotov6.PlanResourceChangeResponse{}
+
+ if req.TypeName != echoResourceType {
+ resp.Diagnostics = []*tfprotov6.Diagnostic{
+ {
+ Severity: tfprotov6.DiagnosticSeverityError,
+ Summary: "Unsupported Resource",
+ Detail: fmt.Sprintf("PlanResourceChange was called for a resource type that is not supported by this provider: %q", req.TypeName),
+ },
+ }
+
+ return resp, nil
+ }
+
+ echoTestSchema := e.testResourceSchema()
+ priorState, diag := dynamicValueToValue(echoTestSchema, req.PriorState)
+ if diag != nil {
+ resp.Diagnostics = append(resp.Diagnostics, diag)
+
+ return resp, nil
+ }
+
+ proposedNewState, diag := dynamicValueToValue(echoTestSchema, req.ProposedNewState)
+ if diag != nil {
+ resp.Diagnostics = append(resp.Diagnostics, diag)
+
+ return resp, nil
+ }
+
+ // Destroying the resource, just return proposed new state (which is null)
+ if proposedNewState.IsNull() {
+ return &tfprotov6.PlanResourceChangeResponse{
+ PlannedState: req.ProposedNewState,
+ }, nil
+ }
+
+ // If the echo resource has prior state, don't plan anything new as it's valid for the ephemeral data to change
+ // between operations and we don't want to produce constant diffs. This resource is only for testing data, which a
+ // single plan/apply should suffice.
+ if !priorState.IsNull() {
+ return &tfprotov6.PlanResourceChangeResponse{
+ PlannedState: req.PriorState,
+ }, nil
+ }
+
+ // If we are creating, mark data as unknown in the plan.
+ //
+ // We can't set the proposed new state to the provider config data because it could change between plan/apply (provider config is ephemeral).
+ unknownVal := tftypes.NewValue(echoTestSchema.ValueType(), map[string]tftypes.Value{
+ "data": tftypes.NewValue(tftypes.DynamicPseudoType, tftypes.UnknownValue),
+ })
+
+ plannedState, diag := valuetoDynamicValue(echoTestSchema, unknownVal)
+ if diag != nil {
+ resp.Diagnostics = append(resp.Diagnostics, diag)
+
+ return resp, nil
+ }
+
+ resp.PlannedState = plannedState
+
+ return resp, nil
+}
+
+func (e *echoProviderServer) ReadDataSource(ctx context.Context, req *tfprotov6.ReadDataSourceRequest) (*tfprotov6.ReadDataSourceResponse, error) {
+ return &tfprotov6.ReadDataSourceResponse{}, nil
+}
+
+func (e *echoProviderServer) ReadResource(ctx context.Context, req *tfprotov6.ReadResourceRequest) (*tfprotov6.ReadResourceResponse, error) {
+ // Just return current state, since the data doesn't need to be refreshed.
+ return &tfprotov6.ReadResourceResponse{
+ NewState: req.CurrentState,
+ }, nil
+}
+
+func (e *echoProviderServer) StopProvider(ctx context.Context, req *tfprotov6.StopProviderRequest) (*tfprotov6.StopProviderResponse, error) {
+ return &tfprotov6.StopProviderResponse{}, nil
+}
+
+func (e *echoProviderServer) UpgradeResourceState(ctx context.Context, req *tfprotov6.UpgradeResourceStateRequest) (*tfprotov6.UpgradeResourceStateResponse, error) {
+ resp := &tfprotov6.UpgradeResourceStateResponse{}
+
+ if req.TypeName != echoResourceType {
+ resp.Diagnostics = []*tfprotov6.Diagnostic{
+ {
+ Severity: tfprotov6.DiagnosticSeverityError,
+ Summary: "Unsupported Resource",
+ Detail: fmt.Sprintf("UpgradeResourceState was called for a resource type that is not supported by this provider: %q", req.TypeName),
+ },
+ }
+
+ return resp, nil
+ }
+
+ // Define options to be used when unmarshalling raw state.
+ // IgnoreUndefinedAttributes will silently skip over fields in the JSON
+ // that do not have a matching entry in the schema.
+ unmarshalOpts := tfprotov6.UnmarshalOpts{
+ ValueFromJSONOpts: tftypes.ValueFromJSONOpts{
+ IgnoreUndefinedAttributes: true,
+ },
+ }
+
+ providerSchema := e.providerSchema()
+
+ if req.Version != providerSchema.Version {
+ resp.Diagnostics = []*tfprotov6.Diagnostic{
+ {
+ Severity: tfprotov6.DiagnosticSeverityError,
+ Summary: "Unsupported Resource",
+ Detail: "UpgradeResourceState was called for echo, which does not support multiple schema versions",
+ },
+ }
+
+ return resp, nil
+ }
+
+ // Terraform CLI can call UpgradeResourceState even if the stored state
+ // version matches the current schema. Presumably this is to account for
+ // the previous terraform-plugin-sdk implementation, which handled some
+ // state fixups on behalf of Terraform CLI. This will attempt to roundtrip
+ // the prior RawState to a state matching the current schema.
+ rawStateValue, err := req.RawState.UnmarshalWithOpts(providerSchema.ValueType(), unmarshalOpts)
+
+ if err != nil {
+ diag := &tfprotov6.Diagnostic{
+ Severity: tfprotov6.DiagnosticSeverityError,
+ Summary: "Unable to Read Previously Saved State for UpgradeResourceState",
+ Detail: "There was an error reading the saved resource state using the current resource schema: " + err.Error(),
+ }
+
+ resp.Diagnostics = append(resp.Diagnostics, diag)
+
+ return resp, nil //nolint:nilerr // error via diagnostic, not gRPC
+ }
+
+ upgradedState, diag := valuetoDynamicValue(providerSchema, rawStateValue)
+
+ if diag != nil {
+ resp.Diagnostics = append(resp.Diagnostics, diag)
+
+ return resp, nil
+ }
+
+ resp.UpgradedState = upgradedState
+
+ return resp, nil
+}
+
+func (e *echoProviderServer) ValidateDataResourceConfig(ctx context.Context, req *tfprotov6.ValidateDataResourceConfigRequest) (*tfprotov6.ValidateDataResourceConfigResponse, error) {
+ return &tfprotov6.ValidateDataResourceConfigResponse{}, nil
+}
+
+func (e *echoProviderServer) ValidateProviderConfig(ctx context.Context, req *tfprotov6.ValidateProviderConfigRequest) (*tfprotov6.ValidateProviderConfigResponse, error) {
+ return &tfprotov6.ValidateProviderConfigResponse{}, nil
+}
+
+func (e *echoProviderServer) ValidateResourceConfig(ctx context.Context, req *tfprotov6.ValidateResourceConfigRequest) (*tfprotov6.ValidateResourceConfigResponse, error) {
+ return &tfprotov6.ValidateResourceConfigResponse{}, nil
+}
+
+func (e *echoProviderServer) OpenEphemeralResource(ctx context.Context, req *tfprotov6.OpenEphemeralResourceRequest) (*tfprotov6.OpenEphemeralResourceResponse, error) {
+ return &tfprotov6.OpenEphemeralResourceResponse{}, nil
+}
+
+func (e *echoProviderServer) RenewEphemeralResource(ctx context.Context, req *tfprotov6.RenewEphemeralResourceRequest) (*tfprotov6.RenewEphemeralResourceResponse, error) {
+ return &tfprotov6.RenewEphemeralResourceResponse{}, nil
+}
+
+func (e *echoProviderServer) CloseEphemeralResource(ctx context.Context, req *tfprotov6.CloseEphemeralResourceRequest) (*tfprotov6.CloseEphemeralResourceResponse, error) {
+ return &tfprotov6.CloseEphemeralResourceResponse{}, nil
+}
+
+func (e *echoProviderServer) ValidateEphemeralResourceConfig(ctx context.Context, req *tfprotov6.ValidateEphemeralResourceConfigRequest) (*tfprotov6.ValidateEphemeralResourceConfigResponse, error) {
+ return &tfprotov6.ValidateEphemeralResourceConfigResponse{}, nil
+}
diff --git a/vendor/github.com/hashicorp/terraform-plugin-testing/echoprovider/tftypes.go b/vendor/github.com/hashicorp/terraform-plugin-testing/echoprovider/tftypes.go
new file mode 100644
index 000000000000..54e160a3cfaf
--- /dev/null
+++ b/vendor/github.com/hashicorp/terraform-plugin-testing/echoprovider/tftypes.go
@@ -0,0 +1,64 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package echoprovider
+
+import (
+ "github.com/hashicorp/terraform-plugin-go/tfprotov6"
+ "github.com/hashicorp/terraform-plugin-go/tftypes"
+)
+
+func valuetoDynamicValue(schema *tfprotov6.Schema, value tftypes.Value) (*tfprotov6.DynamicValue, *tfprotov6.Diagnostic) {
+ if schema == nil {
+ diag := &tfprotov6.Diagnostic{
+ Severity: tfprotov6.DiagnosticSeverityError,
+ Summary: "Unable to Convert Value",
+ Detail: "Converting the Value to DynamicValue returned an unexpected error: missing schema",
+ }
+
+ return nil, diag
+ }
+
+ dynamicValue, err := tfprotov6.NewDynamicValue(schema.ValueType(), value)
+ if err != nil {
+ diag := &tfprotov6.Diagnostic{
+ Severity: tfprotov6.DiagnosticSeverityError,
+ Summary: "Unable to Convert Value",
+ Detail: "Converting the Value to DynamicValue returned an unexpected error: " + err.Error(),
+ }
+
+ return &dynamicValue, diag
+ }
+
+ return &dynamicValue, nil
+}
+
+func dynamicValueToValue(schema *tfprotov6.Schema, dynamicValue *tfprotov6.DynamicValue) (tftypes.Value, *tfprotov6.Diagnostic) {
+ if schema == nil {
+ diag := &tfprotov6.Diagnostic{
+ Severity: tfprotov6.DiagnosticSeverityError,
+ Summary: "Unable to Convert DynamicValue",
+ Detail: "Converting the DynamicValue to Value returned an unexpected error: missing schema",
+ }
+
+ return tftypes.NewValue(tftypes.Object{}, nil), diag
+ }
+
+ if dynamicValue == nil {
+ return tftypes.NewValue(schema.ValueType(), nil), nil
+ }
+
+ value, err := dynamicValue.Unmarshal(schema.ValueType())
+
+ if err != nil {
+ diag := &tfprotov6.Diagnostic{
+ Severity: tfprotov6.DiagnosticSeverityError,
+ Summary: "Unable to Convert DynamicValue",
+ Detail: "Converting the DynamicValue to Value returned an unexpected error: " + err.Error(),
+ }
+
+ return value, diag
+ }
+
+ return value, nil
+}
diff --git a/vendor/github.com/hashicorp/terraform-plugin-testing/helper/acctest/random.go b/vendor/github.com/hashicorp/terraform-plugin-testing/helper/acctest/random.go
index 607b1cef2e1e..102c85ddd8be 100644
--- a/vendor/github.com/hashicorp/terraform-plugin-testing/helper/acctest/random.go
+++ b/vendor/github.com/hashicorp/terraform-plugin-testing/helper/acctest/random.go
@@ -34,9 +34,9 @@ func RandomWithPrefix(name string) string {
return fmt.Sprintf("%s-%d", name, RandInt())
}
-// RandIntRange returns a random integer between min (inclusive) and max (exclusive)
-func RandIntRange(min int, max int) int {
- return rand.Intn(max-min) + min
+// RandIntRange returns a random integer between minInt (inclusive) and maxInt (exclusive)
+func RandIntRange(minInt int, maxInt int) int {
+ return rand.Intn(maxInt-minInt) + minInt
}
// RandString generates a random alphanumeric string of the length specified
diff --git a/vendor/github.com/hashicorp/terraform-plugin-testing/knownvalue/float32.go b/vendor/github.com/hashicorp/terraform-plugin-testing/knownvalue/float32.go
new file mode 100644
index 000000000000..ee02fdcb1a88
--- /dev/null
+++ b/vendor/github.com/hashicorp/terraform-plugin-testing/knownvalue/float32.go
@@ -0,0 +1,51 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package knownvalue
+
+import (
+ "encoding/json"
+ "fmt"
+ "strconv"
+)
+
+var _ Check = float32Exact{}
+
+type float32Exact struct {
+ value float32
+}
+
+// CheckValue determines whether the passed value is of type float32, and
+// contains a matching float32 value.
+func (v float32Exact) CheckValue(other any) error {
+ jsonNum, ok := other.(json.Number)
+
+ if !ok {
+ return fmt.Errorf("expected json.Number value for Float32Exact check, got: %T", other)
+ }
+
+ otherVal, err := strconv.ParseFloat(string(jsonNum), 32)
+
+ if err != nil {
+ return fmt.Errorf("expected json.Number to be parseable as float32 value for Float32Exact check: %s", err)
+ }
+
+ if float32(otherVal) != v.value {
+ return fmt.Errorf("expected value %s for Float32Exact check, got: %s", v.String(), strconv.FormatFloat(otherVal, 'f', -1, 32))
+ }
+
+ return nil
+}
+
+// String returns the string representation of the float32 value.
+func (v float32Exact) String() string {
+ return strconv.FormatFloat(float64(v.value), 'f', -1, 32)
+}
+
+// Float32Exact returns a Check for asserting equality between the
+// supplied float32 and the value passed to the CheckValue method.
+func Float32Exact(value float32) float32Exact {
+ return float32Exact{
+ value: value,
+ }
+}
diff --git a/vendor/github.com/hashicorp/terraform-plugin-testing/knownvalue/int32.go b/vendor/github.com/hashicorp/terraform-plugin-testing/knownvalue/int32.go
new file mode 100644
index 000000000000..49dd30bb3c49
--- /dev/null
+++ b/vendor/github.com/hashicorp/terraform-plugin-testing/knownvalue/int32.go
@@ -0,0 +1,51 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package knownvalue
+
+import (
+ "encoding/json"
+ "fmt"
+ "strconv"
+)
+
+var _ Check = int32Exact{}
+
+type int32Exact struct {
+ value int32
+}
+
+// CheckValue determines whether the passed value is of type int32, and
+// contains a matching int32 value.
+func (v int32Exact) CheckValue(other any) error {
+ jsonNum, ok := other.(json.Number)
+
+ if !ok {
+ return fmt.Errorf("expected json.Number value for Int32Exact check, got: %T", other)
+ }
+
+ otherVal, err := strconv.ParseInt(string(jsonNum), 10, 32)
+
+ if err != nil {
+ return fmt.Errorf("expected json.Number to be parseable as int32 value for Int32Exact check: %s", err)
+ }
+
+ if int32(otherVal) != v.value {
+ return fmt.Errorf("expected value %d for Int32Exact check, got: %d", v.value, otherVal)
+ }
+
+ return nil
+}
+
+// String returns the string representation of the int32 value.
+func (v int32Exact) String() string {
+ return strconv.FormatInt(int64(v.value), 10)
+}
+
+// Int32Exact returns a Check for asserting equality between the
+// supplied int32 and the value passed to the CheckValue method.
+func Int32Exact(value int32) int32Exact {
+ return int32Exact{
+ value: value,
+ }
+}
diff --git a/vendor/github.com/hashicorp/terraform-plugin-testing/statecheck/compare_value.go b/vendor/github.com/hashicorp/terraform-plugin-testing/statecheck/compare_value.go
new file mode 100644
index 000000000000..68a6ef9d5849
--- /dev/null
+++ b/vendor/github.com/hashicorp/terraform-plugin-testing/statecheck/compare_value.go
@@ -0,0 +1,114 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package statecheck
+
+import (
+ "context"
+ "fmt"
+
+ tfjson "github.com/hashicorp/terraform-json"
+
+ "github.com/hashicorp/terraform-plugin-testing/compare"
+ "github.com/hashicorp/terraform-plugin-testing/tfjsonpath"
+)
+
+// Resource State Check
+var _ StateCheck = &compareValue{}
+
+type compareValue struct {
+ resourceAddresses []string
+ attributePaths []tfjsonpath.Path
+ stateValues []any
+ comparer compare.ValueComparer
+}
+
+func (e *compareValue) AddStateValue(resourceAddress string, attributePath tfjsonpath.Path) StateCheck {
+ e.resourceAddresses = append(e.resourceAddresses, resourceAddress)
+ e.attributePaths = append(e.attributePaths, attributePath)
+
+ return e
+}
+
+// CheckState implements the state check logic.
+func (e *compareValue) CheckState(ctx context.Context, req CheckStateRequest, resp *CheckStateResponse) {
+ var resource *tfjson.StateResource
+
+ if req.State == nil {
+ resp.Error = fmt.Errorf("state is nil")
+
+ return
+ }
+
+ if req.State.Values == nil {
+ resp.Error = fmt.Errorf("state does not contain any state values")
+
+ return
+ }
+
+ if req.State.Values.RootModule == nil {
+ resp.Error = fmt.Errorf("state does not contain a root module")
+
+ return
+ }
+
+ // All calls to AddStateValue occur before any TestStep is run, populating the resourceAddresses
+ // and attributePaths slices. The stateValues slice is populated during execution of each TestStep.
+ // Each call to CheckState happens sequentially during each TestStep.
+ // The currentIndex is reflective of the current state value being checked.
+ currentIndex := len(e.stateValues)
+
+ if len(e.resourceAddresses) <= currentIndex {
+ resp.Error = fmt.Errorf("resource addresses index out of bounds: %d", currentIndex)
+
+ return
+ }
+
+ resourceAddress := e.resourceAddresses[currentIndex]
+
+ for _, r := range req.State.Values.RootModule.Resources {
+ if resourceAddress == r.Address {
+ resource = r
+
+ break
+ }
+ }
+
+ if resource == nil {
+ resp.Error = fmt.Errorf("%s - Resource not found in state", resourceAddress)
+
+ return
+ }
+
+ if len(e.attributePaths) <= currentIndex {
+ resp.Error = fmt.Errorf("attribute paths index out of bounds: %d", currentIndex)
+
+ return
+ }
+
+ attributePath := e.attributePaths[currentIndex]
+
+ result, err := tfjsonpath.Traverse(resource.AttributeValues, attributePath)
+
+ if err != nil {
+ resp.Error = err
+
+ return
+ }
+
+ e.stateValues = append(e.stateValues, result)
+
+ err = e.comparer.CompareValues(e.stateValues...)
+
+ if err != nil {
+ resp.Error = err
+ }
+}
+
+// CompareValue returns a state check that compares values retrieved from state using the
+// supplied value comparer.
+func CompareValue(comparer compare.ValueComparer) *compareValue {
+ return &compareValue{
+ comparer: comparer,
+ }
+}
diff --git a/vendor/github.com/hashicorp/terraform-plugin-testing/statecheck/compare_value_collection.go b/vendor/github.com/hashicorp/terraform-plugin-testing/statecheck/compare_value_collection.go
new file mode 100644
index 000000000000..7a06c6010795
--- /dev/null
+++ b/vendor/github.com/hashicorp/terraform-plugin-testing/statecheck/compare_value_collection.go
@@ -0,0 +1,223 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package statecheck
+
+import (
+ "context"
+ "errors"
+ "fmt"
+ "sort"
+
+ tfjson "github.com/hashicorp/terraform-json"
+
+ "github.com/hashicorp/terraform-plugin-testing/compare"
+ "github.com/hashicorp/terraform-plugin-testing/tfjsonpath"
+)
+
+// Resource State Check
+var _ StateCheck = &compareValueCollection{}
+
+type compareValueCollection struct {
+ resourceAddressOne string
+ collectionPath []tfjsonpath.Path
+ resourceAddressTwo string
+ attributePath tfjsonpath.Path
+ comparer compare.ValueComparer
+}
+
+func walkCollectionPath(obj any, paths []tfjsonpath.Path, results []any) ([]any, error) {
+ switch t := obj.(type) {
+ case []any:
+ for _, v := range t {
+ if len(paths) == 0 {
+ results = append(results, v)
+ continue
+ }
+
+ x, err := tfjsonpath.Traverse(v, paths[0])
+
+ if err != nil {
+ return results, err
+ }
+
+ results, err = walkCollectionPath(x, paths[1:], results)
+
+ if err != nil {
+ return results, err
+ }
+ }
+ case map[string]any:
+ keys := make([]string, 0, len(t))
+
+ for k := range t {
+ keys = append(keys, k)
+ }
+
+ sort.Strings(keys)
+
+ for _, key := range keys {
+ if len(paths) == 0 {
+ results = append(results, t[key])
+ continue
+ }
+
+ x, err := tfjsonpath.Traverse(t, paths[0])
+
+ if err != nil {
+ return results, err
+ }
+
+ results, err = walkCollectionPath(x, paths[1:], results)
+
+ if err != nil {
+ return results, err
+ }
+ }
+ default:
+ results = append(results, obj)
+ }
+
+ return results, nil
+}
+
+// CheckState implements the state check logic.
+func (e *compareValueCollection) CheckState(ctx context.Context, req CheckStateRequest, resp *CheckStateResponse) {
+ var resourceOne *tfjson.StateResource
+ var resourceTwo *tfjson.StateResource
+
+ if req.State == nil {
+ resp.Error = fmt.Errorf("state is nil")
+
+ return
+ }
+
+ if req.State.Values == nil {
+ resp.Error = fmt.Errorf("state does not contain any state values")
+
+ return
+ }
+
+ if req.State.Values.RootModule == nil {
+ resp.Error = fmt.Errorf("state does not contain a root module")
+
+ return
+ }
+
+ for _, r := range req.State.Values.RootModule.Resources {
+ if e.resourceAddressOne == r.Address {
+ resourceOne = r
+
+ break
+ }
+ }
+
+ if resourceOne == nil {
+ resp.Error = fmt.Errorf("%s - Resource not found in state", e.resourceAddressOne)
+
+ return
+ }
+
+ if len(e.collectionPath) == 0 {
+ resp.Error = fmt.Errorf("%s - No collection path was provided", e.resourceAddressOne)
+
+ return
+ }
+
+ resultOne, err := tfjsonpath.Traverse(resourceOne.AttributeValues, e.collectionPath[0])
+
+ if err != nil {
+ resp.Error = err
+
+ return
+ }
+
+ // Verify resultOne is a collection.
+ switch t := resultOne.(type) {
+ case []any, map[string]any:
+ // Collection found.
+ default:
+ var pathStr string
+
+ for _, v := range e.collectionPath {
+ pathStr += fmt.Sprintf(".%s", v.String())
+ }
+
+ resp.Error = fmt.Errorf("%s%s is not a collection type: %T", e.resourceAddressOne, pathStr, t)
+
+ return
+ }
+
+ var results []any
+
+ results, err = walkCollectionPath(resultOne, e.collectionPath[1:], results)
+
+ if err != nil {
+ resp.Error = err
+
+ return
+ }
+
+ for _, r := range req.State.Values.RootModule.Resources {
+ if e.resourceAddressTwo == r.Address {
+ resourceTwo = r
+
+ break
+ }
+ }
+
+ if resourceTwo == nil {
+ resp.Error = fmt.Errorf("%s - Resource not found in state", e.resourceAddressTwo)
+
+ return
+ }
+
+ resultTwo, err := tfjsonpath.Traverse(resourceTwo.AttributeValues, e.attributePath)
+
+ if err != nil {
+ resp.Error = err
+
+ return
+ }
+
+ var errs []error
+
+ for _, v := range results {
+ switch resultTwo.(type) {
+ case []any:
+ errs = append(errs, e.comparer.CompareValues([]any{v}, resultTwo))
+ default:
+ errs = append(errs, e.comparer.CompareValues(v, resultTwo))
+ }
+ }
+
+ for _, err = range errs {
+ if err == nil {
+ return
+ }
+ }
+
+ errMsgs := map[string]struct{}{}
+
+ for _, err = range errs {
+ if _, ok := errMsgs[err.Error()]; ok {
+ continue
+ }
+
+ resp.Error = errors.Join(resp.Error, err)
+
+ errMsgs[err.Error()] = struct{}{}
+ }
+}
+
+// CompareValueCollection returns a state check that iterates over each element in a collection and compares the value of each element
+// with the value of an attribute using the given value comparer.
+func CompareValueCollection(resourceAddressOne string, collectionPath []tfjsonpath.Path, resourceAddressTwo string, attributePath tfjsonpath.Path, comparer compare.ValueComparer) StateCheck {
+ return &compareValueCollection{
+ resourceAddressOne: resourceAddressOne,
+ collectionPath: collectionPath,
+ resourceAddressTwo: resourceAddressTwo,
+ attributePath: attributePath,
+ comparer: comparer,
+ }
+}
diff --git a/vendor/github.com/hashicorp/terraform-plugin-testing/statecheck/compare_value_pairs.go b/vendor/github.com/hashicorp/terraform-plugin-testing/statecheck/compare_value_pairs.go
new file mode 100644
index 000000000000..8db67c5625c4
--- /dev/null
+++ b/vendor/github.com/hashicorp/terraform-plugin-testing/statecheck/compare_value_pairs.go
@@ -0,0 +1,111 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package statecheck
+
+import (
+ "context"
+ "fmt"
+
+ tfjson "github.com/hashicorp/terraform-json"
+
+ "github.com/hashicorp/terraform-plugin-testing/compare"
+ "github.com/hashicorp/terraform-plugin-testing/tfjsonpath"
+)
+
+// Resource State Check
+var _ StateCheck = &compareValuePairs{}
+
+type compareValuePairs struct {
+ resourceAddressOne string
+ attributePathOne tfjsonpath.Path
+ resourceAddressTwo string
+ attributePathTwo tfjsonpath.Path
+ comparer compare.ValueComparer
+}
+
+// CheckState implements the state check logic.
+func (e *compareValuePairs) CheckState(ctx context.Context, req CheckStateRequest, resp *CheckStateResponse) {
+ var resourceOne *tfjson.StateResource
+ var resourceTwo *tfjson.StateResource
+
+ if req.State == nil {
+ resp.Error = fmt.Errorf("state is nil")
+
+ return
+ }
+
+ if req.State.Values == nil {
+ resp.Error = fmt.Errorf("state does not contain any state values")
+
+ return
+ }
+
+ if req.State.Values.RootModule == nil {
+ resp.Error = fmt.Errorf("state does not contain a root module")
+
+ return
+ }
+
+ for _, r := range req.State.Values.RootModule.Resources {
+ if e.resourceAddressOne == r.Address {
+ resourceOne = r
+
+ break
+ }
+ }
+
+ if resourceOne == nil {
+ resp.Error = fmt.Errorf("%s - Resource not found in state", e.resourceAddressOne)
+
+ return
+ }
+
+ resultOne, err := tfjsonpath.Traverse(resourceOne.AttributeValues, e.attributePathOne)
+
+ if err != nil {
+ resp.Error = err
+
+ return
+ }
+
+ for _, r := range req.State.Values.RootModule.Resources {
+ if e.resourceAddressTwo == r.Address {
+ resourceTwo = r
+
+ break
+ }
+ }
+
+ if resourceTwo == nil {
+ resp.Error = fmt.Errorf("%s - Resource not found in state", e.resourceAddressTwo)
+
+ return
+ }
+
+ resultTwo, err := tfjsonpath.Traverse(resourceTwo.AttributeValues, e.attributePathTwo)
+
+ if err != nil {
+ resp.Error = err
+
+ return
+ }
+
+ err = e.comparer.CompareValues(resultOne, resultTwo)
+
+ if err != nil {
+ resp.Error = err
+ }
+}
+
+// CompareValuePairs returns a state check that compares the value in state for the first given resource address and
+// path with the value in state for the second given resource address and path using the supplied value comparer.
+func CompareValuePairs(resourceAddressOne string, attributePathOne tfjsonpath.Path, resourceAddressTwo string, attributePathTwo tfjsonpath.Path, comparer compare.ValueComparer) StateCheck {
+ return &compareValuePairs{
+ resourceAddressOne: resourceAddressOne,
+ attributePathOne: attributePathOne,
+ resourceAddressTwo: resourceAddressTwo,
+ attributePathTwo: attributePathTwo,
+ comparer: comparer,
+ }
+}
diff --git a/vendor/github.com/hashicorp/terraform-plugin-testing/tfversion/skip_if_not_alpha.go b/vendor/github.com/hashicorp/terraform-plugin-testing/tfversion/skip_if_not_alpha.go
new file mode 100644
index 000000000000..413ee1b435e3
--- /dev/null
+++ b/vendor/github.com/hashicorp/terraform-plugin-testing/tfversion/skip_if_not_alpha.go
@@ -0,0 +1,31 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package tfversion
+
+import (
+ "context"
+ "fmt"
+ "strings"
+)
+
+// SkipIfNotAlpha will skip (pass) the test if the Terraform CLI
+// version is not an alpha prerelease (for example, 1.10.0-alpha20241023).
+//
+// Alpha builds of Terraform include experimental features, so this version check
+// can be used for acceptance testing of experimental features, such as deferred actions.
+func SkipIfNotAlpha() TerraformVersionCheck {
+ return skipIfNotAlphaCheck{}
+}
+
+// skipIfNotAlphaCheck implements the TerraformVersionCheck interface
+type skipIfNotAlphaCheck struct{}
+
+// CheckTerraformVersion satisfies the TerraformVersionCheck interface.
+func (s skipIfNotAlphaCheck) CheckTerraformVersion(ctx context.Context, req CheckTerraformVersionRequest, resp *CheckTerraformVersionResponse) {
+ if strings.Contains(req.TerraformVersion.Prerelease(), "alpha") {
+ return
+ }
+
+ resp.Skip = fmt.Sprintf("Terraform CLI version %s is not an alpha build: skipping test.", req.TerraformVersion)
+}
diff --git a/vendor/github.com/hashicorp/terraform-plugin-testing/tfversion/versions.go b/vendor/github.com/hashicorp/terraform-plugin-testing/tfversion/versions.go
index 4dcf5d14a8d3..3db43e02eecc 100644
--- a/vendor/github.com/hashicorp/terraform-plugin-testing/tfversion/versions.go
+++ b/vendor/github.com/hashicorp/terraform-plugin-testing/tfversion/versions.go
@@ -30,10 +30,11 @@ var (
Version1_4_0 *version.Version = version.Must(version.NewVersion("1.4.0"))
// Version1_4_6 fixed inclusion of sensitive values in `terraform show -json` output.
// Reference: https://github.com/hashicorp/terraform/releases/tag/v1.4.6
- Version1_4_6 *version.Version = version.Must(version.NewVersion("1.4.6"))
- Version1_5_0 *version.Version = version.Must(version.NewVersion("1.5.0"))
- Version1_6_0 *version.Version = version.Must(version.NewVersion("1.6.0"))
- Version1_7_0 *version.Version = version.Must(version.NewVersion("1.7.0"))
- Version1_8_0 *version.Version = version.Must(version.NewVersion("1.8.0"))
- Version1_9_0 *version.Version = version.Must(version.NewVersion("1.9.0"))
+ Version1_4_6 *version.Version = version.Must(version.NewVersion("1.4.6"))
+ Version1_5_0 *version.Version = version.Must(version.NewVersion("1.5.0"))
+ Version1_6_0 *version.Version = version.Must(version.NewVersion("1.6.0"))
+ Version1_7_0 *version.Version = version.Must(version.NewVersion("1.7.0"))
+ Version1_8_0 *version.Version = version.Must(version.NewVersion("1.8.0"))
+ Version1_9_0 *version.Version = version.Must(version.NewVersion("1.9.0"))
+ Version1_10_0 *version.Version = version.Must(version.NewVersion("1.10.0"))
)
diff --git a/vendor/golang.org/x/crypto/chacha20/chacha_noasm.go b/vendor/golang.org/x/crypto/chacha20/chacha_noasm.go
index db42e6676ab3..c709b728477d 100644
--- a/vendor/golang.org/x/crypto/chacha20/chacha_noasm.go
+++ b/vendor/golang.org/x/crypto/chacha20/chacha_noasm.go
@@ -2,7 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-//go:build (!arm64 && !s390x && !ppc64le) || !gc || purego
+//go:build (!arm64 && !s390x && !ppc64 && !ppc64le) || !gc || purego
package chacha20
diff --git a/vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.go b/vendor/golang.org/x/crypto/chacha20/chacha_ppc64x.go
similarity index 89%
rename from vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.go
rename to vendor/golang.org/x/crypto/chacha20/chacha_ppc64x.go
index 3a4287f9900e..bd183d9ba124 100644
--- a/vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.go
+++ b/vendor/golang.org/x/crypto/chacha20/chacha_ppc64x.go
@@ -2,7 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-//go:build gc && !purego
+//go:build gc && !purego && (ppc64 || ppc64le)
package chacha20
diff --git a/vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.s b/vendor/golang.org/x/crypto/chacha20/chacha_ppc64x.s
similarity index 76%
rename from vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.s
rename to vendor/golang.org/x/crypto/chacha20/chacha_ppc64x.s
index c672ccf6986b..a660b4112faf 100644
--- a/vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.s
+++ b/vendor/golang.org/x/crypto/chacha20/chacha_ppc64x.s
@@ -19,7 +19,7 @@
// The differences in this and the original implementation are
// due to the calling conventions and initialization of constants.
-//go:build gc && !purego
+//go:build gc && !purego && (ppc64 || ppc64le)
#include "textflag.h"
@@ -36,32 +36,68 @@
// for VPERMXOR
#define MASK R18
-DATA consts<>+0x00(SB)/8, $0x3320646e61707865
-DATA consts<>+0x08(SB)/8, $0x6b20657479622d32
-DATA consts<>+0x10(SB)/8, $0x0000000000000001
-DATA consts<>+0x18(SB)/8, $0x0000000000000000
-DATA consts<>+0x20(SB)/8, $0x0000000000000004
-DATA consts<>+0x28(SB)/8, $0x0000000000000000
-DATA consts<>+0x30(SB)/8, $0x0a0b08090e0f0c0d
-DATA consts<>+0x38(SB)/8, $0x0203000106070405
-DATA consts<>+0x40(SB)/8, $0x090a0b080d0e0f0c
-DATA consts<>+0x48(SB)/8, $0x0102030005060704
-DATA consts<>+0x50(SB)/8, $0x6170786561707865
-DATA consts<>+0x58(SB)/8, $0x6170786561707865
-DATA consts<>+0x60(SB)/8, $0x3320646e3320646e
-DATA consts<>+0x68(SB)/8, $0x3320646e3320646e
-DATA consts<>+0x70(SB)/8, $0x79622d3279622d32
-DATA consts<>+0x78(SB)/8, $0x79622d3279622d32
-DATA consts<>+0x80(SB)/8, $0x6b2065746b206574
-DATA consts<>+0x88(SB)/8, $0x6b2065746b206574
-DATA consts<>+0x90(SB)/8, $0x0000000100000000
-DATA consts<>+0x98(SB)/8, $0x0000000300000002
-DATA consts<>+0xa0(SB)/8, $0x5566774411223300
-DATA consts<>+0xa8(SB)/8, $0xddeeffcc99aabb88
-DATA consts<>+0xb0(SB)/8, $0x6677445522330011
-DATA consts<>+0xb8(SB)/8, $0xeeffccddaabb8899
+DATA consts<>+0x00(SB)/4, $0x61707865
+DATA consts<>+0x04(SB)/4, $0x3320646e
+DATA consts<>+0x08(SB)/4, $0x79622d32
+DATA consts<>+0x0c(SB)/4, $0x6b206574
+DATA consts<>+0x10(SB)/4, $0x00000001
+DATA consts<>+0x14(SB)/4, $0x00000000
+DATA consts<>+0x18(SB)/4, $0x00000000
+DATA consts<>+0x1c(SB)/4, $0x00000000
+DATA consts<>+0x20(SB)/4, $0x00000004
+DATA consts<>+0x24(SB)/4, $0x00000000
+DATA consts<>+0x28(SB)/4, $0x00000000
+DATA consts<>+0x2c(SB)/4, $0x00000000
+DATA consts<>+0x30(SB)/4, $0x0e0f0c0d
+DATA consts<>+0x34(SB)/4, $0x0a0b0809
+DATA consts<>+0x38(SB)/4, $0x06070405
+DATA consts<>+0x3c(SB)/4, $0x02030001
+DATA consts<>+0x40(SB)/4, $0x0d0e0f0c
+DATA consts<>+0x44(SB)/4, $0x090a0b08
+DATA consts<>+0x48(SB)/4, $0x05060704
+DATA consts<>+0x4c(SB)/4, $0x01020300
+DATA consts<>+0x50(SB)/4, $0x61707865
+DATA consts<>+0x54(SB)/4, $0x61707865
+DATA consts<>+0x58(SB)/4, $0x61707865
+DATA consts<>+0x5c(SB)/4, $0x61707865
+DATA consts<>+0x60(SB)/4, $0x3320646e
+DATA consts<>+0x64(SB)/4, $0x3320646e
+DATA consts<>+0x68(SB)/4, $0x3320646e
+DATA consts<>+0x6c(SB)/4, $0x3320646e
+DATA consts<>+0x70(SB)/4, $0x79622d32
+DATA consts<>+0x74(SB)/4, $0x79622d32
+DATA consts<>+0x78(SB)/4, $0x79622d32
+DATA consts<>+0x7c(SB)/4, $0x79622d32
+DATA consts<>+0x80(SB)/4, $0x6b206574
+DATA consts<>+0x84(SB)/4, $0x6b206574
+DATA consts<>+0x88(SB)/4, $0x6b206574
+DATA consts<>+0x8c(SB)/4, $0x6b206574
+DATA consts<>+0x90(SB)/4, $0x00000000
+DATA consts<>+0x94(SB)/4, $0x00000001
+DATA consts<>+0x98(SB)/4, $0x00000002
+DATA consts<>+0x9c(SB)/4, $0x00000003
+DATA consts<>+0xa0(SB)/4, $0x11223300
+DATA consts<>+0xa4(SB)/4, $0x55667744
+DATA consts<>+0xa8(SB)/4, $0x99aabb88
+DATA consts<>+0xac(SB)/4, $0xddeeffcc
+DATA consts<>+0xb0(SB)/4, $0x22330011
+DATA consts<>+0xb4(SB)/4, $0x66774455
+DATA consts<>+0xb8(SB)/4, $0xaabb8899
+DATA consts<>+0xbc(SB)/4, $0xeeffccdd
GLOBL consts<>(SB), RODATA, $0xc0
+#ifdef GOARCH_ppc64
+#define BE_XXBRW_INIT() \
+ LVSL (R0)(R0), V24 \
+ VSPLTISB $3, V25 \
+ VXOR V24, V25, V24 \
+
+#define BE_XXBRW(vr) VPERM vr, vr, V24, vr
+#else
+#define BE_XXBRW_INIT()
+#define BE_XXBRW(vr)
+#endif
+
//func chaCha20_ctr32_vsx(out, inp *byte, len int, key *[8]uint32, counter *uint32)
TEXT ·chaCha20_ctr32_vsx(SB),NOSPLIT,$64-40
MOVD out+0(FP), OUT
@@ -94,6 +130,8 @@ TEXT ·chaCha20_ctr32_vsx(SB),NOSPLIT,$64-40
// Clear V27
VXOR V27, V27, V27
+ BE_XXBRW_INIT()
+
// V28
LXVW4X (CONSTBASE)(R11), VS60
@@ -299,6 +337,11 @@ loop_vsx:
VADDUWM V8, V18, V8
VADDUWM V12, V19, V12
+ BE_XXBRW(V0)
+ BE_XXBRW(V4)
+ BE_XXBRW(V8)
+ BE_XXBRW(V12)
+
CMPU LEN, $64
BLT tail_vsx
@@ -327,6 +370,11 @@ loop_vsx:
VADDUWM V9, V18, V8
VADDUWM V13, V19, V12
+ BE_XXBRW(V0)
+ BE_XXBRW(V4)
+ BE_XXBRW(V8)
+ BE_XXBRW(V12)
+
CMPU LEN, $64
BLT tail_vsx
@@ -334,8 +382,8 @@ loop_vsx:
LXVW4X (INP)(R8), VS60
LXVW4X (INP)(R9), VS61
LXVW4X (INP)(R10), VS62
- VXOR V27, V0, V27
+ VXOR V27, V0, V27
VXOR V28, V4, V28
VXOR V29, V8, V29
VXOR V30, V12, V30
@@ -354,6 +402,11 @@ loop_vsx:
VADDUWM V10, V18, V8
VADDUWM V14, V19, V12
+ BE_XXBRW(V0)
+ BE_XXBRW(V4)
+ BE_XXBRW(V8)
+ BE_XXBRW(V12)
+
CMPU LEN, $64
BLT tail_vsx
@@ -381,6 +434,11 @@ loop_vsx:
VADDUWM V11, V18, V8
VADDUWM V15, V19, V12
+ BE_XXBRW(V0)
+ BE_XXBRW(V4)
+ BE_XXBRW(V8)
+ BE_XXBRW(V12)
+
CMPU LEN, $64
BLT tail_vsx
@@ -408,9 +466,9 @@ loop_vsx:
done_vsx:
// Increment counter by number of 64 byte blocks
- MOVD (CNT), R14
+ MOVWZ (CNT), R14
ADD BLOCKS, R14
- MOVD R14, (CNT)
+ MOVWZ R14, (CNT)
RET
tail_vsx:
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/mac_noasm.go b/vendor/golang.org/x/crypto/internal/poly1305/mac_noasm.go
index 333da285b32a..bd896bdc76d1 100644
--- a/vendor/golang.org/x/crypto/internal/poly1305/mac_noasm.go
+++ b/vendor/golang.org/x/crypto/internal/poly1305/mac_noasm.go
@@ -2,7 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-//go:build (!amd64 && !ppc64le && !s390x) || !gc || purego
+//go:build (!amd64 && !ppc64le && !ppc64 && !s390x) || !gc || purego
package poly1305
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.go b/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64x.go
similarity index 95%
rename from vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.go
rename to vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64x.go
index 4aec4874b507..1a1679aaad9c 100644
--- a/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.go
+++ b/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64x.go
@@ -2,7 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-//go:build gc && !purego
+//go:build gc && !purego && (ppc64 || ppc64le)
package poly1305
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.s b/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64x.s
similarity index 89%
rename from vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.s
rename to vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64x.s
index b3c1699bff51..6899a1dabc0b 100644
--- a/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.s
+++ b/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64x.s
@@ -2,15 +2,25 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-//go:build gc && !purego
+//go:build gc && !purego && (ppc64 || ppc64le)
#include "textflag.h"
// This was ported from the amd64 implementation.
+#ifdef GOARCH_ppc64le
+#define LE_MOVD MOVD
+#define LE_MOVWZ MOVWZ
+#define LE_MOVHZ MOVHZ
+#else
+#define LE_MOVD MOVDBR
+#define LE_MOVWZ MOVWBR
+#define LE_MOVHZ MOVHBR
+#endif
+
#define POLY1305_ADD(msg, h0, h1, h2, t0, t1, t2) \
- MOVD (msg), t0; \
- MOVD 8(msg), t1; \
+ LE_MOVD (msg)( R0), t0; \
+ LE_MOVD (msg)(R24), t1; \
MOVD $1, t2; \
ADDC t0, h0, h0; \
ADDE t1, h1, h1; \
@@ -50,10 +60,6 @@
ADDE t3, h1, h1; \
ADDZE h2
-DATA ·poly1305Mask<>+0x00(SB)/8, $0x0FFFFFFC0FFFFFFF
-DATA ·poly1305Mask<>+0x08(SB)/8, $0x0FFFFFFC0FFFFFFC
-GLOBL ·poly1305Mask<>(SB), RODATA, $16
-
// func update(state *[7]uint64, msg []byte)
TEXT ·update(SB), $0-32
MOVD state+0(FP), R3
@@ -66,6 +72,8 @@ TEXT ·update(SB), $0-32
MOVD 24(R3), R11 // r0
MOVD 32(R3), R12 // r1
+ MOVD $8, R24
+
CMP R5, $16
BLT bytes_between_0_and_15
@@ -94,7 +102,7 @@ flush_buffer:
// Greater than 8 -- load the rightmost remaining bytes in msg
// and put into R17 (h1)
- MOVD (R4)(R21), R17
+ LE_MOVD (R4)(R21), R17
MOVD $16, R22
// Find the offset to those bytes
@@ -118,7 +126,7 @@ just1:
BLT less8
// Exactly 8
- MOVD (R4), R16
+ LE_MOVD (R4), R16
CMP R17, $0
@@ -133,7 +141,7 @@ less8:
MOVD $0, R22 // shift count
CMP R5, $4
BLT less4
- MOVWZ (R4), R16
+ LE_MOVWZ (R4), R16
ADD $4, R4
ADD $-4, R5
MOVD $32, R22
@@ -141,7 +149,7 @@ less8:
less4:
CMP R5, $2
BLT less2
- MOVHZ (R4), R21
+ LE_MOVHZ (R4), R21
SLD R22, R21, R21
OR R16, R21, R16
ADD $16, R22
diff --git a/vendor/golang.org/x/crypto/sha3/doc.go b/vendor/golang.org/x/crypto/sha3/doc.go
index 7e023090707b..bbf391fe6e59 100644
--- a/vendor/golang.org/x/crypto/sha3/doc.go
+++ b/vendor/golang.org/x/crypto/sha3/doc.go
@@ -5,6 +5,10 @@
// Package sha3 implements the SHA-3 fixed-output-length hash functions and
// the SHAKE variable-output-length hash functions defined by FIPS-202.
//
+// All types in this package also implement [encoding.BinaryMarshaler],
+// [encoding.BinaryAppender] and [encoding.BinaryUnmarshaler] to marshal and
+// unmarshal the internal state of the hash.
+//
// Both types of hash function use the "sponge" construction and the Keccak
// permutation. For a detailed specification see http://keccak.noekeon.org/
//
diff --git a/vendor/golang.org/x/crypto/sha3/hashes.go b/vendor/golang.org/x/crypto/sha3/hashes.go
index c544b29e5f2c..31fffbe04408 100644
--- a/vendor/golang.org/x/crypto/sha3/hashes.go
+++ b/vendor/golang.org/x/crypto/sha3/hashes.go
@@ -48,33 +48,52 @@ func init() {
crypto.RegisterHash(crypto.SHA3_512, New512)
}
+const (
+ dsbyteSHA3 = 0b00000110
+ dsbyteKeccak = 0b00000001
+ dsbyteShake = 0b00011111
+ dsbyteCShake = 0b00000100
+
+ // rateK[c] is the rate in bytes for Keccak[c] where c is the capacity in
+ // bits. Given the sponge size is 1600 bits, the rate is 1600 - c bits.
+ rateK256 = (1600 - 256) / 8
+ rateK448 = (1600 - 448) / 8
+ rateK512 = (1600 - 512) / 8
+ rateK768 = (1600 - 768) / 8
+ rateK1024 = (1600 - 1024) / 8
+)
+
func new224Generic() *state {
- return &state{rate: 144, outputLen: 28, dsbyte: 0x06}
+ return &state{rate: rateK448, outputLen: 28, dsbyte: dsbyteSHA3}
}
func new256Generic() *state {
- return &state{rate: 136, outputLen: 32, dsbyte: 0x06}
+ return &state{rate: rateK512, outputLen: 32, dsbyte: dsbyteSHA3}
}
func new384Generic() *state {
- return &state{rate: 104, outputLen: 48, dsbyte: 0x06}
+ return &state{rate: rateK768, outputLen: 48, dsbyte: dsbyteSHA3}
}
func new512Generic() *state {
- return &state{rate: 72, outputLen: 64, dsbyte: 0x06}
+ return &state{rate: rateK1024, outputLen: 64, dsbyte: dsbyteSHA3}
}
// NewLegacyKeccak256 creates a new Keccak-256 hash.
//
// Only use this function if you require compatibility with an existing cryptosystem
// that uses non-standard padding. All other users should use New256 instead.
-func NewLegacyKeccak256() hash.Hash { return &state{rate: 136, outputLen: 32, dsbyte: 0x01} }
+func NewLegacyKeccak256() hash.Hash {
+ return &state{rate: rateK512, outputLen: 32, dsbyte: dsbyteKeccak}
+}
// NewLegacyKeccak512 creates a new Keccak-512 hash.
//
// Only use this function if you require compatibility with an existing cryptosystem
// that uses non-standard padding. All other users should use New512 instead.
-func NewLegacyKeccak512() hash.Hash { return &state{rate: 72, outputLen: 64, dsbyte: 0x01} }
+func NewLegacyKeccak512() hash.Hash {
+ return &state{rate: rateK1024, outputLen: 64, dsbyte: dsbyteKeccak}
+}
// Sum224 returns the SHA3-224 digest of the data.
func Sum224(data []byte) (digest [28]byte) {
diff --git a/vendor/golang.org/x/crypto/sha3/sha3.go b/vendor/golang.org/x/crypto/sha3/sha3.go
index afedde5abf1f..6658c44479b6 100644
--- a/vendor/golang.org/x/crypto/sha3/sha3.go
+++ b/vendor/golang.org/x/crypto/sha3/sha3.go
@@ -4,6 +4,15 @@
package sha3
+import (
+ "crypto/subtle"
+ "encoding/binary"
+ "errors"
+ "unsafe"
+
+ "golang.org/x/sys/cpu"
+)
+
// spongeDirection indicates the direction bytes are flowing through the sponge.
type spongeDirection int
@@ -14,16 +23,13 @@ const (
spongeSqueezing
)
-const (
- // maxRate is the maximum size of the internal buffer. SHAKE-256
- // currently needs the largest buffer.
- maxRate = 168
-)
-
type state struct {
- // Generic sponge components.
- a [25]uint64 // main state of the hash
- rate int // the number of bytes of state to use
+ a [1600 / 8]byte // main state of the hash
+
+ // a[n:rate] is the buffer. If absorbing, it's the remaining space to XOR
+ // into before running the permutation. If squeezing, it's the remaining
+ // output to produce before running the permutation.
+ n, rate int
// dsbyte contains the "domain separation" bits and the first bit of
// the padding. Sections 6.1 and 6.2 of [1] separate the outputs of the
@@ -39,10 +45,6 @@ type state struct {
// Extendable-Output Functions (May 2014)"
dsbyte byte
- i, n int // storage[i:n] is the buffer, i is only used while squeezing
- storage [maxRate]byte
-
- // Specific to SHA-3 and SHAKE.
outputLen int // the default output size in bytes
state spongeDirection // whether the sponge is absorbing or squeezing
}
@@ -61,7 +63,7 @@ func (d *state) Reset() {
d.a[i] = 0
}
d.state = spongeAbsorbing
- d.i, d.n = 0, 0
+ d.n = 0
}
func (d *state) clone() *state {
@@ -69,22 +71,25 @@ func (d *state) clone() *state {
return &ret
}
-// permute applies the KeccakF-1600 permutation. It handles
-// any input-output buffering.
+// permute applies the KeccakF-1600 permutation.
func (d *state) permute() {
- switch d.state {
- case spongeAbsorbing:
- // If we're absorbing, we need to xor the input into the state
- // before applying the permutation.
- xorIn(d, d.storage[:d.rate])
- d.n = 0
- keccakF1600(&d.a)
- case spongeSqueezing:
- // If we're squeezing, we need to apply the permutation before
- // copying more output.
- keccakF1600(&d.a)
- d.i = 0
- copyOut(d, d.storage[:d.rate])
+ var a *[25]uint64
+ if cpu.IsBigEndian {
+ a = new([25]uint64)
+ for i := range a {
+ a[i] = binary.LittleEndian.Uint64(d.a[i*8:])
+ }
+ } else {
+ a = (*[25]uint64)(unsafe.Pointer(&d.a))
+ }
+
+ keccakF1600(a)
+ d.n = 0
+
+ if cpu.IsBigEndian {
+ for i := range a {
+ binary.LittleEndian.PutUint64(d.a[i*8:], a[i])
+ }
}
}
@@ -92,53 +97,36 @@ func (d *state) permute() {
// the multi-bitrate 10..1 padding rule, and permutes the state.
func (d *state) padAndPermute() {
// Pad with this instance's domain-separator bits. We know that there's
- // at least one byte of space in d.buf because, if it were full,
+ // at least one byte of space in the sponge because, if it were full,
// permute would have been called to empty it. dsbyte also contains the
// first one bit for the padding. See the comment in the state struct.
- d.storage[d.n] = d.dsbyte
- d.n++
- for d.n < d.rate {
- d.storage[d.n] = 0
- d.n++
- }
+ d.a[d.n] ^= d.dsbyte
// This adds the final one bit for the padding. Because of the way that
// bits are numbered from the LSB upwards, the final bit is the MSB of
// the last byte.
- d.storage[d.rate-1] ^= 0x80
+ d.a[d.rate-1] ^= 0x80
// Apply the permutation
d.permute()
d.state = spongeSqueezing
- d.n = d.rate
- copyOut(d, d.storage[:d.rate])
}
// Write absorbs more data into the hash's state. It panics if any
// output has already been read.
-func (d *state) Write(p []byte) (written int, err error) {
+func (d *state) Write(p []byte) (n int, err error) {
if d.state != spongeAbsorbing {
panic("sha3: Write after Read")
}
- written = len(p)
+
+ n = len(p)
for len(p) > 0 {
- if d.n == 0 && len(p) >= d.rate {
- // The fast path; absorb a full "rate" bytes of input and apply the permutation.
- xorIn(d, p[:d.rate])
- p = p[d.rate:]
- keccakF1600(&d.a)
- } else {
- // The slow path; buffer the input until we can fill the sponge, and then xor it in.
- todo := d.rate - d.n
- if todo > len(p) {
- todo = len(p)
- }
- d.n += copy(d.storage[d.n:], p[:todo])
- p = p[todo:]
-
- // If the sponge is full, apply the permutation.
- if d.n == d.rate {
- d.permute()
- }
+ x := subtle.XORBytes(d.a[d.n:d.rate], d.a[d.n:d.rate], p)
+ d.n += x
+ p = p[x:]
+
+ // If the sponge is full, apply the permutation.
+ if d.n == d.rate {
+ d.permute()
}
}
@@ -156,14 +144,14 @@ func (d *state) Read(out []byte) (n int, err error) {
// Now, do the squeezing.
for len(out) > 0 {
- n := copy(out, d.storage[d.i:d.n])
- d.i += n
- out = out[n:]
-
// Apply the permutation if we've squeezed the sponge dry.
- if d.i == d.rate {
+ if d.n == d.rate {
d.permute()
}
+
+ x := copy(out, d.a[d.n:d.rate])
+ d.n += x
+ out = out[x:]
}
return
@@ -183,3 +171,74 @@ func (d *state) Sum(in []byte) []byte {
dup.Read(hash)
return append(in, hash...)
}
+
+const (
+ magicSHA3 = "sha\x08"
+ magicShake = "sha\x09"
+ magicCShake = "sha\x0a"
+ magicKeccak = "sha\x0b"
+ // magic || rate || main state || n || sponge direction
+ marshaledSize = len(magicSHA3) + 1 + 200 + 1 + 1
+)
+
+func (d *state) MarshalBinary() ([]byte, error) {
+ return d.AppendBinary(make([]byte, 0, marshaledSize))
+}
+
+func (d *state) AppendBinary(b []byte) ([]byte, error) {
+ switch d.dsbyte {
+ case dsbyteSHA3:
+ b = append(b, magicSHA3...)
+ case dsbyteShake:
+ b = append(b, magicShake...)
+ case dsbyteCShake:
+ b = append(b, magicCShake...)
+ case dsbyteKeccak:
+ b = append(b, magicKeccak...)
+ default:
+ panic("unknown dsbyte")
+ }
+ // rate is at most 168, and n is at most rate.
+ b = append(b, byte(d.rate))
+ b = append(b, d.a[:]...)
+ b = append(b, byte(d.n), byte(d.state))
+ return b, nil
+}
+
+func (d *state) UnmarshalBinary(b []byte) error {
+ if len(b) != marshaledSize {
+ return errors.New("sha3: invalid hash state")
+ }
+
+ magic := string(b[:len(magicSHA3)])
+ b = b[len(magicSHA3):]
+ switch {
+ case magic == magicSHA3 && d.dsbyte == dsbyteSHA3:
+ case magic == magicShake && d.dsbyte == dsbyteShake:
+ case magic == magicCShake && d.dsbyte == dsbyteCShake:
+ case magic == magicKeccak && d.dsbyte == dsbyteKeccak:
+ default:
+ return errors.New("sha3: invalid hash state identifier")
+ }
+
+ rate := int(b[0])
+ b = b[1:]
+ if rate != d.rate {
+ return errors.New("sha3: invalid hash state function")
+ }
+
+ copy(d.a[:], b)
+ b = b[len(d.a):]
+
+ n, state := int(b[0]), spongeDirection(b[1])
+ if n > d.rate {
+ return errors.New("sha3: invalid hash state")
+ }
+ d.n = n
+ if state != spongeAbsorbing && state != spongeSqueezing {
+ return errors.New("sha3: invalid hash state")
+ }
+ d.state = state
+
+ return nil
+}
diff --git a/vendor/golang.org/x/crypto/sha3/shake.go b/vendor/golang.org/x/crypto/sha3/shake.go
index a01ef43577df..a6b3a4281f5b 100644
--- a/vendor/golang.org/x/crypto/sha3/shake.go
+++ b/vendor/golang.org/x/crypto/sha3/shake.go
@@ -16,9 +16,12 @@ package sha3
// [2] https://doi.org/10.6028/NIST.SP.800-185
import (
+ "bytes"
"encoding/binary"
+ "errors"
"hash"
"io"
+ "math/bits"
)
// ShakeHash defines the interface to hash functions that support
@@ -50,41 +53,33 @@ type cshakeState struct {
initBlock []byte
}
-// Consts for configuring initial SHA-3 state
-const (
- dsbyteShake = 0x1f
- dsbyteCShake = 0x04
- rate128 = 168
- rate256 = 136
-)
+func bytepad(data []byte, rate int) []byte {
+ out := make([]byte, 0, 9+len(data)+rate-1)
+ out = append(out, leftEncode(uint64(rate))...)
+ out = append(out, data...)
+ if padlen := rate - len(out)%rate; padlen < rate {
+ out = append(out, make([]byte, padlen)...)
+ }
+ return out
+}
-func bytepad(input []byte, w int) []byte {
- // leftEncode always returns max 9 bytes
- buf := make([]byte, 0, 9+len(input)+w)
- buf = append(buf, leftEncode(uint64(w))...)
- buf = append(buf, input...)
- padlen := w - (len(buf) % w)
- return append(buf, make([]byte, padlen)...)
-}
-
-func leftEncode(value uint64) []byte {
- var b [9]byte
- binary.BigEndian.PutUint64(b[1:], value)
- // Trim all but last leading zero bytes
- i := byte(1)
- for i < 8 && b[i] == 0 {
- i++
+func leftEncode(x uint64) []byte {
+ // Let n be the smallest positive integer for which 2^(8n) > x.
+ n := (bits.Len64(x) + 7) / 8
+ if n == 0 {
+ n = 1
}
- // Prepend number of encoded bytes
- b[i-1] = 9 - i
- return b[i-1:]
+ // Return n || x with n as a byte and x an n bytes in big-endian order.
+ b := make([]byte, 9)
+ binary.BigEndian.PutUint64(b[1:], x)
+ b = b[9-n-1:]
+ b[0] = byte(n)
+ return b
}
func newCShake(N, S []byte, rate, outputLen int, dsbyte byte) ShakeHash {
c := cshakeState{state: &state{rate: rate, outputLen: outputLen, dsbyte: dsbyte}}
-
- // leftEncode returns max 9 bytes
- c.initBlock = make([]byte, 0, 9*2+len(N)+len(S))
+ c.initBlock = make([]byte, 0, 9+len(N)+9+len(S)) // leftEncode returns max 9 bytes
c.initBlock = append(c.initBlock, leftEncode(uint64(len(N))*8)...)
c.initBlock = append(c.initBlock, N...)
c.initBlock = append(c.initBlock, leftEncode(uint64(len(S))*8)...)
@@ -111,6 +106,30 @@ func (c *state) Clone() ShakeHash {
return c.clone()
}
+func (c *cshakeState) MarshalBinary() ([]byte, error) {
+ return c.AppendBinary(make([]byte, 0, marshaledSize+len(c.initBlock)))
+}
+
+func (c *cshakeState) AppendBinary(b []byte) ([]byte, error) {
+ b, err := c.state.AppendBinary(b)
+ if err != nil {
+ return nil, err
+ }
+ b = append(b, c.initBlock...)
+ return b, nil
+}
+
+func (c *cshakeState) UnmarshalBinary(b []byte) error {
+ if len(b) <= marshaledSize {
+ return errors.New("sha3: invalid hash state")
+ }
+ if err := c.state.UnmarshalBinary(b[:marshaledSize]); err != nil {
+ return err
+ }
+ c.initBlock = bytes.Clone(b[marshaledSize:])
+ return nil
+}
+
// NewShake128 creates a new SHAKE128 variable-output-length ShakeHash.
// Its generic security strength is 128 bits against all attacks if at
// least 32 bytes of its output are used.
@@ -126,11 +145,11 @@ func NewShake256() ShakeHash {
}
func newShake128Generic() *state {
- return &state{rate: rate128, outputLen: 32, dsbyte: dsbyteShake}
+ return &state{rate: rateK256, outputLen: 32, dsbyte: dsbyteShake}
}
func newShake256Generic() *state {
- return &state{rate: rate256, outputLen: 64, dsbyte: dsbyteShake}
+ return &state{rate: rateK512, outputLen: 64, dsbyte: dsbyteShake}
}
// NewCShake128 creates a new instance of cSHAKE128 variable-output-length ShakeHash,
@@ -143,7 +162,7 @@ func NewCShake128(N, S []byte) ShakeHash {
if len(N) == 0 && len(S) == 0 {
return NewShake128()
}
- return newCShake(N, S, rate128, 32, dsbyteCShake)
+ return newCShake(N, S, rateK256, 32, dsbyteCShake)
}
// NewCShake256 creates a new instance of cSHAKE256 variable-output-length ShakeHash,
@@ -156,7 +175,7 @@ func NewCShake256(N, S []byte) ShakeHash {
if len(N) == 0 && len(S) == 0 {
return NewShake256()
}
- return newCShake(N, S, rate256, 64, dsbyteCShake)
+ return newCShake(N, S, rateK512, 64, dsbyteCShake)
}
// ShakeSum128 writes an arbitrary-length digest of data into hash.
diff --git a/vendor/golang.org/x/crypto/sha3/xor.go b/vendor/golang.org/x/crypto/sha3/xor.go
deleted file mode 100644
index 6ada5c9574e2..000000000000
--- a/vendor/golang.org/x/crypto/sha3/xor.go
+++ /dev/null
@@ -1,40 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package sha3
-
-import (
- "crypto/subtle"
- "encoding/binary"
- "unsafe"
-
- "golang.org/x/sys/cpu"
-)
-
-// xorIn xors the bytes in buf into the state.
-func xorIn(d *state, buf []byte) {
- if cpu.IsBigEndian {
- for i := 0; len(buf) >= 8; i++ {
- a := binary.LittleEndian.Uint64(buf)
- d.a[i] ^= a
- buf = buf[8:]
- }
- } else {
- ab := (*[25 * 64 / 8]byte)(unsafe.Pointer(&d.a))
- subtle.XORBytes(ab[:], ab[:], buf)
- }
-}
-
-// copyOut copies uint64s to a byte buffer.
-func copyOut(d *state, b []byte) {
- if cpu.IsBigEndian {
- for i := 0; len(b) >= 8; i++ {
- binary.LittleEndian.PutUint64(b, d.a[i])
- b = b[8:]
- }
- } else {
- ab := (*[25 * 64 / 8]byte)(unsafe.Pointer(&d.a))
- copy(b, ab[:])
- }
-}
diff --git a/vendor/golang.org/x/crypto/ssh/client_auth.go b/vendor/golang.org/x/crypto/ssh/client_auth.go
index b93961010d3e..b86dde151d7f 100644
--- a/vendor/golang.org/x/crypto/ssh/client_auth.go
+++ b/vendor/golang.org/x/crypto/ssh/client_auth.go
@@ -555,6 +555,7 @@ func (cb KeyboardInteractiveChallenge) auth(session []byte, user string, c packe
}
gotMsgExtInfo := false
+ gotUserAuthInfoRequest := false
for {
packet, err := c.readPacket()
if err != nil {
@@ -585,6 +586,9 @@ func (cb KeyboardInteractiveChallenge) auth(session []byte, user string, c packe
if msg.PartialSuccess {
return authPartialSuccess, msg.Methods, nil
}
+ if !gotUserAuthInfoRequest {
+ return authFailure, msg.Methods, unexpectedMessageError(msgUserAuthInfoRequest, packet[0])
+ }
return authFailure, msg.Methods, nil
case msgUserAuthSuccess:
return authSuccess, nil, nil
@@ -596,6 +600,7 @@ func (cb KeyboardInteractiveChallenge) auth(session []byte, user string, c packe
if err := Unmarshal(packet, &msg); err != nil {
return authFailure, nil, err
}
+ gotUserAuthInfoRequest = true
// Manually unpack the prompt/echo pairs.
rest := msg.Prompts
diff --git a/vendor/golang.org/x/sys/cpu/asm_darwin_x86_gc.s b/vendor/golang.org/x/sys/cpu/asm_darwin_x86_gc.s
new file mode 100644
index 000000000000..ec2acfe540ea
--- /dev/null
+++ b/vendor/golang.org/x/sys/cpu/asm_darwin_x86_gc.s
@@ -0,0 +1,17 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build darwin && amd64 && gc
+
+#include "textflag.h"
+
+TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0
+ JMP libc_sysctl(SB)
+GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $8
+DATA ·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB)
+
+TEXT libc_sysctlbyname_trampoline<>(SB),NOSPLIT,$0-0
+ JMP libc_sysctlbyname(SB)
+GLOBL ·libc_sysctlbyname_trampoline_addr(SB), RODATA, $8
+DATA ·libc_sysctlbyname_trampoline_addr(SB)/8, $libc_sysctlbyname_trampoline<>(SB)
diff --git a/vendor/golang.org/x/sys/cpu/cpu_darwin_x86.go b/vendor/golang.org/x/sys/cpu/cpu_darwin_x86.go
new file mode 100644
index 000000000000..b838cb9e956e
--- /dev/null
+++ b/vendor/golang.org/x/sys/cpu/cpu_darwin_x86.go
@@ -0,0 +1,61 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build darwin && amd64 && gc
+
+package cpu
+
+// darwinSupportsAVX512 checks Darwin kernel for AVX512 support via sysctl
+// call (see issue 43089). It also restricts AVX512 support for Darwin to
+// kernel version 21.3.0 (MacOS 12.2.0) or later (see issue 49233).
+//
+// Background:
+// Darwin implements a special mechanism to economize on thread state when
+// AVX512 specific registers are not in use. This scheme minimizes state when
+// preempting threads that haven't yet used any AVX512 instructions, but adds
+// special requirements to check for AVX512 hardware support at runtime (e.g.
+// via sysctl call or commpage inspection). See issue 43089 and link below for
+// full background:
+// https://github.com/apple-oss-distributions/xnu/blob/xnu-11215.1.10/osfmk/i386/fpu.c#L214-L240
+//
+// Additionally, all versions of the Darwin kernel from 19.6.0 through 21.2.0
+// (corresponding to MacOS 10.15.6 - 12.1) have a bug that can cause corruption
+// of the AVX512 mask registers (K0-K7) upon signal return. For this reason
+// AVX512 is considered unsafe to use on Darwin for kernel versions prior to
+// 21.3.0, where a fix has been confirmed. See issue 49233 for full background.
+func darwinSupportsAVX512() bool {
+ return darwinSysctlEnabled([]byte("hw.optional.avx512f\x00")) && darwinKernelVersionCheck(21, 3, 0)
+}
+
+// Ensure Darwin kernel version is at least major.minor.patch, avoiding dependencies
+func darwinKernelVersionCheck(major, minor, patch int) bool {
+ var release [256]byte
+ err := darwinOSRelease(&release)
+ if err != nil {
+ return false
+ }
+
+ var mmp [3]int
+ c := 0
+Loop:
+ for _, b := range release[:] {
+ switch {
+ case b >= '0' && b <= '9':
+ mmp[c] = 10*mmp[c] + int(b-'0')
+ case b == '.':
+ c++
+ if c > 2 {
+ return false
+ }
+ case b == 0:
+ break Loop
+ default:
+ return false
+ }
+ }
+ if c != 2 {
+ return false
+ }
+ return mmp[0] > major || mmp[0] == major && (mmp[1] > minor || mmp[1] == minor && mmp[2] >= patch)
+}
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go b/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go
index 910728fb163f..32a44514e245 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go
@@ -6,10 +6,10 @@
package cpu
-// cpuid is implemented in cpu_x86.s for gc compiler
+// cpuid is implemented in cpu_gc_x86.s for gc compiler
// and in cpu_gccgo.c for gccgo.
func cpuid(eaxArg, ecxArg uint32) (eax, ebx, ecx, edx uint32)
-// xgetbv with ecx = 0 is implemented in cpu_x86.s for gc compiler
+// xgetbv with ecx = 0 is implemented in cpu_gc_x86.s for gc compiler
// and in cpu_gccgo.c for gccgo.
func xgetbv() (eax, edx uint32)
diff --git a/vendor/golang.org/x/sys/cpu/cpu_x86.s b/vendor/golang.org/x/sys/cpu/cpu_gc_x86.s
similarity index 94%
rename from vendor/golang.org/x/sys/cpu/cpu_x86.s
rename to vendor/golang.org/x/sys/cpu/cpu_gc_x86.s
index 7d7ba33efb85..ce208ce6d6a3 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_x86.s
+++ b/vendor/golang.org/x/sys/cpu/cpu_gc_x86.s
@@ -18,7 +18,7 @@ TEXT ·cpuid(SB), NOSPLIT, $0-24
RET
// func xgetbv() (eax, edx uint32)
-TEXT ·xgetbv(SB),NOSPLIT,$0-8
+TEXT ·xgetbv(SB), NOSPLIT, $0-8
MOVL $0, CX
XGETBV
MOVL AX, eax+0(FP)
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go b/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go
index 99c60fe9f9c6..170d21ddfda4 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go
@@ -23,9 +23,3 @@ func xgetbv() (eax, edx uint32) {
gccgoXgetbv(&a, &d)
return a, d
}
-
-// gccgo doesn't build on Darwin, per:
-// https://github.com/Homebrew/homebrew-core/blob/HEAD/Formula/gcc.rb#L76
-func darwinSupportsAVX512() bool {
- return false
-}
diff --git a/vendor/golang.org/x/sys/cpu/cpu_linux_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_linux_arm64.go
index 08f35ea17735..f1caf0f78e24 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_linux_arm64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_linux_arm64.go
@@ -110,7 +110,6 @@ func doinit() {
ARM64.HasASIMDFHM = isSet(hwCap, hwcap_ASIMDFHM)
ARM64.HasDIT = isSet(hwCap, hwcap_DIT)
-
// HWCAP2 feature bits
ARM64.HasSVE2 = isSet(hwCap2, hwcap2_SVE2)
ARM64.HasI8MM = isSet(hwCap2, hwcap2_I8MM)
diff --git a/vendor/golang.org/x/sys/cpu/cpu_other_x86.go b/vendor/golang.org/x/sys/cpu/cpu_other_x86.go
new file mode 100644
index 000000000000..a0fd7e2f75d3
--- /dev/null
+++ b/vendor/golang.org/x/sys/cpu/cpu_other_x86.go
@@ -0,0 +1,11 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build 386 || amd64p32 || (amd64 && (!darwin || !gc))
+
+package cpu
+
+func darwinSupportsAVX512() bool {
+ panic("only implemented for gc && amd64 && darwin")
+}
diff --git a/vendor/golang.org/x/sys/cpu/cpu_x86.go b/vendor/golang.org/x/sys/cpu/cpu_x86.go
index c29f5e4c5a6e..600a6807861e 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_x86.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_x86.go
@@ -92,10 +92,8 @@ func archInit() {
osSupportsAVX = isSet(1, eax) && isSet(2, eax)
if runtime.GOOS == "darwin" {
- // Darwin doesn't save/restore AVX-512 mask registers correctly across signal handlers.
- // Since users can't rely on mask register contents, let's not advertise AVX-512 support.
- // See issue 49233.
- osSupportsAVX512 = false
+ // Darwin requires special AVX512 checks, see cpu_darwin_x86.go
+ osSupportsAVX512 = osSupportsAVX && darwinSupportsAVX512()
} else {
// Check if OPMASK and ZMM registers have OS support.
osSupportsAVX512 = osSupportsAVX && isSet(5, eax) && isSet(6, eax) && isSet(7, eax)
diff --git a/vendor/golang.org/x/sys/cpu/syscall_darwin_x86_gc.go b/vendor/golang.org/x/sys/cpu/syscall_darwin_x86_gc.go
new file mode 100644
index 000000000000..4d0888b0c010
--- /dev/null
+++ b/vendor/golang.org/x/sys/cpu/syscall_darwin_x86_gc.go
@@ -0,0 +1,98 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Minimal copy of x/sys/unix so the cpu package can make a
+// system call on Darwin without depending on x/sys/unix.
+
+//go:build darwin && amd64 && gc
+
+package cpu
+
+import (
+ "syscall"
+ "unsafe"
+)
+
+type _C_int int32
+
+// adapted from unix.Uname() at x/sys/unix/syscall_darwin.go L419
+func darwinOSRelease(release *[256]byte) error {
+ // from x/sys/unix/zerrors_openbsd_amd64.go
+ const (
+ CTL_KERN = 0x1
+ KERN_OSRELEASE = 0x2
+ )
+
+ mib := []_C_int{CTL_KERN, KERN_OSRELEASE}
+ n := unsafe.Sizeof(*release)
+
+ return sysctl(mib, &release[0], &n, nil, 0)
+}
+
+type Errno = syscall.Errno
+
+var _zero uintptr // Single-word zero for use when we need a valid pointer to 0 bytes.
+
+// from x/sys/unix/zsyscall_darwin_amd64.go L791-807
+func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) error {
+ var _p0 unsafe.Pointer
+ if len(mib) > 0 {
+ _p0 = unsafe.Pointer(&mib[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ if _, _, err := syscall_syscall6(
+ libc_sysctl_trampoline_addr,
+ uintptr(_p0),
+ uintptr(len(mib)),
+ uintptr(unsafe.Pointer(old)),
+ uintptr(unsafe.Pointer(oldlen)),
+ uintptr(unsafe.Pointer(new)),
+ uintptr(newlen),
+ ); err != 0 {
+ return err
+ }
+
+ return nil
+}
+
+var libc_sysctl_trampoline_addr uintptr
+
+// adapted from internal/cpu/cpu_arm64_darwin.go
+func darwinSysctlEnabled(name []byte) bool {
+ out := int32(0)
+ nout := unsafe.Sizeof(out)
+ if ret := sysctlbyname(&name[0], (*byte)(unsafe.Pointer(&out)), &nout, nil, 0); ret != nil {
+ return false
+ }
+ return out > 0
+}
+
+//go:cgo_import_dynamic libc_sysctl sysctl "/usr/lib/libSystem.B.dylib"
+
+var libc_sysctlbyname_trampoline_addr uintptr
+
+// adapted from runtime/sys_darwin.go in the pattern of sysctl() above, as defined in x/sys/unix
+func sysctlbyname(name *byte, old *byte, oldlen *uintptr, new *byte, newlen uintptr) error {
+ if _, _, err := syscall_syscall6(
+ libc_sysctlbyname_trampoline_addr,
+ uintptr(unsafe.Pointer(name)),
+ uintptr(unsafe.Pointer(old)),
+ uintptr(unsafe.Pointer(oldlen)),
+ uintptr(unsafe.Pointer(new)),
+ uintptr(newlen),
+ 0,
+ ); err != 0 {
+ return err
+ }
+
+ return nil
+}
+
+//go:cgo_import_dynamic libc_sysctlbyname sysctlbyname "/usr/lib/libSystem.B.dylib"
+
+// Implemented in the runtime package (runtime/sys_darwin.go)
+func syscall_syscall6(fn, a1, a2, a3, a4, a5, a6 uintptr) (r1, r2 uintptr, err Errno)
+
+//go:linkname syscall_syscall6 syscall.syscall6
diff --git a/vendor/golang.org/x/sys/unix/ioctl_linux.go b/vendor/golang.org/x/sys/unix/ioctl_linux.go
index dbe680eab88a..7ca4fa12aa67 100644
--- a/vendor/golang.org/x/sys/unix/ioctl_linux.go
+++ b/vendor/golang.org/x/sys/unix/ioctl_linux.go
@@ -58,6 +58,102 @@ func IoctlGetEthtoolDrvinfo(fd int, ifname string) (*EthtoolDrvinfo, error) {
return &value, err
}
+// IoctlGetEthtoolTsInfo fetches ethtool timestamping and PHC
+// association for the network device specified by ifname.
+func IoctlGetEthtoolTsInfo(fd int, ifname string) (*EthtoolTsInfo, error) {
+ ifr, err := NewIfreq(ifname)
+ if err != nil {
+ return nil, err
+ }
+
+ value := EthtoolTsInfo{Cmd: ETHTOOL_GET_TS_INFO}
+ ifrd := ifr.withData(unsafe.Pointer(&value))
+
+ err = ioctlIfreqData(fd, SIOCETHTOOL, &ifrd)
+ return &value, err
+}
+
+// IoctlGetHwTstamp retrieves the hardware timestamping configuration
+// for the network device specified by ifname.
+func IoctlGetHwTstamp(fd int, ifname string) (*HwTstampConfig, error) {
+ ifr, err := NewIfreq(ifname)
+ if err != nil {
+ return nil, err
+ }
+
+ value := HwTstampConfig{}
+ ifrd := ifr.withData(unsafe.Pointer(&value))
+
+ err = ioctlIfreqData(fd, SIOCGHWTSTAMP, &ifrd)
+ return &value, err
+}
+
+// IoctlSetHwTstamp updates the hardware timestamping configuration for
+// the network device specified by ifname.
+func IoctlSetHwTstamp(fd int, ifname string, cfg *HwTstampConfig) error {
+ ifr, err := NewIfreq(ifname)
+ if err != nil {
+ return err
+ }
+ ifrd := ifr.withData(unsafe.Pointer(cfg))
+ return ioctlIfreqData(fd, SIOCSHWTSTAMP, &ifrd)
+}
+
+// FdToClockID derives the clock ID from the file descriptor number
+// - see clock_gettime(3), FD_TO_CLOCKID macros. The resulting ID is
+// suitable for system calls like ClockGettime.
+func FdToClockID(fd int) int32 { return int32((int(^fd) << 3) | 3) }
+
+// IoctlPtpClockGetcaps returns the description of a given PTP device.
+func IoctlPtpClockGetcaps(fd int) (*PtpClockCaps, error) {
+ var value PtpClockCaps
+ err := ioctlPtr(fd, PTP_CLOCK_GETCAPS2, unsafe.Pointer(&value))
+ return &value, err
+}
+
+// IoctlPtpSysOffsetPrecise returns a description of the clock
+// offset compared to the system clock.
+func IoctlPtpSysOffsetPrecise(fd int) (*PtpSysOffsetPrecise, error) {
+ var value PtpSysOffsetPrecise
+ err := ioctlPtr(fd, PTP_SYS_OFFSET_PRECISE2, unsafe.Pointer(&value))
+ return &value, err
+}
+
+// IoctlPtpSysOffsetExtended returns an extended description of the
+// clock offset compared to the system clock. The samples parameter
+// specifies the desired number of measurements.
+func IoctlPtpSysOffsetExtended(fd int, samples uint) (*PtpSysOffsetExtended, error) {
+ value := PtpSysOffsetExtended{Samples: uint32(samples)}
+ err := ioctlPtr(fd, PTP_SYS_OFFSET_EXTENDED2, unsafe.Pointer(&value))
+ return &value, err
+}
+
+// IoctlPtpPinGetfunc returns the configuration of the specified
+// I/O pin on given PTP device.
+func IoctlPtpPinGetfunc(fd int, index uint) (*PtpPinDesc, error) {
+ value := PtpPinDesc{Index: uint32(index)}
+ err := ioctlPtr(fd, PTP_PIN_GETFUNC2, unsafe.Pointer(&value))
+ return &value, err
+}
+
+// IoctlPtpPinSetfunc updates configuration of the specified PTP
+// I/O pin.
+func IoctlPtpPinSetfunc(fd int, pd *PtpPinDesc) error {
+ return ioctlPtr(fd, PTP_PIN_SETFUNC2, unsafe.Pointer(pd))
+}
+
+// IoctlPtpPeroutRequest configures the periodic output mode of the
+// PTP I/O pins.
+func IoctlPtpPeroutRequest(fd int, r *PtpPeroutRequest) error {
+ return ioctlPtr(fd, PTP_PEROUT_REQUEST2, unsafe.Pointer(r))
+}
+
+// IoctlPtpExttsRequest configures the external timestamping mode
+// of the PTP I/O pins.
+func IoctlPtpExttsRequest(fd int, r *PtpExttsRequest) error {
+ return ioctlPtr(fd, PTP_EXTTS_REQUEST2, unsafe.Pointer(r))
+}
+
// IoctlGetWatchdogInfo fetches information about a watchdog device from the
// Linux watchdog API. For more information, see:
// https://www.kernel.org/doc/html/latest/watchdog/watchdog-api.html.
diff --git a/vendor/golang.org/x/sys/unix/mkerrors.sh b/vendor/golang.org/x/sys/unix/mkerrors.sh
index ac54ecaba0a4..6ab02b6c3122 100644
--- a/vendor/golang.org/x/sys/unix/mkerrors.sh
+++ b/vendor/golang.org/x/sys/unix/mkerrors.sh
@@ -158,6 +158,16 @@ includes_Linux='
#endif
#define _GNU_SOURCE
+// See the description in unix/linux/types.go
+#if defined(__ARM_EABI__) || \
+ (defined(__mips__) && (_MIPS_SIM == _ABIO32)) || \
+ (defined(__powerpc__) && (!defined(__powerpc64__)))
+# ifdef _TIME_BITS
+# undef _TIME_BITS
+# endif
+# define _TIME_BITS 32
+#endif
+
// is broken on powerpc64, as it fails to include definitions of
// these structures. We just include them copied from .
#if defined(__powerpc__)
@@ -256,6 +266,7 @@ struct ltchars {
#include
#include
#include
+#include
#include
#include
#include
@@ -527,6 +538,7 @@ ccflags="$@"
$2 ~ /^(AF|SOCK|SO|SOL|IPPROTO|IP|IPV6|TCP|MCAST|EVFILT|NOTE|SHUT|PROT|MAP|MREMAP|MFD|T?PACKET|MSG|SCM|MCL|DT|MADV|PR|LOCAL|TCPOPT|UDP)_/ ||
$2 ~ /^NFC_(GENL|PROTO|COMM|RF|SE|DIRECTION|LLCP|SOCKPROTO)_/ ||
$2 ~ /^NFC_.*_(MAX)?SIZE$/ ||
+ $2 ~ /^PTP_/ ||
$2 ~ /^RAW_PAYLOAD_/ ||
$2 ~ /^[US]F_/ ||
$2 ~ /^TP_STATUS_/ ||
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go
index f08abd434ff4..230a94549a7a 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux.go
@@ -1860,6 +1860,7 @@ func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err e
//sys ClockAdjtime(clockid int32, buf *Timex) (state int, err error)
//sys ClockGetres(clockid int32, res *Timespec) (err error)
//sys ClockGettime(clockid int32, time *Timespec) (err error)
+//sys ClockSettime(clockid int32, time *Timespec) (err error)
//sys ClockNanosleep(clockid int32, flags int, request *Timespec, remain *Timespec) (err error)
//sys Close(fd int) (err error)
//sys CloseRange(first uint, last uint, flags uint) (err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
index 312ae6ac1d21..7bf5c04bb0ae 100644
--- a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
+++ b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
@@ -768,6 +768,15 @@ func Munmap(b []byte) (err error) {
return mapper.Munmap(b)
}
+func MmapPtr(fd int, offset int64, addr unsafe.Pointer, length uintptr, prot int, flags int) (ret unsafe.Pointer, err error) {
+ xaddr, err := mapper.mmap(uintptr(addr), length, prot, flags, fd, offset)
+ return unsafe.Pointer(xaddr), err
+}
+
+func MunmapPtr(addr unsafe.Pointer, length uintptr) (err error) {
+ return mapper.munmap(uintptr(addr), length)
+}
+
//sys Gethostname(buf []byte) (err error) = SYS___GETHOSTNAME_A
//sysnb Getgid() (gid int)
//sysnb Getpid() (pid int)
@@ -816,10 +825,10 @@ func Lstat(path string, stat *Stat_t) (err error) {
// for checking symlinks begins with $VERSION/ $SYSNAME/ $SYSSYMR/ $SYSSYMA/
func isSpecialPath(path []byte) (v bool) {
var special = [4][8]byte{
- [8]byte{'V', 'E', 'R', 'S', 'I', 'O', 'N', '/'},
- [8]byte{'S', 'Y', 'S', 'N', 'A', 'M', 'E', '/'},
- [8]byte{'S', 'Y', 'S', 'S', 'Y', 'M', 'R', '/'},
- [8]byte{'S', 'Y', 'S', 'S', 'Y', 'M', 'A', '/'}}
+ {'V', 'E', 'R', 'S', 'I', 'O', 'N', '/'},
+ {'S', 'Y', 'S', 'N', 'A', 'M', 'E', '/'},
+ {'S', 'Y', 'S', 'S', 'Y', 'M', 'R', '/'},
+ {'S', 'Y', 'S', 'S', 'Y', 'M', 'A', '/'}}
var i, j int
for i = 0; i < len(special); i++ {
@@ -3115,3 +3124,90 @@ func legacy_Mkfifoat(dirfd int, path string, mode uint32) (err error) {
//sys Posix_openpt(oflag int) (fd int, err error) = SYS_POSIX_OPENPT
//sys Grantpt(fildes int) (rc int, err error) = SYS_GRANTPT
//sys Unlockpt(fildes int) (rc int, err error) = SYS_UNLOCKPT
+
+func fcntlAsIs(fd uintptr, cmd int, arg uintptr) (val int, err error) {
+ runtime.EnterSyscall()
+ r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FCNTL<<4, uintptr(fd), uintptr(cmd), arg)
+ runtime.ExitSyscall()
+ val = int(r0)
+ if int64(r0) == -1 {
+ err = errnoErr2(e1, e2)
+ }
+ return
+}
+
+func Fcntl(fd uintptr, cmd int, op interface{}) (ret int, err error) {
+ switch op.(type) {
+ case *Flock_t:
+ err = FcntlFlock(fd, cmd, op.(*Flock_t))
+ if err != nil {
+ ret = -1
+ }
+ return
+ case int:
+ return FcntlInt(fd, cmd, op.(int))
+ case *F_cnvrt:
+ return fcntlAsIs(fd, cmd, uintptr(unsafe.Pointer(op.(*F_cnvrt))))
+ case unsafe.Pointer:
+ return fcntlAsIs(fd, cmd, uintptr(op.(unsafe.Pointer)))
+ default:
+ return -1, EINVAL
+ }
+ return
+}
+
+func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) {
+ if raceenabled {
+ raceReleaseMerge(unsafe.Pointer(&ioSync))
+ }
+ return sendfile(outfd, infd, offset, count)
+}
+
+func sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) {
+ // TODO: use LE call instead if the call is implemented
+ originalOffset, err := Seek(infd, 0, SEEK_CUR)
+ if err != nil {
+ return -1, err
+ }
+ //start reading data from in_fd
+ if offset != nil {
+ _, err := Seek(infd, *offset, SEEK_SET)
+ if err != nil {
+ return -1, err
+ }
+ }
+
+ buf := make([]byte, count)
+ readBuf := make([]byte, 0)
+ var n int = 0
+ for i := 0; i < count; i += n {
+ n, err := Read(infd, buf)
+ if n == 0 {
+ if err != nil {
+ return -1, err
+ } else { // EOF
+ break
+ }
+ }
+ readBuf = append(readBuf, buf...)
+ buf = buf[0:0]
+ }
+
+ n2, err := Write(outfd, readBuf)
+ if err != nil {
+ return -1, err
+ }
+
+ //When sendfile() returns, this variable will be set to the
+ // offset of the byte following the last byte that was read.
+ if offset != nil {
+ *offset = *offset + int64(n)
+ // If offset is not NULL, then sendfile() does not modify the file
+ // offset of in_fd
+ _, err := Seek(infd, originalOffset, SEEK_SET)
+ if err != nil {
+ return -1, err
+ }
+ }
+ return n2, nil
+}
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go
index de3b462489c0..ccba391c9fb0 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go
@@ -2625,6 +2625,28 @@ const (
PR_UNALIGN_NOPRINT = 0x1
PR_UNALIGN_SIGBUS = 0x2
PSTOREFS_MAGIC = 0x6165676c
+ PTP_CLK_MAGIC = '='
+ PTP_ENABLE_FEATURE = 0x1
+ PTP_EXTTS_EDGES = 0x6
+ PTP_EXTTS_EVENT_VALID = 0x1
+ PTP_EXTTS_V1_VALID_FLAGS = 0x7
+ PTP_EXTTS_VALID_FLAGS = 0x1f
+ PTP_EXT_OFFSET = 0x10
+ PTP_FALLING_EDGE = 0x4
+ PTP_MAX_SAMPLES = 0x19
+ PTP_PEROUT_DUTY_CYCLE = 0x2
+ PTP_PEROUT_ONE_SHOT = 0x1
+ PTP_PEROUT_PHASE = 0x4
+ PTP_PEROUT_V1_VALID_FLAGS = 0x0
+ PTP_PEROUT_VALID_FLAGS = 0x7
+ PTP_PIN_GETFUNC = 0xc0603d06
+ PTP_PIN_GETFUNC2 = 0xc0603d0f
+ PTP_RISING_EDGE = 0x2
+ PTP_STRICT_FLAGS = 0x8
+ PTP_SYS_OFFSET_EXTENDED = 0xc4c03d09
+ PTP_SYS_OFFSET_EXTENDED2 = 0xc4c03d12
+ PTP_SYS_OFFSET_PRECISE = 0xc0403d08
+ PTP_SYS_OFFSET_PRECISE2 = 0xc0403d11
PTRACE_ATTACH = 0x10
PTRACE_CONT = 0x7
PTRACE_DETACH = 0x11
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
index 8aa6d77c0184..0c00cb3f3af8 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
@@ -237,6 +237,20 @@ const (
PPPIOCUNBRIDGECHAN = 0x7434
PPPIOCXFERUNIT = 0x744e
PR_SET_PTRACER_ANY = 0xffffffff
+ PTP_CLOCK_GETCAPS = 0x80503d01
+ PTP_CLOCK_GETCAPS2 = 0x80503d0a
+ PTP_ENABLE_PPS = 0x40043d04
+ PTP_ENABLE_PPS2 = 0x40043d0d
+ PTP_EXTTS_REQUEST = 0x40103d02
+ PTP_EXTTS_REQUEST2 = 0x40103d0b
+ PTP_MASK_CLEAR_ALL = 0x3d13
+ PTP_MASK_EN_SINGLE = 0x40043d14
+ PTP_PEROUT_REQUEST = 0x40383d03
+ PTP_PEROUT_REQUEST2 = 0x40383d0c
+ PTP_PIN_SETFUNC = 0x40603d07
+ PTP_PIN_SETFUNC2 = 0x40603d10
+ PTP_SYS_OFFSET = 0x43403d05
+ PTP_SYS_OFFSET2 = 0x43403d0e
PTRACE_GETFPREGS = 0xe
PTRACE_GETFPXREGS = 0x12
PTRACE_GET_THREAD_AREA = 0x19
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
index da428f425339..dfb364554dd5 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
@@ -237,6 +237,20 @@ const (
PPPIOCUNBRIDGECHAN = 0x7434
PPPIOCXFERUNIT = 0x744e
PR_SET_PTRACER_ANY = 0xffffffffffffffff
+ PTP_CLOCK_GETCAPS = 0x80503d01
+ PTP_CLOCK_GETCAPS2 = 0x80503d0a
+ PTP_ENABLE_PPS = 0x40043d04
+ PTP_ENABLE_PPS2 = 0x40043d0d
+ PTP_EXTTS_REQUEST = 0x40103d02
+ PTP_EXTTS_REQUEST2 = 0x40103d0b
+ PTP_MASK_CLEAR_ALL = 0x3d13
+ PTP_MASK_EN_SINGLE = 0x40043d14
+ PTP_PEROUT_REQUEST = 0x40383d03
+ PTP_PEROUT_REQUEST2 = 0x40383d0c
+ PTP_PIN_SETFUNC = 0x40603d07
+ PTP_PIN_SETFUNC2 = 0x40603d10
+ PTP_SYS_OFFSET = 0x43403d05
+ PTP_SYS_OFFSET2 = 0x43403d0e
PTRACE_ARCH_PRCTL = 0x1e
PTRACE_GETFPREGS = 0xe
PTRACE_GETFPXREGS = 0x12
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
index bf45bfec78a5..d46dcf78abc9 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
@@ -234,6 +234,20 @@ const (
PPPIOCUNBRIDGECHAN = 0x7434
PPPIOCXFERUNIT = 0x744e
PR_SET_PTRACER_ANY = 0xffffffff
+ PTP_CLOCK_GETCAPS = 0x80503d01
+ PTP_CLOCK_GETCAPS2 = 0x80503d0a
+ PTP_ENABLE_PPS = 0x40043d04
+ PTP_ENABLE_PPS2 = 0x40043d0d
+ PTP_EXTTS_REQUEST = 0x40103d02
+ PTP_EXTTS_REQUEST2 = 0x40103d0b
+ PTP_MASK_CLEAR_ALL = 0x3d13
+ PTP_MASK_EN_SINGLE = 0x40043d14
+ PTP_PEROUT_REQUEST = 0x40383d03
+ PTP_PEROUT_REQUEST2 = 0x40383d0c
+ PTP_PIN_SETFUNC = 0x40603d07
+ PTP_PIN_SETFUNC2 = 0x40603d10
+ PTP_SYS_OFFSET = 0x43403d05
+ PTP_SYS_OFFSET2 = 0x43403d0e
PTRACE_GETCRUNCHREGS = 0x19
PTRACE_GETFDPIC = 0x1f
PTRACE_GETFDPIC_EXEC = 0x0
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
index 71c67162b737..3af3248a7f2e 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
@@ -240,6 +240,20 @@ const (
PROT_BTI = 0x10
PROT_MTE = 0x20
PR_SET_PTRACER_ANY = 0xffffffffffffffff
+ PTP_CLOCK_GETCAPS = 0x80503d01
+ PTP_CLOCK_GETCAPS2 = 0x80503d0a
+ PTP_ENABLE_PPS = 0x40043d04
+ PTP_ENABLE_PPS2 = 0x40043d0d
+ PTP_EXTTS_REQUEST = 0x40103d02
+ PTP_EXTTS_REQUEST2 = 0x40103d0b
+ PTP_MASK_CLEAR_ALL = 0x3d13
+ PTP_MASK_EN_SINGLE = 0x40043d14
+ PTP_PEROUT_REQUEST = 0x40383d03
+ PTP_PEROUT_REQUEST2 = 0x40383d0c
+ PTP_PIN_SETFUNC = 0x40603d07
+ PTP_PIN_SETFUNC2 = 0x40603d10
+ PTP_SYS_OFFSET = 0x43403d05
+ PTP_SYS_OFFSET2 = 0x43403d0e
PTRACE_PEEKMTETAGS = 0x21
PTRACE_POKEMTETAGS = 0x22
PTRACE_SYSEMU = 0x1f
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
index 9476628fa02b..292bcf0283d1 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
@@ -238,6 +238,20 @@ const (
PPPIOCUNBRIDGECHAN = 0x7434
PPPIOCXFERUNIT = 0x744e
PR_SET_PTRACER_ANY = 0xffffffffffffffff
+ PTP_CLOCK_GETCAPS = 0x80503d01
+ PTP_CLOCK_GETCAPS2 = 0x80503d0a
+ PTP_ENABLE_PPS = 0x40043d04
+ PTP_ENABLE_PPS2 = 0x40043d0d
+ PTP_EXTTS_REQUEST = 0x40103d02
+ PTP_EXTTS_REQUEST2 = 0x40103d0b
+ PTP_MASK_CLEAR_ALL = 0x3d13
+ PTP_MASK_EN_SINGLE = 0x40043d14
+ PTP_PEROUT_REQUEST = 0x40383d03
+ PTP_PEROUT_REQUEST2 = 0x40383d0c
+ PTP_PIN_SETFUNC = 0x40603d07
+ PTP_PIN_SETFUNC2 = 0x40603d10
+ PTP_SYS_OFFSET = 0x43403d05
+ PTP_SYS_OFFSET2 = 0x43403d0e
PTRACE_SYSEMU = 0x1f
PTRACE_SYSEMU_SINGLESTEP = 0x20
RLIMIT_AS = 0x9
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
index b9e85f3cf0c0..782b7110fa19 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
@@ -234,6 +234,20 @@ const (
PPPIOCUNBRIDGECHAN = 0x20007434
PPPIOCXFERUNIT = 0x2000744e
PR_SET_PTRACER_ANY = 0xffffffff
+ PTP_CLOCK_GETCAPS = 0x40503d01
+ PTP_CLOCK_GETCAPS2 = 0x40503d0a
+ PTP_ENABLE_PPS = 0x80043d04
+ PTP_ENABLE_PPS2 = 0x80043d0d
+ PTP_EXTTS_REQUEST = 0x80103d02
+ PTP_EXTTS_REQUEST2 = 0x80103d0b
+ PTP_MASK_CLEAR_ALL = 0x20003d13
+ PTP_MASK_EN_SINGLE = 0x80043d14
+ PTP_PEROUT_REQUEST = 0x80383d03
+ PTP_PEROUT_REQUEST2 = 0x80383d0c
+ PTP_PIN_SETFUNC = 0x80603d07
+ PTP_PIN_SETFUNC2 = 0x80603d10
+ PTP_SYS_OFFSET = 0x83403d05
+ PTP_SYS_OFFSET2 = 0x83403d0e
PTRACE_GETFPREGS = 0xe
PTRACE_GET_THREAD_AREA = 0x19
PTRACE_GET_THREAD_AREA_3264 = 0xc4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
index a48b68a7647e..84973fd9271f 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
@@ -234,6 +234,20 @@ const (
PPPIOCUNBRIDGECHAN = 0x20007434
PPPIOCXFERUNIT = 0x2000744e
PR_SET_PTRACER_ANY = 0xffffffffffffffff
+ PTP_CLOCK_GETCAPS = 0x40503d01
+ PTP_CLOCK_GETCAPS2 = 0x40503d0a
+ PTP_ENABLE_PPS = 0x80043d04
+ PTP_ENABLE_PPS2 = 0x80043d0d
+ PTP_EXTTS_REQUEST = 0x80103d02
+ PTP_EXTTS_REQUEST2 = 0x80103d0b
+ PTP_MASK_CLEAR_ALL = 0x20003d13
+ PTP_MASK_EN_SINGLE = 0x80043d14
+ PTP_PEROUT_REQUEST = 0x80383d03
+ PTP_PEROUT_REQUEST2 = 0x80383d0c
+ PTP_PIN_SETFUNC = 0x80603d07
+ PTP_PIN_SETFUNC2 = 0x80603d10
+ PTP_SYS_OFFSET = 0x83403d05
+ PTP_SYS_OFFSET2 = 0x83403d0e
PTRACE_GETFPREGS = 0xe
PTRACE_GET_THREAD_AREA = 0x19
PTRACE_GET_THREAD_AREA_3264 = 0xc4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
index ea00e8522a15..6d9cbc3b274b 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
@@ -234,6 +234,20 @@ const (
PPPIOCUNBRIDGECHAN = 0x20007434
PPPIOCXFERUNIT = 0x2000744e
PR_SET_PTRACER_ANY = 0xffffffffffffffff
+ PTP_CLOCK_GETCAPS = 0x40503d01
+ PTP_CLOCK_GETCAPS2 = 0x40503d0a
+ PTP_ENABLE_PPS = 0x80043d04
+ PTP_ENABLE_PPS2 = 0x80043d0d
+ PTP_EXTTS_REQUEST = 0x80103d02
+ PTP_EXTTS_REQUEST2 = 0x80103d0b
+ PTP_MASK_CLEAR_ALL = 0x20003d13
+ PTP_MASK_EN_SINGLE = 0x80043d14
+ PTP_PEROUT_REQUEST = 0x80383d03
+ PTP_PEROUT_REQUEST2 = 0x80383d0c
+ PTP_PIN_SETFUNC = 0x80603d07
+ PTP_PIN_SETFUNC2 = 0x80603d10
+ PTP_SYS_OFFSET = 0x83403d05
+ PTP_SYS_OFFSET2 = 0x83403d0e
PTRACE_GETFPREGS = 0xe
PTRACE_GET_THREAD_AREA = 0x19
PTRACE_GET_THREAD_AREA_3264 = 0xc4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
index 91c64687176a..5f9fedbce028 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
@@ -234,6 +234,20 @@ const (
PPPIOCUNBRIDGECHAN = 0x20007434
PPPIOCXFERUNIT = 0x2000744e
PR_SET_PTRACER_ANY = 0xffffffff
+ PTP_CLOCK_GETCAPS = 0x40503d01
+ PTP_CLOCK_GETCAPS2 = 0x40503d0a
+ PTP_ENABLE_PPS = 0x80043d04
+ PTP_ENABLE_PPS2 = 0x80043d0d
+ PTP_EXTTS_REQUEST = 0x80103d02
+ PTP_EXTTS_REQUEST2 = 0x80103d0b
+ PTP_MASK_CLEAR_ALL = 0x20003d13
+ PTP_MASK_EN_SINGLE = 0x80043d14
+ PTP_PEROUT_REQUEST = 0x80383d03
+ PTP_PEROUT_REQUEST2 = 0x80383d0c
+ PTP_PIN_SETFUNC = 0x80603d07
+ PTP_PIN_SETFUNC2 = 0x80603d10
+ PTP_SYS_OFFSET = 0x83403d05
+ PTP_SYS_OFFSET2 = 0x83403d0e
PTRACE_GETFPREGS = 0xe
PTRACE_GET_THREAD_AREA = 0x19
PTRACE_GET_THREAD_AREA_3264 = 0xc4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
index 8cbf38d63901..bb0026ee0c46 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
@@ -237,6 +237,20 @@ const (
PPPIOCXFERUNIT = 0x2000744e
PROT_SAO = 0x10
PR_SET_PTRACER_ANY = 0xffffffff
+ PTP_CLOCK_GETCAPS = 0x40503d01
+ PTP_CLOCK_GETCAPS2 = 0x40503d0a
+ PTP_ENABLE_PPS = 0x80043d04
+ PTP_ENABLE_PPS2 = 0x80043d0d
+ PTP_EXTTS_REQUEST = 0x80103d02
+ PTP_EXTTS_REQUEST2 = 0x80103d0b
+ PTP_MASK_CLEAR_ALL = 0x20003d13
+ PTP_MASK_EN_SINGLE = 0x80043d14
+ PTP_PEROUT_REQUEST = 0x80383d03
+ PTP_PEROUT_REQUEST2 = 0x80383d0c
+ PTP_PIN_SETFUNC = 0x80603d07
+ PTP_PIN_SETFUNC2 = 0x80603d10
+ PTP_SYS_OFFSET = 0x83403d05
+ PTP_SYS_OFFSET2 = 0x83403d0e
PTRACE_GETEVRREGS = 0x14
PTRACE_GETFPREGS = 0xe
PTRACE_GETREGS64 = 0x16
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
index a2df7341917e..46120db5c9a1 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
@@ -237,6 +237,20 @@ const (
PPPIOCXFERUNIT = 0x2000744e
PROT_SAO = 0x10
PR_SET_PTRACER_ANY = 0xffffffffffffffff
+ PTP_CLOCK_GETCAPS = 0x40503d01
+ PTP_CLOCK_GETCAPS2 = 0x40503d0a
+ PTP_ENABLE_PPS = 0x80043d04
+ PTP_ENABLE_PPS2 = 0x80043d0d
+ PTP_EXTTS_REQUEST = 0x80103d02
+ PTP_EXTTS_REQUEST2 = 0x80103d0b
+ PTP_MASK_CLEAR_ALL = 0x20003d13
+ PTP_MASK_EN_SINGLE = 0x80043d14
+ PTP_PEROUT_REQUEST = 0x80383d03
+ PTP_PEROUT_REQUEST2 = 0x80383d0c
+ PTP_PIN_SETFUNC = 0x80603d07
+ PTP_PIN_SETFUNC2 = 0x80603d10
+ PTP_SYS_OFFSET = 0x83403d05
+ PTP_SYS_OFFSET2 = 0x83403d0e
PTRACE_GETEVRREGS = 0x14
PTRACE_GETFPREGS = 0xe
PTRACE_GETREGS64 = 0x16
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
index 247913792333..5c951634fbed 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
@@ -237,6 +237,20 @@ const (
PPPIOCXFERUNIT = 0x2000744e
PROT_SAO = 0x10
PR_SET_PTRACER_ANY = 0xffffffffffffffff
+ PTP_CLOCK_GETCAPS = 0x40503d01
+ PTP_CLOCK_GETCAPS2 = 0x40503d0a
+ PTP_ENABLE_PPS = 0x80043d04
+ PTP_ENABLE_PPS2 = 0x80043d0d
+ PTP_EXTTS_REQUEST = 0x80103d02
+ PTP_EXTTS_REQUEST2 = 0x80103d0b
+ PTP_MASK_CLEAR_ALL = 0x20003d13
+ PTP_MASK_EN_SINGLE = 0x80043d14
+ PTP_PEROUT_REQUEST = 0x80383d03
+ PTP_PEROUT_REQUEST2 = 0x80383d0c
+ PTP_PIN_SETFUNC = 0x80603d07
+ PTP_PIN_SETFUNC2 = 0x80603d10
+ PTP_SYS_OFFSET = 0x83403d05
+ PTP_SYS_OFFSET2 = 0x83403d0e
PTRACE_GETEVRREGS = 0x14
PTRACE_GETFPREGS = 0xe
PTRACE_GETREGS64 = 0x16
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
index d265f146ee01..11a84d5af208 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
@@ -234,6 +234,20 @@ const (
PPPIOCUNBRIDGECHAN = 0x7434
PPPIOCXFERUNIT = 0x744e
PR_SET_PTRACER_ANY = 0xffffffffffffffff
+ PTP_CLOCK_GETCAPS = 0x80503d01
+ PTP_CLOCK_GETCAPS2 = 0x80503d0a
+ PTP_ENABLE_PPS = 0x40043d04
+ PTP_ENABLE_PPS2 = 0x40043d0d
+ PTP_EXTTS_REQUEST = 0x40103d02
+ PTP_EXTTS_REQUEST2 = 0x40103d0b
+ PTP_MASK_CLEAR_ALL = 0x3d13
+ PTP_MASK_EN_SINGLE = 0x40043d14
+ PTP_PEROUT_REQUEST = 0x40383d03
+ PTP_PEROUT_REQUEST2 = 0x40383d0c
+ PTP_PIN_SETFUNC = 0x40603d07
+ PTP_PIN_SETFUNC2 = 0x40603d10
+ PTP_SYS_OFFSET = 0x43403d05
+ PTP_SYS_OFFSET2 = 0x43403d0e
PTRACE_GETFDPIC = 0x21
PTRACE_GETFDPIC_EXEC = 0x0
PTRACE_GETFDPIC_INTERP = 0x1
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
index 3f2d6443964f..f78c4617cac1 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
@@ -234,6 +234,20 @@ const (
PPPIOCUNBRIDGECHAN = 0x7434
PPPIOCXFERUNIT = 0x744e
PR_SET_PTRACER_ANY = 0xffffffffffffffff
+ PTP_CLOCK_GETCAPS = 0x80503d01
+ PTP_CLOCK_GETCAPS2 = 0x80503d0a
+ PTP_ENABLE_PPS = 0x40043d04
+ PTP_ENABLE_PPS2 = 0x40043d0d
+ PTP_EXTTS_REQUEST = 0x40103d02
+ PTP_EXTTS_REQUEST2 = 0x40103d0b
+ PTP_MASK_CLEAR_ALL = 0x3d13
+ PTP_MASK_EN_SINGLE = 0x40043d14
+ PTP_PEROUT_REQUEST = 0x40383d03
+ PTP_PEROUT_REQUEST2 = 0x40383d0c
+ PTP_PIN_SETFUNC = 0x40603d07
+ PTP_PIN_SETFUNC2 = 0x40603d10
+ PTP_SYS_OFFSET = 0x43403d05
+ PTP_SYS_OFFSET2 = 0x43403d0e
PTRACE_DISABLE_TE = 0x5010
PTRACE_ENABLE_TE = 0x5009
PTRACE_GET_LAST_BREAK = 0x5006
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
index 5d8b727a1c83..aeb777c34427 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
@@ -239,6 +239,20 @@ const (
PPPIOCUNBRIDGECHAN = 0x20007434
PPPIOCXFERUNIT = 0x2000744e
PR_SET_PTRACER_ANY = 0xffffffffffffffff
+ PTP_CLOCK_GETCAPS = 0x40503d01
+ PTP_CLOCK_GETCAPS2 = 0x40503d0a
+ PTP_ENABLE_PPS = 0x80043d04
+ PTP_ENABLE_PPS2 = 0x80043d0d
+ PTP_EXTTS_REQUEST = 0x80103d02
+ PTP_EXTTS_REQUEST2 = 0x80103d0b
+ PTP_MASK_CLEAR_ALL = 0x20003d13
+ PTP_MASK_EN_SINGLE = 0x80043d14
+ PTP_PEROUT_REQUEST = 0x80383d03
+ PTP_PEROUT_REQUEST2 = 0x80383d0c
+ PTP_PIN_SETFUNC = 0x80603d07
+ PTP_PIN_SETFUNC2 = 0x80603d10
+ PTP_SYS_OFFSET = 0x83403d05
+ PTP_SYS_OFFSET2 = 0x83403d0e
PTRACE_GETFPAREGS = 0x14
PTRACE_GETFPREGS = 0xe
PTRACE_GETFPREGS64 = 0x19
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux.go b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
index af30da557803..5cc1e8eb2f35 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
@@ -592,6 +592,16 @@ func ClockGettime(clockid int32, time *Timespec) (err error) {
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+func ClockSettime(clockid int32, time *Timespec) (err error) {
+ _, _, e1 := Syscall(SYS_CLOCK_SETTIME, uintptr(clockid), uintptr(unsafe.Pointer(time)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
func ClockNanosleep(clockid int32, flags int, request *Timespec, remain *Timespec) (err error) {
_, _, e1 := Syscall6(SYS_CLOCK_NANOSLEEP, uintptr(clockid), uintptr(flags), uintptr(unsafe.Pointer(request)), uintptr(unsafe.Pointer(remain)), 0, 0)
if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go
index 3a69e4549626..8daaf3faf4c7 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go
@@ -1752,12 +1752,6 @@ const (
IFLA_IPVLAN_UNSPEC = 0x0
IFLA_IPVLAN_MODE = 0x1
IFLA_IPVLAN_FLAGS = 0x2
- NETKIT_NEXT = -0x1
- NETKIT_PASS = 0x0
- NETKIT_DROP = 0x2
- NETKIT_REDIRECT = 0x7
- NETKIT_L2 = 0x0
- NETKIT_L3 = 0x1
IFLA_NETKIT_UNSPEC = 0x0
IFLA_NETKIT_PEER_INFO = 0x1
IFLA_NETKIT_PRIMARY = 0x2
@@ -1796,6 +1790,7 @@ const (
IFLA_VXLAN_DF = 0x1d
IFLA_VXLAN_VNIFILTER = 0x1e
IFLA_VXLAN_LOCALBYPASS = 0x1f
+ IFLA_VXLAN_LABEL_POLICY = 0x20
IFLA_GENEVE_UNSPEC = 0x0
IFLA_GENEVE_ID = 0x1
IFLA_GENEVE_REMOTE = 0x2
@@ -1825,6 +1820,8 @@ const (
IFLA_GTP_ROLE = 0x4
IFLA_GTP_CREATE_SOCKETS = 0x5
IFLA_GTP_RESTART_COUNT = 0x6
+ IFLA_GTP_LOCAL = 0x7
+ IFLA_GTP_LOCAL6 = 0x8
IFLA_BOND_UNSPEC = 0x0
IFLA_BOND_MODE = 0x1
IFLA_BOND_ACTIVE_SLAVE = 0x2
@@ -1857,6 +1854,7 @@ const (
IFLA_BOND_AD_LACP_ACTIVE = 0x1d
IFLA_BOND_MISSED_MAX = 0x1e
IFLA_BOND_NS_IP6_TARGET = 0x1f
+ IFLA_BOND_COUPLED_CONTROL = 0x20
IFLA_BOND_AD_INFO_UNSPEC = 0x0
IFLA_BOND_AD_INFO_AGGREGATOR = 0x1
IFLA_BOND_AD_INFO_NUM_PORTS = 0x2
@@ -1925,6 +1923,7 @@ const (
IFLA_HSR_SEQ_NR = 0x5
IFLA_HSR_VERSION = 0x6
IFLA_HSR_PROTOCOL = 0x7
+ IFLA_HSR_INTERLINK = 0x8
IFLA_STATS_UNSPEC = 0x0
IFLA_STATS_LINK_64 = 0x1
IFLA_STATS_LINK_XSTATS = 0x2
@@ -1977,6 +1976,15 @@ const (
IFLA_DSA_MASTER = 0x1
)
+const (
+ NETKIT_NEXT = -0x1
+ NETKIT_PASS = 0x0
+ NETKIT_DROP = 0x2
+ NETKIT_REDIRECT = 0x7
+ NETKIT_L2 = 0x0
+ NETKIT_L3 = 0x1
+)
+
const (
NF_INET_PRE_ROUTING = 0x0
NF_INET_LOCAL_IN = 0x1
@@ -4110,6 +4118,106 @@ type EthtoolDrvinfo struct {
Regdump_len uint32
}
+type EthtoolTsInfo struct {
+ Cmd uint32
+ So_timestamping uint32
+ Phc_index int32
+ Tx_types uint32
+ Tx_reserved [3]uint32
+ Rx_filters uint32
+ Rx_reserved [3]uint32
+}
+
+type HwTstampConfig struct {
+ Flags int32
+ Tx_type int32
+ Rx_filter int32
+}
+
+const (
+ HWTSTAMP_FILTER_NONE = 0x0
+ HWTSTAMP_FILTER_ALL = 0x1
+ HWTSTAMP_FILTER_SOME = 0x2
+ HWTSTAMP_FILTER_PTP_V1_L4_EVENT = 0x3
+ HWTSTAMP_FILTER_PTP_V2_L4_EVENT = 0x6
+ HWTSTAMP_FILTER_PTP_V2_L2_EVENT = 0x9
+ HWTSTAMP_FILTER_PTP_V2_EVENT = 0xc
+)
+
+const (
+ HWTSTAMP_TX_OFF = 0x0
+ HWTSTAMP_TX_ON = 0x1
+ HWTSTAMP_TX_ONESTEP_SYNC = 0x2
+)
+
+type (
+ PtpClockCaps struct {
+ Max_adj int32
+ N_alarm int32
+ N_ext_ts int32
+ N_per_out int32
+ Pps int32
+ N_pins int32
+ Cross_timestamping int32
+ Adjust_phase int32
+ Max_phase_adj int32
+ Rsv [11]int32
+ }
+ PtpClockTime struct {
+ Sec int64
+ Nsec uint32
+ Reserved uint32
+ }
+ PtpExttsEvent struct {
+ T PtpClockTime
+ Index uint32
+ Flags uint32
+ Rsv [2]uint32
+ }
+ PtpExttsRequest struct {
+ Index uint32
+ Flags uint32
+ Rsv [2]uint32
+ }
+ PtpPeroutRequest struct {
+ StartOrPhase PtpClockTime
+ Period PtpClockTime
+ Index uint32
+ Flags uint32
+ On PtpClockTime
+ }
+ PtpPinDesc struct {
+ Name [64]byte
+ Index uint32
+ Func uint32
+ Chan uint32
+ Rsv [5]uint32
+ }
+ PtpSysOffset struct {
+ Samples uint32
+ Rsv [3]uint32
+ Ts [51]PtpClockTime
+ }
+ PtpSysOffsetExtended struct {
+ Samples uint32
+ Rsv [3]uint32
+ Ts [25][3]PtpClockTime
+ }
+ PtpSysOffsetPrecise struct {
+ Device PtpClockTime
+ Realtime PtpClockTime
+ Monoraw PtpClockTime
+ Rsv [4]uint32
+ }
+)
+
+const (
+ PTP_PF_NONE = 0x0
+ PTP_PF_EXTTS = 0x1
+ PTP_PF_PEROUT = 0x2
+ PTP_PF_PHYSYNC = 0x3
+)
+
type (
HIDRawReportDescriptor struct {
Size uint32
diff --git a/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go b/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go
index d9a13af4684b..2e5d5a44357a 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go
@@ -377,6 +377,12 @@ type Flock_t struct {
Pid int32
}
+type F_cnvrt struct {
+ Cvtcmd int32
+ Pccsid int16
+ Fccsid int16
+}
+
type Termios struct {
Cflag uint32
Iflag uint32
diff --git a/vendor/golang.org/x/sys/windows/syscall_windows.go b/vendor/golang.org/x/sys/windows/syscall_windows.go
index 5cee9a3143fd..4510bfc3f5c6 100644
--- a/vendor/golang.org/x/sys/windows/syscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/syscall_windows.go
@@ -725,20 +725,12 @@ func DurationSinceBoot() time.Duration {
}
func Ftruncate(fd Handle, length int64) (err error) {
- curoffset, e := Seek(fd, 0, 1)
- if e != nil {
- return e
- }
- defer Seek(fd, curoffset, 0)
- _, e = Seek(fd, length, 0)
- if e != nil {
- return e
+ type _FILE_END_OF_FILE_INFO struct {
+ EndOfFile int64
}
- e = SetEndOfFile(fd)
- if e != nil {
- return e
- }
- return nil
+ var info _FILE_END_OF_FILE_INFO
+ info.EndOfFile = length
+ return SetFileInformationByHandle(fd, FileEndOfFileInfo, (*byte)(unsafe.Pointer(&info)), uint32(unsafe.Sizeof(info)))
}
func Gettimeofday(tv *Timeval) (err error) {
@@ -894,6 +886,11 @@ const socket_error = uintptr(^uint32(0))
//sys GetACP() (acp uint32) = kernel32.GetACP
//sys MultiByteToWideChar(codePage uint32, dwFlags uint32, str *byte, nstr int32, wchar *uint16, nwchar int32) (nwrite int32, err error) = kernel32.MultiByteToWideChar
//sys getBestInterfaceEx(sockaddr unsafe.Pointer, pdwBestIfIndex *uint32) (errcode error) = iphlpapi.GetBestInterfaceEx
+//sys GetIfEntry2Ex(level uint32, row *MibIfRow2) (errcode error) = iphlpapi.GetIfEntry2Ex
+//sys GetUnicastIpAddressEntry(row *MibUnicastIpAddressRow) (errcode error) = iphlpapi.GetUnicastIpAddressEntry
+//sys NotifyIpInterfaceChange(family uint16, callback uintptr, callerContext unsafe.Pointer, initialNotification bool, notificationHandle *Handle) (errcode error) = iphlpapi.NotifyIpInterfaceChange
+//sys NotifyUnicastIpAddressChange(family uint16, callback uintptr, callerContext unsafe.Pointer, initialNotification bool, notificationHandle *Handle) (errcode error) = iphlpapi.NotifyUnicastIpAddressChange
+//sys CancelMibChangeNotify2(notificationHandle Handle) (errcode error) = iphlpapi.CancelMibChangeNotify2
// For testing: clients can set this flag to force
// creation of IPv6 sockets to return EAFNOSUPPORT.
@@ -1685,13 +1682,16 @@ func (s NTStatus) Error() string {
// do not use NTUnicodeString, and instead UTF16PtrFromString should be used for
// the more common *uint16 string type.
func NewNTUnicodeString(s string) (*NTUnicodeString, error) {
- var u NTUnicodeString
- s16, err := UTF16PtrFromString(s)
+ s16, err := UTF16FromString(s)
if err != nil {
return nil, err
}
- RtlInitUnicodeString(&u, s16)
- return &u, nil
+ n := uint16(len(s16) * 2)
+ return &NTUnicodeString{
+ Length: n - 2, // subtract 2 bytes for the NULL terminator
+ MaximumLength: n,
+ Buffer: &s16[0],
+ }, nil
}
// Slice returns a uint16 slice that aliases the data in the NTUnicodeString.
diff --git a/vendor/golang.org/x/sys/windows/types_windows.go b/vendor/golang.org/x/sys/windows/types_windows.go
index 7b97a154c957..51311e205ff0 100644
--- a/vendor/golang.org/x/sys/windows/types_windows.go
+++ b/vendor/golang.org/x/sys/windows/types_windows.go
@@ -2203,6 +2203,132 @@ const (
IfOperStatusLowerLayerDown = 7
)
+const (
+ IF_MAX_PHYS_ADDRESS_LENGTH = 32
+ IF_MAX_STRING_SIZE = 256
+)
+
+// MIB_IF_ENTRY_LEVEL enumeration from netioapi.h or
+// https://learn.microsoft.com/en-us/windows/win32/api/netioapi/nf-netioapi-getifentry2ex.
+const (
+ MibIfEntryNormal = 0
+ MibIfEntryNormalWithoutStatistics = 2
+)
+
+// MIB_NOTIFICATION_TYPE enumeration from netioapi.h or
+// https://learn.microsoft.com/en-us/windows/win32/api/netioapi/ne-netioapi-mib_notification_type.
+const (
+ MibParameterNotification = 0
+ MibAddInstance = 1
+ MibDeleteInstance = 2
+ MibInitialNotification = 3
+)
+
+// MibIfRow2 stores information about a particular interface. See
+// https://learn.microsoft.com/en-us/windows/win32/api/netioapi/ns-netioapi-mib_if_row2.
+type MibIfRow2 struct {
+ InterfaceLuid uint64
+ InterfaceIndex uint32
+ InterfaceGuid GUID
+ Alias [IF_MAX_STRING_SIZE + 1]uint16
+ Description [IF_MAX_STRING_SIZE + 1]uint16
+ PhysicalAddressLength uint32
+ PhysicalAddress [IF_MAX_PHYS_ADDRESS_LENGTH]uint8
+ PermanentPhysicalAddress [IF_MAX_PHYS_ADDRESS_LENGTH]uint8
+ Mtu uint32
+ Type uint32
+ TunnelType uint32
+ MediaType uint32
+ PhysicalMediumType uint32
+ AccessType uint32
+ DirectionType uint32
+ InterfaceAndOperStatusFlags uint8
+ OperStatus uint32
+ AdminStatus uint32
+ MediaConnectState uint32
+ NetworkGuid GUID
+ ConnectionType uint32
+ TransmitLinkSpeed uint64
+ ReceiveLinkSpeed uint64
+ InOctets uint64
+ InUcastPkts uint64
+ InNUcastPkts uint64
+ InDiscards uint64
+ InErrors uint64
+ InUnknownProtos uint64
+ InUcastOctets uint64
+ InMulticastOctets uint64
+ InBroadcastOctets uint64
+ OutOctets uint64
+ OutUcastPkts uint64
+ OutNUcastPkts uint64
+ OutDiscards uint64
+ OutErrors uint64
+ OutUcastOctets uint64
+ OutMulticastOctets uint64
+ OutBroadcastOctets uint64
+ OutQLen uint64
+}
+
+// MIB_UNICASTIPADDRESS_ROW stores information about a unicast IP address. See
+// https://learn.microsoft.com/en-us/windows/win32/api/netioapi/ns-netioapi-mib_unicastipaddress_row.
+type MibUnicastIpAddressRow struct {
+ Address RawSockaddrInet6 // SOCKADDR_INET union
+ InterfaceLuid uint64
+ InterfaceIndex uint32
+ PrefixOrigin uint32
+ SuffixOrigin uint32
+ ValidLifetime uint32
+ PreferredLifetime uint32
+ OnLinkPrefixLength uint8
+ SkipAsSource uint8
+ DadState uint32
+ ScopeId uint32
+ CreationTimeStamp Filetime
+}
+
+const ScopeLevelCount = 16
+
+// MIB_IPINTERFACE_ROW stores interface management information for a particular IP address family on a network interface.
+// See https://learn.microsoft.com/en-us/windows/win32/api/netioapi/ns-netioapi-mib_ipinterface_row.
+type MibIpInterfaceRow struct {
+ Family uint16
+ InterfaceLuid uint64
+ InterfaceIndex uint32
+ MaxReassemblySize uint32
+ InterfaceIdentifier uint64
+ MinRouterAdvertisementInterval uint32
+ MaxRouterAdvertisementInterval uint32
+ AdvertisingEnabled uint8
+ ForwardingEnabled uint8
+ WeakHostSend uint8
+ WeakHostReceive uint8
+ UseAutomaticMetric uint8
+ UseNeighborUnreachabilityDetection uint8
+ ManagedAddressConfigurationSupported uint8
+ OtherStatefulConfigurationSupported uint8
+ AdvertiseDefaultRoute uint8
+ RouterDiscoveryBehavior uint32
+ DadTransmits uint32
+ BaseReachableTime uint32
+ RetransmitTime uint32
+ PathMtuDiscoveryTimeout uint32
+ LinkLocalAddressBehavior uint32
+ LinkLocalAddressTimeout uint32
+ ZoneIndices [ScopeLevelCount]uint32
+ SitePrefixLength uint32
+ Metric uint32
+ NlMtu uint32
+ Connected uint8
+ SupportsWakeUpPatterns uint8
+ SupportsNeighborDiscovery uint8
+ SupportsRouterDiscovery uint8
+ ReachableTime uint32
+ TransmitOffload uint32
+ ReceiveOffload uint32
+ DisableDefaultRoutes uint8
+}
+
// Console related constants used for the mode parameter to SetConsoleMode. See
// https://docs.microsoft.com/en-us/windows/console/setconsolemode for details.
diff --git a/vendor/golang.org/x/sys/windows/zsyscall_windows.go b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
index 4c2e1bdc01ed..6f5252880cee 100644
--- a/vendor/golang.org/x/sys/windows/zsyscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
@@ -181,10 +181,15 @@ var (
procDnsRecordListFree = moddnsapi.NewProc("DnsRecordListFree")
procDwmGetWindowAttribute = moddwmapi.NewProc("DwmGetWindowAttribute")
procDwmSetWindowAttribute = moddwmapi.NewProc("DwmSetWindowAttribute")
+ procCancelMibChangeNotify2 = modiphlpapi.NewProc("CancelMibChangeNotify2")
procGetAdaptersAddresses = modiphlpapi.NewProc("GetAdaptersAddresses")
procGetAdaptersInfo = modiphlpapi.NewProc("GetAdaptersInfo")
procGetBestInterfaceEx = modiphlpapi.NewProc("GetBestInterfaceEx")
procGetIfEntry = modiphlpapi.NewProc("GetIfEntry")
+ procGetIfEntry2Ex = modiphlpapi.NewProc("GetIfEntry2Ex")
+ procGetUnicastIpAddressEntry = modiphlpapi.NewProc("GetUnicastIpAddressEntry")
+ procNotifyIpInterfaceChange = modiphlpapi.NewProc("NotifyIpInterfaceChange")
+ procNotifyUnicastIpAddressChange = modiphlpapi.NewProc("NotifyUnicastIpAddressChange")
procAddDllDirectory = modkernel32.NewProc("AddDllDirectory")
procAssignProcessToJobObject = modkernel32.NewProc("AssignProcessToJobObject")
procCancelIo = modkernel32.NewProc("CancelIo")
@@ -1606,6 +1611,14 @@ func DwmSetWindowAttribute(hwnd HWND, attribute uint32, value unsafe.Pointer, si
return
}
+func CancelMibChangeNotify2(notificationHandle Handle) (errcode error) {
+ r0, _, _ := syscall.SyscallN(procCancelMibChangeNotify2.Addr(), uintptr(notificationHandle))
+ if r0 != 0 {
+ errcode = syscall.Errno(r0)
+ }
+ return
+}
+
func GetAdaptersAddresses(family uint32, flags uint32, reserved uintptr, adapterAddresses *IpAdapterAddresses, sizePointer *uint32) (errcode error) {
r0, _, _ := syscall.Syscall6(procGetAdaptersAddresses.Addr(), 5, uintptr(family), uintptr(flags), uintptr(reserved), uintptr(unsafe.Pointer(adapterAddresses)), uintptr(unsafe.Pointer(sizePointer)), 0)
if r0 != 0 {
@@ -1638,6 +1651,46 @@ func GetIfEntry(pIfRow *MibIfRow) (errcode error) {
return
}
+func GetIfEntry2Ex(level uint32, row *MibIfRow2) (errcode error) {
+ r0, _, _ := syscall.SyscallN(procGetIfEntry2Ex.Addr(), uintptr(level), uintptr(unsafe.Pointer(row)))
+ if r0 != 0 {
+ errcode = syscall.Errno(r0)
+ }
+ return
+}
+
+func GetUnicastIpAddressEntry(row *MibUnicastIpAddressRow) (errcode error) {
+ r0, _, _ := syscall.SyscallN(procGetUnicastIpAddressEntry.Addr(), uintptr(unsafe.Pointer(row)))
+ if r0 != 0 {
+ errcode = syscall.Errno(r0)
+ }
+ return
+}
+
+func NotifyIpInterfaceChange(family uint16, callback uintptr, callerContext unsafe.Pointer, initialNotification bool, notificationHandle *Handle) (errcode error) {
+ var _p0 uint32
+ if initialNotification {
+ _p0 = 1
+ }
+ r0, _, _ := syscall.SyscallN(procNotifyIpInterfaceChange.Addr(), uintptr(family), uintptr(callback), uintptr(callerContext), uintptr(_p0), uintptr(unsafe.Pointer(notificationHandle)))
+ if r0 != 0 {
+ errcode = syscall.Errno(r0)
+ }
+ return
+}
+
+func NotifyUnicastIpAddressChange(family uint16, callback uintptr, callerContext unsafe.Pointer, initialNotification bool, notificationHandle *Handle) (errcode error) {
+ var _p0 uint32
+ if initialNotification {
+ _p0 = 1
+ }
+ r0, _, _ := syscall.SyscallN(procNotifyUnicastIpAddressChange.Addr(), uintptr(family), uintptr(callback), uintptr(callerContext), uintptr(_p0), uintptr(unsafe.Pointer(notificationHandle)))
+ if r0 != 0 {
+ errcode = syscall.Errno(r0)
+ }
+ return
+}
+
func AddDllDirectory(path *uint16) (cookie uintptr, err error) {
r0, _, e1 := syscall.Syscall(procAddDllDirectory.Addr(), 1, uintptr(unsafe.Pointer(path)), 0, 0)
cookie = uintptr(r0)
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 17d269b35a92..b8db6cb738ae 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -1223,7 +1223,7 @@ github.com/hashicorp/hc-install/product
github.com/hashicorp/hc-install/releases
github.com/hashicorp/hc-install/src
github.com/hashicorp/hc-install/version
-# github.com/hashicorp/hcl/v2 v2.22.0
+# github.com/hashicorp/hcl/v2 v2.23.0
## explicit; go 1.18
github.com/hashicorp/hcl/v2
github.com/hashicorp/hcl/v2/ext/customdecode
@@ -1341,9 +1341,11 @@ github.com/hashicorp/terraform-plugin-sdk/v2/internal/tfdiags
github.com/hashicorp/terraform-plugin-sdk/v2/meta
github.com/hashicorp/terraform-plugin-sdk/v2/plugin
github.com/hashicorp/terraform-plugin-sdk/v2/terraform
-# github.com/hashicorp/terraform-plugin-testing v1.8.0
-## explicit; go 1.21
+# github.com/hashicorp/terraform-plugin-testing v1.11.0
+## explicit; go 1.22.0
+github.com/hashicorp/terraform-plugin-testing/compare
github.com/hashicorp/terraform-plugin-testing/config
+github.com/hashicorp/terraform-plugin-testing/echoprovider
github.com/hashicorp/terraform-plugin-testing/helper/acctest
github.com/hashicorp/terraform-plugin-testing/helper/resource
github.com/hashicorp/terraform-plugin-testing/internal/addrs
@@ -1466,7 +1468,7 @@ github.com/zclconf/go-cty/cty/function/stdlib
github.com/zclconf/go-cty/cty/gocty
github.com/zclconf/go-cty/cty/json
github.com/zclconf/go-cty/cty/set
-# golang.org/x/crypto v0.28.0
+# golang.org/x/crypto v0.29.0
## explicit; go 1.20
golang.org/x/crypto/argon2
golang.org/x/crypto/blake2b
@@ -1501,15 +1503,15 @@ golang.org/x/net/trace
## explicit; go 1.18
golang.org/x/oauth2
golang.org/x/oauth2/internal
-# golang.org/x/sync v0.8.0
+# golang.org/x/sync v0.9.0
## explicit; go 1.18
golang.org/x/sync/errgroup
-# golang.org/x/sys v0.26.0
+# golang.org/x/sys v0.27.0
## explicit; go 1.18
golang.org/x/sys/cpu
golang.org/x/sys/unix
golang.org/x/sys/windows
-# golang.org/x/text v0.19.0
+# golang.org/x/text v0.20.0
## explicit; go 1.18
golang.org/x/text/secure/bidirule
golang.org/x/text/transform
diff --git a/website/allowed-subcategories b/website/allowed-subcategories
index fa46a484f3dc..01e0bbb4265f 100644
--- a/website/allowed-subcategories
+++ b/website/allowed-subcategories
@@ -1,3 +1,4 @@
+
AAD B2C
API Management
Active Directory Domain Services
diff --git a/website/docs/ephemeral-resources/key_vault_certificate.html.markdown b/website/docs/ephemeral-resources/key_vault_certificate.html.markdown
new file mode 100644
index 000000000000..a0b6b4c93a75
--- /dev/null
+++ b/website/docs/ephemeral-resources/key_vault_certificate.html.markdown
@@ -0,0 +1,53 @@
+---
+subcategory: "Key Vault"
+layout: "azurerm"
+page_title: "Azure Resource Manager: azurerm_key_vault_certificate"
+description: |-
+ Gets information about an existing Key Vault Certificate.
+---
+
+# Ephemeral: azurerm_key_vault_certificate
+
+~> Ephemeral Resources are supported in Terraform 1.10 and later.
+
+Use this to access information about an existing Key Vault Certificate.
+
+## Example Usage
+
+```hcl
+data "azurerm_key_vault" "example" {
+ name = "examplekv"
+ resource_group_name = "some-resource-group"
+}
+
+ephemeral "azurerm_key_vault_certificate" "example" {
+ name = "secret-sauce"
+ key_vault_id = data.azurerm_key_vault.example.id
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `name` - (Required) Specifies the name of the Key Vault Certificate.
+
+* `key_vault_id` - (Required) Specifies the ID of the Key Vault instance where the Certificate resides, available on the `azurerm_key_vault` Data Source / Resource.
+
+* `version` - (Optional) Specifies the version of the Key Vault Certificate. Defaults to the current version of the Key Vault Certificate.
+
+~> **NOTE:** The vault must be in the same subscription as the provider. If the vault is in another subscription, you must create an aliased provider for that subscription.
+
+## Attributes Reference
+
+The following attributes are exported:
+
+* `hex` - The raw Key Vault Certificate data represented as a hexadecimal string.
+
+* `pem` - The Key Vault Certificate in PEM format.
+
+* `key` - The Key Vault Certificate Key.
+
+* `expiration_date` - The date and time at which the Key Vault Certificate expires and is no longer valid.
+
+* `not_before_date` - The earliest date at which the Key Vault Certificate can be used.
diff --git a/website/docs/ephemeral-resources/key_vault_secret.html.markdown b/website/docs/ephemeral-resources/key_vault_secret.html.markdown
new file mode 100644
index 000000000000..976d5a206b73
--- /dev/null
+++ b/website/docs/ephemeral-resources/key_vault_secret.html.markdown
@@ -0,0 +1,49 @@
+---
+subcategory: "Key Vault"
+layout: "azurerm"
+page_title: "Azure Resource Manager: azurerm_key_vault_secret"
+description: |-
+ Gets information about an existing Key Vault Secret.
+---
+
+# Ephemeral: azurerm_key_vault_secret
+
+~> Ephemeral Resources are supported in Terraform 1.10 and later.
+
+Use this to access information about an existing Key Vault Secret.
+
+## Example Usage
+
+```hcl
+data "azurerm_key_vault" "example" {
+ name = "examplekv"
+ resource_group_name = "some-resource-group"
+}
+
+ephemeral "azurerm_key_vault_secret" "example" {
+ name = "secret-sauce"
+ key_vault_id = data.azurerm_key_vault.example.id
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `name` - (Required) Specifies the name of the Key Vault Secret.
+
+* `key_vault_id` - (Required) Specifies the ID of the Key Vault instance where the Secret resides, available on the `azurerm_key_vault` Data Source / Resource.
+
+* `version` - (Optional) Specifies the version of the Key Vault Secret. Defaults to the current version of the Key Vault Secret.
+
+~> **NOTE:** The vault must be in the same subscription as the provider. If the vault is in another subscription, you must create an aliased provider for that subscription.
+
+## Attributes Reference
+
+The following attributes are exported:
+
+* `expiration_date` - The date and time at which the Key Vault Secret expires and is no longer valid.
+
+* `not_before_date` - The earliest date at which the Key Vault Secret can be used.
+
+* `value` - The Key Vault Secret value.