diff --git a/go.mod b/go.mod index 0dd4b39da635..8782b5afbbe8 100644 --- a/go.mod +++ b/go.mod @@ -18,7 +18,7 @@ require ( github.com/aliyun/alibaba-cloud-sdk-go v0.0.0-20190620160927-9418d7b0cd0f github.com/aliyun/aliyun-oss-go-sdk v0.0.0-20190307165228-86c17b95fcd5 github.com/apple/foundationdb/bindings/go v0.0.0-20190411004307-cd5c9d91fad2 - github.com/armon/go-metrics v0.3.1 + github.com/armon/go-metrics v0.3.3 github.com/armon/go-proxyproto v0.0.0-20190211145416-68259f75880e github.com/armon/go-radix v1.0.0 github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf diff --git a/go.sum b/go.sum index 6a6af61a67c6..54c2e72b4cd7 100644 --- a/go.sum +++ b/go.sum @@ -87,6 +87,8 @@ github.com/armon/go-metrics v0.3.0 h1:B7AQgHi8QSEi4uHu7Sbsga+IJDU+CENgjxoo81vDUq github.com/armon/go-metrics v0.3.0/go.mod h1:zXjbSimjXTd7vOpY8B0/2LpvNvDoXBuplAD+gJD3GYs= github.com/armon/go-metrics v0.3.1 h1:oNd9vmHdQuYICjy5hE2Ysz2rsIOBl4z7xA6IErlfd48= github.com/armon/go-metrics v0.3.1/go.mod h1:4O98XIr/9W0sxpJ8UaYkvjk10Iff7SnFrb4QAOwNTFc= +github.com/armon/go-metrics v0.3.3 h1:a9F4rlj7EWWrbj7BYw8J8+x+ZZkJeqzNyRk8hdPF+ro= +github.com/armon/go-metrics v0.3.3/go.mod h1:4O98XIr/9W0sxpJ8UaYkvjk10Iff7SnFrb4QAOwNTFc= github.com/armon/go-proxyproto v0.0.0-20190211145416-68259f75880e h1:h0gP0hBU6DsA5IQduhLWGOEfIUKzJS5hhXQBSgHuF/g= github.com/armon/go-proxyproto v0.0.0-20190211145416-68259f75880e/go.mod h1:QmP9hvJ91BbJmGVGSbutW19IC0Q9phDCLGaomwTJbgU= github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= diff --git a/vendor/github.com/armon/go-metrics/metrics.go b/vendor/github.com/armon/go-metrics/metrics.go index 4920d68324a3..457b74bb53ca 100644 --- a/vendor/github.com/armon/go-metrics/metrics.go +++ b/vendor/github.com/armon/go-metrics/metrics.go @@ -269,10 +269,25 @@ func (m *Metrics) emitRuntimeStats() { m.lastNumGC = num } -// Inserts a string value at an index into the slice +// Creates a new slice with the provided string value as the first element +// and the provided slice values as the remaining values. +// Ordering of the values in the provided input slice is kept in tact in the output slice. func insert(i int, v string, s []string) []string { - s = append(s, "") - copy(s[i+1:], s[i:]) - s[i] = v - return s + // Allocate new slice to avoid modifying the input slice + newS := make([]string, len(s)+1) + + // Copy s[0, i-1] into newS + for j := 0; j < i; j++ { + newS[j] = s[j] + } + + // Insert provided element at index i + newS[i] = v + + // Copy s[i, len(s)-1] into newS starting at newS[i+1] + for j := i; j < len(s); j++ { + newS[j+1] = s[j] + } + + return newS } diff --git a/vendor/github.com/armon/go-metrics/prometheus/prometheus.go b/vendor/github.com/armon/go-metrics/prometheus/prometheus.go index fe0451e3d971..8a23424fbec1 100644 --- a/vendor/github.com/armon/go-metrics/prometheus/prometheus.go +++ b/vendor/github.com/armon/go-metrics/prometheus/prometheus.go @@ -1,4 +1,4 @@ -// +build go1.3 +// +build go1.9 package prometheus @@ -32,11 +32,11 @@ type PrometheusOpts struct { } type PrometheusSink struct { - mu sync.Mutex - gauges map[string]prometheus.Gauge - summaries map[string]prometheus.Summary - counters map[string]prometheus.Counter - updates map[string]time.Time + // If these will ever be copied, they should be converted to *sync.Map values and initialized appropriately + gauges sync.Map + summaries sync.Map + counters sync.Map + updates sync.Map expiration time.Duration } @@ -48,10 +48,10 @@ func NewPrometheusSink() (*PrometheusSink, error) { // NewPrometheusSinkFrom creates a new PrometheusSink using the passed options. func NewPrometheusSinkFrom(opts PrometheusOpts) (*PrometheusSink, error) { sink := &PrometheusSink{ - gauges: make(map[string]prometheus.Gauge), - summaries: make(map[string]prometheus.Summary), - counters: make(map[string]prometheus.Counter), - updates: make(map[string]time.Time), + gauges: sync.Map{}, + summaries: sync.Map{}, + counters: sync.Map{}, + updates: sync.Map{}, expiration: opts.Expiration, } @@ -69,38 +69,38 @@ func (p *PrometheusSink) Describe(c chan<- *prometheus.Desc) { // logic to clean up ephemeral metrics if their value haven't been set for a // duration exceeding our allowed expiration time. func (p *PrometheusSink) Collect(c chan<- prometheus.Metric) { - p.mu.Lock() - defer p.mu.Unlock() - expire := p.expiration != 0 now := time.Now() - for k, v := range p.gauges { - last := p.updates[k] - if expire && last.Add(p.expiration).Before(now) { - delete(p.updates, k) - delete(p.gauges, k) + p.gauges.Range(func(k, v interface{}) bool { + last, _ := p.updates.Load(k) + if expire && last.(time.Time).Add(p.expiration).Before(now) { + p.updates.Delete(k) + p.gauges.Delete(k) } else { - v.Collect(c) + v.(prometheus.Gauge).Collect(c) } - } - for k, v := range p.summaries { - last := p.updates[k] - if expire && last.Add(p.expiration).Before(now) { - delete(p.updates, k) - delete(p.summaries, k) + return true + }) + p.summaries.Range(func(k, v interface{}) bool { + last, _ := p.updates.Load(k) + if expire && last.(time.Time).Add(p.expiration).Before(now) { + p.updates.Delete(k) + p.summaries.Delete(k) } else { - v.Collect(c) + v.(prometheus.Summary).Collect(c) } - } - for k, v := range p.counters { - last := p.updates[k] - if expire && last.Add(p.expiration).Before(now) { - delete(p.updates, k) - delete(p.counters, k) + return true + }) + p.counters.Range(func(k, v interface{}) bool { + last, _ := p.updates.Load(k) + if expire && last.(time.Time).Add(p.expiration).Before(now) { + p.updates.Delete(k) + p.counters.Delete(k) } else { - v.Collect(c) + v.(prometheus.Counter).Collect(c) } - } + return true + }) } var forbiddenChars = regexp.MustCompile("[ .=\\-/]") @@ -130,20 +130,18 @@ func (p *PrometheusSink) SetGauge(parts []string, val float32) { } func (p *PrometheusSink) SetGaugeWithLabels(parts []string, val float32, labels []metrics.Label) { - p.mu.Lock() - defer p.mu.Unlock() key, hash := p.flattenKey(parts, labels) - g, ok := p.gauges[hash] + g, ok := p.gauges.Load(hash) if !ok { g = prometheus.NewGauge(prometheus.GaugeOpts{ Name: key, Help: key, ConstLabels: prometheusLabels(labels), }) - p.gauges[hash] = g + p.gauges.Store(hash, g) } - g.Set(float64(val)) - p.updates[hash] = time.Now() + g.(prometheus.Gauge).Set(float64(val)) + p.updates.Store(hash, time.Now()) } func (p *PrometheusSink) AddSample(parts []string, val float32) { @@ -151,22 +149,20 @@ func (p *PrometheusSink) AddSample(parts []string, val float32) { } func (p *PrometheusSink) AddSampleWithLabels(parts []string, val float32, labels []metrics.Label) { - p.mu.Lock() - defer p.mu.Unlock() key, hash := p.flattenKey(parts, labels) - g, ok := p.summaries[hash] + g, ok := p.summaries.Load(hash) if !ok { g = prometheus.NewSummary(prometheus.SummaryOpts{ Name: key, Help: key, MaxAge: 10 * time.Second, ConstLabels: prometheusLabels(labels), - Objectives: map[float64]float64{0.5: 0.05, 0.9: 0.01, 0.99: 0.001}, + Objectives: map[float64]float64{0.5: 0.05, 0.9: 0.01, 0.99: 0.001}, }) - p.summaries[hash] = g + p.summaries.Store(hash, g) } - g.Observe(float64(val)) - p.updates[hash] = time.Now() + g.(prometheus.Summary).Observe(float64(val)) + p.updates.Store(hash, time.Now()) } // EmitKey is not implemented. Prometheus doesn’t offer a type for which an @@ -180,20 +176,18 @@ func (p *PrometheusSink) IncrCounter(parts []string, val float32) { } func (p *PrometheusSink) IncrCounterWithLabels(parts []string, val float32, labels []metrics.Label) { - p.mu.Lock() - defer p.mu.Unlock() key, hash := p.flattenKey(parts, labels) - g, ok := p.counters[hash] + g, ok := p.counters.Load(hash) if !ok { g = prometheus.NewCounter(prometheus.CounterOpts{ Name: key, Help: key, ConstLabels: prometheusLabels(labels), }) - p.counters[hash] = g + p.counters.Store(hash, g) } - g.Add(float64(val)) - p.updates[hash] = time.Now() + g.(prometheus.Counter).Add(float64(val)) + p.updates.Store(hash, time.Now()) } type PrometheusPushSink struct { @@ -207,10 +201,10 @@ type PrometheusPushSink struct { func NewPrometheusPushSink(address string, pushIterval time.Duration, name string) (*PrometheusPushSink, error) { promSink := &PrometheusSink{ - gauges: make(map[string]prometheus.Gauge), - summaries: make(map[string]prometheus.Summary), - counters: make(map[string]prometheus.Counter), - updates: make(map[string]time.Time), + gauges: sync.Map{}, + summaries: sync.Map{}, + counters: sync.Map{}, + updates: sync.Map{}, expiration: 60 * time.Second, } diff --git a/vendor/github.com/hashicorp/vault-plugin-secrets-openldap/client/schema.go b/vendor/github.com/hashicorp/vault-plugin-secrets-openldap/client/schema.go index 3d9d65f7dd37..95feaed7c168 100644 --- a/vendor/github.com/hashicorp/vault-plugin-secrets-openldap/client/schema.go +++ b/vendor/github.com/hashicorp/vault-plugin-secrets-openldap/client/schema.go @@ -28,7 +28,7 @@ func GetSchemaFieldRegistry(schema string, newPassword string) (map[*Field][]str case "racf": fields := map[*Field][]string{ FieldRegistry.RACFPassword: {newPassword}, - FieldRegistry.RACFAttributes: {"noexpire"}, + FieldRegistry.RACFAttributes: {"noexpired"}, } return fields, nil default: diff --git a/vendor/github.com/hashicorp/vault/sdk/helper/awsutil/generate_credentials.go b/vendor/github.com/hashicorp/vault/sdk/helper/awsutil/generate_credentials.go index 83c134a56e2a..b4bdcc6a9f62 100644 --- a/vendor/github.com/hashicorp/vault/sdk/helper/awsutil/generate_credentials.go +++ b/vendor/github.com/hashicorp/vault/sdk/helper/awsutil/generate_credentials.go @@ -3,10 +3,15 @@ package awsutil import ( "fmt" "net/http" + "os" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/credentials" + "github.com/aws/aws-sdk-go/aws/credentials/stscreds" "github.com/aws/aws-sdk-go/aws/defaults" + "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/sts" + "github.com/pkg/errors" ) type CredentialsConfig struct { @@ -54,6 +59,20 @@ func (c *CredentialsConfig) GenerateCredentialChain() (*credentials.Credentials, "static AWS client credentials haven't been properly configured (the access key or secret key were provided but not both)") } + roleARN := os.Getenv("AWS_ROLE_ARN") + tokenPath := os.Getenv("AWS_WEB_IDENTITY_TOKEN_FILE") + sessionName := os.Getenv("AWS_ROLE_SESSION_NAME") + if roleARN != "" && tokenPath != "" && sessionName != "" { + // this session is only created to create the WebIdentityRoleProvider, as the env variables are already there + // this automatically assumes the role, but the provider needs to be added to the chain + sess, err := session.NewSession() + if err != nil { + return nil, errors.Wrap(err, "error creating a new session to create a WebIdentityRoleProvider") + } + //Add the web identity role credential provider + providers = append(providers, stscreds.NewWebIdentityRoleProvider(sts.New(sess), roleARN, sessionName, tokenPath)) + } + // Add the environment credential provider providers = append(providers, &credentials.EnvProvider{}) @@ -77,7 +96,7 @@ func (c *CredentialsConfig) GenerateCredentialChain() (*credentials.Credentials, // Create the credentials required to access the API. creds := credentials.NewChainCredentials(providers) if creds == nil { - return nil, fmt.Errorf("could not compile valid credential providers from static config, environment, shared, or instance metadata") + return nil, fmt.Errorf("could not compile valid credential providers from static config, environment, shared, web identity or instance metadata") } return creds, nil diff --git a/vendor/modules.txt b/vendor/modules.txt index 1b3a4eed5126..e748f889d478 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -94,7 +94,7 @@ github.com/apple/foundationdb/bindings/go/src/fdb github.com/apple/foundationdb/bindings/go/src/fdb/directory github.com/apple/foundationdb/bindings/go/src/fdb/subspace github.com/apple/foundationdb/bindings/go/src/fdb/tuple -# github.com/armon/go-metrics v0.3.1 +# github.com/armon/go-metrics v0.3.3 github.com/armon/go-metrics github.com/armon/go-metrics/circonus github.com/armon/go-metrics/datadog @@ -425,7 +425,7 @@ github.com/hashicorp/vault-plugin-secrets-gcpkms github.com/hashicorp/vault-plugin-secrets-kv # github.com/hashicorp/vault-plugin-secrets-mongodbatlas v0.1.0-beta1 github.com/hashicorp/vault-plugin-secrets-mongodbatlas -# github.com/hashicorp/vault-plugin-secrets-openldap v0.1.0-beta1.0.20200304213227-4e174d6dcb2c +# github.com/hashicorp/vault-plugin-secrets-openldap v0.1.0-beta1.0.20200306174116-e7553b03b931 github.com/hashicorp/vault-plugin-secrets-openldap github.com/hashicorp/vault-plugin-secrets-openldap/client # github.com/hashicorp/vault/api v1.0.5-0.20200215224050-f6547fa8e820 => ./api