From 059aa40b998d39e4d1f8b514ba564b4960f790fa Mon Sep 17 00:00:00 2001 From: Tommy Xiao Date: Thu, 17 Oct 2024 15:42:31 +0800 Subject: [PATCH] Update Kubernetes to v1.31.1 Signed-off-by: Tommy Xiao --- Dockerfile.dapper | 89 +- Makefile | 2 +- cmd/server/main.go | 30 +- go.mod | 649 ++++--- go.sum | 2090 +++++++++++++++------ main.go | 28 +- pkg/agent/config/config.go | 188 +- pkg/agent/config/config_internal_test.go | 40 + pkg/agent/config/config_linux.go | 32 +- pkg/agent/config/config_linux_test.go | 165 ++ pkg/agent/config/config_windows.go | 23 +- pkg/agent/containerd/config.go | 288 +++ pkg/agent/containerd/config_linux.go | 66 +- pkg/agent/containerd/config_test.go | 1517 +++++++++++++++ pkg/agent/containerd/config_windows.go | 51 +- pkg/agent/containerd/containerd.go | 237 ++- pkg/agent/https/https.go | 113 ++ pkg/agent/loadbalancer/servers.go | 183 +- pkg/agent/proxy/apiproxy.go | 44 +- pkg/agent/run.go | 125 +- pkg/agent/syssetup/setup.go | 1 - pkg/agent/syssetup/setup_windows.go | 5 - pkg/certmonitor/certmonitor.go | 136 ++ pkg/cli/cert/cert.go | 267 ++- pkg/cli/crictl/crictl.go | 2 +- pkg/cli/secretsencrypt/secrets_encrypt.go | 58 +- pkg/codegen/main.go | 6 +- pkg/daemons/config/types.go | 111 +- pkg/daemons/control/deps/deps.go | 28 +- pkg/metrics/metrics.go | 51 + pkg/nodeconfig/nodeconfig_test.go | 12 +- pkg/nodepassword/nodepassword.go | 6 +- pkg/nodepassword/nodepassword_test.go | 8 +- pkg/proctitle/proctile_windows.go | 6 + pkg/proctitle/proctitle.go | 12 + pkg/profile/profile.go | 38 + pkg/rootless/rootless.go | 35 +- pkg/secretsencrypt/config.go | 158 +- pkg/secretsencrypt/controller.go | 241 --- pkg/server/{ => auth}/auth.go | 58 +- pkg/server/context.go | 13 +- pkg/server/router.go | 112 +- pkg/server/secrets-encrypt.go | 291 ++- pkg/server/server.go | 40 +- pkg/spegel/bootstrap.go | 201 ++ pkg/spegel/registry.go | 44 + pkg/spegel/spegel.go | 260 +++ pkg/util/apierrors.go | 85 + pkg/util/file.go | 76 + pkg/util/net.go | 181 +- pkg/util/services/services.go | 147 ++ pkg/util/services/services_test.go | 247 +++ pkg/vpn/vpn.go | 161 ++ vendor.go | 17 - 54 files changed, 7135 insertions(+), 1939 deletions(-) create mode 100644 pkg/agent/config/config_internal_test.go create mode 100644 pkg/agent/config/config_linux_test.go create mode 100644 pkg/agent/containerd/config.go create mode 100644 pkg/agent/containerd/config_test.go create mode 100644 pkg/agent/https/https.go delete mode 100644 pkg/agent/syssetup/setup_windows.go create mode 100644 pkg/certmonitor/certmonitor.go create mode 100644 pkg/metrics/metrics.go create mode 100644 pkg/proctitle/proctile_windows.go create mode 100644 pkg/proctitle/proctitle.go create mode 100644 pkg/profile/profile.go delete mode 100644 pkg/secretsencrypt/controller.go rename pkg/server/{ => auth}/auth.go (50%) create mode 100644 pkg/spegel/bootstrap.go create mode 100644 pkg/spegel/registry.go create mode 100644 pkg/spegel/spegel.go create mode 100644 pkg/util/apierrors.go create mode 100644 pkg/util/services/services.go create mode 100644 pkg/util/services/services_test.go create mode 100644 pkg/vpn/vpn.go delete mode 100644 vendor.go diff --git a/Dockerfile.dapper b/Dockerfile.dapper index 6514e0f0e..643b12651 100644 --- a/Dockerfile.dapper +++ b/Dockerfile.dapper @@ -1,57 +1,64 @@ -ARG GOLANG=golang:1.20.10-alpine3.18 +ARG GOLANG=golang:1.22.6-alpine3.20 FROM ${GOLANG} -ARG http_proxy=$http_proxy -ARG https_proxy=$https_proxy -ARG no_proxy=$no_proxy -ENV http_proxy=$http_proxy -ENV https_proxy=$https_proxy -ENV no_proxy=$no_proxy - -RUN apk -U --no-cache add bash git gcc musl-dev docker vim less file curl wget ca-certificates jq linux-headers \ - zlib-dev tar zip squashfs-tools npm coreutils python3 openssl-dev libffi-dev libseccomp libseccomp-dev \ - libseccomp-static make libuv-static sqlite-dev sqlite-static libselinux libselinux-dev zlib-dev zlib-static \ - zstd pigz alpine-sdk binutils-gold btrfs-progs-dev btrfs-progs-static gawk yq \ - && \ - if [ "$(go env GOARCH)" = "amd64" ]; then \ - apk -U --no-cache add mingw-w64-gcc; \ - fi +# Set proxy environment variables +ARG http_proxy +ARG https_proxy +ARG no_proxy +ENV http_proxy=${http_proxy} \ + https_proxy=${https_proxy} \ + no_proxy=${no_proxy} + +# Install necessary packages +RUN apk -U --no-cache add \ + bash git gcc musl-dev docker vim less file curl wget ca-certificates jq linux-headers \ + zlib-dev tar zip squashfs-tools npm coreutils python3 py3-pip openssl-dev libffi-dev libseccomp \ + libseccomp-dev libseccomp-static make libuv-static sqlite-dev sqlite-static libselinux \ + libselinux-dev zlib-dev zlib-static zstd pigz alpine-sdk binutils-gold btrfs-progs-dev \ + btrfs-progs-static gawk yq pipx \ + && [ "$(go env GOARCH)" = "amd64" ] && apk -U --no-cache add mingw-w64-gcc || true -RUN TRIVY_VERSION="0.43.1" && \ - if [ "$(go env GOARCH)" != "arm" ] && [ "$(go env GOARCH)" != "386" ]; then \ - if [ "$(go env GOARCH)" = "arm64" ]; then \ - # Turn arm64 into uppercase ARM64 for Trivy's download - TRIVY_ARCH=$(go env GOARCH | tr "[:lower:]" "[:upper:]") && \ - wget --no-verbose "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-${TRIVY_ARCH}.tar.gz" && \ - tar -zxvf "trivy_${TRIVY_VERSION}_Linux-${TRIVY_ARCH}.tar.gz" && \ - mv trivy /usr/local/bin; \ - elif [ "$(go env GOARCH)" = "amd64" ]; then \ - wget --no-verbose "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" && \ - tar -zxvf "trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" && \ - mv trivy /usr/local/bin; \ - fi \ +# Install Trivy +ENV TRIVY_VERSION="0.56.2" +RUN case "$(go env GOARCH)" in \ + arm64) TRIVY_ARCH="ARM64" ;; \ + amd64) TRIVY_ARCH="64bit" ;; \ + s390x) TRIVY_ARCH="s390x" ;; \ + *) TRIVY_ARCH="" ;; \ + esac +RUN if [ -n "${TRIVY_ARCH}" ]; then \ + wget --no-verbose "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-${TRIVY_ARCH}.tar.gz" \ + && tar -zxvf "trivy_${TRIVY_VERSION}_Linux-${TRIVY_ARCH}.tar.gz" \ + && mv trivy /usr/local/bin; \ fi -# this works for both go 1.17 and 1.18 -RUN GOPROXY=direct go install golang.org/x/tools/cmd/goimports@gopls/v0.8.2 +# Install goimports +RUN GOPROXY=direct go install golang.org/x/tools/cmd/goimports@gopls/v0.11.0 + +# Cleanup RUN rm -rf /go/src /go/pkg +# Install golangci-lint for amd64 RUN if [ "$(go env GOARCH)" = "amd64" ]; then \ - curl -sL https://raw.githubusercontent.com/golangci/golangci-lint/v1.45.2/install.sh | sh -s; \ + curl -sL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s v1.55.2; \ fi +# Set SELINUX environment variable ARG SELINUX=true -ENV SELINUX $SELINUX +ENV SELINUX=${SELINUX} +# Set Dapper configuration variables ENV DAPPER_RUN_ARGS --privileged -v k8e-cache:/go/src/github.com/xiaods/k8e/.cache -v trivy-cache:/root/.cache/trivy -ENV DAPPER_ENV REPO TAG RELEASE_TAG IMAGE_NAME SKIP_VALIDATE GCLOUD_AUTH GITHUB_TOKEN GOLANG GOOS GOARCH DEBUG -ENV DAPPER_SOURCE /go/src/github.com/xiaods/k8e/ -ENV DAPPER_OUTPUT ./bin ./dist ./build/out ./build/static ./pkg/static ./pkg/deploy - -ENV DAPPER_DOCKER_SOCKET true -ENV HOME ${DAPPER_SOURCE} -ENV CROSS true -ENV STATIC_BUILD true + DAPPER_ENV REPO TAG RELEASE_TAG IMAGE_NAME SKIP_VALIDATE GCLOUD_AUTH GITHUB_TOKEN GOLANG GOOS GOARCH DEBUG + DAPPER_SOURCE="/go/src/github.com/xiaods/k8e/" \ + DAPPER_OUTPUT ./bin ./dist ./build/out ./build/static ./pkg/static ./pkg/deploy \ + DAPPER_DOCKER_SOCKET=true \ + CROSS=true \ + STATIC_BUILD=true + +# Set $HOME separately because it refers to $DAPPER_SOURCE, set above +ENV HOME=${DAPPER_SOURCE} + WORKDIR ${DAPPER_SOURCE} ENTRYPOINT ["./hack/entry.sh"] diff --git a/Makefile b/Makefile index a57b40e8f..c6ff75f7d 100644 --- a/Makefile +++ b/Makefile @@ -3,7 +3,7 @@ GO_FILES ?= $$(find . -name '*.go' | grep -v generated) .dapper: @echo Downloading dapper - @curl -sL https://releases.rancher.com/dapper/v0.5.7/dapper-$$(uname -s)-$$(uname -m) > .dapper.tmp + @curl -sL https://releases.rancher.com/dapper/v0.6.0/dapper-$$(uname -s)-$$(uname -m) > .dapper.tmp @@chmod +x .dapper.tmp @./.dapper.tmp -v @mv .dapper.tmp .dapper diff --git a/cmd/server/main.go b/cmd/server/main.go index f4d82eecc..68f9db11b 100644 --- a/cmd/server/main.go +++ b/cmd/server/main.go @@ -7,7 +7,6 @@ import ( "path/filepath" "github.com/docker/docker/pkg/reexec" - crictl2 "github.com/kubernetes-sigs/cri-tools/cmd/crictl" "github.com/sirupsen/logrus" "github.com/urfave/cli" "github.com/xiaods/k8e/pkg/cli/agent" @@ -25,6 +24,7 @@ import ( "github.com/xiaods/k8e/pkg/containerd" ctr2 "github.com/xiaods/k8e/pkg/ctr" kubectl2 "github.com/xiaods/k8e/pkg/kubectl" + crictl2 "sigs.k8s.io/cri-tools/cmd/crictl" ) func init() { @@ -56,23 +56,23 @@ func main() { token.List, token.Rotate, ), - cmds.NewEtcdSnapshotCommand(etcdsnapshot.Save, - cmds.NewEtcdSnapshotSubcommands( - etcdsnapshot.Delete, - etcdsnapshot.List, - etcdsnapshot.Prune, - etcdsnapshot.Save), + cmds.NewEtcdSnapshotCommands( + etcdsnapshot.Delete, + etcdsnapshot.List, + etcdsnapshot.Prune, + etcdsnapshot.Save, ), - cmds.NewSecretsEncryptCommand(cli.ShowAppHelp, - cmds.NewSecretsEncryptSubcommands( - secretsencrypt.Status, - secretsencrypt.Enable, - secretsencrypt.Disable, - secretsencrypt.Prepare, - secretsencrypt.Rotate, - secretsencrypt.Reencrypt), + cmds.NewSecretsEncryptCommands( + secretsencrypt.Status, + secretsencrypt.Enable, + secretsencrypt.Disable, + secretsencrypt.Prepare, + secretsencrypt.Rotate, + secretsencrypt.Reencrypt, + secretsencrypt.RotateKeys, ), cmds.NewCertCommands( + cert.Check, cert.Rotate, cert.RotateCA, ), diff --git a/go.mod b/go.mod index c38a4faf6..b67b8f1ab 100644 --- a/go.mod +++ b/go.mod @@ -1,407 +1,482 @@ module github.com/xiaods/k8e -go 1.19 +go 1.22.5 replace ( - github.com/Microsoft/hcsshim => github.com/Microsoft/hcsshim v0.8.25 - github.com/Mirantis/cri-dockerd => github.com/k3s-io/cri-dockerd v0.3.2-0.20230123224908-ae42b30520de // k3s/release-1.25 - github.com/containerd/cgroups => github.com/containerd/cgroups v1.0.1 - github.com/containerd/containerd => github.com/k3s-io/containerd v1.5.18-k3s1 - github.com/containerd/stargz-snapshotter => github.com/k3s-io/stargz-snapshotter v0.14.3-k3s1 - github.com/coreos/go-systemd => github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e - github.com/docker/distribution => github.com/docker/distribution v2.8.2+incompatible - github.com/docker/docker => github.com/docker/docker v20.10.26-0.20230802055016-791d8ab87747+incompatible - github.com/docker/libnetwork => github.com/docker/libnetwork v0.8.0-dev.2.0.20190624125649-f0e46a78ea34 - github.com/emicklei/go-restful/v3 => github.com/emicklei/go-restful/v3 v3.9.0 - github.com/golang/protobuf => github.com/golang/protobuf v1.5.2 - github.com/google/cadvisor => github.com/google/cadvisor v0.44.2 - github.com/googleapis/gax-go/v2 => github.com/googleapis/gax-go/v2 v2.1.1 - github.com/juju/errors => github.com/k3s-io/nocode v0.0.0-20200630202308-cb097102c09f - github.com/kubernetes-sigs/cri-tools => github.com/k3s-io/cri-tools v1.25.0-k3s1 - github.com/opencontainers/image-spec => github.com/opencontainers/image-spec v1.0.3-0.20211202183452-c5a74bcca799 - github.com/opencontainers/runc => github.com/opencontainers/runc v1.1.8 - github.com/opencontainers/runtime-spec => github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417 - github.com/opencontainers/selinux => github.com/opencontainers/selinux v1.10.1 - github.com/rancher/wrangler => github.com/rancher/wrangler v1.1.1-0.20230807182002-35cb42e6a915 - go.etcd.io/etcd/api/v3 => github.com/k3s-io/etcd/api/v3 v3.5.3-k3s1 - go.etcd.io/etcd/client/pkg/v3 => github.com/k3s-io/etcd/client/pkg/v3 v3.5.3-k3s1 - go.etcd.io/etcd/client/v3 => github.com/k3s-io/etcd/client/v3 v3.5.3-k3s1 - go.etcd.io/etcd/etcdutl/v3 => github.com/k3s-io/etcd/etcdutl/v3 v3.5.3-k3s1 - go.etcd.io/etcd/server/v3 => github.com/k3s-io/etcd/server/v3 v3.5.3-k3s1 - go.opentelemetry.io/contrib => go.opentelemetry.io/contrib v0.20.0 - go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful => go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful v0.20.0 - go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc => go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.20.0 - go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp => go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.20.0 - go.opentelemetry.io/contrib/propagators => go.opentelemetry.io/contrib/propagators v0.20.0 - go.opentelemetry.io/otel => go.opentelemetry.io/otel v0.20.0 - go.opentelemetry.io/otel/exporters/otlp => go.opentelemetry.io/otel/exporters/otlp v0.20.0 - go.opentelemetry.io/otel/metric => go.opentelemetry.io/otel/metric v0.20.0 - go.opentelemetry.io/otel/oteltest => go.opentelemetry.io/otel/oteltest v0.20.0 - go.opentelemetry.io/otel/sdk => go.opentelemetry.io/otel/sdk v0.20.0 - go.opentelemetry.io/otel/sdk/export/metric => go.opentelemetry.io/otel/sdk/export/metric v0.20.0 - go.opentelemetry.io/otel/sdk/metric => go.opentelemetry.io/otel/sdk/metric v0.20.0 - go.opentelemetry.io/otel/trace => go.opentelemetry.io/otel/trace v0.20.0 - go.opentelemetry.io/proto/otlp => go.opentelemetry.io/proto/otlp v0.7.0 - golang.org/x/crypto => golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd - golang.org/x/net => golang.org/x/net v0.17.0 - golang.org/x/sys => golang.org/x/sys v0.2.0 - google.golang.org/api => google.golang.org/api v0.60.0 - google.golang.org/genproto => google.golang.org/genproto v0.0.0-20220107163113-42d7afdf6368 - google.golang.org/grpc => google.golang.org/grpc v1.58.3 - gopkg.in/square/go-jose.v2 => gopkg.in/square/go-jose.v2 v2.2.2 - k8s.io/api => github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.25.16-k3s1 - k8s.io/apiextensions-apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.25.16-k3s1 - k8s.io/apimachinery => github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.25.16-k3s1 - k8s.io/apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.25.16-k3s1 - k8s.io/cli-runtime => github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.25.16-k3s1 - k8s.io/client-go => github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.25.16-k3s1 - k8s.io/cloud-provider => github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.25.16-k3s1 - k8s.io/cluster-bootstrap => github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.25.16-k3s1 - k8s.io/code-generator => github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.25.16-k3s1 - k8s.io/component-base => github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.25.16-k3s1 - k8s.io/component-helpers => github.com/k3s-io/kubernetes/staging/src/k8s.io/component-helpers v1.25.16-k3s1 - k8s.io/controller-manager => github.com/k3s-io/kubernetes/staging/src/k8s.io/controller-manager v1.25.16-k3s1 - k8s.io/cri-api => github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.25.16-k3s1 - k8s.io/csi-translation-lib => github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.25.16-k3s1 + github.com/Microsoft/hcsshim => github.com/Microsoft/hcsshim v0.11.7 + github.com/Mirantis/cri-dockerd => github.com/k3s-io/cri-dockerd v0.3.15-k3s1.31-3 //v1.31 + github.com/containerd/containerd => github.com/k3s-io/containerd v1.7.22-k3s1 + github.com/containerd/imgcrypt => github.com/containerd/imgcrypt v1.1.11 + github.com/distribution/reference => github.com/distribution/reference v0.5.0 + github.com/docker/distribution => github.com/docker/distribution v2.8.3+incompatible + github.com/docker/docker => github.com/docker/docker v25.0.6+incompatible + github.com/emicklei/go-restful/v3 => github.com/emicklei/go-restful/v3 v3.11.0 + github.com/golang/protobuf => github.com/golang/protobuf v1.5.4 + github.com/googleapis/gax-go/v2 => github.com/googleapis/gax-go/v2 v2.12.0 + github.com/open-policy-agent/opa => github.com/open-policy-agent/opa v0.59.0 // github.com/Microsoft/hcsshim using bad version v0.42.2 + github.com/opencontainers/runc => github.com/k3s-io/runc v1.1.14-k3s1 + github.com/opencontainers/selinux => github.com/opencontainers/selinux v1.11.0 + github.com/prometheus/client_golang => github.com/prometheus/client_golang v1.19.1 + github.com/prometheus/common => github.com/prometheus/common v0.55.0 + github.com/spegel-org/spegel => github.com/k3s-io/spegel v0.0.23-0.20240516234953-f3d2c4072314 + github.com/ugorji/go => github.com/ugorji/go v1.2.11 + go.etcd.io/etcd/api/v3 => github.com/k3s-io/etcd/api/v3 v3.5.13-k3s1 + go.etcd.io/etcd/client/pkg/v3 => github.com/k3s-io/etcd/client/pkg/v3 v3.5.13-k3s1 + go.etcd.io/etcd/client/v2 => github.com/k3s-io/etcd/client/v2 v2.305.13-k3s1 + go.etcd.io/etcd/client/v3 => github.com/k3s-io/etcd/client/v3 v3.5.13-k3s1 + go.etcd.io/etcd/etcdutl/v3 => github.com/k3s-io/etcd/etcdutl/v3 v3.5.13-k3s1 + go.etcd.io/etcd/pkg/v3 => github.com/k3s-io/etcd/pkg/v3 v3.5.13-k3s1 + go.etcd.io/etcd/raft/v3 => github.com/k3s-io/etcd/raft/v3 v3.5.13-k3s1 + go.etcd.io/etcd/server/v3 => github.com/k3s-io/etcd/server/v3 v3.5.13-k3s1 + go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful => go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful v0.44.0 + go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc => go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.45.0 + golang.org/x/crypto => golang.org/x/crypto v0.24.0 + golang.org/x/net => golang.org/x/net v0.26.0 + golang.org/x/sys => golang.org/x/sys v0.21.0 + google.golang.org/genproto => google.golang.org/genproto v0.0.0-20230525234035-dd9d682886f9 + google.golang.org/grpc => google.golang.org/grpc v1.64.0 + gopkg.in/square/go-jose.v2 => gopkg.in/square/go-jose.v2 v2.6.0 + k8s.io/api => github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.31.1-k3s3 + k8s.io/apiextensions-apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.31.1-k3s3 + k8s.io/apimachinery => github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.31.1-k3s3 + k8s.io/apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.31.1-k3s3 + k8s.io/cli-runtime => github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.31.1-k3s3 + k8s.io/client-go => github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.31.1-k3s3 + k8s.io/cloud-provider => github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.31.1-k3s3 + k8s.io/cluster-bootstrap => github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.31.1-k3s3 + k8s.io/code-generator => github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.31.1-k3s3 + k8s.io/component-base => github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.31.1-k3s3 + k8s.io/component-helpers => github.com/k3s-io/kubernetes/staging/src/k8s.io/component-helpers v1.31.1-k3s3 + k8s.io/controller-manager => github.com/k3s-io/kubernetes/staging/src/k8s.io/controller-manager v1.31.1-k3s3 + k8s.io/cri-api => github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.31.1-k3s3 + k8s.io/csi-translation-lib => github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.31.1-k3s3 + k8s.io/dynamic-resource-allocation => github.com/k3s-io/kubernetes/staging/src/k8s.io/dynamic-resource-allocation v1.31.1-k3s3 + k8s.io/endpointslice => github.com/k3s-io/kubernetes/staging/src/k8s.io/endpointslice v1.31.1-k3s3 k8s.io/klog => github.com/k3s-io/klog v1.0.0-k3s2 // k3s-release-1.x - k8s.io/klog/v2 => github.com/k3s-io/klog/v2 v2.60.1-k3s1 // k3s-main - k8s.io/kube-aggregator => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.25.16-k3s1 - k8s.io/kube-controller-manager => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.25.16-k3s1 - k8s.io/kube-openapi => k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 - k8s.io/kube-proxy => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.25.16-k3s1 - k8s.io/kube-scheduler => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.25.16-k3s1 - k8s.io/kubectl => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.25.16-k3s1 - k8s.io/kubelet => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.25.16-k3s1 - k8s.io/kubernetes => github.com/k3s-io/kubernetes v1.25.16-k3s1 - k8s.io/legacy-cloud-providers => github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.25.16-k3s1 - k8s.io/metrics => github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.25.16-k3s1 - k8s.io/mount-utils => github.com/k3s-io/kubernetes/staging/src/k8s.io/mount-utils v1.25.16-k3s1 - k8s.io/node-api => github.com/k3s-io/kubernetes/staging/src/k8s.io/node-api v1.25.16-k3s1 - k8s.io/pod-security-admission => github.com/k3s-io/kubernetes/staging/src/k8s.io/pod-security-admission v1.25.16-k3s1 - k8s.io/sample-apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-apiserver v1.25.16-k3s1 - k8s.io/sample-cli-plugin => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-cli-plugin v1.25.16-k3s1 - k8s.io/sample-controller => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-controller v1.25.16-k3s1 - mvdan.cc/unparam => mvdan.cc/unparam v0.0.0-20210104141923-aac4ce9116a7 + k8s.io/klog/v2 => github.com/k3s-io/klog/v2 v2.120.1-k3s1 // k3s-main + k8s.io/kms => github.com/k3s-io/kubernetes/staging/src/k8s.io/kms v1.31.1-k3s3 + k8s.io/kube-aggregator => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.31.1-k3s3 + k8s.io/kube-controller-manager => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.31.1-k3s3 + k8s.io/kube-proxy => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.31.1-k3s3 + k8s.io/kube-scheduler => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.31.1-k3s3 + k8s.io/kubectl => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.31.1-k3s3 + k8s.io/kubelet => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.31.1-k3s3 + k8s.io/kubernetes => github.com/k3s-io/kubernetes v1.31.1-k3s3 + k8s.io/metrics => github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.31.1-k3s3 + k8s.io/mount-utils => github.com/k3s-io/kubernetes/staging/src/k8s.io/mount-utils v1.31.1-k3s3 + k8s.io/node-api => github.com/k3s-io/kubernetes/staging/src/k8s.io/node-api v1.31.1-k3s3 + k8s.io/pod-security-admission => github.com/k3s-io/kubernetes/staging/src/k8s.io/pod-security-admission v1.31.1-k3s3 + k8s.io/sample-apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-apiserver v1.31.1-k3s3 + k8s.io/sample-cli-plugin => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-cli-plugin v1.31.1-k3s3 + k8s.io/sample-controller => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-controller v1.31.1-k3s3 + sigs.k8s.io/cri-tools => github.com/k3s-io/cri-tools v1.31.0-k3s2 + sourcegraph.com/sourcegraph/go-diff => github.com/sourcegraph/go-diff v0.6.0 ) require ( github.com/Mirantis/cri-dockerd v0.0.0-00010101000000-000000000000 + github.com/blang/semver/v4 v4.0.0 github.com/containerd/aufs v1.0.0 github.com/containerd/cgroups v1.1.0 - github.com/containerd/containerd v1.7.0-rc.2 - github.com/containerd/fuse-overlayfs-snapshotter v1.0.5 - github.com/containerd/stargz-snapshotter v0.14.3 + github.com/containerd/containerd v1.7.16 + github.com/containerd/fuse-overlayfs-snapshotter v1.0.8 + github.com/containerd/stargz-snapshotter v0.15.1 github.com/containerd/zfs v1.1.0 - github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf - github.com/docker/docker v24.0.5+incompatible + github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e + github.com/coreos/go-systemd/v22 v22.5.0 + github.com/docker/docker v27.1.1+incompatible github.com/erikdubbelboer/gspt v0.0.0-20190125194910-e68493906b83 github.com/go-bindata/go-bindata v3.1.2+incompatible - github.com/go-sql-driver/mysql v1.7.1 + github.com/go-logr/logr v1.4.2 + github.com/go-logr/stdr v1.2.3-0.20220714215716-96bad1d688c5 + github.com/go-sql-driver/mysql v1.8.1 github.com/go-test/deep v1.0.7 github.com/golang/mock v1.6.0 - github.com/google/uuid v1.3.0 - github.com/gorilla/mux v1.8.0 - github.com/gorilla/websocket v1.5.0 - github.com/k3s-io/helm-controller v0.15.4 - github.com/k3s-io/kine v0.11.0 - github.com/klauspost/compress v1.17.2 - github.com/kubernetes-sigs/cri-tools v0.0.0-00010101000000-000000000000 - github.com/lib/pq v1.10.2 - github.com/mattn/go-sqlite3 v1.14.17 - github.com/minio/minio-go/v7 v7.0.33 + github.com/google/cadvisor v0.49.0 + github.com/google/uuid v1.6.0 + github.com/gorilla/mux v1.8.1 + github.com/gorilla/websocket v1.5.1 + github.com/ipfs/go-ds-leveldb v0.5.0 + github.com/ipfs/go-log/v2 v2.5.1 + github.com/k3s-io/helm-controller v0.16.5 + github.com/k3s-io/kine v0.13.2 + github.com/klauspost/compress v1.17.10 + github.com/lib/pq v1.10.9 + github.com/libp2p/go-libp2p v0.33.2 + github.com/mattn/go-sqlite3 v1.14.23 + github.com/minio/minio-go/v7 v7.0.70 github.com/morikuni/aec v1.0.0 + github.com/mwitkow/go-http-dialer v0.0.0-20161116154839-378f744fb2b8 github.com/natefinch/lumberjack v2.0.0+incompatible - github.com/opencontainers/runc v1.1.6 + github.com/opencontainers/runc v1.1.13 github.com/opencontainers/selinux v1.11.0 github.com/otiai10/copy v1.7.0 github.com/pkg/errors v0.9.1 - github.com/rancher/dynamiclistener v0.3.6 - github.com/rancher/lasso v0.0.0-20230830164424-d684fdeb6f29 - github.com/rancher/remotedialer v0.3.0 - github.com/rancher/wharfie v0.5.3 - github.com/rancher/wrangler v1.1.1 + github.com/prometheus/client_golang v1.20.1 + github.com/prometheus/common v0.55.0 + github.com/rancher/dynamiclistener v0.6.0-rc1 + github.com/rancher/lasso v0.0.0-20240724174736-24ab3dbf26f0 + github.com/rancher/permissions v0.0.0-20240523180510-4001d3d637f7 + github.com/rancher/remotedialer v0.4.1 + github.com/rancher/wharfie v0.6.7 + github.com/rancher/wrangler v1.1.2 + github.com/rancher/wrangler/v3 v3.0.0-rc2 github.com/robfig/cron/v3 v3.0.1 github.com/rootless-containers/rootlesskit v1.0.1 github.com/sirupsen/logrus v1.9.3 + github.com/spegel-org/spegel v1.0.18 github.com/spf13/pflag v1.0.5 - github.com/stretchr/testify v1.8.4 - github.com/urfave/cli v1.22.12 + github.com/stretchr/testify v1.9.0 + github.com/urfave/cli v1.22.15 github.com/yl2chen/cidranger v1.0.2 - go.etcd.io/etcd/api/v3 v3.5.9 - go.etcd.io/etcd/client/pkg/v3 v3.5.9 - go.etcd.io/etcd/client/v3 v3.5.9 - go.etcd.io/etcd/etcdutl/v3 v3.5.4 - go.etcd.io/etcd/server/v3 v3.5.9 - go.uber.org/zap v1.24.0 - golang.org/x/crypto v0.15.0 - golang.org/x/sync v0.3.0 - golang.org/x/sys v0.14.0 - google.golang.org/grpc v1.57.0 + go.etcd.io/etcd/api/v3 v3.5.16 + go.etcd.io/etcd/client/pkg/v3 v3.5.16 + go.etcd.io/etcd/client/v3 v3.5.16 + go.etcd.io/etcd/etcdutl/v3 v3.5.13 + go.etcd.io/etcd/server/v3 v3.5.16 + go.uber.org/zap v1.27.0 + golang.org/x/crypto v0.27.0 + golang.org/x/net v0.28.0 + golang.org/x/sync v0.8.0 + golang.org/x/sys v0.25.0 + google.golang.org/grpc v1.67.0 gopkg.in/yaml.v2 v2.4.0 - inet.af/tcpproxy v0.0.0-20200125044825-b6bb9b5b8252 - k8s.io/api v0.27.5 - k8s.io/apimachinery v0.27.5 - k8s.io/apiserver v0.27.0 + inet.af/tcpproxy v0.0.0-20231102063150-2862066fc2a9 + k8s.io/api v0.31.1 + k8s.io/apimachinery v0.31.1 + k8s.io/apiserver v0.31.1 k8s.io/client-go v11.0.1-0.20190409021438-1a26190bd76a+incompatible - k8s.io/cloud-provider v0.25.16 + k8s.io/cloud-provider v0.31.1 k8s.io/cluster-bootstrap v0.0.0 - k8s.io/component-base v0.27.0 - k8s.io/component-helpers v0.27.0 - k8s.io/cri-api v0.27.5 + k8s.io/component-base v0.31.1 + k8s.io/component-helpers v0.31.1 + k8s.io/cri-api v0.32.0-alpha.0 + k8s.io/cri-client v0.31.1 k8s.io/klog v1.0.0 - k8s.io/klog/v2 v2.100.1 - k8s.io/kubectl v0.25.16 - k8s.io/kubernetes v1.25.16 - k8s.io/utils v0.0.0-20230220204549-a5ecb0141aa5 - sigs.k8s.io/yaml v1.3.0 + k8s.io/klog/v2 v2.130.1 + k8s.io/kubectl v0.31.1-rc.1 + k8s.io/kubernetes v1.31.1 + k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 + sigs.k8s.io/cri-tools v0.0.0-00010101000000-000000000000 + sigs.k8s.io/yaml v1.4.0 ) require ( - cloud.google.com/go/compute v1.21.0 // indirect - cloud.google.com/go/compute/metadata v0.2.3 // indirect - github.com/Azure/azure-sdk-for-go v55.0.0+incompatible // indirect + github.com/antlr4-go/antlr/v4 v4.13.0 // indirect + github.com/bahlo/generic-list-go v0.2.0 // indirect + github.com/buger/jsonparser v1.1.1 // indirect + github.com/fxamacker/cbor/v2 v2.7.0 // indirect + github.com/go-task/slim-sprig/v3 v3.0.0 // indirect + github.com/invopop/jsonschema v0.12.0 // indirect + github.com/stretchr/objx v0.5.2 // indirect + github.com/wk8/go-ordered-map/v2 v2.1.8 // indirect + github.com/x448/float16 v0.8.4 // indirect + gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect +) + +require ( + dario.cat/mergo v1.0.1 // indirect + filippo.io/edwards25519 v1.1.0 // indirect + github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 // indirect + github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20230306123547-8075edf89bb0 // indirect github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect - github.com/Azure/go-autorest v14.2.0+incompatible // indirect - github.com/Azure/go-autorest/autorest v0.11.27 // indirect - github.com/Azure/go-autorest/autorest/adal v0.9.20 // indirect - github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect - github.com/Azure/go-autorest/autorest/mocks v0.4.2 // indirect - github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect - github.com/Azure/go-autorest/autorest/validation v0.3.1 // indirect - github.com/Azure/go-autorest/logger v0.2.1 // indirect - github.com/Azure/go-autorest/tracing v0.6.0 // indirect - github.com/GoogleCloudPlatform/k8s-cloud-provider v1.18.1-0.20220218231025-f11817397a1b // indirect github.com/JeffAshton/win_pdh v0.0.0-20161109143554-76bb4ee9f0ab // indirect github.com/MakeNowJust/heredoc v1.0.0 // indirect - github.com/Microsoft/go-winio v0.6.0 // indirect - github.com/Microsoft/hcsshim v0.11.1 // indirect + github.com/Microsoft/go-winio v0.6.2 // indirect + github.com/Microsoft/hcsshim v0.12.6 // indirect github.com/NYTimes/gziphandler v1.1.1 // indirect github.com/Rican7/retry v0.1.0 // indirect - github.com/antlr/antlr4/runtime/Go/antlr v0.0.0-20220418222510-f25a4f6275ed // indirect github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e // indirect - github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a // indirect - github.com/aws/aws-sdk-go v1.44.171 // indirect + github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect + github.com/benbjohnson/clock v1.3.5 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/blang/semver v3.5.1+incompatible // indirect - github.com/blang/semver/v4 v4.0.0 // indirect github.com/canonical/go-dqlite v1.5.1 // indirect - github.com/cespare/xxhash/v2 v2.2.0 // indirect + github.com/cenkalti/backoff/v4 v4.3.0 // indirect + github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/chai2010/gettext-go v1.0.2 // indirect github.com/checkpoint-restore/go-criu/v5 v5.3.0 // indirect - github.com/cilium/ebpf v0.9.1 // indirect - github.com/container-storage-interface/spec v1.6.0 // indirect - github.com/containerd/btrfs v1.0.0 // indirect - github.com/containerd/console v1.0.3 // indirect - github.com/containerd/continuity v0.3.0 // indirect + github.com/cilium/ebpf v0.11.0 // indirect + github.com/container-storage-interface/spec v1.9.0 // indirect + github.com/containerd/btrfs/v2 v2.0.0 // indirect + github.com/containerd/cgroups/v3 v3.0.3 // indirect + github.com/containerd/console v1.0.4 // indirect + github.com/containerd/containerd/api v1.8.0-rc.3 // indirect + github.com/containerd/continuity v0.4.3 // indirect + github.com/containerd/errdefs v0.1.0 // indirect github.com/containerd/fifo v1.1.0 // indirect - github.com/containerd/go-cni v1.1.9 // indirect - github.com/containerd/go-runc v1.0.0 // indirect - github.com/containerd/imgcrypt v1.1.4 // indirect - github.com/containerd/nri v0.1.0 // indirect - github.com/containerd/stargz-snapshotter/estargz v0.14.3 // indirect - github.com/containerd/ttrpc v1.2.0 // indirect + github.com/containerd/go-cni v1.1.10 // indirect + github.com/containerd/go-runc v1.1.0 // indirect + github.com/containerd/imgcrypt v1.2.0-rc1 // indirect + github.com/containerd/log v0.1.0 // indirect + github.com/containerd/nri v0.6.1 // indirect + github.com/containerd/platforms v0.2.1 // indirect + github.com/containerd/stargz-snapshotter/estargz v0.15.1 // indirect + github.com/containerd/ttrpc v1.2.5 // indirect github.com/containerd/typeurl v1.0.2 // indirect - github.com/containernetworking/cni v1.1.2 // indirect - github.com/containernetworking/plugins v1.1.1 // indirect - github.com/containers/ocicrypt v1.1.3 // indirect - github.com/coreos/go-oidc v2.1.0+incompatible // indirect - github.com/coreos/go-semver v0.3.0 // indirect - github.com/coreos/go-systemd/v22 v22.5.0 // indirect - github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect - github.com/cyphar/filepath-securejoin v0.2.3 // indirect - github.com/davecgh/go-spew v1.1.1 // indirect + github.com/containerd/typeurl/v2 v2.2.0 // indirect + github.com/containernetworking/cni v1.2.3 // indirect + github.com/containernetworking/plugins v1.5.1 // indirect + github.com/containers/ocicrypt v1.2.0 // indirect + github.com/coreos/go-oidc v2.2.1+incompatible // indirect + github.com/coreos/go-semver v0.3.1 // indirect + github.com/cpuguy83/go-md2man/v2 v2.0.4 // indirect + github.com/cyphar/filepath-securejoin v0.2.5 // indirect + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/daviddengcn/go-colortext v1.0.0 // indirect - github.com/docker/cli v23.0.1+incompatible // indirect - github.com/docker/distribution v2.8.1+incompatible // indirect + github.com/davidlazar/go-crypto v0.0.0-20200604182044-b73af7476f6c // indirect + github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 // indirect + github.com/distribution/reference v0.6.0 // indirect + github.com/docker/cli v27.1.2+incompatible // indirect + github.com/docker/distribution v2.8.3+incompatible // indirect github.com/docker/docker-credential-helpers v0.7.0 // indirect - github.com/docker/go-connections v0.4.0 // indirect + github.com/docker/go-connections v0.5.0 // indirect github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c // indirect github.com/docker/go-metrics v0.0.1 // indirect github.com/docker/go-units v0.5.0 // indirect - github.com/dustin/go-humanize v1.0.0 // indirect - github.com/elazarl/goproxy v0.0.0-20190911111923-ecfe977594f1 // indirect + github.com/dustin/go-humanize v1.0.1 // indirect + github.com/elastic/gosigar v0.14.2 // indirect github.com/emicklei/go-restful v2.16.0+incompatible // indirect - github.com/emicklei/go-restful/v3 v3.10.1 // indirect + github.com/emicklei/go-restful/v3 v3.12.1 // indirect github.com/euank/go-kmsg-parser v2.0.0+incompatible // indirect - github.com/evanphx/json-patch v4.12.0+incompatible // indirect + github.com/evanphx/json-patch v5.6.0+incompatible // indirect github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect github.com/fatih/camelcase v1.0.0 // indirect - github.com/felixge/httpsnoop v1.0.1 // indirect - github.com/form3tech-oss/jwt-go v3.2.3+incompatible // indirect - github.com/fsnotify/fsnotify v1.6.0 // indirect - github.com/fvbommel/sortorder v1.0.1 // indirect + github.com/felixge/httpsnoop v1.0.4 // indirect + github.com/flynn/noise v1.1.0 // indirect + github.com/francoispqt/gojay v1.2.13 // indirect + github.com/fsnotify/fsnotify v1.7.0 // indirect github.com/ghodss/yaml v1.0.0 // indirect - github.com/go-errors/errors v1.0.2-0.20180813162953-d98b870cc4e0 // indirect - github.com/go-logr/logr v1.2.4 // indirect - github.com/go-openapi/jsonpointer v0.19.6 // indirect - github.com/go-openapi/jsonreference v0.20.1 // indirect - github.com/go-openapi/swag v0.22.3 // indirect + github.com/go-errors/errors v1.4.2 // indirect + github.com/go-jose/go-jose/v4 v4.0.2 // indirect + github.com/go-openapi/jsonpointer v0.21.0 // indirect + github.com/go-openapi/jsonreference v0.21.0 // indirect + github.com/go-openapi/swag v0.23.0 // indirect + github.com/goccy/go-json v0.10.2 // indirect github.com/godbus/dbus/v5 v5.1.0 // indirect github.com/gofrs/flock v0.8.1 // indirect - github.com/gofrs/uuid v4.0.0+incompatible // indirect - github.com/gogo/googleapis v1.4.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect - github.com/golang-jwt/jwt/v4 v4.4.2 // indirect + github.com/golang-jwt/jwt/v4 v4.5.0 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect - github.com/golang/protobuf v1.5.3 // indirect + github.com/golang/protobuf v1.5.4 // indirect + github.com/golang/snappy v0.0.4 // indirect github.com/google/btree v1.1.2 // indirect - github.com/google/cadvisor v0.47.1 // indirect - github.com/google/cel-go v0.12.6 // indirect - github.com/google/gnostic v0.5.7-v3refs // indirect - github.com/google/go-cmp v0.5.9 // indirect - github.com/google/go-containerregistry v0.7.0 // indirect + github.com/google/cel-go v0.20.1 // indirect + github.com/google/gnostic-models v0.6.9-0.20230804172637-c7be7c783f49 // indirect + github.com/google/go-cmp v0.6.0 // indirect + github.com/google/go-containerregistry v0.20.2 // indirect github.com/google/gofuzz v1.2.0 // indirect + github.com/google/gopacket v1.1.19 // indirect + github.com/google/pprof v0.0.0-20240727154555-813a5fbdbec8 // indirect github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect - github.com/googleapis/gax-go/v2 v2.11.0 // indirect - github.com/gophercloud/gophercloud v0.1.0 // indirect github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 // indirect github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 // indirect github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 // indirect github.com/grpc-ecosystem/grpc-gateway v1.16.0 // indirect - github.com/hanwen/go-fuse/v2 v2.2.0 // indirect + github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 // indirect + github.com/hanwen/go-fuse/v2 v2.5.1 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect - github.com/hashicorp/go-retryablehttp v0.7.2 // indirect - github.com/imdario/mergo v0.3.13 // indirect + github.com/hashicorp/go-retryablehttp v0.7.7 // indirect + github.com/hashicorp/golang-lru v0.5.4 // indirect + github.com/hashicorp/golang-lru/arc/v2 v2.0.5 // indirect + github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect + github.com/huin/goupnp v1.3.0 // indirect + github.com/imdario/mergo v0.3.16 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect + github.com/intel/goresctrl v0.7.0 // indirect + github.com/ipfs/boxo v0.10.0 // indirect + github.com/ipfs/go-cid v0.4.1 // indirect + github.com/ipfs/go-datastore v0.6.0 // indirect + github.com/ipfs/go-log v1.0.5 // indirect + github.com/ipld/go-ipld-prime v0.20.0 // indirect github.com/jackc/pgerrcode v0.0.0-20220416144525-469b46aa5efa // indirect github.com/jackc/pgpassfile v1.0.0 // indirect - github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a // indirect - github.com/jackc/pgx/v5 v5.4.2 // indirect - github.com/jmespath/go-jmespath v0.4.0 // indirect - github.com/jonboulle/clockwork v0.3.0 // indirect + github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect + github.com/jackc/pgx/v5 v5.7.1 // indirect + github.com/jackc/puddle/v2 v2.2.2 // indirect + github.com/jackpal/go-nat-pmp v1.0.2 // indirect + github.com/jbenet/go-temp-err-catcher v0.1.0 // indirect + github.com/jbenet/goprocess v0.1.4 // indirect + github.com/jonboulle/clockwork v0.4.0 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect - github.com/karrick/godirwalk v1.16.1 // indirect - github.com/klauspost/cpuid/v2 v2.1.0 // indirect + github.com/karrick/godirwalk v1.17.0 // indirect + github.com/klauspost/cpuid/v2 v2.2.7 // indirect + github.com/koron/go-ssdp v0.0.4 // indirect github.com/kylelemons/godebug v1.1.0 // indirect github.com/libopenstorage/openstorage v1.0.0 // indirect + github.com/libp2p/go-buffer-pool v0.1.0 // indirect + github.com/libp2p/go-cidranger v1.1.0 // indirect + github.com/libp2p/go-flow-metrics v0.1.0 // indirect + github.com/libp2p/go-libp2p-asn-util v0.4.1 // indirect + github.com/libp2p/go-libp2p-kad-dht v0.25.2 // indirect + github.com/libp2p/go-libp2p-kbucket v0.6.3 // indirect + github.com/libp2p/go-libp2p-record v0.2.0 // indirect + github.com/libp2p/go-libp2p-routing-helpers v0.7.2 // indirect + github.com/libp2p/go-msgio v0.3.0 // indirect + github.com/libp2p/go-nat v0.2.0 // indirect + github.com/libp2p/go-netroute v0.2.1 // indirect + github.com/libp2p/go-reuseport v0.4.0 // indirect + github.com/libp2p/go-yamux/v4 v4.0.1 // indirect github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect github.com/lithammer/dedent v1.1.0 // indirect github.com/mailru/easyjson v0.7.7 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect + github.com/marten-seemann/tcp v0.0.0-20210406111302-dfbc87cc63fd // indirect + github.com/mattn/go-isatty v0.0.20 // indirect + github.com/miekg/dns v1.1.58 // indirect github.com/miekg/pkcs11 v1.1.1 // indirect - github.com/mindprince/gonvml v0.0.0-20190828220739-9ebdce4bb989 // indirect + github.com/mikioh/tcpinfo v0.0.0-20190314235526-30a79bb1804b // indirect + github.com/mikioh/tcpopt v0.0.0-20190314235656-172688c1accc // indirect github.com/minio/highwayhash v1.0.2 // indirect github.com/minio/md5-simd v1.1.2 // indirect - github.com/minio/sha256-simd v1.0.0 // indirect + github.com/minio/sha256-simd v1.0.1 // indirect github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible // indirect github.com/mistifyio/go-zfs/v3 v3.0.1 // indirect + github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/mitchellh/go-wordwrap v1.0.1 // indirect - github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/moby/locker v1.0.1 // indirect - github.com/moby/spdystream v0.2.0 // indirect - github.com/moby/sys/mountinfo v0.6.2 // indirect - github.com/moby/sys/symlink v0.2.0 // indirect - github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6 // indirect + github.com/moby/spdystream v0.4.0 // indirect + github.com/moby/sys/mountinfo v0.7.2 // indirect + github.com/moby/sys/sequential v0.6.0 // indirect + github.com/moby/sys/signal v0.7.1 // indirect + github.com/moby/sys/symlink v0.3.0 // indirect + github.com/moby/sys/user v0.3.0 // indirect + github.com/moby/sys/userns v0.1.0 // indirect + github.com/moby/term v0.5.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect - github.com/mrunalp/fileutils v0.5.0 // indirect + github.com/mr-tron/base58 v1.2.0 // indirect + github.com/mrunalp/fileutils v0.5.1 // indirect + github.com/multiformats/go-base32 v0.1.0 // indirect + github.com/multiformats/go-base36 v0.2.0 // indirect + github.com/multiformats/go-multiaddr v0.12.3 // indirect + github.com/multiformats/go-multiaddr-dns v0.3.1 // indirect + github.com/multiformats/go-multiaddr-fmt v0.1.0 // indirect + github.com/multiformats/go-multibase v0.2.0 // indirect + github.com/multiformats/go-multicodec v0.9.0 // indirect + github.com/multiformats/go-multihash v0.2.3 // indirect + github.com/multiformats/go-multistream v0.5.0 // indirect + github.com/multiformats/go-varint v0.0.7 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect github.com/nats-io/jsm.go v0.0.31-0.20220317133147-fe318f464eee // indirect - github.com/nats-io/jwt/v2 v2.5.3 // indirect - github.com/nats-io/nats-server/v2 v2.10.5 // indirect - github.com/nats-io/nats.go v1.31.0 // indirect - github.com/nats-io/nkeys v0.4.6 // indirect + github.com/nats-io/jwt/v2 v2.5.5 // indirect + github.com/nats-io/nats-server/v2 v2.10.12 // indirect + github.com/nats-io/nats.go v1.34.0 // indirect + github.com/nats-io/nkeys v0.4.7 // indirect github.com/nats-io/nuid v1.0.1 // indirect + github.com/onsi/ginkgo/v2 v2.20.0 // indirect + github.com/onsi/gomega v1.34.1 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect - github.com/opencontainers/image-spec v1.1.0-rc2.0.20221005185240-3a7f492d3f1b // indirect - github.com/opencontainers/runtime-spec v1.1.0-rc.1 // indirect + github.com/opencontainers/image-spec v1.1.0 // indirect + github.com/opencontainers/runtime-spec v1.2.0 // indirect + github.com/opencontainers/runtime-tools v0.9.1-0.20221107090550-2e043c6bd626 // indirect + github.com/opentracing/opentracing-go v1.2.0 // indirect + github.com/pbnjay/memory v0.0.0-20210728143218-7b4eea64cf58 // indirect github.com/pelletier/go-toml v1.9.5 // indirect + github.com/pelletier/go-toml/v2 v2.2.3 // indirect github.com/peterbourgon/diskv v2.0.1+incompatible // indirect github.com/pierrec/lz4 v2.6.0+incompatible // indirect - github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect + github.com/polydawn/refmt v0.89.0 // indirect github.com/pquerna/cachecontrol v0.1.0 // indirect - github.com/prometheus/client_golang v1.14.0 // indirect - github.com/prometheus/client_model v0.4.0 // indirect - github.com/prometheus/common v0.39.0 // indirect - github.com/prometheus/procfs v0.9.0 // indirect - github.com/rs/xid v1.4.0 // indirect - github.com/rubiojr/go-vhd v0.0.0-20200706105327-02e210299021 // indirect - github.com/russross/blackfriday v1.5.2 // indirect + github.com/prometheus/client_model v0.6.1 // indirect + github.com/prometheus/procfs v0.15.1 // indirect + github.com/quic-go/qpack v0.4.0 // indirect + github.com/quic-go/quic-go v0.42.0 // indirect + github.com/quic-go/webtransport-go v0.6.0 // indirect + github.com/raulk/go-watchdog v1.3.0 // indirect + github.com/rs/xid v1.5.0 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect - github.com/seccomp/libseccomp-golang v0.9.2-0.20220502022130-f33da4d89646 // indirect + github.com/seccomp/libseccomp-golang v0.10.0 // indirect github.com/shengdoushi/base58 v1.0.0 // indirect github.com/soheilhy/cmux v0.1.5 // indirect - github.com/spf13/cobra v1.6.1 // indirect - github.com/stefanberger/go-pkcs11uri v0.0.0-20201008174630-78d3cae3a980 // indirect - github.com/stoewer/go-strcase v1.2.0 // indirect - github.com/stretchr/objx v0.5.0 // indirect + github.com/spaolacci/murmur3 v1.1.0 // indirect + github.com/spf13/afero v1.11.0 // indirect + github.com/spf13/cobra v1.8.1 // indirect + github.com/stefanberger/go-pkcs11uri v0.0.0-20230803200340-78284954bff6 // indirect + github.com/stoewer/go-strcase v1.3.0 // indirect github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 // indirect - github.com/tchap/go-patricia v2.3.0+incompatible // indirect + github.com/syndtr/goleveldb v1.0.0 // indirect + github.com/tchap/go-patricia/v2 v2.3.1 // indirect github.com/tidwall/btree v1.6.0 // indirect github.com/tmc/grpc-websocket-proxy v0.0.0-20220101234140-673ab2c3ae75 // indirect - github.com/urfave/cli/v2 v2.11.2 // indirect - github.com/vbatts/tar-split v0.11.2 // indirect + github.com/urfave/cli/v2 v2.27.4 // indirect + github.com/vbatts/tar-split v0.11.5 // indirect github.com/vishvananda/netlink v1.2.1-beta.2 // indirect - github.com/vishvananda/netns v0.0.2 // indirect - github.com/vmware/govmomi v0.30.6 // indirect + github.com/vishvananda/netns v0.0.4 // indirect + github.com/whyrusleeping/go-keyspace v0.0.0-20160322163242-5b898ac5add1 // indirect github.com/xiang90/probing v0.0.0-20221125231312-a49e3df8f510 // indirect - github.com/xlab/treeprint v1.1.0 // indirect - github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect - go.etcd.io/bbolt v1.3.7 // indirect - go.etcd.io/etcd/client/v2 v2.305.9 // indirect - go.etcd.io/etcd/pkg/v3 v3.5.9 // indirect - go.etcd.io/etcd/raft/v3 v3.5.9 // indirect + github.com/xlab/treeprint v1.2.0 // indirect + github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect + go.etcd.io/bbolt v1.3.11 // indirect + go.etcd.io/etcd/client/v2 v2.305.16 // indirect + go.etcd.io/etcd/pkg/v3 v3.5.16 // indirect + go.etcd.io/etcd/raft/v3 v3.5.16 // indirect go.mozilla.org/pkcs7 v0.0.0-20200128120323-432b2356ecb1 // indirect go.opencensus.io v0.24.0 // indirect - go.opentelemetry.io/contrib v0.20.0 // indirect - go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful v0.20.0 // indirect - go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.25.0 // indirect - go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.20.0 // indirect - go.opentelemetry.io/otel v1.12.0 // indirect - go.opentelemetry.io/otel/exporters/otlp v0.20.0 // indirect - go.opentelemetry.io/otel/metric v0.20.0 // indirect - go.opentelemetry.io/otel/sdk v1.0.1 // indirect - go.opentelemetry.io/otel/sdk/export/metric v0.20.0 // indirect - go.opentelemetry.io/otel/sdk/metric v0.20.0 // indirect - go.opentelemetry.io/otel/trace v1.12.0 // indirect - go.opentelemetry.io/proto/otlp v0.19.0 // indirect - go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5 // indirect - go.uber.org/atomic v1.10.0 // indirect - go.uber.org/multierr v1.9.0 // indirect - golang.org/x/mod v0.11.0 // indirect - golang.org/x/net v0.17.0 // indirect - golang.org/x/oauth2 v0.10.0 // indirect - golang.org/x/term v0.13.0 // indirect - golang.org/x/text v0.14.0 // indirect - golang.org/x/time v0.4.0 // indirect - golang.org/x/tools v0.10.0 // indirect - gonum.org/v1/gonum v0.6.2 // indirect - google.golang.org/api v0.126.0 // indirect - google.golang.org/appengine v1.6.7 // indirect - google.golang.org/genproto v0.0.0-20230711160842-782d3b101e98 // indirect - google.golang.org/protobuf v1.31.0 // indirect - gopkg.in/gcfg.v1 v1.2.0 // indirect + go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful v0.42.0 // indirect + go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.53.0 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0 // indirect + go.opentelemetry.io/otel v1.28.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.28.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.28.0 // indirect + go.opentelemetry.io/otel/metric v1.28.0 // indirect + go.opentelemetry.io/otel/sdk v1.28.0 // indirect + go.opentelemetry.io/otel/trace v1.28.0 // indirect + go.opentelemetry.io/proto/otlp v1.3.1 // indirect + go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect + go.uber.org/dig v1.17.1 // indirect + go.uber.org/fx v1.20.1 // indirect + go.uber.org/mock v0.4.0 // indirect + go.uber.org/multierr v1.11.0 // indirect + golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect + golang.org/x/mod v0.20.0 // indirect + golang.org/x/oauth2 v0.21.0 // indirect + golang.org/x/term v0.23.0 // indirect + golang.org/x/text v0.18.0 // indirect + golang.org/x/time v0.5.0 // indirect + golang.org/x/tools v0.24.0 // indirect + gonum.org/v1/gonum v0.13.0 // indirect + google.golang.org/genproto v0.0.0-20240213162025-012b6fc9bca9 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20240814211410-ddb44dafa142 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20240814211410-ddb44dafa142 // indirect + google.golang.org/protobuf v1.34.2 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/ini.v1 v1.67.0 // indirect - gopkg.in/natefinch/lumberjack.v2 v2.0.0 // indirect - gopkg.in/square/go-jose.v2 v2.5.1 // indirect - gopkg.in/warnings.v0 v0.1.1 // indirect + gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect + gopkg.in/square/go-jose.v2 v2.6.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/apiextensions-apiserver v0.25.4 // indirect - k8s.io/cli-runtime v0.22.2 // indirect - k8s.io/code-generator v0.25.4 // indirect - k8s.io/controller-manager v0.25.10 // indirect + k8s.io/apiextensions-apiserver v0.31.1 // indirect + k8s.io/cli-runtime v0.31.1-rc.1 // indirect + k8s.io/code-generator v0.31.1 // indirect + k8s.io/controller-manager v0.25.4 // indirect k8s.io/csi-translation-lib v0.0.0 // indirect - k8s.io/gengo v0.0.0-20211129171323-c02415ce4185 // indirect - k8s.io/kube-aggregator v0.25.4 // indirect + k8s.io/dynamic-resource-allocation v0.0.0 // indirect + k8s.io/endpointslice v0.0.0 // indirect + k8s.io/gengo v0.0.0-20240228010128-51d4e06bde70 // indirect + k8s.io/gengo/v2 v2.0.0-20240228010128-51d4e06bde70 // indirect + k8s.io/kms v0.0.0 // indirect + k8s.io/kube-aggregator v0.31.1 // indirect k8s.io/kube-controller-manager v0.0.0 // indirect - k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f // indirect + k8s.io/kube-openapi v0.0.0-20240730131305-7a9a4e85957e // indirect k8s.io/kube-scheduler v0.0.0 // indirect - k8s.io/kubelet v0.0.0 // indirect - k8s.io/legacy-cloud-providers v0.0.0 // indirect + k8s.io/kubelet v0.31.1 // indirect k8s.io/metrics v0.0.0 // indirect - k8s.io/mount-utils v0.25.10 // indirect + k8s.io/mount-utils v0.31.1 // indirect k8s.io/pod-security-admission v0.0.0 // indirect - sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.37 // indirect + lukechampine.com/blake3 v1.2.1 // indirect + sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.30.3 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect - sigs.k8s.io/kustomize/api v0.12.1 // indirect - sigs.k8s.io/kustomize/kustomize/v4 v4.5.7 // indirect - sigs.k8s.io/kustomize/kyaml v0.13.9 // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect + sigs.k8s.io/kustomize/api v0.17.2 // indirect + sigs.k8s.io/kustomize/kustomize/v5 v5.4.2 // indirect + sigs.k8s.io/kustomize/kyaml v0.17.1 // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect + tags.cncf.io/container-device-interface v0.8.0 // indirect + tags.cncf.io/container-device-interface/specs-go v0.8.0 // indirect ) diff --git a/go.sum b/go.sum index 9f76245dc..959f2b8ea 100644 --- a/go.sum +++ b/go.sum @@ -1,8 +1,11 @@ bazil.org/fuse v0.0.0-20160811212531-371fbbdaa898/go.mod h1:Xbm+BRKSBEpa4q4hTSxohYNQpsxXPbPry4JJWOB3LB8= -bitbucket.org/bertimus9/systemstat v0.5.0/go.mod h1:EkUWPp8lKFPMXP8vnbpT5JDI0W/sTiLZAvN8ONWErHY= +cloud.google.com/go v0.31.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.37.0/go.mod h1:TS1dMSSfndXH133OKGwekG838Om/cQT0BUHV3HcBgoo= +cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= +cloud.google.com/go v0.44.3/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= @@ -11,8 +14,22 @@ cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6 cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc= cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk= cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs= +cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc= cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= +cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI= +cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk= +cloud.google.com/go v0.75.0/go.mod h1:VGuuCn7PG0dwsd5XPVm2Mm3wlh3EL55/79EKB6hlPTY= +cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg= +cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8= +cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0= +cloud.google.com/go v0.83.0/go.mod h1:Z7MJUsANfY0pYPdw0lbnivPx4/vhy/e2FEkSkF7vAVY= +cloud.google.com/go v0.84.0/go.mod h1:RazrYuxIK6Kb7YrzzhPoLmCVzl7Sup4NrbKPg8KHSUM= +cloud.google.com/go v0.87.0/go.mod h1:TpDYlFy7vuLzZMMZ+B6iRiELaY7z/gJPaqbMx6mlWcY= +cloud.google.com/go v0.90.0/go.mod h1:kRX0mNRHe0e2rC6oNakvwQqzyDmg57xJ+SZU1eT2aDQ= +cloud.google.com/go v0.93.3/go.mod h1:8utlLll2EF5XMAV15woO4lSbWQlk8rer9aLOfLh7+YI= +cloud.google.com/go v0.94.1/go.mod h1:qAlAugsXlC+JWO+Bke5vCtc9ONxjQT3drlTTnAplMW4= cloud.google.com/go v0.97.0/go.mod h1:GF7l59pYBVlXQIBLx3a761cZ41F9bBH3JUlihCt2Udc= +cloud.google.com/go v0.99.0/go.mod h1:w0Xx2nLzqWJPuozYQX+hFfCSI8WioryfRDzkoI/Y2ZA= cloud.google.com/go v0.100.2/go.mod h1:4Xra9TjzAeYHrl5+oeLlzbM2k3mjVhZh4UqTZ//w99A= cloud.google.com/go v0.102.0/go.mod h1:oWcCzKlqJ5zgHQt9YsaeTY9KzIvjyy0ArmiBUgpQ+nc= cloud.google.com/go v0.102.1/go.mod h1:XZ77E9qnTEnrgEOvr4xzfdX5TRo7fB4T2F4O6+34hIU= @@ -21,248 +38,427 @@ cloud.google.com/go v0.105.0/go.mod h1:PrLgOJNe5nfE9UMxKxgXj4mD3voiP+YQ6gdt6KMFO cloud.google.com/go v0.107.0/go.mod h1:wpc2eNrD7hXUTy8EKS10jkxpZBjASrORK7goS+3YX2I= cloud.google.com/go v0.110.0/go.mod h1:SJnCLqQ0FCFGSZMUNUf84MV3Aia54kn7pi8st7tMzaY= cloud.google.com/go v0.110.2/go.mod h1:k04UEeEtb6ZBRTv3dZz4CeJC3jKGxyhl0sAiVVquxiw= +cloud.google.com/go v0.110.8/go.mod h1:Iz8AkXJf1qmxC3Oxoep8R1T36w8B92yU29PcBhHO5fk= +cloud.google.com/go v0.112.0/go.mod h1:3jEEVwZ/MHU4djK5t5RHuKOA/GbLddgTdVubX1qnPD4= +cloud.google.com/go v0.112.1 h1:uJSeirPke5UNZHIb4SxfZklVSiWWVqW4oXlETwZziwM= +cloud.google.com/go v0.112.1/go.mod h1:+Vbu+Y1UU+I1rjmzeMOb/8RfkKJK2Gyxi1X6jJCZLo4= +cloud.google.com/go/accessapproval v1.6.0/go.mod h1:R0EiYnwV5fsRFiKZkPHr6mwyk2wxUJ30nL4j2pcFY2E= +cloud.google.com/go/accesscontextmanager v1.7.0/go.mod h1:CEGLewx8dwa33aDAZQujl7Dx+uYhS0eay198wB/VumQ= +cloud.google.com/go/aiplatform v1.37.0/go.mod h1:IU2Cv29Lv9oCn/9LkFiiuKfwrRTq+QQMbW+hPCxJGZw= +cloud.google.com/go/analytics v0.19.0/go.mod h1:k8liqf5/HCnOUkbawNtrWWc+UAzyDlW89doe8TtoDsE= +cloud.google.com/go/apigateway v1.5.0/go.mod h1:GpnZR3Q4rR7LVu5951qfXPJCHquZt02jf7xQx7kpqN8= +cloud.google.com/go/apigeeconnect v1.5.0/go.mod h1:KFaCqvBRU6idyhSNyn3vlHXc8VMDJdRmwDF6JyFRqZ8= +cloud.google.com/go/apigeeregistry v0.6.0/go.mod h1:BFNzW7yQVLZ3yj0TKcwzb8n25CFBri51GVGOEUcgQsc= +cloud.google.com/go/appengine v1.7.1/go.mod h1:IHLToyb/3fKutRysUlFO0BPt5j7RiQ45nrzEJmKTo6E= +cloud.google.com/go/area120 v0.7.1/go.mod h1:j84i4E1RboTWjKtZVWXPqvK5VHQFJRF2c1Nm69pWm9k= +cloud.google.com/go/artifactregistry v1.13.0/go.mod h1:uy/LNfoOIivepGhooAUpL1i30Hgee3Cu0l4VTWHUC08= +cloud.google.com/go/asset v1.13.0/go.mod h1:WQAMyYek/b7NBpYq/K4KJWcRqzoalEsxz/t/dTk4THw= +cloud.google.com/go/assuredworkloads v1.10.0/go.mod h1:kwdUQuXcedVdsIaKgKTp9t0UJkE5+PAVNhdQm4ZVq2E= +cloud.google.com/go/automl v1.12.0/go.mod h1:tWDcHDp86aMIuHmyvjuKeeHEGq76lD7ZqfGLN6B0NuU= +cloud.google.com/go/baremetalsolution v0.5.0/go.mod h1:dXGxEkmR9BMwxhzBhV0AioD0ULBmuLZI8CdwalUxuss= +cloud.google.com/go/batch v0.7.0/go.mod h1:vLZN95s6teRUqRQ4s3RLDsH8PvboqBK+rn1oevL159g= +cloud.google.com/go/beyondcorp v0.5.0/go.mod h1:uFqj9X+dSfrheVp7ssLTaRHd2EHqSL4QZmH4e8WXGGU= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= +cloud.google.com/go/bigquery v1.50.0/go.mod h1:YrleYEh2pSEbgTBZYMJ5SuSr0ML3ypjRB1zgf7pvQLU= +cloud.google.com/go/billing v1.13.0/go.mod h1:7kB2W9Xf98hP9Sr12KfECgfGclsH3CQR0R08tnRlRbc= +cloud.google.com/go/binaryauthorization v1.5.0/go.mod h1:OSe4OU1nN/VswXKRBmciKpo9LulY41gch5c68htf3/Q= +cloud.google.com/go/certificatemanager v1.6.0/go.mod h1:3Hh64rCKjRAX8dXgRAyOcY5vQ/fE1sh8o+Mdd6KPgY8= +cloud.google.com/go/channel v1.12.0/go.mod h1:VkxCGKASi4Cq7TbXxlaBezonAYpp1GCnKMY6tnMQnLU= +cloud.google.com/go/cloudbuild v1.9.0/go.mod h1:qK1d7s4QlO0VwfYn5YuClDGg2hfmLZEb4wQGAbIgL1s= +cloud.google.com/go/clouddms v1.5.0/go.mod h1:QSxQnhikCLUw13iAbffF2CZxAER3xDGNHjsTAkQJcQA= +cloud.google.com/go/cloudtasks v1.10.0/go.mod h1:NDSoTLkZ3+vExFEWu2UJV1arUyzVDAiZtdWcsUyNwBs= cloud.google.com/go/compute v0.1.0/go.mod h1:GAesmwr110a34z04OlxYkATPBEfVhkymfTBXtfbBFow= +cloud.google.com/go/compute v1.3.0/go.mod h1:cCZiE1NHEtai4wiufUhW8I8S1JKkAnhnQJWM7YD99wM= +cloud.google.com/go/compute v1.5.0/go.mod h1:9SMHyhJlzhlkJqrPAc839t2BZFTSk6Jdj6mkzQJeu0M= cloud.google.com/go/compute v1.6.0/go.mod h1:T29tfhtVbq1wvAPo0E3+7vhgmkOYeXjhFvz/FMzPu0s= cloud.google.com/go/compute v1.6.1/go.mod h1:g85FgpzFvNULZ+S8AYq87axRKuf2Kh7deLqV/jJ3thU= cloud.google.com/go/compute v1.7.0/go.mod h1:435lt8av5oL9P3fv1OEzSbSUe+ybHXGMPQHHZWZxy9U= cloud.google.com/go/compute v1.10.0/go.mod h1:ER5CLbMxl90o2jtNbGSbtfOpQKR0t15FOtRsugnLrlU= cloud.google.com/go/compute v1.12.0/go.mod h1:e8yNOBcBONZU1vJKCvCoDw/4JQsA0dpM4x/6PIIOocU= cloud.google.com/go/compute v1.12.1/go.mod h1:e8yNOBcBONZU1vJKCvCoDw/4JQsA0dpM4x/6PIIOocU= +cloud.google.com/go/compute v1.13.0/go.mod h1:5aPTS0cUNMIc1CE546K+Th6weJUNQErARyZtRXDJ8GE= cloud.google.com/go/compute v1.14.0/go.mod h1:YfLtxrj9sU4Yxv+sXzZkyPjEyPBZfXHUvjxega5vAdo= cloud.google.com/go/compute v1.18.0/go.mod h1:1X7yHxec2Ga+Ss6jPyjxRxpu2uu7PLgsOVXvgU0yacs= cloud.google.com/go/compute v1.19.0/go.mod h1:rikpw2y+UMidAe9tISo04EHNOIf42RLYF/q8Bs93scU= +cloud.google.com/go/compute v1.19.3/go.mod h1:qxvISKp/gYnXkSAD1ppcSOveRAmzxicEv/JlizULFrI= cloud.google.com/go/compute v1.20.1/go.mod h1:4tCnrn48xsqlwSAiLf1HXMQk8CONslYbdiEZc9FEIbM= -cloud.google.com/go/compute v1.21.0 h1:JNBsyXVoOoNJtTQcnEY5uYpZIbeCTYIeDe0Xh1bySMk= cloud.google.com/go/compute v1.21.0/go.mod h1:4tCnrn48xsqlwSAiLf1HXMQk8CONslYbdiEZc9FEIbM= +cloud.google.com/go/compute v1.23.1/go.mod h1:CqB3xpmPKKt3OJpW2ndFIXnA9A4xAy/F3Xp1ixncW78= +cloud.google.com/go/compute v1.23.3/go.mod h1:VCgBUoMnIVIR0CscqQiPJLAG25E3ZRZMzcFZeQ+h8CI= +cloud.google.com/go/compute v1.23.4/go.mod h1:/EJMj55asU6kAFnuZET8zqgwgJ9FvXWXOkkfQZa4ioI= +cloud.google.com/go/compute v1.24.0/go.mod h1:kw1/T+h/+tK2LJK0wiPPx1intgdAM3j/g3hFDlscY40= +cloud.google.com/go/compute v1.25.1 h1:ZRpHJedLtTpKgr3RV1Fx23NuaAEN1Zfx9hw1u4aJdjU= +cloud.google.com/go/compute v1.25.1/go.mod h1:oopOIR53ly6viBYxaDhBfJwzUAxf1zE//uf3IB011ls= cloud.google.com/go/compute/metadata v0.1.0/go.mod h1:Z1VN+bulIf6bt4P/C37K4DyZYZEXYonfTBHHFPO/4UU= cloud.google.com/go/compute/metadata v0.2.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k= cloud.google.com/go/compute/metadata v0.2.1/go.mod h1:jgHgmJd2RKBGzXqF5LR2EZMGxBkeanZ9wwa75XHJgOM= -cloud.google.com/go/compute/metadata v0.2.3 h1:mg4jlk7mCAj6xXp9UJ4fjI9VUI5rubuGBW5aJ7UnBMY= cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2AawlZn8kiOGuCv6gTkwuA= +cloud.google.com/go/compute/metadata v0.3.0 h1:Tz+eQXMEqDIKRsmY3cHTL6FVaynIjX2QxYC4trgAKZc= +cloud.google.com/go/compute/metadata v0.3.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k= +cloud.google.com/go/contactcenterinsights v1.6.0/go.mod h1:IIDlT6CLcDoyv79kDv8iWxMSTZhLxSCofVV5W6YFM/w= +cloud.google.com/go/container v1.15.0/go.mod h1:ft+9S0WGjAyjDggg5S06DXj+fHJICWg8L7isCQe9pQA= +cloud.google.com/go/containeranalysis v0.9.0/go.mod h1:orbOANbwk5Ejoom+s+DUCTTJ7IBdBQJDcSylAx/on9s= +cloud.google.com/go/datacatalog v1.13.0/go.mod h1:E4Rj9a5ZtAxcQJlEBTLgMTphfP11/lNaAshpoBgemX8= +cloud.google.com/go/dataflow v0.8.0/go.mod h1:Rcf5YgTKPtQyYz8bLYhFoIV/vP39eL7fWNcSOyFfLJE= +cloud.google.com/go/dataform v0.7.0/go.mod h1:7NulqnVozfHvWUBpMDfKMUESr+85aJsC/2O0o3jWPDE= +cloud.google.com/go/datafusion v1.6.0/go.mod h1:WBsMF8F1RhSXvVM8rCV3AeyWVxcC2xY6vith3iw3S+8= +cloud.google.com/go/datalabeling v0.7.0/go.mod h1:WPQb1y08RJbmpM3ww0CSUAGweL0SxByuW2E+FU+wXcM= +cloud.google.com/go/dataplex v1.6.0/go.mod h1:bMsomC/aEJOSpHXdFKFGQ1b0TDPIeL28nJObeO1ppRs= +cloud.google.com/go/dataproc v1.12.0/go.mod h1:zrF3aX0uV3ikkMz6z4uBbIKyhRITnxvr4i3IjKsKrw4= +cloud.google.com/go/dataqna v0.7.0/go.mod h1:Lx9OcIIeqCrw1a6KdO3/5KMP1wAmTc0slZWwP12Qq3c= cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= +cloud.google.com/go/datastore v1.11.0/go.mod h1:TvGxBIHCS50u8jzG+AW/ppf87v1of8nwzFNgEZU1D3c= +cloud.google.com/go/datastream v1.7.0/go.mod h1:uxVRMm2elUSPuh65IbZpzJNMbuzkcvu5CjMqVIUHrww= +cloud.google.com/go/deploy v1.8.0/go.mod h1:z3myEJnA/2wnB4sgjqdMfgxCA0EqC3RBTNcVPs93mtQ= +cloud.google.com/go/dialogflow v1.32.0/go.mod h1:jG9TRJl8CKrDhMEcvfcfFkkpp8ZhgPz3sBGmAUYJ2qE= +cloud.google.com/go/dlp v1.9.0/go.mod h1:qdgmqgTyReTz5/YNSSuueR8pl7hO0o9bQ39ZhtgkWp4= +cloud.google.com/go/documentai v1.18.0/go.mod h1:F6CK6iUH8J81FehpskRmhLq/3VlwQvb7TvwOceQ2tbs= +cloud.google.com/go/domains v0.8.0/go.mod h1:M9i3MMDzGFXsydri9/vW+EWz9sWb4I6WyHqdlAk0idE= +cloud.google.com/go/edgecontainer v1.0.0/go.mod h1:cttArqZpBB2q58W/upSG++ooo6EsblxDIolxa3jSjbY= +cloud.google.com/go/errorreporting v0.3.0/go.mod h1:xsP2yaAp+OAW4OIm60An2bbLpqIhKXdWR/tawvl7QzU= +cloud.google.com/go/essentialcontacts v1.5.0/go.mod h1:ay29Z4zODTuwliK7SnX8E86aUF2CTzdNtvv42niCX0M= +cloud.google.com/go/eventarc v1.11.0/go.mod h1:PyUjsUKPWoRBCHeOxZd/lbOOjahV41icXyUY5kSTvVY= +cloud.google.com/go/filestore v1.6.0/go.mod h1:di5unNuss/qfZTw2U9nhFqo8/ZDSc466dre85Kydllg= cloud.google.com/go/firestore v1.1.0/go.mod h1:ulACoGHTpvq5r8rxGJ4ddJZBZqakUQqClKRT5SZwBmk= +cloud.google.com/go/firestore v1.9.0/go.mod h1:HMkjKHNTtRyZNiMzu7YAsLr9K3X2udY2AMwDaMEQiiE= +cloud.google.com/go/functions v1.13.0/go.mod h1:EU4O007sQm6Ef/PwRsI8N2umygGqPBS/IZQKBQBcJ3c= +cloud.google.com/go/gaming v1.9.0/go.mod h1:Fc7kEmCObylSWLO334NcO+O9QMDyz+TKC4v1D7X+Bc0= +cloud.google.com/go/gkebackup v0.4.0/go.mod h1:byAyBGUwYGEEww7xsbnUTBHIYcOPy/PgUWUtOeRm9Vg= +cloud.google.com/go/gkeconnect v0.7.0/go.mod h1:SNfmVqPkaEi3bF/B3CNZOAYPYdg7sU+obZ+QTky2Myw= +cloud.google.com/go/gkehub v0.12.0/go.mod h1:djiIwwzTTBrF5NaXCGv3mf7klpEMcST17VBTVVDcuaw= +cloud.google.com/go/gkemulticloud v0.5.0/go.mod h1:W0JDkiyi3Tqh0TJr//y19wyb1yf8llHVto2Htf2Ja3Y= +cloud.google.com/go/grafeas v0.2.0/go.mod h1:KhxgtF2hb0P191HlY5besjYm6MqTSTj3LSI+M+ByZHc= +cloud.google.com/go/gsuiteaddons v1.5.0/go.mod h1:TFCClYLd64Eaa12sFVmUyG62tk4mdIsI7pAnSXRkcFo= cloud.google.com/go/iam v0.3.0/go.mod h1:XzJPvDayI+9zsASAFO68Hk07u3z+f+JrT2xXNdp4bnY= cloud.google.com/go/iam v0.6.0/go.mod h1:+1AH33ueBne5MzYccyMHtEKqLE4/kJOibtffMHDMFMc= cloud.google.com/go/iam v0.7.0/go.mod h1:H5Br8wRaDGNc8XP3keLc4unfUUZeyH3Sfl9XpQEYOeg= cloud.google.com/go/iam v0.8.0/go.mod h1:lga0/y3iH6CX7sYqypWJ33hf7kkfXJag67naqGESjkE= +cloud.google.com/go/iam v0.11.0/go.mod h1:9PiLDanza5D+oWFZiH1uG+RnRCfEGKoyl6yo4cgWZGY= +cloud.google.com/go/iam v0.12.0/go.mod h1:knyHGviacl11zrtZUoDuYpDgLjvr28sLQaG0YB2GYAY= cloud.google.com/go/iam v0.13.0/go.mod h1:ljOg+rcNfzZ5d6f1nAUJ8ZIxOaZUVoS14bKCtaLZ/D0= +cloud.google.com/go/iam v1.1.3/go.mod h1:3khUlaBXfPKKe7huYgEpDn6FtgRyMEqbkvBxrQyY5SE= +cloud.google.com/go/iam v1.1.5/go.mod h1:rB6P/Ic3mykPbFio+vo7403drjlgvoWfYpJhMXEbzv8= +cloud.google.com/go/iam v1.1.6/go.mod h1:O0zxdPeGBoFdWW3HWmBxJsk0pfvNM/p/qa82rWOGTwI= +cloud.google.com/go/iap v1.7.1/go.mod h1:WapEwPc7ZxGt2jFGB/C/bm+hP0Y6NXzOYGjpPnmMS74= +cloud.google.com/go/ids v1.3.0/go.mod h1:JBdTYwANikFKaDP6LtW5JAi4gubs57SVNQjemdt6xV4= +cloud.google.com/go/iot v1.6.0/go.mod h1:IqdAsmE2cTYYNO1Fvjfzo9po179rAtJeVGUvkLN3rLE= +cloud.google.com/go/kms v1.6.0/go.mod h1:Jjy850yySiasBUDi6KFUwUv2n1+o7QZFyuUJg6OgjA0= +cloud.google.com/go/kms v1.9.0/go.mod h1:qb1tPTgfF9RQP8e1wq4cLFErVuTJv7UsSC915J8dh3w= +cloud.google.com/go/kms v1.10.1/go.mod h1:rIWk/TryCkR59GMC3YtHtXeLzd634lBbKenvyySAyYI= +cloud.google.com/go/language v1.9.0/go.mod h1:Ns15WooPM5Ad/5no/0n81yUetis74g3zrbeJBE+ptUY= +cloud.google.com/go/lifesciences v0.8.0/go.mod h1:lFxiEOMqII6XggGbOnKiyZ7IBwoIqA84ClvoezaA/bo= +cloud.google.com/go/logging v1.7.0/go.mod h1:3xjP2CjkM3ZkO73aj4ASA5wRPGGCRrPIAeNqVNkzY8M= cloud.google.com/go/longrunning v0.1.1/go.mod h1:UUFxuDWkv22EuY93jjmDMFT5GPQKeFVJBIF6QlTqdsE= cloud.google.com/go/longrunning v0.3.0/go.mod h1:qth9Y41RRSUE69rDcOn6DdK3HfQfsUI0YSmW3iIlLJc= cloud.google.com/go/longrunning v0.4.1/go.mod h1:4iWDqhBZ70CvZ6BfETbvam3T8FMvLK+eFj0E6AaRQTo= +cloud.google.com/go/longrunning v0.5.0/go.mod h1:0JNuqRShmscVAhIACGtskSAWtqtOoPkwP0YF1oVEchc= +cloud.google.com/go/longrunning v0.5.2/go.mod h1:nqo6DQbNV2pXhGDbDMoN2bWz68MjZUzqv2YttZiveCs= +cloud.google.com/go/longrunning v0.5.4/go.mod h1:zqNVncI0BOP8ST6XQD1+VcvuShMmq7+xFSzOL++V0dI= +cloud.google.com/go/managedidentities v1.5.0/go.mod h1:+dWcZ0JlUmpuxpIDfyP5pP5y0bLdRwOS4Lp7gMni/LA= +cloud.google.com/go/maps v0.7.0/go.mod h1:3GnvVl3cqeSvgMcpRlQidXsPYuDGQ8naBis7MVzpXsY= +cloud.google.com/go/mediatranslation v0.7.0/go.mod h1:LCnB/gZr90ONOIQLgSXagp8XUW1ODs2UmUMvcgMfI2I= +cloud.google.com/go/memcache v1.9.0/go.mod h1:8oEyzXCu+zo9RzlEaEjHl4KkgjlNDaXbCQeQWlzNFJM= +cloud.google.com/go/metastore v1.10.0/go.mod h1:fPEnH3g4JJAk+gMRnrAnoqyv2lpUCqJPWOodSaf45Eo= +cloud.google.com/go/monitoring v1.13.0/go.mod h1:k2yMBAB1H9JT/QETjNkgdCGD9bPF712XiLTVr+cBrpw= +cloud.google.com/go/networkconnectivity v1.11.0/go.mod h1:iWmDD4QF16VCDLXUqvyspJjIEtBR/4zq5hwnY2X3scM= +cloud.google.com/go/networkmanagement v1.6.0/go.mod h1:5pKPqyXjB/sgtvB5xqOemumoQNB7y95Q7S+4rjSOPYY= +cloud.google.com/go/networksecurity v0.8.0/go.mod h1:B78DkqsxFG5zRSVuwYFRZ9Xz8IcQ5iECsNrPn74hKHU= +cloud.google.com/go/notebooks v1.8.0/go.mod h1:Lq6dYKOYOWUCTvw5t2q1gp1lAp0zxAxRycayS0iJcqQ= +cloud.google.com/go/optimization v1.3.1/go.mod h1:IvUSefKiwd1a5p0RgHDbWCIbDFgKuEdB+fPPuP0IDLI= +cloud.google.com/go/orchestration v1.6.0/go.mod h1:M62Bevp7pkxStDfFfTuCOaXgaaqRAga1yKyoMtEoWPQ= +cloud.google.com/go/orgpolicy v1.10.0/go.mod h1:w1fo8b7rRqlXlIJbVhOMPrwVljyuW5mqssvBtU18ONc= +cloud.google.com/go/osconfig v1.11.0/go.mod h1:aDICxrur2ogRd9zY5ytBLV89KEgT2MKB2L/n6x1ooPw= +cloud.google.com/go/oslogin v1.9.0/go.mod h1:HNavntnH8nzrn8JCTT5fj18FuJLFJc4NaZJtBnQtKFs= +cloud.google.com/go/phishingprotection v0.7.0/go.mod h1:8qJI4QKHoda/sb/7/YmMQ2omRLSLYSu9bU0EKCNI+Lk= +cloud.google.com/go/policytroubleshooter v1.6.0/go.mod h1:zYqaPTsmfvpjm5ULxAyD/lINQxJ0DDsnWOP/GZ7xzBc= +cloud.google.com/go/privatecatalog v0.8.0/go.mod h1:nQ6pfaegeDAq/Q5lrfCQzQLhubPiZhSaNhIgfJlnIXs= cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU= +cloud.google.com/go/pubsub v1.28.0/go.mod h1:vuXFpwaVoIPQMGXqRyUQigu/AX1S3IWugR9xznmcXX8= +cloud.google.com/go/pubsub v1.30.0/go.mod h1:qWi1OPS0B+b5L+Sg6Gmc9zD1Y+HaM0MdUr7LsupY1P4= +cloud.google.com/go/pubsublite v1.7.0/go.mod h1:8hVMwRXfDfvGm3fahVbtDbiLePT3gpoiJYJY+vxWxVM= +cloud.google.com/go/recaptchaenterprise v1.3.1/go.mod h1:OdD+q+y4XGeAlxRaMn1Y7/GveP6zmq76byL6tjPE7d4= +cloud.google.com/go/recaptchaenterprise/v2 v2.7.0/go.mod h1:19wVj/fs5RtYtynAPJdDTb69oW0vNHYDBTbB4NvMD9c= +cloud.google.com/go/recommendationengine v0.7.0/go.mod h1:1reUcE3GIu6MeBz/h5xZJqNLuuVjNg1lmWMPyjatzac= +cloud.google.com/go/recommender v1.9.0/go.mod h1:PnSsnZY7q+VL1uax2JWkt/UegHssxjUVVCrX52CuEmQ= +cloud.google.com/go/redis v1.11.0/go.mod h1:/X6eicana+BWcUda5PpwZC48o37SiFVTFSs0fWAJ7uQ= +cloud.google.com/go/resourcemanager v1.7.0/go.mod h1:HlD3m6+bwhzj9XCouqmeiGuni95NTrExfhoSrkC/3EI= +cloud.google.com/go/resourcesettings v1.5.0/go.mod h1:+xJF7QSG6undsQDfsCJyqWXyBwUoJLhetkRMDRnIoXA= +cloud.google.com/go/retail v1.12.0/go.mod h1:UMkelN/0Z8XvKymXFbD4EhFJlYKRx1FGhQkVPU5kF14= +cloud.google.com/go/run v0.9.0/go.mod h1:Wwu+/vvg8Y+JUApMwEDfVfhetv30hCG4ZwDR/IXl2Qg= +cloud.google.com/go/scheduler v1.9.0/go.mod h1:yexg5t+KSmqu+njTIh3b7oYPheFtBWGcbVUYF1GGMIc= +cloud.google.com/go/secretmanager v1.10.0/go.mod h1:MfnrdvKMPNra9aZtQFvBcvRU54hbPD8/HayQdlUgJpU= +cloud.google.com/go/security v1.13.0/go.mod h1:Q1Nvxl1PAgmeW0y3HTt54JYIvUdtcpYKVfIB8AOMZ+0= +cloud.google.com/go/securitycenter v1.19.0/go.mod h1:LVLmSg8ZkkyaNy4u7HCIshAngSQ8EcIRREP3xBnyfag= +cloud.google.com/go/servicedirectory v1.9.0/go.mod h1:29je5JjiygNYlmsGz8k6o+OZ8vd4f//bQLtvzkPPT/s= +cloud.google.com/go/shell v1.6.0/go.mod h1:oHO8QACS90luWgxP3N9iZVuEiSF84zNyLytb+qE2f9A= +cloud.google.com/go/spanner v1.45.0/go.mod h1:FIws5LowYz8YAE1J8fOS7DJup8ff7xJeetWEo5REA2M= +cloud.google.com/go/speech v1.15.0/go.mod h1:y6oH7GhqCaZANH7+Oe0BhgIogsNInLlz542tg3VqeYI= cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= +cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo= cloud.google.com/go/storage v1.22.1/go.mod h1:S8N1cAStu7BOeFfE8KAQzmyyLkK8p/vmRq6kuBTW58Y= cloud.google.com/go/storage v1.23.0/go.mod h1:vOEEDNFnciUMhBeT6hsJIn3ieU5cFRmzeLgDvXzfIXc= cloud.google.com/go/storage v1.27.0/go.mod h1:x9DOL8TK/ygDUMieqwfhdpQryTeEkhGKMi80i/iqR2s= cloud.google.com/go/storage v1.28.1/go.mod h1:Qnisd4CqDdo6BGs2AD5LLnEsmSQ80wQ5ogcBBKhU86Y= cloud.google.com/go/storage v1.29.0/go.mod h1:4puEjyTKnku6gfKoTfNOU/W+a9JyuVNxjpS5GBrB8h4= +cloud.google.com/go/storage v1.30.1/go.mod h1:NfxhC0UJE1aXSx7CIIbCf7y9HKT7BiccwkR7+P7gN8E= +cloud.google.com/go/storage v1.36.0/go.mod h1:M6M/3V/D3KpzMTJyPOR/HU6n2Si5QdaXYEsng2xgOs8= +cloud.google.com/go/storage v1.38.0/go.mod h1:tlUADB0mAb9BgYls9lq+8MGkfzOXuLrnHXlpHmvFJoY= +cloud.google.com/go/storagetransfer v1.8.0/go.mod h1:JpegsHHU1eXg7lMHkvf+KE5XDJ7EQu0GwNJbbVGanEw= +cloud.google.com/go/talent v1.5.0/go.mod h1:G+ODMj9bsasAEJkQSzO2uHQWXHHXUomArjWQQYkqK6c= +cloud.google.com/go/texttospeech v1.6.0/go.mod h1:YmwmFT8pj1aBblQOI3TfKmwibnsfvhIBzPXcW4EBovc= +cloud.google.com/go/tpu v1.5.0/go.mod h1:8zVo1rYDFuW2l4yZVY0R0fb/v44xLh3llq7RuV61fPM= +cloud.google.com/go/trace v1.9.0/go.mod h1:lOQqpE5IaWY0Ixg7/r2SjixMuc6lfTFeO4QGM4dQWOk= +cloud.google.com/go/translate v1.7.0/go.mod h1:lMGRudH1pu7I3n3PETiOB2507gf3HnfLV8qlkHZEyos= +cloud.google.com/go/video v1.15.0/go.mod h1:SkgaXwT+lIIAKqWAJfktHT/RbgjSuY6DobxEp0C5yTQ= +cloud.google.com/go/videointelligence v1.10.0/go.mod h1:LHZngX1liVtUhZvi2uNS0VQuOzNi2TkY1OakiuoUOjU= +cloud.google.com/go/vision v1.2.0/go.mod h1:SmNwgObm5DpFBme2xpyOyasvBc1aPdjvMk2bBk0tKD0= +cloud.google.com/go/vision/v2 v2.7.0/go.mod h1:H89VysHy21avemp6xcf9b9JvZHVehWbET0uT/bcuY/0= +cloud.google.com/go/vmmigration v1.6.0/go.mod h1:bopQ/g4z+8qXzichC7GW1w2MjbErL54rk3/C843CjfY= +cloud.google.com/go/vmwareengine v0.3.0/go.mod h1:wvoyMvNWdIzxMYSpH/R7y2h5h3WFkx6d+1TIsP39WGY= +cloud.google.com/go/vpcaccess v1.6.0/go.mod h1:wX2ILaNhe7TlVa4vC5xce1bCnqE3AeH27RV31lnmZes= +cloud.google.com/go/webrisk v1.8.0/go.mod h1:oJPDuamzHXgUc+b8SiHRcVInZQuybnvEW72PqTc7sSg= +cloud.google.com/go/websecurityscanner v1.5.0/go.mod h1:Y6xdCPy81yi0SQnDY1xdNTNpfY1oAgXUlcfN3B3eSng= +cloud.google.com/go/workflows v1.10.0/go.mod h1:fZ8LmRmZQWacon9UCX1r/g/DfAXx5VcPALq2CxzdePw= +dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= +dario.cat/mergo v1.0.1 h1:Ra4+bf83h2ztPIQYNP99R6m+Y7KfnARDfID+a+vLl4s= +dario.cat/mergo v1.0.1/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= +dmitri.shuralyov.com/app/changes v0.0.0-20180602232624-0a106ad413e3/go.mod h1:Yl+fi1br7+Rr3LqpNJf1/uxUdtRUV+Tnj0o93V2B9MU= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= -dmitri.shuralyov.com/gpu/mtl v0.0.0-20201218220906-28db891af037/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= +dmitri.shuralyov.com/html/belt v0.0.0-20180602232347-f7d459c86be0/go.mod h1:JLBrvjyP0v+ecvNYvCpyZgu5/xkfAUhi6wJj28eUfSU= +dmitri.shuralyov.com/service/change v0.0.0-20181023043359-a85b471d5412/go.mod h1:a1inKt/atXimZ4Mv927x+r7UpyzRUf4emIoiiSC2TN4= +dmitri.shuralyov.com/state v0.0.0-20180228185332-28bcc343414c/go.mod h1:0PRwlb0D6DFvNNtx+9ybjezNCa8XF0xaYcETyp6rHWU= +filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA= +filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4= +gioui.org v0.0.0-20210308172011-57750fc8a0a6/go.mod h1:RSH6KIUZ0p2xy5zHDxgAM4zumjgTw83q2ge/PI+yyw8= +git.apache.org/thrift.git v0.0.0-20180902110319-2566ecd5d999/go.mod h1:fPE2ZNJGynbRyZ4dJvy6G277gSllfV2HJqblrnkyeyg= +git.sr.ht/~sbinet/gg v0.3.1/go.mod h1:KGYtlADtqsqANL9ueOFkWymvzUvLMQllU5Ixo+8v3pc= github.com/AdaLogics/go-fuzz-headers v0.0.0-20221206110420-d395f97c4830/go.mod h1:VzwV+t+dZ9j/H867F1M2ziD+yLHtB46oM35FxxMJ4d0= -github.com/AdaLogics/go-fuzz-headers v0.0.0-20230106234847-43070de90fa1/go.mod h1:VzwV+t+dZ9j/H867F1M2ziD+yLHtB46oM35FxxMJ4d0= -github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20221215162035-5330a85ea652/go.mod h1:OahwfttHWG6eJ0clwcfBAHoDI6X/LV/15hx/wlMZSrU= -github.com/Azure/azure-sdk-for-go v55.0.0+incompatible h1:L4/vUGbg1Xkw5L20LZD+hJI5I+ibWSytqQ68lTCfLwY= -github.com/Azure/azure-sdk-for-go v55.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= +github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 h1:bvDV9vkmnHYOMsOr4WLk+Vo07yKIzd94sVoIqshQ4bU= +github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24/go.mod h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8= +github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20230306123547-8075edf89bb0 h1:59MxjQVfjXsBpLy+dbd2/ELV5ofnUkUZBvWSC85sheA= +github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20230306123547-8075edf89bb0/go.mod h1:OahwfttHWG6eJ0clwcfBAHoDI6X/LV/15hx/wlMZSrU= +github.com/AndreasBriese/bbloom v0.0.0-20190825152654-46b345b51c96 h1:cTp8I5+VIoKjsnZuH8vjyaysT/ses3EvZeaV/1UkF2M= +github.com/AndreasBriese/bbloom v0.0.0-20190825152654-46b345b51c96/go.mod h1:bOvUY6CB00SOBii9/FifXqc0awNKxLFCL/+pkDPuyl8= +github.com/Azure/go-ansiterm v0.0.0-20210608223527-2377c96fe795/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8= github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= -github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= -github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest/autorest v0.11.27 h1:F3R3q42aWytozkV8ihzcgMO4OA4cuqr3bNlsEuF6//A= -github.com/Azure/go-autorest/autorest v0.11.27/go.mod h1:7l8ybrIdUmGqZMTD0sRtAr8NvbHjfofbf8RSP2q7w7U= -github.com/Azure/go-autorest/autorest/adal v0.9.18/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= -github.com/Azure/go-autorest/autorest/adal v0.9.20 h1:gJ3E98kMpFB1MFqQCvA1yFab8vthOeD4VlFRQULxahg= -github.com/Azure/go-autorest/autorest/adal v0.9.20/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= -github.com/Azure/go-autorest/autorest/date v0.3.0 h1:7gUk1U5M/CQbp9WoqinNzJar+8KY+LPI6wiWrP/myHw= -github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= -github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= -github.com/Azure/go-autorest/autorest/mocks v0.4.2 h1:PGN4EDXnuQbojHbU0UWoNvmu9AGVwYHG9/fkDYhtAfw= -github.com/Azure/go-autorest/autorest/mocks v0.4.2/go.mod h1:Vy7OitM9Kei0i1Oj+LvyAWMXJHeKH1MVlzFugfVrmyU= -github.com/Azure/go-autorest/autorest/to v0.4.0 h1:oXVqrxakqqV1UZdSazDOPOLvOIz+XA683u8EctwboHk= -github.com/Azure/go-autorest/autorest/to v0.4.0/go.mod h1:fE8iZBn7LQR7zH/9XU2NcPR4o9jEImooCeWJcYV/zLE= -github.com/Azure/go-autorest/autorest/validation v0.1.0/go.mod h1:Ha3z/SqBeaalWQvokg3NZAlQTalVMtOIAs1aGK7G6u8= -github.com/Azure/go-autorest/autorest/validation v0.3.1 h1:AgyqjAd94fwNAoTjl/WQXg4VvFeRFpO+UhNyRXqF1ac= -github.com/Azure/go-autorest/autorest/validation v0.3.1/go.mod h1:yhLgjC0Wda5DYXl6JAsWyUe4KVNffhoDhG0zVzUMo3E= -github.com/Azure/go-autorest/logger v0.2.1 h1:IG7i4p/mDa2Ce4TRyAO8IHnVhAVF3RFU+ZtXWSmf4Tg= -github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= -github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= -github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/BurntSushi/toml v1.2.1 h1:9F2/+DoOYIOksmaJFPw1tGFy1eDnIJXg+UHjuD8lTak= github.com/BurntSushi/toml v1.2.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= +github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8= +github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/GoogleCloudPlatform/k8s-cloud-provider v1.18.1-0.20220218231025-f11817397a1b h1:Heo1J/ttaQFgGJSVnCZquy3e5eH5j1nqxBuomztB3P0= -github.com/GoogleCloudPlatform/k8s-cloud-provider v1.18.1-0.20220218231025-f11817397a1b/go.mod h1:FNj4KYEAAHfYu68kRYolGoxkaJn+6mdEsaM12VTwuI0= github.com/JeffAshton/win_pdh v0.0.0-20161109143554-76bb4ee9f0ab h1:UKkYhof1njT1/xq4SEg5z+VpTgjmNeHwPGRQl7takDI= github.com/JeffAshton/win_pdh v0.0.0-20161109143554-76bb4ee9f0ab/go.mod h1:3VYc5hodBMJ5+l/7J4xAyMeuM2PNuepvHlGs8yilUCA= +github.com/JohnCGriffin/overflow v0.0.0-20211019200055-46fa312c352c/go.mod h1:X0CRv0ky0k6m906ixxpzmDRLvX58TFUKS2eePweuyxk= github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ= github.com/MakeNowJust/heredoc v1.0.0/go.mod h1:mG5amYoWBHf8vpLOuehzbGGw0EHxpZZ6lCpQ4fNJ8LE= -github.com/Microsoft/go-winio v0.4.15/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw= github.com/Microsoft/go-winio v0.4.17/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= -github.com/Microsoft/go-winio v0.5.1/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY= -github.com/Microsoft/go-winio v0.6.0 h1:slsWYD/zyx7lCXoZVlvQrj0hPTM1HI4+v1sIda2yDvg= github.com/Microsoft/go-winio v0.6.0/go.mod h1:cTAf44im0RAYeL23bpB+fzCyDH2MJiz2BO69KH/soAE= -github.com/Microsoft/hcsshim v0.8.25 h1:fRMwXiwk3qDwc0P05eHnh+y2v07JdtsfQ1fuAc69m9g= -github.com/Microsoft/hcsshim v0.8.25/go.mod h1:4zegtUJth7lAvFyc6cH2gGQ5B3OFQim01nnU2M8jKDg= +github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM= +github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= +github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU= +github.com/Microsoft/hcsshim v0.11.7 h1:vl/nj3Bar/CvJSYo7gIQPyRWc9f3c6IeSNavBTSZNZQ= +github.com/Microsoft/hcsshim v0.11.7/go.mod h1:MV8xMfmECjl5HdO7U/3/hFVnkmSBjAjmA09d4bExKcU= github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= github.com/NYTimes/gziphandler v1.1.1 h1:ZUDjpQae29j0ryrS0u/B8HZfJBtBQHjqw2rQ2cqUQ3I= github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMomdKFjzJNB0c= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= -github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= +github.com/OneOfOne/xxhash v1.2.8/go.mod h1:eZbhyaAYD41SGSSsnmcpxVoRiQ/MPUTjUdIIOT9Um7Q= github.com/Rican7/retry v0.1.0 h1:FqK94z34ly8Baa6K+G8Mmza9rYWTKOJk+yckIBB5qVk= github.com/Rican7/retry v0.1.0/go.mod h1:FgOROf8P5bebcC1DS0PdOQiqGUridaZvikzUmkFW6gg= -github.com/a8m/tree v0.0.0-20210115125333-10a5fd5b637d/go.mod h1:FSdwKX97koS5efgm8WevNf7XS3PqtyFkKDDXrz778cg= +github.com/agnivade/levenshtein v1.0.1/go.mod h1:CURSv5d9Uaml+FovSIICkLbAUZ9S4RqaHDIsdSBg7lM= +github.com/agnivade/levenshtein v1.1.1/go.mod h1:veldBMzWxcCG2ZvUTKD2kJNRdCk5hVbJomOvKkmgYbo= +github.com/ajstarks/deck v0.0.0-20200831202436-30c9fc6549a9/go.mod h1:JynElWSGnm/4RlzPXRlREEwqTHAN3T56Bv2ITsFT3gY= +github.com/ajstarks/deck/generate v0.0.0-20210309230005-c3f852c02e19/go.mod h1:T13YZdzov6OU0A1+RfKZiZN9ca6VeKdBdyDV+BY97Tk= github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw= -github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= -github.com/alexflint/go-filemutex v1.1.0/go.mod h1:7P4iRhttt/nUvUOrYIhcpMzv2G6CY9UnI16Z+UJqRyk= +github.com/ajstarks/svgo v0.0.0-20211024235047-1546f124cd8b/go.mod h1:1KcenG0jGWcpt8ov532z81sp/kMMUG485J2InIOyADM= +github.com/akavel/rsrc v0.10.2/go.mod h1:uLoCtb9J+EyAqh+26kdrTgmzRBFPGOolLWKpdxkKq+c= +github.com/alecthomas/kingpin/v2 v2.4.0/go.mod h1:0gyi0zQnjuFk8xrkNKamJoyUo382HRL7ATRpFZCw6tE= +github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE= +github.com/alexflint/go-filemutex v1.2.0/go.mod h1:mYyQSWvw9Tx2/H2n9qXPb52tTYfE0pZAWcBq5mK025c= +github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8= +github.com/andybalholm/brotli v1.0.4/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig= +github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= -github.com/antlr/antlr4/runtime/Go/antlr v0.0.0-20220418222510-f25a4f6275ed h1:ue9pVfIcP+QMEjfgo/Ez4ZjNZfonGgR6NgjMaJMu1Cg= -github.com/antlr/antlr4/runtime/Go/antlr v0.0.0-20220418222510-f25a4f6275ed/go.mod h1:F7bn7fEU90QkQ3tnmaTx3LTKLEDqnwWODIYppRQ5hnY= +github.com/antlr4-go/antlr/v4 v4.13.0 h1:lxCg3LAv+EUK6t1i0y1V6/SLeUi0eKEKdhQAlS8TVTI= +github.com/antlr4-go/antlr/v4 v4.13.0/go.mod h1:pfChB/xh/Unjila75QW7+VU4TSnWnnk9UTnmpPaOR2g= +github.com/apache/arrow/go/v11 v11.0.0/go.mod h1:Eg5OsL5H+e299f7u5ssuXsuHQVEGC4xei5aX110hRiI= +github.com/apache/thrift v0.16.0/go.mod h1:PHK3hniurgQaNMZYaCLEqXKsYK8upmhPbmdP2FXSqgU= +github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0/go.mod h1:t2tdKJDJF9BV14lnkjHmOQgcvEKgtqs5a1N3LNdJhGE= github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e h1:QEF07wC0T1rKkctt1RINW/+RMTVmiwxETico2l3gxJA= github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= +github.com/armon/go-proxyproto v0.0.0-20210323213023-7e956b284f0a/go.mod h1:QmP9hvJ91BbJmGVGSbutW19IC0Q9phDCLGaomwTJbgU= github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a h1:idn718Q4B6AGu/h5Sxe66HYVdqdGu2l9Iebqhi/AEoA= github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/auth0/go-jwt-middleware v1.0.1/go.mod h1:YSeUX3z6+TF2H+7padiEqNJ73Zy9vXW72U//IgN0BIM= -github.com/aws/aws-sdk-go v1.35.24/go.mod h1:tlPOdRjfxPBpNIwqDj61rmsnA85v9jc0Ps9+muhnW+k= -github.com/aws/aws-sdk-go v1.38.49/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro= -github.com/aws/aws-sdk-go v1.44.171 h1:maREiPAmibvuONMOEZIkCH2OTosLRnDelceTtH3SYfo= -github.com/aws/aws-sdk-go v1.44.171/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= -github.com/benbjohnson/clock v1.0.3/go.mod h1:bGMdMPoPVvcYyt1gHDf4J2KE153Yf9BuiUKYMaxlTDM= -github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8= +github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= +github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= +github.com/bahlo/generic-list-go v0.2.0 h1:5sz/EEAK+ls5wF+NeqDpk5+iNdMDXrh3z3nPnH1Wvgk= +github.com/bahlo/generic-list-go v0.2.0/go.mod h1:2KvAjgMlE5NNynlg/5iLrrCCZ2+5xWbdbCW3pNTGyYg= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= +github.com/benbjohnson/clock v1.3.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= +github.com/benbjohnson/clock v1.3.5 h1:VvXlSJBzZpA/zum6Sj74hxwYI2DIxRWuNIoXAzHZz5o= +github.com/benbjohnson/clock v1.3.5/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= -github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= github.com/bketelsen/crypt v0.0.3-0.20200106085610-5cbc8cc4026c/go.mod h1:MKsuJmJgSg28kpZDP6UIiPt0e0Oz0kqKNGyRaWEPv84= -github.com/bketelsen/crypt v0.0.4/go.mod h1:aI6NrJ0pMGgvZKL1iVgXLnfIFJtfV+bKCoqOes/6LfM= github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ= github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM= github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ= -github.com/boltdb/bolt v1.3.1/go.mod h1:clJnj/oiGkjum5o1McbSZDSLxVThjynRyGBgiAx27Ps= +github.com/boombuler/barcode v1.0.0/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= +github.com/boombuler/barcode v1.0.1/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= +github.com/bradfitz/go-smtpd v0.0.0-20170404230938-deb6d6237625/go.mod h1:HYsPBTaaSFSlLx/70C2HPIMNZpVV8+vt/A+FMnYP11g= +github.com/buger/jsonparser v0.0.0-20181115193947-bf1c66bbce23/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s= +github.com/buger/jsonparser v1.1.1 h1:2PnMjfWD7wBILjqQbt530v576A/cAbQvEW9gGIpYMUs= github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0= +github.com/bytecodealliance/wasmtime-go/v3 v3.0.2/go.mod h1:RnUjnIXxEJcL6BgCvNyzCCRzZcxCgsZCi+RNlvYor5Q= github.com/canonical/go-dqlite v1.5.1 h1:1YjtIrFsC1A3XlgsX38ARAiKhvkZS63PqsEd8z3T4yU= github.com/canonical/go-dqlite v1.5.1/go.mod h1:wp00vfMvPYgNCyxcPdHB5XExmDoCGoPUGymloAQT17Y= -github.com/cenkalti/backoff/v4 v4.1.1/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= +github.com/cenkalti/backoff/v4 v4.2.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= +github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= +github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= +github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= +github.com/census-instrumentation/opencensus-proto v0.3.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/census-instrumentation/opencensus-proto v0.4.1/go.mod h1:4T9NM4+4Vw91VeyqjLS6ao50K5bOcLKN6Q42XnYaRYw= -github.com/certifi/gocertifi v0.0.0-20191021191039-0944d244cd40/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= -github.com/certifi/gocertifi v0.0.0-20200922220541-2c3bb06c6054/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= +github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chai2010/gettext-go v1.0.2 h1:1Lwwip6Q2QGsAdl/ZKPCwTe9fe0CjlUbqj5bFNSjIRk= github.com/chai2010/gettext-go v1.0.2/go.mod h1:y+wnP2cHYaVj19NZhYKAwEMH2CI1gNHeQQ+5AjwawxA= github.com/checkpoint-restore/go-criu/v5 v5.3.0 h1:wpFFOoomK3389ue2lAb0Boag6XPht5QYpipxmSNL4d8= github.com/checkpoint-restore/go-criu/v5 v5.3.0/go.mod h1:E/eQpaFtUKGOOSEBZgmKAcn+zUUwWxqcaKZlF54wK8E= +github.com/chromedp/cdproto v0.0.0-20230802225258-3cf4e6d46a89/go.mod h1:GKljq0VrfU4D5yc+2qA6OVr8pmO/MBbPEWqWQ/oqGEs= +github.com/chromedp/chromedp v0.9.2/go.mod h1:LkSXJKONWTCHAfQasKFUZI+mxqS4tZqhmtGzzhLsnLs= +github.com/chromedp/sysutil v1.0.0/go.mod h1:kgWmDdq8fTzXYcKIBqIYvRRTnYb9aNS9moAV0xufSww= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= +github.com/chzyer/logex v1.2.1/go.mod h1:JLbx6lG2kDbNRFnfkgvh4eRJRPX1QCoOIWomwysCBrQ= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= +github.com/chzyer/readline v1.5.1/go.mod h1:Eh+b79XXUwfKfcPLepksvw2tcLE/Ct21YObkaSkeBlk= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= +github.com/chzyer/test v1.0.0/go.mod h1:2JlltgoNkt4TW/z9V/IzDdFaMTM2JPIi26O1pF38GC8= +github.com/cilium/ebpf v0.2.0/go.mod h1:To2CFviqOWL/M0gIMsvSMlqe7em/l1ALkX1PyjrX2Qs= github.com/cilium/ebpf v0.4.0/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs= github.com/cilium/ebpf v0.7.0/go.mod h1:/oI2+1shJiTGAMgl6/RgJr36Eo1jzrRcAWbcXO2usCA= -github.com/cilium/ebpf v0.9.1 h1:64sn2K3UKw8NbP/blsixRpF3nXuyhz/VjRlRzvlBRu4= github.com/cilium/ebpf v0.9.1/go.mod h1:+OhNOIXx/Fnu1IE8bJz2dzOA+VSfyTfdNUVdlQnxUFY= +github.com/cilium/ebpf v0.11.0 h1:V8gS/bTCCjX9uUnkUFUpPsksM8n1lXBAvHcpiFk1X2Y= +github.com/cilium/ebpf v0.11.0/go.mod h1:WE7CZAnqOL2RouJ4f1uyNhqr2P4CCvXFIqdRDUgWsVs= github.com/cncf/udpa/go v0.0.0-20220112060539-c52dc94e7fbe/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20230428030218-4003588d1b74/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4 h1:/inchEIKaYC1Akx+H+gqO04wryn5h75LSazbRlnya1k= +github.com/cncf/xds/go v0.0.0-20220314180256-7f1daf1720fc/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20230105202645-06c439db220b/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cockroachdb/datadriven v0.0.0-20200714090401-bf6692d28da5/go.mod h1:h6jFvWxBdQXxjopDMZyH2UVceIRfR84bdzbkoKrsWNo= +github.com/cncf/xds/go v0.0.0-20240318125728-8a4994d93e50 h1:DBmgJDC9dTfkVyGgipamEh2BpGYxScCH1TOF1LL1cXc= +github.com/cncf/xds/go v0.0.0-20240318125728-8a4994d93e50/go.mod h1:5e1+Vvlzido69INQaVO6d87Qn543Xr6nooe9Kz7oBFM= github.com/cockroachdb/datadriven v1.0.2 h1:H9MtNqVoVhvd9nCBwOyDjUEdZCREqbIdCJD93PBm/jA= -github.com/cockroachdb/errors v1.2.4/go.mod h1:rQD95gz6FARkaKkQXUksEje/d9a6wBJoCr5oaCLELYA= -github.com/cockroachdb/logtags v0.0.0-20190617123548-eb05cc24525f/go.mod h1:i/u985jwjWRlyHXQbwatDASoW0RMlZ/3i9yJHE2xLkI= -github.com/container-storage-interface/spec v1.6.0 h1:vwN9uCciKygX/a0toYryoYD5+qI9ZFeAMuhEEKO+JBA= -github.com/container-storage-interface/spec v1.6.0/go.mod h1:8K96oQNkJ7pFcC2R9Z1ynGGBB1I93kcS6PGg3SsOk8s= +github.com/cockroachdb/datadriven v1.0.2/go.mod h1:a9RdTaap04u637JoCzcUoIcDmvwSUtcUFtT/C3kJlTU= +github.com/container-storage-interface/spec v1.9.0 h1:zKtX4STsq31Knz3gciCYCi1SXtO2HJDecIjDVboYavY= +github.com/container-storage-interface/spec v1.9.0/go.mod h1:ZfDu+3ZRyeVqxZM0Ds19MVLkN2d1XJ5MAfi1L3VjlT0= github.com/containerd/aufs v1.0.0 h1:2oeJiwX5HstO7shSrPZjrohJZLzK36wvpdmzDRkL/LY= github.com/containerd/aufs v1.0.0/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU= -github.com/containerd/btrfs v1.0.0 h1:osn1exbzdub9L5SouXO5swW4ea/xVdJZ3wokxN5GrnA= -github.com/containerd/btrfs v1.0.0/go.mod h1:zMcX3qkXTAi9GI50+0HOeuV8LU2ryCE/V2vG/ZBiTss= -github.com/containerd/cgroups v1.0.1 h1:iJnMvco9XGvKUvNQkv88bE4uJXxRQH18efbKo9w5vHQ= +github.com/containerd/btrfs/v2 v2.0.0 h1:FN4wsx7KQrYoLXN7uLP0vBV4oVWHOIKDRQ1G2Z0oL5M= +github.com/containerd/btrfs/v2 v2.0.0/go.mod h1:swkD/7j9HApWpzl8OHfrHNxppPd9l44DFZdF94BUj9k= +github.com/containerd/cgroups v0.0.0-20201119153540-4cbc285b3327/go.mod h1:ZJeTFisyysqgcCdecO57Dj79RfL0LNeGiFUqLYQRYLE= github.com/containerd/cgroups v1.0.1/go.mod h1:0SJrPIenamHDcZhEcJMNBB85rHcUsw4f25ZfBiPYRkU= -github.com/containerd/cgroups/v3 v3.0.1/go.mod h1:/vtwk1VXrtoa5AaZLkypuOJgA/6DyPMZHJPGQNtlHnw= +github.com/containerd/cgroups v1.0.4/go.mod h1:nLNQtsF7Sl2HxNebu77i1R0oDlhiTG+kO4JTrUzo6IA= +github.com/containerd/cgroups v1.1.0 h1:v8rEWFl6EoqHB+swVNjVoCJE8o3jX7e8nqBGPLaDFBM= +github.com/containerd/cgroups v1.1.0/go.mod h1:6ppBcbh/NOOUU+dMKrykgaBnK9lCIBxHqJDGwsa1mIw= +github.com/containerd/cgroups/v3 v3.0.2/go.mod h1:JUgITrzdFqp42uI2ryGA+ge0ap/nxzYgkGmIcetmErE= +github.com/containerd/cgroups/v3 v3.0.3 h1:S5ByHZ/h9PMe5IOQoN7E+nMc2UcLEM/V48DGDJ9kip0= +github.com/containerd/cgroups/v3 v3.0.3/go.mod h1:8HBe7V3aWGLFPd/k03swSIsGjZhHI2WzJmticMgVuz0= github.com/containerd/console v1.0.1/go.mod h1:XUsP6YE/mKtz6bxc+I8UiKKTP04qjQL4qcS3XoQ5xkw= -github.com/containerd/console v1.0.2/go.mod h1:ytZPjGgY2oeTkAONYafi2kSj0aYggsf8acV1PGKCbzQ= -github.com/containerd/console v1.0.3 h1:lIr7SlA5PxZyMV30bDW0MGbiOPXwc63yRuCP0ARubLw= github.com/containerd/console v1.0.3/go.mod h1:7LqA/THxQ86k76b8c/EMSiaJ3h1eZkMkXar0TQ1gf3U= +github.com/containerd/console v1.0.4 h1:F2g4+oChYvBTsASRTz8NP6iIAi97J3TtSAsLbIFn4ro= +github.com/containerd/console v1.0.4/go.mod h1:YynlIjWYF8myEu6sdkwKIvGQq+cOckRm6So2avqoYAk= +github.com/containerd/containerd/api v1.7.19/go.mod h1:fwGavl3LNwAV5ilJ0sbrABL44AQxmNjDRcwheXDb6Ig= +github.com/containerd/containerd/api v1.8.0-rc.3 h1:q9MyeXmuAGEyKmUGYvvFftNX1RQhfTLsAvYK+SQHQso= +github.com/containerd/containerd/api v1.8.0-rc.3/go.mod h1:dFv4lt6S20wTu/hMcP4350RL87qPWLVa/OHOwmmdnYc= github.com/containerd/continuity v0.0.0-20210208174643-50096c924a4e/go.mod h1:EXlVlkqNba9rJe3j7w3Xa924itAMLgZH4UD/Q4PExuQ= -github.com/containerd/continuity v0.1.0/go.mod h1:ICJu0PwR54nI0yPEnJ6jcS+J7CZAUXrLh8lPo2knzsM= -github.com/containerd/continuity v0.3.0 h1:nisirsYROK15TAMVukJOUyGJjz4BNQJBVsNvAXZJ/eg= github.com/containerd/continuity v0.3.0/go.mod h1:wJEAIwKOm/pBZuBd0JmeTvnLquTB1Ag8espWhkykbPM= +github.com/containerd/continuity v0.4.3 h1:6HVkalIp+2u1ZLH1J/pYX2oBVXlJZvh1X1A7bEZ9Su8= +github.com/containerd/continuity v0.4.3/go.mod h1:F6PTNCKepoxEaXLQp3wDAjygEnImnZ/7o4JzpodfroQ= +github.com/containerd/errdefs v0.1.0 h1:m0wCRBiu1WJT/Fr+iOoQHMQS/eP5myQ8lCv4Dz5ZURM= +github.com/containerd/errdefs v0.1.0/go.mod h1:YgWiiHtLmSeBrvpw+UfPijzbLaB77mEG1WwJTDETIV0= github.com/containerd/fifo v1.0.0/go.mod h1:ocF/ME1SX5b1AOlWi9r677YJmCPSwwWnQ9O123vzpE4= github.com/containerd/fifo v1.1.0 h1:4I2mbh5stb1u6ycIABlBw9zgtlK8viPI9QkQNRQEEmY= github.com/containerd/fifo v1.1.0/go.mod h1:bmC4NWMbXlt2EZ0Hc7Fx7QzTFxgPID13eH0Qu+MAb2o= -github.com/containerd/fuse-overlayfs-snapshotter v1.0.5 h1:xO2DWI2l/J79lV/OoZ9uI8MmGDksmDHVn4syPJW02Xo= -github.com/containerd/fuse-overlayfs-snapshotter v1.0.5/go.mod h1:XJWpvDeM5/Ry0atraRI5g05QPE/imqMxOmWQtJlKBG4= -github.com/containerd/go-cni v1.1.3/go.mod h1:Rflh2EJ/++BA2/vY5ao3K6WJRR/bZKsX123aPk+kUtA= -github.com/containerd/go-cni v1.1.6/go.mod h1:BWtoWl5ghVymxu6MBjg79W9NZrCRyHIdUtk4cauMe34= -github.com/containerd/go-cni v1.1.9 h1:ORi7P1dYzCwVM6XPN4n3CbkuOx/NZ2DOqy+SHRdo9rU= +github.com/containerd/fuse-overlayfs-snapshotter v1.0.8 h1:O471INHO59/fnSVE+B+THGjvRA2d1K6/FdpUuhNnXwk= +github.com/containerd/fuse-overlayfs-snapshotter v1.0.8/go.mod h1:mY+oK2oQhlUk6hP5HNG28/OK9oqQpB2wK1w6sudC5gQ= github.com/containerd/go-cni v1.1.9/go.mod h1:XYrZJ1d5W6E2VOvjffL3IZq0Dz6bsVlERHbekNK90PM= -github.com/containerd/go-runc v1.0.0 h1:oU+lLv1ULm5taqgV/CJivypVODI4SUz1znWjv3nNYS0= +github.com/containerd/go-cni v1.1.10 h1:c2U73nld7spSWfiJwSh/8W9DK+/qQwYM2rngIhCyhyg= +github.com/containerd/go-cni v1.1.10/go.mod h1:/Y/sL8yqYQn1ZG1om1OncJB1W4zN3YmjfP/ShCzG/OY= github.com/containerd/go-runc v1.0.0/go.mod h1:cNU0ZbCgCQVZK4lgG3P+9tn9/PaJNmoDXPpoJhDR+Ok= -github.com/containerd/imgcrypt v1.1.4 h1:iKTstFebwy3Ak5UF0RHSeuCTahC5OIrPJa6vjMAM81s= -github.com/containerd/imgcrypt v1.1.4/go.mod h1:LorQnPtzL/T0IyCeftcsMEO7AqxUDbdO8j/tSUpgxvo= -github.com/containerd/nri v0.1.0 h1:6QioHRlThlKh2RkRTR4kIT3PKAcrLo3gIWnjkM4dQmQ= -github.com/containerd/nri v0.1.0/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= -github.com/containerd/stargz-snapshotter/estargz v0.10.0/go.mod h1:aE5PCyhFMwR8sbrErO5eM2GcvkyXTTJremG883D4qF0= -github.com/containerd/stargz-snapshotter/estargz v0.13.0/go.mod h1:m+9VaGJGlhCnrcEUod8mYumTmRgblwd3rC5UCEh2Yp0= -github.com/containerd/stargz-snapshotter/estargz v0.14.3 h1:OqlDCK3ZVUO6C3B/5FSkDwbkEETK84kQgEeFwDC+62k= +github.com/containerd/go-runc v1.1.0 h1:OX4f+/i2y5sUT7LhmcJH7GYrjjhHa1QI4e8yO0gGleA= +github.com/containerd/go-runc v1.1.0/go.mod h1:xJv2hFF7GvHtTJd9JqTS2UVxMkULUYw4JN5XAUZqH5U= +github.com/containerd/imgcrypt v1.1.11 h1:3RULIeLouE7B5l9NzMq0HdPWG0DP5deEVxB5UKxyUoU= +github.com/containerd/imgcrypt v1.1.11/go.mod h1:nXL4jp1GrtO758b16DVsxaHHzu9PravAsKARYmyHR58= +github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I= +github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo= +github.com/containerd/nri v0.6.1 h1:xSQ6elnQ4Ynidm9u49ARK9wRKHs80HCUI+bkXOxV4mA= +github.com/containerd/nri v0.6.1/go.mod h1:7+sX3wNx+LR7RzhjnJiUkFDhn18P5Bg/0VnJ/uXpRJM= +github.com/containerd/platforms v0.2.1 h1:zvwtM3rz2YHPQsF2CHYM8+KtB5dvhISiXh5ZpSBQv6A= +github.com/containerd/platforms v0.2.1/go.mod h1:XHCb+2/hzowdiut9rkudds9bE5yJ7npe7dG/wG+uFPw= +github.com/containerd/stargz-snapshotter v0.15.1 h1:fpsP4kf/Z4n2EYnU0WT8ZCE3eiKDwikDhL6VwxIlgeA= +github.com/containerd/stargz-snapshotter v0.15.1/go.mod h1:74D+J1m1RMXytLmWxegXWhtOSRHPWZKpKc2NdK3S+us= github.com/containerd/stargz-snapshotter/estargz v0.14.3/go.mod h1:KY//uOCIkSuNAHhJogcZtrNHdKrA99/FCCRjE3HD36o= -github.com/containerd/ttrpc v1.0.2/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y= +github.com/containerd/stargz-snapshotter/estargz v0.15.1 h1:eXJjw9RbkLFgioVaTG+G/ZW/0kEe2oEKCdS/ZxIyoCU= +github.com/containerd/stargz-snapshotter/estargz v0.15.1/go.mod h1:gr2RNwukQ/S9Nv33Lt6UC7xEx58C+LHRdoqbEKjz1Kk= github.com/containerd/ttrpc v1.1.0/go.mod h1:XX4ZTnoOId4HklF4edwc4DcqskFZuvXB1Evzy5KFQpQ= -github.com/containerd/ttrpc v1.2.0 h1:we4O9wzVsBA1HUVRGU8CWFsbjy2P/U2g9raVu5XXNI0= -github.com/containerd/ttrpc v1.2.0/go.mod h1:YYyNVhZrTMiaf51Vj6WhAJqJw+vl/nzABhj8pWrzle4= +github.com/containerd/ttrpc v1.1.2/go.mod h1:XX4ZTnoOId4HklF4edwc4DcqskFZuvXB1Evzy5KFQpQ= +github.com/containerd/ttrpc v1.2.2/go.mod h1:sIT6l32Ph/H9cvnJsfXM5drIVzTr5A2flTf1G5tYZak= +github.com/containerd/ttrpc v1.2.3/go.mod h1:ieWsXucbb8Mj9PH0rXCw1i8IunRbbAiDkpXkbfflWBM= +github.com/containerd/ttrpc v1.2.5 h1:IFckT1EFQoFBMG4c3sMdT8EP3/aKfumK1msY+Ze4oLU= +github.com/containerd/ttrpc v1.2.5/go.mod h1:YCXHsb32f+Sq5/72xHubdiJRQY9inL4a4ZQrAbN1q9o= github.com/containerd/typeurl v1.0.2 h1:Chlt8zIieDbzQFzXzAeBEF92KhExuE4p9p92/QmY7aY= github.com/containerd/typeurl v1.0.2/go.mod h1:9trJWW2sRlGub4wZJRTW83VtbOLS6hwcDZXTn6oPz9s= -github.com/containerd/typeurl/v2 v2.1.0/go.mod h1:IDp2JFvbwZ31H8dQbEIY7sDl2L3o3HZj1hsSQlywkQ0= -github.com/containerd/zfs v1.0.0/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY= +github.com/containerd/typeurl/v2 v2.1.1/go.mod h1:IDp2JFvbwZ31H8dQbEIY7sDl2L3o3HZj1hsSQlywkQ0= +github.com/containerd/typeurl/v2 v2.2.0 h1:6NBDbQzr7I5LHgp34xAXYF5DOTQDn05X58lsPEmzLso= +github.com/containerd/typeurl/v2 v2.2.0/go.mod h1:8XOOxnyatxSWuG8OfsZXVnAF4iZfedjS/8UHSPJnX4g= github.com/containerd/zfs v1.1.0 h1:n7OZ7jZumLIqNJqXrEc/paBM840mORnmGdJDmAmJZHM= github.com/containerd/zfs v1.1.0/go.mod h1:oZF9wBnrnQjpWLaPKEinrx3TQ9a+W/RJO7Zb41d8YLE= -github.com/containernetworking/cni v1.0.1/go.mod h1:AKuhXbN5EzmD4yTNtfSsX3tPcmtrBI6QcRV0NiNt15Y= -github.com/containernetworking/cni v1.1.1/go.mod h1:sDpYKmGVENF3s6uvMvGgldDWeG8dMxakj/u+i9ht9vw= -github.com/containernetworking/cni v1.1.2 h1:wtRGZVv7olUHMOqouPpn3cXJWpJgM6+EUl31EQbXALQ= github.com/containernetworking/cni v1.1.2/go.mod h1:sDpYKmGVENF3s6uvMvGgldDWeG8dMxakj/u+i9ht9vw= -github.com/containernetworking/plugins v1.1.1 h1:+AGfFigZ5TiQH00vhR8qPeSatj53eNGz0C1d3wVYlHE= -github.com/containernetworking/plugins v1.1.1/go.mod h1:Sr5TH/eBsGLXK/h71HeLfX19sZPp3ry5uHSkI4LPxV8= -github.com/containers/ocicrypt v1.1.3 h1:uMxn2wTb4nDR7GqG3rnZSfpJXqWURfzZ7nKydzIeKpA= -github.com/containers/ocicrypt v1.1.3/go.mod h1:xpdkbVAuaH3WzbEabUd5yDsl9SwJA5pABH85425Es2g= -github.com/coredns/caddy v1.1.0/go.mod h1:A6ntJQlAWuQfFlsd9hvigKbo2WS0VUs2l1e2F+BawD4= -github.com/coredns/corefile-migration v1.0.17/go.mod h1:XnhgULOEouimnzgn0t4WPuFDN2/PJQcTxdWKC5eXNGE= +github.com/containernetworking/cni v1.2.3 h1:hhOcjNVUQTnzdRJ6alC5XF+wd9mfGIUaj8FuJbEslXM= +github.com/containernetworking/cni v1.2.3/go.mod h1:DuLgF+aPd3DzcTQTtp/Nvl1Kim23oFKdm2okJzBQA5M= +github.com/containernetworking/plugins v1.2.0/go.mod h1:/VjX4uHecW5vVimFa1wkG4s+r/s9qIfPdqlLF4TW8c4= +github.com/containernetworking/plugins v1.5.1 h1:T5ji+LPYjjgW0QM+KyrigZbLsZ8jaX+E5J/EcKOE4gQ= +github.com/containernetworking/plugins v1.5.1/go.mod h1:MIQfgMayGuHYs0XdNudf31cLLAC+i242hNm6KuDGqCM= +github.com/containers/ocicrypt v1.1.10/go.mod h1:YfzSSr06PTHQwSTUKqDSjish9BeW1E4HUmreluQcMd8= +github.com/containers/ocicrypt v1.2.0 h1:X14EgRK3xNFvJEfI5O4Qn4T3E25ANudSOZz/sirVuPM= +github.com/containers/ocicrypt v1.2.0/go.mod h1:ZNviigQajtdlxIZGibvblVuIFBKIuUI2M0QM12SD31U= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= +github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= github.com/coreos/go-iptables v0.6.0/go.mod h1:Qe8Bv2Xik5FyTXwgIbLAnv2sWSBmvWdFETJConOQ//Q= -github.com/coreos/go-oidc v2.1.0+incompatible h1:sdJrfw8akMnCuUlaZU3tE/uYXFgfqom8DBE9so9EBsM= -github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= +github.com/coreos/go-oidc v2.2.1+incompatible h1:mh48q/BqXqgjVHpy2ZY7WnWAbenxRjsz9N1i1YxjHAk= +github.com/coreos/go-oidc v2.2.1+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-semver v0.3.0 h1:wkHLiw0WNATZnSG7epLsujiMCgPAc9xhjJ4tgnAxmfM= github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= +github.com/coreos/go-semver v0.3.1 h1:yi21YpKnrx1gt5R+la8n5WgS0kCrsPp33dmEyHReZr4= +github.com/coreos/go-semver v0.3.1/go.mod h1:irMmmIw/7yzSRPWryHsK7EYSg09caPQL03VsM8rvUec= +github.com/coreos/go-systemd v0.0.0-20181012123002-c6f51f82210d/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e h1:Wf6HqHfScWJN9/ZjdUKyjop4mf3Qdd+1TvvltAvM3m8= github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= github.com/coreos/go-systemd/v22 v22.1.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk= @@ -270,43 +466,64 @@ github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSV github.com/coreos/go-systemd/v22 v22.5.0 h1:RrqgGjYQKalulkV8NGVIfkXQf6YYmOyiJKk8iXXhfZs= github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= +github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= -github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= -github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cpuguy83/go-md2man/v2 v2.0.4 h1:wfIWP927BUkWJb2NmU/kNDYIBTh/ziUX91+lVfRxZq4= +github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/creack/pty v1.1.11 h1:07n33Z8lZxZ2qwegKbObQohDhXDQxiMMz1NOUGYlesw= github.com/creack/pty v1.1.11/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/cyphar/filepath-securejoin v0.2.3 h1:YX6ebbZCZP7VkM3scTTokDgBL2TY741X51MTk3ycuNI= +github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY= +github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= github.com/cyphar/filepath-securejoin v0.2.3/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= +github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= +github.com/cyphar/filepath-securejoin v0.2.5 h1:6iR5tXJ/e6tJZzzdMc1km3Sa7RRIVBKAK32O2s7AYfo= +github.com/cyphar/filepath-securejoin v0.2.5/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= github.com/d2g/dhcp4 v0.0.0-20170904100407-a1d1b6c41b1c/go.mod h1:Ct2BUK8SB0YC1SMSibvLzxjeJLnrYEVLULFNiHY9YfQ= github.com/d2g/dhcp4client v1.0.0/go.mod h1:j0hNfjhrt2SxUOw55nL0ATM/z4Yt3t2Kd1mW34z5W5s= github.com/d2g/dhcp4server v0.0.0-20181031114812-7d4a0a7f59a5/go.mod h1:Eo87+Kg/IX2hfWJfwxMzLyuSZyxSoAug2nGa1G2QAi8= -github.com/danieljoos/wincred v1.1.0/go.mod h1:XYlo+eRTsVA9aHGp7NGjFkPla4m+DCL7hqDjlFjiygg= github.com/danieljoos/wincred v1.1.2/go.mod h1:GijpziifJoIBfYh+S7BbkdUTU4LfM+QnGqR5Vl2tAx0= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/daviddengcn/go-colortext v1.0.0 h1:ANqDyC0ys6qCSvuEK7l3g5RaehL/Xck9EX8ATG8oKsE= github.com/daviddengcn/go-colortext v1.0.0/go.mod h1:zDqEI5NVUop5QPpVJUxE9UO10hRnmkD5G4Pmri9+m4c= +github.com/davidlazar/go-crypto v0.0.0-20200604182044-b73af7476f6c h1:pFUpOrbxDR6AkioZ1ySsx5yxlDQZ8stG2b88gTPxgJU= +github.com/davidlazar/go-crypto v0.0.0-20200604182044-b73af7476f6c/go.mod h1:6UhI8N9EjYm1c2odKpFpAYeR8dsBeM7PtzQhRgxRr9U= +github.com/decred/dcrd/crypto/blake256 v1.0.0/go.mod h1:sQl2p6Y26YV+ZOcSTP6thNdn47hh8kt6rqSlvmrXFAc= +github.com/decred/dcrd/crypto/blake256 v1.0.1 h1:7PltbUIQB7u/FfZ39+DGa/ShuMyJ5ilcvdfma9wOH6Y= +github.com/decred/dcrd/crypto/blake256 v1.0.1/go.mod h1:2OfgNZ5wDpcsFmHmCK5gZTPcCXqlm2ArzUIkw9czNJo= +github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.0-20210816181553-5444fa50b93d/go.mod h1:tmAIfUFEirG/Y8jhZ9M+h36obRZAk/1fcSpXwAVlfqE= +github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 h1:8UrgZ3GkP4i/CLijOJx79Yu+etlyjdBU4sfcs2WYQMs= +github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0/go.mod h1:v57UDF4pDQJcEfFUCRop3lJL149eHGSe9Jvczhzjo/0= +github.com/dgraph-io/badger v1.6.2 h1:mNw0qs90GVgGGWylh0umH5iag1j6n/PeJtNvL6KY/x8= +github.com/dgraph-io/badger v1.6.2/go.mod h1:JW2yswe3V058sS0kZ2h/AXeDSqFjxnZcRrVH//y2UQE= +github.com/dgraph-io/badger/v3 v3.2103.5/go.mod h1:4MPiseMeDQ3FNCYwRbbcBOGJLf5jsE0PPFzRiKjtcdw= +github.com/dgraph-io/ristretto v0.1.1 h1:6CWw5tJNgpegArSHpNHJKldNeq03FQCwYvfMVWajOK8= +github.com/dgraph-io/ristretto v0.1.1/go.mod h1:S1GPSBCYCIhmVNfcth17y2zZtQT6wzkzgwUve0VDWWA= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= -github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= -github.com/dnaeon/go-vcr v1.0.1 h1:r8L/HqC0Hje5AXMu1ooW8oyQyOFv4GxqpL0nRP7SLLY= -github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= -github.com/docker/cli v20.10.10+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= -github.com/docker/cli v20.10.21+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= -github.com/docker/cli v23.0.1+incompatible h1:LRyWITpGzl2C9e9uGxzisptnxAn1zfZKXy13Ul2Q5oM= +github.com/dgryski/go-farm v0.0.0-20190423205320-6a90982ecee2/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw= +github.com/dgryski/go-farm v0.0.0-20200201041132-a6ae2369ad13/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw= +github.com/dgryski/trifles v0.0.0-20200323201526-dd97f9abfb48/go.mod h1:if7Fbed8SFyPtHLHbg49SI7NAdJiC5WIA09pe59rfAA= +github.com/distribution/reference v0.5.0 h1:/FUIFXtfc/x2gpa5/VGfiGLuOIdYa1t65IKK2OFGvA0= +github.com/distribution/reference v0.5.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= github.com/docker/cli v23.0.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= -github.com/docker/distribution v2.8.2+incompatible h1:T3de5rq0dB1j30rp0sA2rER+m322EBzniBPB6ZIzuh8= -github.com/docker/distribution v2.8.2+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/docker v20.10.26-0.20230802055016-791d8ab87747+incompatible h1:mzu+5UWAEL9P+NGTad4K3YHnkwpV9Zk/xFGcrKzX8xM= -github.com/docker/docker v20.10.26-0.20230802055016-791d8ab87747+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/docker-credential-helpers v0.6.4/go.mod h1:ofX3UI0Gz1TteYBjtgs07O36Pyasyp66D2uKT7H8W1c= +github.com/docker/cli v23.0.3+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/cli v24.0.7+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/cli v27.1.2+incompatible h1:nYviRv5Y+YAKx3dFrTvS1ErkyVVunKOhoweCTE1BsnI= +github.com/docker/cli v27.1.2+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk= +github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= +github.com/docker/docker v25.0.6+incompatible h1:5cPwbwriIcsua2REJe8HqQV+6WlWc1byg2QSXzBxBGg= +github.com/docker/docker v25.0.6+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.7.0 h1:xtCHsjxogADNZcdv1pKUHXryefjlVRqWqIhk/uXJp0A= github.com/docker/docker-credential-helpers v0.7.0/go.mod h1:rETQfLdHNT3foU5kuNkFR1R1V12OJRRO5lzt2D1b5X0= -github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ= github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= +github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c= +github.com/docker/go-connections v0.5.0/go.mod h1:ov60Kzw0kKElRwhNs9UlUHAE/F9Fe6GLaXnqyDdmEXc= github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c h1:+pKlWGMw7gf6bQ+oDZB4KHQFypsfjYlq/C4rfL7D3g8= github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= github.com/docker/go-metrics v0.0.1 h1:AgB/0SvBxihN0X8OR4SjsblXkbMvalQ8cjmtKQ2rQV8= @@ -315,102 +532,134 @@ github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDD github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4= github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/dougm/pretty v0.0.0-20171025230240-2ee9d7453c02/go.mod h1:7NQ3kWOx2cZOSjtcveTa5nqupVr2s6/83sG+rTlI7uA= -github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo= github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= -github.com/elazarl/goproxy v0.0.0-20190911111923-ecfe977594f1 h1:yY9rWGoXv1U5pl4gxqlULARMQD7x0QG85lqEXTWysik= -github.com/elazarl/goproxy v0.0.0-20190911111923-ecfe977594f1/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM= -github.com/elazarl/goproxy/ext v0.0.0-20190711103511-473e67f1d7d2/go.mod h1:gNh8nYJoAm43RfaxurUnxr+N1PwuFV3ZMl/efxlIlY8= -github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= +github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= +github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= +github.com/elastic/gosigar v0.12.0/go.mod h1:iXRIGg2tLnu7LBdpqzyQfGDEidKCfWcCMS0WKyPWoMs= +github.com/elastic/gosigar v0.14.2 h1:Dg80n8cr90OZ7x+bAax/QjoW/XqTI11RmA79ZwIm9/4= +github.com/elastic/gosigar v0.14.2/go.mod h1:iXRIGg2tLnu7LBdpqzyQfGDEidKCfWcCMS0WKyPWoMs= github.com/emicklei/go-restful v2.16.0+incompatible h1:rgqiKNjTnFQA6kkhFe16D8epTksy9HQ1MyrbDXSdYhM= github.com/emicklei/go-restful v2.16.0+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/emicklei/go-restful/v3 v3.9.0 h1:XwGDlfxEnQZzuopoqxwSEllNcCOM9DhhFyhFIIGKwxE= -github.com/emicklei/go-restful/v3 v3.9.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/envoyproxy/go-control-plane v0.11.1/go.mod h1:uhMcXKCQMEJHiAb0w+YGefQLaTEw+YhGluxZkrTmD0g= +github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= +github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/envoyproxy/go-control-plane v0.10.3/go.mod h1:fJJn/j26vwOu972OllsvAgJJM//w9BV6Fxbg2LuVd34= +github.com/envoyproxy/go-control-plane v0.12.0/go.mod h1:ZBTaoJ23lqITozF0M6G4/IragXCQKCnYbmlmtHvwRG0= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/envoyproxy/protoc-gen-validate v1.0.1/go.mod h1:0vj8bNkYbSTNS2PIyH87KZaeN4x9zpL9Qt8fQC7d+vs= -github.com/envoyproxy/protoc-gen-validate v1.0.2 h1:QkIBuU5k+x7/QXPvPPnWXWlCdaBFApVqftFV6k087DA= +github.com/envoyproxy/protoc-gen-validate v0.6.7/go.mod h1:dyJXwwfPK2VSqiB9Klm1J6romD608Ba7Hij42vrOBCo= +github.com/envoyproxy/protoc-gen-validate v0.9.1/go.mod h1:OKNgG7TCp5pF4d6XftA0++PMirau2/yoOwVac3AbF2w= github.com/envoyproxy/protoc-gen-validate v1.0.2/go.mod h1:GpiZQP3dDbg4JouG/NNS7QWXpgx6x8QiMKdmN72jogE= +github.com/envoyproxy/protoc-gen-validate v1.0.4 h1:gVPz/FMfvh57HdSJQyvBtF00j8JU4zdyUgIUNhlgg0A= +github.com/envoyproxy/protoc-gen-validate v1.0.4/go.mod h1:qys6tmnRsYrQqIhm2bvKZH4Blx/1gTIZ2UKVY1M+Yew= github.com/erikdubbelboer/gspt v0.0.0-20190125194910-e68493906b83 h1:ngHdSomn2MyugZYKHiycad2xERwIrmMlET7A0lC0UU4= github.com/erikdubbelboer/gspt v0.0.0-20190125194910-e68493906b83/go.mod h1:v6o7m/E9bfvm79dE1iFiF+3T7zLBnrjYjkWMa1J+Hv0= github.com/euank/go-kmsg-parser v2.0.0+incompatible h1:cHD53+PLQuuQyLZeriD1V/esuG4MuU0Pjs5y6iknohY= github.com/euank/go-kmsg-parser v2.0.0+incompatible/go.mod h1:MhmAMZ8V4CYH4ybgdRwPr2TU5ThnS43puaKEMpja1uw= -github.com/evanphx/json-patch v4.11.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84= -github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= +github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d h1:105gxyaGwCFad8crR9dcMQWvV9Hvulu6hwUh4tWPJnM= github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d/go.mod h1:ZZMPRZwes7CROmyNKgQzC3XPs6L/G2EJLHddWejkmf4= github.com/fatih/camelcase v1.0.0 h1:hxNvNX/xYBp0ovncs8WyWZrOrpBNub/JfaMvbURyft8= github.com/fatih/camelcase v1.0.0/go.mod h1:yN2Sb0lFhZJUdVvtELVWefmrXpuZESvPmqwoZc+/fpc= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= -github.com/felixge/httpsnoop v1.0.1 h1:lvB5Jl89CsZtGIWuTcDM1E/vkVs49/Ml7JJe07l8SPQ= -github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= +github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw= +github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= +github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= +github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= +github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= +github.com/flynn/noise v1.1.0 h1:KjPQoQCEFdZDiP03phOvGi11+SVVhBG2wOWAorLsstg= +github.com/flynn/noise v1.1.0/go.mod h1:xbMo+0i6+IGbYdJhF31t2eR1BIU0CYc12+BNAKwUTag= github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= -github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= -github.com/form3tech-oss/jwt-go v3.2.3+incompatible h1:7ZaBxOI7TMoYBfyA3cQHErNNyAWIKUMIwqxEtgHOs5c= -github.com/form3tech-oss/jwt-go v3.2.3+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= +github.com/fogleman/gg v1.3.0/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= +github.com/fortytw2/leaktest v1.3.0/go.mod h1:jDsjWgpAGjm2CA7WthBh/CdZYEPF31XHquHwclZch5g= +github.com/foxcpp/go-mockdns v1.0.0/go.mod h1:lgRN6+KxQBawyIghpnl5CezHFGS9VLzvtVlwxvzXTQ4= +github.com/francoispqt/gojay v1.2.13 h1:d2m3sFjloqoIUQU3TsHBgj6qg/BVGlTBeHDUmyJnXKk= +github.com/francoispqt/gojay v1.2.13/go.mod h1:ehT5mTG4ua4581f1++1WLG0vPdaA9HaiDsoyrBGkyDY= github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k= -github.com/frankban/quicktest v1.12.1/go.mod h1:qLE0fzW0VuyUAJgPU19zByoIr0HtCHN/r/VLSOOIySU= -github.com/frankban/quicktest v1.14.0 h1:+cqqvzZV87b4adx/5ayVOaYZ2CrvM4ejQvUdBzPPUss= github.com/frankban/quicktest v1.14.0/go.mod h1:NeW+ay9A/U67EYXNFA1nPE8e/tnQv/09mUdL/ijj8og= +github.com/frankban/quicktest v1.14.5 h1:dfYrrRyLtiqT9GyKXgdh+k4inNeTvmGbuSgZ3lx3GhA= +github.com/frankban/quicktest v1.14.5/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= -github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= +github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU= github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= -github.com/fvbommel/sortorder v1.0.1 h1:dSnXLt4mJYH25uDDGa3biZNQsozaUWDSWeKJ0qqFfzE= -github.com/fvbommel/sortorder v1.0.1/go.mod h1:uk88iVf1ovNn1iLfgUVU2F9o5eO30ui720w+kxuqRs0= -github.com/getkin/kin-openapi v0.76.0/go.mod h1:660oXbgy5JFMKreazJaQTw7o+X00qeSyhcnluiMv+Xg= -github.com/getsentry/raven-go v0.2.0/go.mod h1:KungGk8q33+aIAZUIVWZDr2OfAEBsO49PX4NzFV5kcQ= +github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= +github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= +github.com/fxamacker/cbor/v2 v2.4.0/go.mod h1:TA1xS00nchWmaBnEIxPSE5oHLuJBAVvqrtAnWBwBCVo= +github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E= +github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= +github.com/gliderlabs/ssh v0.1.1/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0= github.com/go-bindata/go-bindata v3.1.2+incompatible h1:5vjJMVhowQdPzjE1LdxyFF7YFTXg5IgGVW4gBr5IbvE= github.com/go-bindata/go-bindata v3.1.2+incompatible/go.mod h1:xK8Dsgwmeed+BBsSy2XTopBn/8uK2HWuGSnA11C3Joo= github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= -github.com/go-errors/errors v1.0.2-0.20180813162953-d98b870cc4e0 h1:skJKxRtNmevLqnayafdLe2AsenqRupVmzZSqrvb5caU= -github.com/go-errors/errors v1.0.2-0.20180813162953-d98b870cc4e0/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= +github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= +github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= +github.com/go-fonts/dejavu v0.1.0/go.mod h1:4Wt4I4OU2Nq9asgDCteaAaWZOV24E+0/Pwo0gppep4g= +github.com/go-fonts/latin-modern v0.2.0/go.mod h1:rQVLdDMK+mK1xscDwsqM5J8U2jrRa3T0ecnM9pNujks= +github.com/go-fonts/liberation v0.1.1/go.mod h1:K6qoJYypsmfVjWg8KOVDQhLc8UDgIK2HYqyqAO9z7GY= +github.com/go-fonts/liberation v0.2.0/go.mod h1:K6qoJYypsmfVjWg8KOVDQhLc8UDgIK2HYqyqAO9z7GY= +github.com/go-fonts/stix v0.1.0/go.mod h1:w/c1f0ldAUlJmLBvlbkvVXLAD+tAMqobIIQpmnUIzUY= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= +github.com/go-ini/ini v1.67.0/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= +github.com/go-jose/go-jose/v3 v3.0.3/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQrVfLAMboGkQ= +github.com/go-jose/go-jose/v4 v4.0.2 h1:R3l3kkBds16bO7ZFAEEcofK0MkrAJt3jlJznWZG0nvk= +github.com/go-jose/go-jose/v4 v4.0.2/go.mod h1:WVf9LFMHh/QVrmqrOfqun0C45tMe3RoiKJMPvgWwLfY= github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= -github.com/go-kit/log v0.2.0/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBjv0= -github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= +github.com/go-kit/log v0.2.1/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBjv0= +github.com/go-latex/latex v0.0.0-20210118124228-b3d85cf34e07/go.mod h1:CO1AlKB2CSIqUrmQPqA0gdRIlnLEY0gK5JGjh37zN5U= +github.com/go-latex/latex v0.0.0-20210823091927-c0d11ff05a81/go.mod h1:SX0U8uGpxhq9o2S/CELCSUxEWWAuoCUcVCQWv7G2OCk= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= -github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs= github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= +github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= -github.com/go-logr/zapr v1.2.3/go.mod h1:eIauM6P8qSvTw5o2ez6UEAfGjQKrxQTl5EoK+Qa2oG4= -github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= +github.com/go-logr/stdr v1.2.3-0.20220714215716-96bad1d688c5 h1:aj5xnNwNY2GCk38Vga4FMm4GSX1bDzu8Z5JcQQdmOqg= +github.com/go-logr/stdr v1.2.3-0.20220714215716-96bad1d688c5/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= +github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= +github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= -github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= -github.com/go-openapi/jsonreference v0.19.5/go.mod h1:RdybgQwPxbL4UEjuAruzK1x3nE69AqPYEJeo/TWfEeg= -github.com/go-openapi/jsonreference v0.20.0/go.mod h1:Ag74Ico3lPc+zR+qjn4XBUmXymS4zJbYVCZmcgkasdo= -github.com/go-openapi/jsonreference v0.20.1 h1:FBLnyygC4/IZZr893oiomc9XaghoveYTrLC1F86HID8= +github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ= +github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY= github.com/go-openapi/jsonreference v0.20.1/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= -github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= +github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= +github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ= +github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4= github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-ozzo/ozzo-validation v3.5.0+incompatible/go.mod h1:gsEKFIVnabGBt6mXmxK0MoFy+cZoTJY6mu5Ll3LVLBU= -github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI= -github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI= +github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= +github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= +github.com/go-pdf/fpdf v0.5.0/go.mod h1:HzcnA+A23uwogo0tp9yU+l3V+KXhiESpt1PMayhOh5M= +github.com/go-pdf/fpdf v0.6.0/go.mod h1:HzcnA+A23uwogo0tp9yU+l3V+KXhiESpt1PMayhOh5M= +github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y= +github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= +github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= +github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= +github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/go-test/deep v1.0.7 h1:/VSMRlnY/JSyqxQUzQLKVMAskpY/NZKFA5j2P+0pP2M= github.com/go-test/deep v1.0.7/go.mod h1:QV8Hv/iy04NyLBxAdO9njL0iVPN1S4d/A3NVv1V36o8= +github.com/go-yaml/yaml v2.1.0+incompatible/go.mod h1:w2MrLa16VYP0jy6N7M5kHaCkaLENm+P+Tv+MfurjSw0= +github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8= +github.com/gobwas/httphead v0.1.0/go.mod h1:O/RXo79gxV8G+RqlR/otEwx4Q36zl9rqC5u12GKvMCM= +github.com/gobwas/pool v0.2.1/go.mod h1:q8bcK0KcYlCgd9e7WYLm9LpyS+YeLd8JVDW6WezmKEw= +github.com/gobwas/ws v1.2.1/go.mod h1:hRKAFb8wOxFROYNsT1bqfWnhX+b5MFeJM9r2ZSwg/KY= +github.com/goccy/go-json v0.9.7/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= +github.com/goccy/go-json v0.9.11/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= +github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU= +github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godbus/dbus/v5 v5.0.6/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= @@ -418,39 +667,41 @@ github.com/godbus/dbus/v5 v5.1.0 h1:4KLkAxT3aOY8Li4FRJe/KvhoNFFxo0m6fNuFUO8QJUk= github.com/godbus/dbus/v5 v5.1.0/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/gofrs/flock v0.8.1 h1:+gYjHKf32LDeiEEFhQaotPbLuUXjY5ZqxKgXy7n59aw= github.com/gofrs/flock v0.8.1/go.mod h1:F1TvTiK9OcQqauNUHlbJvyl9Qa1QvF/gOUDKA14jxHU= -github.com/gofrs/uuid v4.0.0+incompatible h1:1SD/1F5pU8p29ybwgQSwpQk+mwdRrXCYuPhW6m+TnJw= -github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= -github.com/gogo/googleapis v1.4.0 h1:zgVt4UpGxcqVOw97aRGxT4svlcmdK35fynLNctY32zI= github.com/gogo/googleapis v1.4.0/go.mod h1:5YRNX2z1oM5gXdAkurHa942MDgEJyk02w4OecKY87+c= -github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= -github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= -github.com/golang-jwt/jwt/v4 v4.4.2 h1:rcc4lwaZgFMCZ5jxF9ABolDcIHdBytAFgqFPbSJQAYs= github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= +github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= +github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/glog v1.0.0/go.mod h1:EWib/APOK0SL3dFbYqvxE3UYd8E6s1ouQ7iEp/0LWV4= github.com/golang/glog v1.1.0/go.mod h1:pfYeQZ3JWZoXTV5sFc986z3HTpwQs9At6P4ImfuP3NQ= +github.com/golang/glog v1.1.2/go.mod h1:zR+okUeTbrL6EL3xHUDxZuEtGv04p5shwip1+mL/rLQ= +github.com/golang/glog v1.2.0 h1:uCdmnmatrKCgMBlM4rMuJZWOkPDqdbZPnrMXDY4gI68= +github.com/golang/glog v1.2.0/go.mod h1:6AhwSGph0fcJtXVM/PEHPqZlFeoLxhs7/t5UDAwmO+w= github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= +github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8= github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc= github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= -github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= +github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= +github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= +github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golangplus/bytes v0.0.0-20160111154220-45c989fe5450/go.mod h1:Bk6SMAONeMXrxql8uvOKuAZSu8aM5RUGv+1C6IJaEho= github.com/golangplus/bytes v1.0.0/go.mod h1:AdRaCFwmc/00ZzELMWb01soso6W1R/++O1XL80yAn+A= @@ -462,12 +713,16 @@ github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA= github.com/google/btree v1.1.2 h1:xf4v41cLI2Z6FxbKm+8Bu+m8ifhj15JuZ9sa0jZCMUU= github.com/google/btree v1.1.2/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4= -github.com/google/cadvisor v0.44.2 h1:TktXMfu2ZMp1gVLnd5GJnTjVSnL8mMLdVohrpnZ9SHc= -github.com/google/cadvisor v0.44.2/go.mod h1:GQ9KQfz0iNHQk3D6ftzJWK4TXabfIgM10Oy3FkR+Gzg= -github.com/google/cel-go v0.12.6 h1:kjeKudqV0OygrAqA9fX6J55S8gj+Jre2tckIm5RoG4M= -github.com/google/cel-go v0.12.6/go.mod h1:Jk7ljRzLBhkmiAwBoUxB1sZSCVBAzkqPF25olK/iRDw= -github.com/google/gnostic v0.5.7-v3refs h1:FhTMOKj2VhjpouxvWJAV1TL304uMlb9zcDqkl6cEI54= -github.com/google/gnostic v0.5.7-v3refs/go.mod h1:73MKFl6jIHelAJNaBGFzt3SPtZULs9dYrGFt8OiIsHQ= +github.com/google/cadvisor v0.49.0 h1:1PYeiORXmcFYi609M4Qvq5IzcvcVaWgYxDt78uH8jYA= +github.com/google/cadvisor v0.49.0/go.mod h1:s6Fqwb2KiWG6leCegVhw4KW40tf9f7m+SF1aXiE8Wsk= +github.com/google/cel-go v0.20.1 h1:nDx9r8S3L4pE61eDdt8igGj8rf5kjYR3ILxWIpWNi84= +github.com/google/cel-go v0.20.1/go.mod h1:kWcIzTsPX0zmQ+H3TirHstLLf9ep5QTsZBN9u4dOYLg= +github.com/google/flatbuffers v1.12.1/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8= +github.com/google/flatbuffers v2.0.8+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8= +github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= +github.com/google/gnostic-models v0.6.9-0.20230804172637-c7be7c783f49 h1:0VpGH+cDhbDtdcweoyCVsF3fhN8kejK6rFe/2FFX2nU= +github.com/google/gnostic-models v0.6.9-0.20230804172637-c7be7c783f49/go.mod h1:BkkQ4L1KS1xMt2aWSPStnn55ChGC0DPOn2FQYj+f25M= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= @@ -481,54 +736,82 @@ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE= github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-containerregistry v0.7.0 h1:u0onUUOcyoCDHEiJoyR1R1gx5er1+r06V5DBhUU5ndk= -github.com/google/go-containerregistry v0.7.0/go.mod h1:2zaoelrL0d08gGbpdP3LqyUuBmhWbpD6IOe2s9nLS2k= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-containerregistry v0.14.0/go.mod h1:aiJ2fp/SXvkWgmYHioXnbMdlgB8eXiiYOY55gfN91Wk= +github.com/google/go-containerregistry v0.20.2 h1:B1wPJ1SN/S7pB+ZAimcciVD+r+yV/l/DSArMxlbwseo= +github.com/google/go-containerregistry v0.20.2/go.mod h1:z38EKdKh4h7IP2gSfUUqEvalZBqs6AoLeWfUy34nQC8= +github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ= +github.com/google/go-pkcs11 v0.2.1-0.20230907215043-c6f79328ddf9/go.mod h1:6eQoGcuNJpa7jnd5pMGdkSaQpNDYvPlXWMcjXXThLlY= +github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/gopacket v1.1.19 h1:ves8RnFZPGiFnTS0uPQStjwru6uO6h+nlr9j6fL7kF8= +github.com/google/gopacket v1.1.19/go.mod h1:iJ8V8n6KS+z2U1A8pUwu8bW5SyEMkXJB8Yo/Vo+TKTo= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= +github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= github.com/google/martian/v3 v3.2.1/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= github.com/google/martian/v3 v3.3.2/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= +github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38 h1:yAJXTCF9TqKcTiHJAE8dj7HMvPfh66eeA2JYW7eFpSE= +github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20201218002935-b9804c9f04c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6/go.mod h1:kf6iHlnVGwgKolg33glAes7Yg/8iWP8ukqeldJSO7jw= +github.com/google/pprof v0.0.0-20240525223248-4bfdf5a9a2af/go.mod h1:K1liHPHnj73Fdn/EKuT8nrFqBihUSKXoLYU0BuatOYo= +github.com/google/pprof v0.0.0-20240727154555-813a5fbdbec8 h1:FKHo8hFI3A+7w0aUQuYXQ+6EN5stWmeY/AZqtM8xk9k= +github.com/google/pprof v0.0.0-20240727154555-813a5fbdbec8/go.mod h1:K1liHPHnj73Fdn/EKuT8nrFqBihUSKXoLYU0BuatOYo= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/s2a-go v0.1.0/go.mod h1:OJpEgntRZo8ugHpF9hkoLJbS5dSI20XZeXJ9JVywLlM= +github.com/google/s2a-go v0.1.3/go.mod h1:Ej+mSEMGRnqRzjc7VtF+jdBwYG5fuJfiZ8ELkjEwM0A= github.com/google/s2a-go v0.1.4/go.mod h1:Ej+mSEMGRnqRzjc7VtF+jdBwYG5fuJfiZ8ELkjEwM0A= +github.com/google/s2a-go v0.1.7/go.mod h1:50CgR4k1jNlWBu4UfS4AcfhVe1r6pdZPygJ3R8F0Qdw= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.5.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/googleapis/enterprise-certificate-proxy v0.0.0-20220520183353-fd19c99a87aa/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8= github.com/googleapis/enterprise-certificate-proxy v0.1.0/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8= github.com/googleapis/enterprise-certificate-proxy v0.2.0/go.mod h1:8C0jb7/mgJe/9KK8Lm7X9ctZC2t60YyIpYEI16jx0Qg= github.com/googleapis/enterprise-certificate-proxy v0.2.1/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k= github.com/googleapis/enterprise-certificate-proxy v0.2.3/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k= -github.com/googleapis/gax-go/v2 v2.1.1 h1:dp3bWCh+PPO1zjRRiCSczJav13sBvG4UhNyVTa1KqdU= -github.com/googleapis/gax-go/v2 v2.1.1/go.mod h1:hddJymUZASv3XPyGkUpKj8pPO47Rmb0eJc8R6ouapiM= +github.com/googleapis/enterprise-certificate-proxy v0.2.4/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k= +github.com/googleapis/enterprise-certificate-proxy v0.3.2/go.mod h1:VLSiSSBs/ksPL8kq3OBOQ6WRI2QnaFynd1DCjZ62+V0= +github.com/googleapis/gax-go v2.0.0+incompatible/go.mod h1:SFVmujtThgffbyetf+mdk2eWhX2bMyUtNHzFKcPA9HY= +github.com/googleapis/gax-go/v2 v2.12.0/go.mod h1:y+aIqrI5eb1YGMVJfuV3185Ts/D7qKpsEkdD5+I6QGU= github.com/googleapis/go-type-adapters v1.0.0/go.mod h1:zHW75FOG2aur7gAO2B+MLby+cLsWGBF62rFAi7WjWO4= -github.com/gophercloud/gophercloud v0.1.0 h1:P/nh25+rzXouhytV2pUHBb65fnds26Ghl8/391+sT5o= -github.com/gophercloud/gophercloud v0.1.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8= +github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gopherjs/gopherjs v0.0.0-20200217142428-fce0ec30dd00/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gorilla/mux v1.7.4/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= -github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI= -github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= -github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= +github.com/gopherjs/gopherjs v0.0.0-20190430165422-3e4dfb77656c h1:7lF+Vz0LqiRidnzC1Oq86fpX1q/iEv2KJdrCtttYjT4= +github.com/gopherjs/gopherjs v0.0.0-20190430165422-3e4dfb77656c/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= +github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY= +github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ= github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc= github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gorilla/websocket v1.5.1 h1:gmztn0JnHVt9JZquRuzLw3g4wouNVzKL15iLr/zn/QY= +github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY= github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 h1:pdN6V1QBWetyv/0+wjACpqVH+eVULgEjkurDLq3goeM= github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= @@ -536,13 +819,19 @@ github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 h1:+9834+KizmvFV7pXQGSXQTsaW github.com/grpc-ecosystem/go-grpc-middleware v1.3.0/go.mod h1:z0ButlSOZa5vEBq9m2m2hlwIgKw+rp3sdCBRoJY+30Y= github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 h1:Ovs26xHkKqVztRpIrF/92BcuyuQ/YW4NSIpoGtfXNho= github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= +github.com/grpc-ecosystem/grpc-gateway v1.5.0/go.mod h1:RSKVYQBd5MCa4OVpNdGskqpgL2+G+NZTnrVHpWWfpdw= github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= github.com/grpc-ecosystem/grpc-gateway v1.16.0 h1:gmcG1KaJ57LophUzW0Hy8NmPhnMZb4M0+kPpLofRdBo= github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0/go.mod h1:hgWBS7lorOAVIJEQMi4ZsPv9hVvWI6+ch50m39Pf2Ks= github.com/grpc-ecosystem/grpc-gateway/v2 v2.11.3/go.mod h1:o//XUCC/F+yRGJoPO/VU0GSB0f8Nhgmxx0VIRUvaC0w= -github.com/hanwen/go-fuse/v2 v2.1.1-0.20220112183258-f57e95bda82d/go.mod h1:B1nGE/6RBFyBRC1RRnf23UpwCdyJ31eukw34oAKukAc= -github.com/hanwen/go-fuse/v2 v2.2.0 h1:jo5QZYmBLNcl9ovypWaQ5yXMSSV+Ch68xoC3rtZvvBM= -github.com/hanwen/go-fuse/v2 v2.2.0/go.mod h1:B1nGE/6RBFyBRC1RRnf23UpwCdyJ31eukw34oAKukAc= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0/go.mod h1:YN5jB8ie0yfIUg6VvR9Kz84aCaG7AsGZnLjhHbUqwPg= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1/go.mod h1:5SN9VR2LTsRFsrEC6FHgRbTWrTHu6tqPeKxEQv15giM= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 h1:bkypFPDjIYGfCYD5mRBvpqxfYX1YCS1PXdKYWi8FsN0= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0/go.mod h1:P+Lt/0by1T8bfcF3z737NnSbmxQAppXMRziHUxPOC8k= +github.com/hanwen/go-fuse/v2 v2.4.0/go.mod h1:xKwi1cF7nXAOBCXujD5ie0ZKsxc8GGSA1rlMJc+8IJs= +github.com/hanwen/go-fuse/v2 v2.5.1 h1:OQBE8zVemSocRxA4OaFJbjJ5hlpCmIWbGr7r0M4uoQQ= +github.com/hanwen/go-fuse/v2 v2.5.1/go.mod h1:xKwi1cF7nXAOBCXujD5ie0ZKsxc8GGSA1rlMJc+8IJs= github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q= github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= @@ -551,16 +840,17 @@ github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brv github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= -github.com/hashicorp/go-hclog v0.9.2 h1:CG6TE5H9/JXsFWJCfoIVpKFIkFe6ysEuHirp4DxCsHI= github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= +github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k= +github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM= github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= -github.com/hashicorp/go-retryablehttp v0.7.1/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= -github.com/hashicorp/go-retryablehttp v0.7.2 h1:AcYqCvkpalPnPF2pn0KamgwamS42TqUDDYFRKq/RAd0= -github.com/hashicorp/go-retryablehttp v0.7.2/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= +github.com/hashicorp/go-retryablehttp v0.7.4/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= +github.com/hashicorp/go-retryablehttp v0.7.7 h1:C8hUCYzor8PIfXHa4UrZkU4VvK8o9ISHxT2Q8+VepXU= +github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk= github.com/hashicorp/go-rootcerts v1.0.0/go.mod h1:K6zTfqpRlCUIjkwsN4Z+hiSfzSTQa6eBIzfwKfwNnHU= github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU= github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdvsLplgctolz4= @@ -569,241 +859,369 @@ github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/b github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc= +github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= +github.com/hashicorp/golang-lru/arc/v2 v2.0.5 h1:l2zaLDubNhW4XO3LnliVj0GXO3+/CGNJAg1dcN2Fpfw= +github.com/hashicorp/golang-lru/arc/v2 v2.0.5/go.mod h1:ny6zBSQZi2JxIeYcv7kt2sH2PXJtirBN7RDhRpxPkxU= +github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k= +github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I= github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc= -github.com/heketi/heketi v10.3.0+incompatible/go.mod h1:bB9ly3RchcQqsQ9CpyaQwvva7RS5ytVoSoholZQON6o= -github.com/heketi/tests v0.0.0-20151005000721-f3775cbcefd6/go.mod h1:xGMAM8JLi7UkZt1i4FQeQy0R2T8GLUwQhOP5M1gBhy4= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= +github.com/huin/goupnp v1.3.0 h1:UvLUlWDNpoUdYzb2TCn+MuTWtcjXKSza2n6CBdQ0xXc= +github.com/huin/goupnp v1.3.0/go.mod h1:gnGPsThkYa7bFi/KWmEysQRf48l2dvR5bxr2OFckNX8= github.com/iancoleman/strcase v0.2.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho= +github.com/iancoleman/strcase v0.3.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= +github.com/ianlancetaylor/demangle v0.0.0-20240312041847-bd984b5ce465/go.mod h1:gx7rwoVhcfuVKG5uya9Hs3Sxj7EIvldVofAWIUtGouw= github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= -github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk= github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg= +github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= +github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/inconshreveable/mousetrap v1.0.1/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= -github.com/ishidawataru/sctp v0.0.0-20190723014705-7c296d48a2b5/go.mod h1:DM4VvS+hD/kDi1U1QsX2fnZowwBhqD0Dk3bRPKF/Oc8= +github.com/intel/goresctrl v0.3.0/go.mod h1:fdz3mD85cmP9sHD8JUlrNWAxvwM86CrbmVXltEKd7zk= +github.com/intel/goresctrl v0.7.0 h1:x6RclP6LiJc24t9mf47BRbjf06B8oVisZMBv31x3rKc= +github.com/intel/goresctrl v0.7.0/go.mod h1:T3ZZnuHSNouwELB5wvOoUJaB7l/4Rm23rJy/wuWJlr0= +github.com/invopop/jsonschema v0.12.0 h1:6ovsNSuvn9wEQVOyc72aycBMVQFKz7cPdMJn10CvzRI= +github.com/invopop/jsonschema v0.12.0/go.mod h1:ffZ5Km5SWWRAIN6wbDXItl95euhFz2uON45H2qjYt+0= +github.com/ipfs/boxo v0.10.0 h1:tdDAxq8jrsbRkYoF+5Rcqyeb91hgWe2hp7iLu7ORZLY= +github.com/ipfs/boxo v0.10.0/go.mod h1:Fg+BnfxZ0RPzR0nOodzdIq3A7KgoWAOWsEIImrIQdBM= +github.com/ipfs/go-cid v0.4.1 h1:A/T3qGvxi4kpKWWcPC/PgbvDA2bjVLO7n4UeVwnbs/s= +github.com/ipfs/go-cid v0.4.1/go.mod h1:uQHwDeX4c6CtyrFwdqyhpNcxVewur1M7l7fNU7LKwZk= +github.com/ipfs/go-datastore v0.5.0/go.mod h1:9zhEApYMTl17C8YDp7JmU7sQZi2/wqiYh73hakZ90Bk= +github.com/ipfs/go-datastore v0.6.0 h1:JKyz+Gvz1QEZw0LsX1IBn+JFCJQH4SJVFtM4uWU0Myk= +github.com/ipfs/go-datastore v0.6.0/go.mod h1:rt5M3nNbSO/8q1t4LNkLyUwRs8HupMeN/8O4Vn9YAT8= +github.com/ipfs/go-detect-race v0.0.1 h1:qX/xay2W3E4Q1U7d9lNs1sU9nvguX0a7319XbyQ6cOk= +github.com/ipfs/go-detect-race v0.0.1/go.mod h1:8BNT7shDZPo99Q74BpGMK+4D8Mn4j46UU0LZ723meps= +github.com/ipfs/go-ds-badger v0.3.0 h1:xREL3V0EH9S219kFFueOYJJTcjgNSZ2HY1iSvN7U1Ro= +github.com/ipfs/go-ds-badger v0.3.0/go.mod h1:1ke6mXNqeV8K3y5Ak2bAA0osoTfmxUdupVCGm4QUIek= +github.com/ipfs/go-ds-leveldb v0.5.0 h1:s++MEBbD3ZKc9/8/njrn4flZLnCuY9I79v94gBUNumo= +github.com/ipfs/go-ds-leveldb v0.5.0/go.mod h1:d3XG9RUDzQ6V4SHi8+Xgj9j1XuEk1z82lquxrVbml/Q= +github.com/ipfs/go-ipfs-delay v0.0.0-20181109222059-70721b86a9a8/go.mod h1:8SP1YXK1M1kXuc4KJZINY3TQQ03J2rwBG9QfXmbRPrw= +github.com/ipfs/go-ipfs-util v0.0.2 h1:59Sswnk1MFaiq+VcaknX7aYEyGyGDAA73ilhEK2POp8= +github.com/ipfs/go-ipfs-util v0.0.2/go.mod h1:CbPtkWJzjLdEcezDns2XYaehFVNXG9zrdrtMecczcsQ= +github.com/ipfs/go-log v1.0.5 h1:2dOuUCB1Z7uoczMWgAyDck5JLb72zHzrMnGnCNNbvY8= +github.com/ipfs/go-log v1.0.5/go.mod h1:j0b8ZoR+7+R99LD9jZ6+AJsrzkPbSXbZfGakb5JPtIo= +github.com/ipfs/go-log/v2 v2.1.3/go.mod h1:/8d0SH3Su5Ooc31QlL1WysJhvyOTDCjcCZ9Axpmri6g= +github.com/ipfs/go-log/v2 v2.5.1 h1:1XdUzF7048prq4aBjDQQ4SL5RxftpRGdXhNRwKSAlcY= +github.com/ipfs/go-log/v2 v2.5.1/go.mod h1:prSpmC1Gpllc9UYWxDiZDreBYw7zp4Iqp1kOLU9U5UI= +github.com/ipld/go-ipld-prime v0.20.0 h1:Ud3VwE9ClxpO2LkCYP7vWPc0Fo+dYdYzgxUJZ3uRG4g= +github.com/ipld/go-ipld-prime v0.20.0/go.mod h1:PzqZ/ZR981eKbgdr3y2DJYeD/8bgMawdGVlJDE8kK+M= github.com/jackc/pgerrcode v0.0.0-20220416144525-469b46aa5efa h1:s+4MhCQ6YrzisK6hFJUX53drDT4UsSW3DEhKn0ifuHw= github.com/jackc/pgerrcode v0.0.0-20220416144525-469b46aa5efa/go.mod h1:a/s9Lp5W7n/DD0VrVoyJ00FbP2ytTPDVOivvn2bMlds= github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM= github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg= -github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a h1:bbPeKD0xmW/Y25WS6cokEszi5g+S0QxI/d45PkRi7Nk= -github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM= -github.com/jackc/pgx/v5 v5.4.2 h1:u1gmGDwbdRUZiwisBm/Ky2M14uQyUP65bG8+20nnyrg= -github.com/jackc/pgx/v5 v5.4.2/go.mod h1:q6iHT8uDNXWiFNOlRqJzBTaSH3+2xCXkokxHZC5qWFY= -github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= -github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= -github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= -github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= +github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 h1:iCEnooe7UlwOQYpKFhBabPMi4aNAfoODPEFNiAnClxo= +github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM= +github.com/jackc/pgx/v5 v5.7.1 h1:x7SYsPBYDkHDksogeSmZZ5xzThcTgRz++I5E+ePFUcs= +github.com/jackc/pgx/v5 v5.7.1/go.mod h1:e7O26IywZZ+naJtWWos6i6fvWK+29etgITqrqHLfoZA= +github.com/jackc/puddle/v2 v2.2.2 h1:PR8nw+E/1w0GLuRFSmiioY6UooMp6KJv0/61nB7icHo= +github.com/jackc/puddle/v2 v2.2.2/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4= +github.com/jackpal/go-nat-pmp v1.0.2 h1:KzKSgb7qkJvOUTqYl9/Hg/me3pWgBmERKrTGD7BdWus= +github.com/jackpal/go-nat-pmp v1.0.2/go.mod h1:QPH045xvCAeXUZOxsnwmrtiCoxIr9eob+4orBN1SBKc= +github.com/jbenet/go-cienv v0.1.0/go.mod h1:TqNnHUmJgXau0nCzC7kXWeotg3J9W34CUv5Djy1+FlA= +github.com/jbenet/go-temp-err-catcher v0.1.0 h1:zpb3ZH6wIE8Shj2sKS+khgRvf7T7RABoLk/+KKHggpk= +github.com/jbenet/go-temp-err-catcher v0.1.0/go.mod h1:0kJRvmDZXNMIiJirNPEYfhpPwbGVtZVWC34vc5WLsDk= +github.com/jbenet/goprocess v0.1.4 h1:DRGOFReOMqqDNXwW70QkacFW0YN9QnwLV0Vqk+3oU0o= +github.com/jbenet/goprocess v0.1.4/go.mod h1:5yspPrukOVuOLORacaBi858NqyClJPQxYZlqdZVfqY4= +github.com/jellevandenhooff/dkim v0.0.0-20150330215556-f50fe3d243e1/go.mod h1:E0B/fFc00Y+Rasa88328GlI/XbtyysCtTHZS8h7IrBU= github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8= -github.com/jonboulle/clockwork v0.3.0 h1:9BSCMi8C+0qdApAp4auwX0RkLGUjs956h0EkuQymUhg= -github.com/jonboulle/clockwork v0.3.0/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8= +github.com/jonboulle/clockwork v0.4.0 h1:p4Cf1aMWXnXAUh8lVfewRBx1zaTSYKrKMF2g3ST4RZ4= +github.com/jonboulle/clockwork v0.4.0/go.mod h1:xgRqUGwRcjKCO1vbZUEtSLrqKoPSsUpK7fnezOII0kc= +github.com/josephspurrier/goversioninfo v1.4.0/go.mod h1:JWzv5rKQr+MmW+LvM412ToT/IkYDZjaclF2pKDss8IY= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= -github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= +github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo= github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= -github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= +github.com/jung-kurt/gofpdf v1.0.0/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= -github.com/k3s-io/containerd v1.5.18-k3s1 h1:D0vel+NKZ4/FnYDwFqMQ06OA3jca87rUMeWN782ABU8= -github.com/k3s-io/containerd v1.5.18-k3s1/go.mod h1:vCILl/gWFsZXZVuIrDefia9pbKe7cpWbpavHNET9axM= -github.com/k3s-io/cri-dockerd v0.3.2-0.20230123224908-ae42b30520de h1:zCCQrhPiIDz7PdEga+ohmiRFW1yxillxR1YkfMNWUX4= -github.com/k3s-io/cri-dockerd v0.3.2-0.20230123224908-ae42b30520de/go.mod h1:uR1QQwoqIK35kiHYH6rFGo9D+nZWLuAB4mdiH4A5noo= -github.com/k3s-io/cri-tools v1.25.0-k3s1 h1:LbNyVzjDyXqLfpGd+vVJ76kWYMx7u0eVyHLLsuUpitA= -github.com/k3s-io/cri-tools v1.25.0-k3s1/go.mod h1:p7J7zyX0/0Tsi19pbZg0hixacpdAHyNNFDCH/brgCjs= -github.com/k3s-io/etcd/api/v3 v3.5.3-k3s1 h1:XY2oUIIy2+DR7zXk/BVqQ4f2qFHbd2VTAGrnrT4IxhA= -github.com/k3s-io/etcd/api/v3 v3.5.3-k3s1/go.mod h1:5GB2vv4A4AOn3yk7MftYGHkUfGtDHnEraIjym4dYz5A= -github.com/k3s-io/etcd/client/pkg/v3 v3.5.3-k3s1 h1:MrI6IyT4Q8tkoY2kO3z2dpjWABNVtw1tdsXj3ozdMOs= -github.com/k3s-io/etcd/client/pkg/v3 v3.5.3-k3s1/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g= -github.com/k3s-io/etcd/client/v3 v3.5.3-k3s1 h1:jufl5K+1x0cwtb8gRziPbP+EHpy+KCKc0E4ojWcjSQY= -github.com/k3s-io/etcd/client/v3 v3.5.3-k3s1/go.mod h1:S9LzGLV7Kh1Rg85nMVMjloLdUSMu+wvZZXPcUXDQ2Ds= -github.com/k3s-io/etcd/etcdutl/v3 v3.5.3-k3s1 h1:uPCEhACmVoFJnI9Izb2Y+UKRS5JM/F/90XTbTjsUsFQ= -github.com/k3s-io/etcd/etcdutl/v3 v3.5.3-k3s1/go.mod h1:F9bW3+f+cKZIcjWHkdfJ3lnCajF4FnPh7DjcgiBRb7g= -github.com/k3s-io/etcd/server/v3 v3.5.3-k3s1 h1:MVTrb5cp75kSMA9K240VMa5I+GKuYYP9xN/Nj+US27w= -github.com/k3s-io/etcd/server/v3 v3.5.3-k3s1/go.mod h1:xwZlQLuAWsWw5rpb/Gwzi3nFie9STKcrKQbM6evLi5g= -github.com/k3s-io/helm-controller v0.15.4 h1:l4DWmUWpphbtwmuXGtpr5Rql/2NaCLSv4ZD8HlND9uY= -github.com/k3s-io/helm-controller v0.15.4/go.mod h1:BgCPBQblj/Ect4Q7/Umf86WvyDjdG/34D+n8wfXtoeM= -github.com/k3s-io/kine v0.11.0 h1:7tS0H9yBDxXiy1BgEEkBWLswwG/q4sARPTHdxOMz1qw= -github.com/k3s-io/kine v0.11.0/go.mod h1:tjSsWrCetgaGMTfnJW6vzqdT/qOPhF/+nUEaE+eixBA= +github.com/k3s-io/containerd v1.7.22-k3s1 h1:+StsyV/pl4NL5gDA5dzcPi4anuhCI4ONuzCwjBwjrUE= +github.com/k3s-io/containerd v1.7.22-k3s1/go.mod h1:T9perze1nIMl5JzddImIgsCEDaM0i8nAfnm+U48DmJw= +github.com/k3s-io/cri-dockerd v0.3.15-k3s1.31-3 h1:TH3zSbIM9zSZMeWKcWjQqeja3FsmJYwLUHglD7nuUEc= +github.com/k3s-io/cri-dockerd v0.3.15-k3s1.31-3/go.mod h1:ny6wyM7fqfew5FABQ+MtKaU07rhsHhlXr/jtFsA2m8Y= +github.com/k3s-io/cri-tools v1.31.0-k3s2 h1:nekOdJe5Hecm+C5eswg688uXTI0enUZOJYadmyU9pYw= +github.com/k3s-io/cri-tools v1.31.0-k3s2/go.mod h1:PvPf/fN5FiNdK1v43jCydRNRw6631qGTSEOhv/OsjYU= +github.com/k3s-io/etcd/api/v3 v3.5.13-k3s1 h1:aq6fxlEKdwCooLE3HOR6227U51DEvOw3DEbriJxD2QM= +github.com/k3s-io/etcd/api/v3 v3.5.13-k3s1/go.mod h1:gBqlqkcMMZMVTMm4NDZloEVJzxQOQIls8splbqBDa0c= +github.com/k3s-io/etcd/client/pkg/v3 v3.5.13-k3s1 h1:t2I25UtBvohVAhlyXpYjd/Lznm+ybxNhvs3cnEGsF4Y= +github.com/k3s-io/etcd/client/pkg/v3 v3.5.13-k3s1/go.mod h1:XxHT4u1qU12E2+po+UVPrEeL94Um6zL58ppuJWXSAB8= +github.com/k3s-io/etcd/client/v2 v2.305.13-k3s1 h1:lvIdlAI6xRIHSUJC43sJx9lmxehq2quGb+8z5TJldGg= +github.com/k3s-io/etcd/client/v2 v2.305.13-k3s1/go.mod h1:iQnL7fepbiomdXMb3om1rHq96htNNGv2sJkEcZGDRRg= +github.com/k3s-io/etcd/client/v3 v3.5.13-k3s1 h1:/D6KAEGVzwivnjxZ5CzVIykVloLoKB/TBeKw2tKKVQ0= +github.com/k3s-io/etcd/client/v3 v3.5.13-k3s1/go.mod h1:cqiAeY8b5DEEcpxvgWKsbLIWNM/8Wy2xJSDMtioMcoI= +github.com/k3s-io/etcd/etcdutl/v3 v3.5.13-k3s1 h1:fIt+PVHCeINM5fl9OfMI+o9BJKf951pRiVcCytFW97c= +github.com/k3s-io/etcd/etcdutl/v3 v3.5.13-k3s1/go.mod h1:2vhvTIQobP+Cb04qzlcbKGvX6J5oq/N1kquk1yCDIQY= +github.com/k3s-io/etcd/pkg/v3 v3.5.13-k3s1 h1:uLU/SnBuhtSkdBk830x0pseHSsQQvh99C3deG6nc9d0= +github.com/k3s-io/etcd/pkg/v3 v3.5.13-k3s1/go.mod h1:N+4PLrp7agI/Viy+dUYpX7iRtSPvKq+w8Y14d1vX+m0= +github.com/k3s-io/etcd/raft/v3 v3.5.13-k3s1 h1:yexUwAPPdmYfIMWOj6sSyJ2nEe8QOrFzNuvYGRAsm5E= +github.com/k3s-io/etcd/raft/v3 v3.5.13-k3s1/go.mod h1:uUFibGLn2Ksm2URMxN1fICGhk8Wu96EfDQyuLhAcAmw= +github.com/k3s-io/etcd/server/v3 v3.5.13-k3s1 h1:Pqcxkg7V60c26ZpHoekP9QoUdLuduxFn827A/5CIwm4= +github.com/k3s-io/etcd/server/v3 v3.5.13-k3s1/go.mod h1:K/8nbsGupHqmr5MkgaZpLlH1QdX1pcNQLAkODy44XcQ= +github.com/k3s-io/helm-controller v0.16.5 h1:SsUHfksQXNwePkswv4a970EGD2h0Exsf6t3IdXhpXRo= +github.com/k3s-io/helm-controller v0.16.5/go.mod h1:AcSxEhOIUgeVvBTnJOAwcezBZXtYew/RhKwO5xp3RlM= +github.com/k3s-io/kine v0.13.2 h1:l++g2KY/3UaPJiGpgYuGoqaaYKeMpVj9fP/yfnSxHxo= +github.com/k3s-io/kine v0.13.2/go.mod h1:Zi9F142tmeXVqhPjL6KHVnwOBs8wc/V5r3avKSpIHn0= github.com/k3s-io/klog v1.0.0-k3s2 h1:yyvD2bQbxG7m85/pvNctLX2bUDmva5kOBvuZ77tTGBA= github.com/k3s-io/klog v1.0.0-k3s2/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= -github.com/k3s-io/klog/v2 v2.60.1-k3s1 h1:C1hsMF1Eo6heGVQzts6cZ+rDZAReSiOBUxsYMuUkkZI= -github.com/k3s-io/klog/v2 v2.60.1-k3s1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -github.com/k3s-io/kubernetes v1.25.16-k3s1 h1:PFCNVUmSSH1qyUdGeBCMd8LkS7fgVIc0iCcM/8hjt5o= -github.com/k3s-io/kubernetes v1.25.16-k3s1/go.mod h1:ZrRRMmY0nDNxlnPnJopZRhF2i0tzfB3+DnitJcDe8Vw= -github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.25.16-k3s1 h1:9aafKwK0KOzOvBabLvHlzS39AfVIMQZXHSIzpGLtg14= -github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.25.16-k3s1/go.mod h1:/N8bcrUz/rMP42kr63tx/hw8vm8Y7p56XFzZgWfhvMo= -github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.25.16-k3s1 h1:mtA75stK9PBwwXpDYPiwog7/3h2AgbhNUGbRFEJGFEM= -github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.25.16-k3s1/go.mod h1:d/I3BjIbV80Dkus7MugFoUk2WlRSzsfaBGSC+ntsWZg= -github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.25.16-k3s1 h1:cdDj1YvlcOXsuEa7+O58KxOUT6RAW5il+iLJHF1pTKg= -github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.25.16-k3s1/go.mod h1:I5/T97TnTcndA0hLRTsTqeRRQG4RGDk8uZcbs7lMwhE= -github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.25.16-k3s1 h1:IoGv7iGxAqeEAdmLSjPqOvhnMrhdbnzgmxUxczQebRs= -github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.25.16-k3s1/go.mod h1:+ehVFHjV8ewBesDyBWMn21gGuGaP7jms2jvf+aN+B34= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.25.16-k3s1 h1:hmjTkWREnkmhrczbT9KTkorDvufWdYuAAHYklLaDnCA= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.25.16-k3s1/go.mod h1:53ICk6yby1KL6nFqjqxKEBxuGz22fTM8kN50saMpUJs= -github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.25.16-k3s1 h1:VSXpJrPdOZmNKl4fLid69o/sSeet+wQdEZvgB+MOFrM= -github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.25.16-k3s1/go.mod h1:iCBSdKXcLFqYDOLMgaZWK0cB3kVp7TCR+eSs56BDUnY= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.25.16-k3s1 h1:TkhcdxWmseTVLEZ4NvDLBAVgerjdHzj1GnvSPxv6GIA= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.25.16-k3s1/go.mod h1:WKmYlger6OXeolhTZBWytmvy+85J7fdwqFPv2Rfvof8= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.25.16-k3s1 h1:p0x2Hh8CAblmMLGTirLAGfTNkQCGTiZDI/Sykvu+wK4= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.25.16-k3s1/go.mod h1:zrULy04n3XUbx60Nt0SezEPCUCac5azDUAyEBfxZEAQ= -github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.25.16-k3s1 h1:fGV5gLJwSUCD6+Y/pnbSjniho6bLMKSNeViqEYqX8Hs= -github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.25.16-k3s1/go.mod h1:HYaqm/S966PX6yJtewIFP0Bd7QQO8UnDGgVu2gT1glM= -github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.25.16-k3s1 h1:o8RWF/WKEByECD023IGeeS/yT0ifeThQjYJVEhQZvB8= -github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.25.16-k3s1/go.mod h1:MBxBJEjOchffxgihy+O3qQD3OT9P7mnatA85x5dxO/Q= -github.com/k3s-io/kubernetes/staging/src/k8s.io/component-helpers v1.25.16-k3s1 h1:MhiL58ayWui5dLxz2laRm00MEEUEOxfMKgGKtFcIWKc= -github.com/k3s-io/kubernetes/staging/src/k8s.io/component-helpers v1.25.16-k3s1/go.mod h1:fo9V6qV3s0BXcgdJV3wmisFS3H3DnsSfpjWrfGvPUaE= -github.com/k3s-io/kubernetes/staging/src/k8s.io/controller-manager v1.25.16-k3s1 h1:i7X/tZQQzr7Jv5G8m5GbTQm7QmstPQzXbW5FzHVJNOI= -github.com/k3s-io/kubernetes/staging/src/k8s.io/controller-manager v1.25.16-k3s1/go.mod h1:PeQzOnq8NDoaP/UG7OTmVW5xJabzhUCeAipkAsH0rfI= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.25.16-k3s1 h1:otmcf5mYOGXMoBTIyL9QcPToYSDtp7WYvbRHCp2k3MM= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.25.16-k3s1/go.mod h1:fjRHAkEDvhp4CYP+uH2fwDaVphp7CvNqBwMK4W6u3CI= -github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.25.16-k3s1 h1:eqzYjx6OoJuu3nbZC0JDo/dTtUDIMZdyWFquudRPG9s= -github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.25.16-k3s1/go.mod h1:IEPPKueX822CfmQMaPJIdZkIN3sVmJMseMV5qee067I= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.25.16-k3s1 h1:bV5OwxCITt/5kpVx7dfyn7Vq+/9MSCScgxZCKR5PiOY= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.25.16-k3s1/go.mod h1:M+yHpazu/Q7h/sDtYnTd0tPlx/oIooBYcUWLOlSjylE= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.25.16-k3s1 h1:Vcj7swoM36pf45NGBkEIUxdLcGaiMVTZTqAYCzrtVD4= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.25.16-k3s1/go.mod h1:fw3oJiD0qKJSk5X3CYET9Y0ca5/2kaNhzcyWAC/x1YE= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.25.16-k3s1/go.mod h1:2c4F3OIIqIDXcNR/DiI2Wz56nlLh7lKd9ofA0m4BZ9c= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.25.16-k3s1 h1:uxr/r3pHs0spLIMT5MKyKhuVMJioCiLI4TPGk8qxhbQ= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.25.16-k3s1/go.mod h1:Hlpchmj7z0fZqDm4H391IfBtQ0gqJTp2aaDlV6CIf8s= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.25.16-k3s1 h1:ag149duTKGYxdPUe/NbdSzE6qDfkBLGTGSI6UEWzOpA= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.25.16-k3s1/go.mod h1:i6Ffq/3boXLMwfDKYNBKRvom1HRthHjSskxV61bFuPE= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.25.16-k3s1 h1:EXvl/CSg3s6kKyBwJQOY6qLKuuAAoODoVeWFhAIWfCM= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.25.16-k3s1/go.mod h1:49Qgz77HFyZkojPrPgKF3QcCpDEk88NeCRwi/0i+QhQ= -github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.25.16-k3s1 h1:eM1M/I0/L8zXidLag6s2oHuSk8duaATXQ0mvJc5MMe0= -github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.25.16-k3s1/go.mod h1:fB49PcIyv3A8Bg+xOQqTf7FOxCUA8C6BGGcQIwAoiu4= -github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.25.16-k3s1 h1:DSfgxUnWyEZFWrbvY1vMX9JxI8PB5CHLdXCP2O8BM7A= -github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.25.16-k3s1/go.mod h1:tELkwF9xCmwJ3l3siCo2niUaSIyjTpZ+64S+Z8fTcUw= -github.com/k3s-io/kubernetes/staging/src/k8s.io/mount-utils v1.25.16-k3s1 h1:GTfnOebp9SqM3tgjgIulPYKUtx+3JwzXW+3BlDnAAPQ= -github.com/k3s-io/kubernetes/staging/src/k8s.io/mount-utils v1.25.16-k3s1/go.mod h1:Mjv5B8KCT278Nm2okrd1rijnIpNP9Oys7TIkqGF1qHY= -github.com/k3s-io/kubernetes/staging/src/k8s.io/pod-security-admission v1.25.16-k3s1 h1:56yP2tf+ckLaou4sHZcDrrAcNCRJk271vftvl6Lanto= -github.com/k3s-io/kubernetes/staging/src/k8s.io/pod-security-admission v1.25.16-k3s1/go.mod h1:Sa550rNU+kF1UB09tYc4SyKC73NCcD0vEYR+JCt6IO0= -github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-apiserver v1.25.16-k3s1/go.mod h1:wgON9dzQlkboLpD5iQw/jJhYh4tyI9RLBo/XHZlGlKk= -github.com/k3s-io/stargz-snapshotter v0.14.3-k3s1 h1:29UZBqL+9Kcwl7ES7oUdN9UtS0oVZY6AL+IujwGNwPk= -github.com/k3s-io/stargz-snapshotter v0.14.3-k3s1/go.mod h1:j2Ya4JeA5gMZJr8BchSkPjlcCEh++auAxp4nidPI6N0= -github.com/karrick/godirwalk v1.16.1 h1:DynhcF+bztK8gooS0+NDJFrdNZjJ3gzVzC545UNA9iw= -github.com/karrick/godirwalk v1.16.1/go.mod h1:j4mkqPuvaLI8mp1DroR3P6ad7cyYd4c1qeJ3RV7ULlk= +github.com/k3s-io/klog/v2 v2.120.1-k3s1 h1:7twAHPFpZA21KdMnMNnj68STQMPldAxF2Zsaol57dxw= +github.com/k3s-io/klog/v2 v2.120.1-k3s1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +github.com/k3s-io/kubernetes v1.31.1-k3s3 h1:ZI9L5470m0OnYR/S45ItBK1eOMMnJV7TirWoyRXhLMk= +github.com/k3s-io/kubernetes v1.31.1-k3s3/go.mod h1:/YGPL//Fb9mdv5vukvAQ7Xon+Bqwry52bmjTdORAw+Q= +github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.31.1-k3s3 h1:TQSxiv2OhgRczJFUFm0PXLlD4dyI2f+czmLfLnU3CAM= +github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.31.1-k3s3/go.mod h1:KaRi43US9TCyITVXRX8uu9F8GDZSFJYuOtgC4rjoR7g= +github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.31.1-k3s3 h1:EPlRDPSlWt/gBUzL5RPRRIuFCAKio9UuxwPNg5jqI44= +github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.31.1-k3s3/go.mod h1:kzodfhDvQWeYegyO3XMoHI9B1fB8S9F20GkJrMGyizk= +github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.31.1-k3s3 h1:l38/LexHRajuguKIFEeRP03tYLfCEYnuuoYZC7UeZTM= +github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.31.1-k3s3/go.mod h1:5F0wbie5xX1jDEg5sk5dr+KF8rwFkYtZFHDhSF/UsG4= +github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.31.1-k3s3 h1:17/ehFImJ6srv0rXPGJVVu/F4Han6UOftNaB8wsIT00= +github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.31.1-k3s3/go.mod h1:HJ1b6VgXrf+cWYPUzAO6sIKfdcHFZsASDzAp2Z99hQk= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.31.1-k3s3 h1:Q0rQqUEZaOkThQX3M8nQyviak1+qnFVbKMZPLbowzFE= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.31.1-k3s3/go.mod h1:ajLlT5ogqDck94zgV1JL+dRaHBXR27MFxRqHg5ojeQA= +github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.31.1-k3s3 h1:UXXbB4xE2hxIlrYt6ciU3IlSpEMv0izV8qpVwMTOMLs= +github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.31.1-k3s3/go.mod h1:acnXvvIK5YiMMAflXv5ug7ClSCjxYChU5y63sTDuv3I= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.31.1-k3s3 h1:lKmfpFyerEMPMvTu1YfP7y0AM5mczND1qi0ej7ZA1KE= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.31.1-k3s3/go.mod h1:aq39X+7JBHuYgLje0hmtOFnNwDFGxC3kMnxy6TK0IfE= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.31.1-k3s3 h1:zXgIDWlpxJrywlkDa/BrKkVhRdpEgATZQw4WGkDoceE= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.31.1-k3s3/go.mod h1:sC54xeBDUh723Sh3/rBJpYmjuu2TFYRg8jbiGa+2gR4= +github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.31.1-k3s3 h1:3WmrW88CB5S9ZzW3hPWf6T4COBuYMfLz4/RLG/kRdBc= +github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.31.1-k3s3/go.mod h1:kpHioo65EeiEH6lBGgJq/xueL4Kr7PUMp7J4J5TTg4c= +github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.31.1-k3s3 h1:WofC9Kx9nz6QS+4R0RFmJXDfh4z6/IhJva6pC/kdeyQ= +github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.31.1-k3s3/go.mod h1:PFOdhUAVD6O6z1yuKxWS3EKXSKdZhKjOlCrcuJRxOBA= +github.com/k3s-io/kubernetes/staging/src/k8s.io/component-helpers v1.31.1-k3s3 h1:rNeCLEKT0woFNvdmFPaP04f/9HIyrZCu99t7rcrgv3s= +github.com/k3s-io/kubernetes/staging/src/k8s.io/component-helpers v1.31.1-k3s3/go.mod h1:DbKVutwtVincRfT23dk3SQ8uIyMSkFhsaNxqifftcDk= +github.com/k3s-io/kubernetes/staging/src/k8s.io/controller-manager v1.31.1-k3s3 h1:phjGDUMtOcBrGWW0WN8zC/B9EHfafr+FZCzpx8RFHEQ= +github.com/k3s-io/kubernetes/staging/src/k8s.io/controller-manager v1.31.1-k3s3/go.mod h1:zXRPI4iMORj8r8MtMpObg4dfVgb8ENDSnWcw5r5obp0= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.31.1-k3s3 h1:264xhEjjdMHU4cvtI5AKXsTd7yQPnaz8hv3uABNaEQU= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.31.1-k3s3/go.mod h1:e2pTb6psrP2AtdW24SxJaesf2402rQ0YjNa7qYssoi0= +github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.31.1-k3s3 h1:OQbIWCKJg44WLzri0MJJM5IbjDF/6xxAsSW+SCvlSMA= +github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.31.1-k3s3/go.mod h1:Ygc1DPcdWYjsDbAxP+rIzSbU2D83HFsJ3Cp0bs3brio= +github.com/k3s-io/kubernetes/staging/src/k8s.io/dynamic-resource-allocation v1.31.1-k3s3 h1:3hv/TBFmZilg1lUT7Ixaj+XnuLJ4l+EEmpkAJwu6LcI= +github.com/k3s-io/kubernetes/staging/src/k8s.io/dynamic-resource-allocation v1.31.1-k3s3/go.mod h1:iyXR8oPR54q4bj4LWeUHHrULA/Nm0LjfiR3JHe08sak= +github.com/k3s-io/kubernetes/staging/src/k8s.io/endpointslice v1.31.1-k3s3 h1:3MiBA36oCFgFShfbZcvWpQqJevOntYeWKGH2aULHydo= +github.com/k3s-io/kubernetes/staging/src/k8s.io/endpointslice v1.31.1-k3s3/go.mod h1:VKJKC/px/hHUfsxDZmE+kezqfte7vi3ctPekcirZzMM= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kms v1.31.1-k3s3 h1:I8y5CZoIeXg2BsH1k2OIqS+VU+jSpyx29OnYWPaQe3Y= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kms v1.31.1-k3s3/go.mod h1:gClzb5q8LLAagWlaL9S/rt8IcU3iY6gRARKN09DY4o8= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.31.1-k3s3 h1:/xR9OR86+iB4CK0YcFKqJ7mNFAhw4+a5Iz91lZNX2kY= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.31.1-k3s3/go.mod h1:xc/cVRFh9PdcOsDAnHdB0fuQWih/w8hxbF8Ca4FXHSU= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.31.1-k3s3 h1:8PhQeiS0IelPHPwmJoMQWBsCOK5wtcoZTJPui7Wojz0= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.31.1-k3s3/go.mod h1:l7Pv6S9sCmzj5ZLTQIf/twX4WrJ6D7WOPbDUfkllT0c= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.31.1-k3s3 h1:GUzPqwirzsvb5IGtMg/0e2eqw0M8tqoqsWvRSxtY0ik= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.31.1-k3s3/go.mod h1:z259VFq5HmPqCcBj78z2uPawedjLkjRagQ98aPQKG8c= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.31.1-k3s3 h1:PuRt73t3aNs0qnvmA9K4X9YVCx4ZS4UkeUQyu2CMwYk= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.31.1-k3s3/go.mod h1:upu9UjdY08ZgnQwjd8rlxSN5in0Yl2JrtHilExOCsfI= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.31.1-k3s3 h1:myVvgreZwN4LhIpi5uxXKQQ+P7QGtcng3k4/wQg2V5k= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.31.1-k3s3/go.mod h1:PeBIZnl5Zg5qaT6JFfsDBaw0IlAL4F3mEVy9VovTW6k= +github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.31.1-k3s3 h1:FoCs0NCkHBKUgr2mIVsX0MB6EGIIGZbCpmKEFNFfqgw= +github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.31.1-k3s3/go.mod h1:CXuAS4zkSBWhGd++sFZlq3a7qfcMbGGwJvRn4W0/378= +github.com/k3s-io/kubernetes/staging/src/k8s.io/mount-utils v1.31.1-k3s3 h1:9EZH/VYYTSQ06/qMHExPJn9oFdcqzZ+mma7Yx2mY+1I= +github.com/k3s-io/kubernetes/staging/src/k8s.io/mount-utils v1.31.1-k3s3/go.mod h1:p5r0u2M9KzooTgHDz4zRsUt02y4Yx7/5uPwgr0nSGqg= +github.com/k3s-io/kubernetes/staging/src/k8s.io/pod-security-admission v1.31.1-k3s3 h1:XJbSUNXUSGUgSfokPZJRaWCAk3+YLQdK4oX4boUXRvA= +github.com/k3s-io/kubernetes/staging/src/k8s.io/pod-security-admission v1.31.1-k3s3/go.mod h1:nOJes2FVv6qZXUU3CGubLnloPJVV4rZ+jm0bLRCKKOM= +github.com/k3s-io/runc v1.1.14-k3s1 h1:PcwbBuIfjI9A0T1fq7XIdIxqYHWarDlRln7QsppQQmQ= +github.com/k3s-io/runc v1.1.14-k3s1/go.mod h1:E4C2z+7BxR7GHXp0hAY53mek+x49X1LjPNeMTfRGvOA= +github.com/k3s-io/spegel v0.0.23-0.20240516234953-f3d2c4072314 h1:TrZb/yM0OtBuifPXlKaOfcxpJqzakA8+KsoO4c69ZLM= +github.com/k3s-io/spegel v0.0.23-0.20240516234953-f3d2c4072314/go.mod h1:bMHfSjj1+Zf5VITCZe/wLjuni6rYAj/DjPU/kIVnhfA= +github.com/karrick/godirwalk v1.17.0 h1:b4kY7nqDdioR/6qnbHQyDvmA17u5G1cZ6J+CZXwSWoI= +github.com/karrick/godirwalk v1.17.0/go.mod h1:j4mkqPuvaLI8mp1DroR3P6ad7cyYd4c1qeJ3RV7ULlk= +github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8= github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= +github.com/klauspost/asmfmt v1.3.2/go.mod h1:AG8TuvYojzulgDAMCnYn50l/5QV3Bs/tp6j0HLHbNSE= +github.com/klauspost/compress v1.12.3/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= github.com/klauspost/compress v1.14.4/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= -github.com/klauspost/compress v1.15.12/go.mod h1:QPwzmACJjUTFsnSHH934V6woptycfrDDJnH7hvFVbGM= +github.com/klauspost/compress v1.15.9/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU= github.com/klauspost/compress v1.16.0/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= -github.com/klauspost/compress v1.17.2 h1:RlWWUY/Dr4fL8qk9YG7DTZ7PDgME2V4csBXA8L/ixi4= github.com/klauspost/compress v1.17.2/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= +github.com/klauspost/compress v1.17.10 h1:oXAz+Vh0PMUvJczoi+flxpnBEPxoER1IaAnU/NMPtT0= +github.com/klauspost/compress v1.17.10/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0= github.com/klauspost/cpuid/v2 v2.0.1/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= github.com/klauspost/cpuid/v2 v2.0.4/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= -github.com/klauspost/cpuid/v2 v2.1.0 h1:eyi1Ad2aNJMW95zcSbmGg7Cg6cq3ADwLpMAP96d8rF0= -github.com/klauspost/cpuid/v2 v2.1.0/go.mod h1:RVVoqg1df56z8g3pUjL/3lE5UfnlrJX8tyFgg4nqhuY= +github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= +github.com/klauspost/cpuid/v2 v2.2.7 h1:ZWSB3igEs+d0qvnxR/ZBzXVmxkgt8DdzP6m9pfuVLDM= +github.com/klauspost/cpuid/v2 v2.2.7/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/koron/go-ssdp v0.0.4 h1:1IDwrghSKYM7yLf7XCzbByg2sJ/JcNOZRXS2jczTwz0= +github.com/koron/go-ssdp v0.0.4/go.mod h1:oDXq+E5IL5q0U8uSBcoAXzTzInwy5lEgC91HoKtbmZk= github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/pty v1.1.3/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= -github.com/lib/pq v1.10.2 h1:AqzbZs4ZoCBp+GtejcpCpcxM3zlSMx29dXbUSeVtJb8= -github.com/lib/pq v1.10.2/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= +github.com/ledongthuc/pdf v0.0.0-20220302134840-0c2507a12d80/go.mod h1:imJHygn/1yfhB7XSJJKlFZKl/J+dCPAknuiaGOshXAs= +github.com/lestrrat-go/backoff/v2 v2.0.8/go.mod h1:rHP/q/r9aT27n24JQLa7JhSQZCKBBOiM/uP402WwN8Y= +github.com/lestrrat-go/blackmagic v1.0.0/go.mod h1:TNgH//0vYSs8VXDCfkZLgIrVTTXQELZffUV0tz3MtdQ= +github.com/lestrrat-go/httpcc v1.0.1/go.mod h1:qiltp3Mt56+55GPVCbTdM9MlqhvzyuL6W/NMDA8vA5E= +github.com/lestrrat-go/iter v1.0.1/go.mod h1:zIdgO1mRKhn8l9vrZJZz9TUMMFbQbLeTsbqPDrJ/OJc= +github.com/lestrrat-go/jwx v1.2.25/go.mod h1:zoNuZymNl5lgdcu6P7K6ie2QRll5HVfF4xwxBBK1NxY= +github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I= +github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw= +github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/libopenstorage/openstorage v1.0.0 h1:GLPam7/0mpdP8ZZtKjbfcXJBTIA/T1O6CBErVEFEyIM= github.com/libopenstorage/openstorage v1.0.0/go.mod h1:Sp1sIObHjat1BeXhfMqLZ14wnOzEhNx2YQedreMcUyc= +github.com/libp2p/go-buffer-pool v0.1.0 h1:oK4mSFcQz7cTQIfqbe4MIj9gLW+mnanjyFtc6cdF0Y8= +github.com/libp2p/go-buffer-pool v0.1.0/go.mod h1:N+vh8gMqimBzdKkSMVuydVDq+UV5QTWy5HSiZacSbPg= +github.com/libp2p/go-cidranger v1.1.0 h1:ewPN8EZ0dd1LSnrtuwd4709PXVcITVeuwbag38yPW7c= +github.com/libp2p/go-cidranger v1.1.0/go.mod h1:KWZTfSr+r9qEo9OkI9/SIEeAtw+NNoU0dXIXt15Okic= +github.com/libp2p/go-flow-metrics v0.1.0 h1:0iPhMI8PskQwzh57jB9WxIuIOQ0r+15PChFGkx3Q3WM= +github.com/libp2p/go-flow-metrics v0.1.0/go.mod h1:4Xi8MX8wj5aWNDAZttg6UPmc0ZrnFNsMtpsYUClFtro= +github.com/libp2p/go-libp2p v0.33.2 h1:vCdwnFxoGOXMKmaGHlDSnL4bM3fQeW8pgIa9DECnb40= +github.com/libp2p/go-libp2p v0.33.2/go.mod h1:zTeppLuCvUIkT118pFVzA8xzP/p2dJYOMApCkFh0Yww= +github.com/libp2p/go-libp2p-asn-util v0.4.1 h1:xqL7++IKD9TBFMgnLPZR6/6iYhawHKHl950SO9L6n94= +github.com/libp2p/go-libp2p-asn-util v0.4.1/go.mod h1:d/NI6XZ9qxw67b4e+NgpQexCIiFYJjErASrYW4PFDN8= +github.com/libp2p/go-libp2p-kad-dht v0.25.2 h1:FOIk9gHoe4YRWXTu8SY9Z1d0RILol0TrtApsMDPjAVQ= +github.com/libp2p/go-libp2p-kad-dht v0.25.2/go.mod h1:6za56ncRHYXX4Nc2vn8z7CZK0P4QiMcrn77acKLM2Oo= +github.com/libp2p/go-libp2p-kbucket v0.6.3 h1:p507271wWzpy2f1XxPzCQG9NiN6R6lHL9GiSErbQQo0= +github.com/libp2p/go-libp2p-kbucket v0.6.3/go.mod h1:RCseT7AH6eJWxxk2ol03xtP9pEHetYSPXOaJnOiD8i0= +github.com/libp2p/go-libp2p-record v0.2.0 h1:oiNUOCWno2BFuxt3my4i1frNrt7PerzB3queqa1NkQ0= +github.com/libp2p/go-libp2p-record v0.2.0/go.mod h1:I+3zMkvvg5m2OcSdoL0KPljyJyvNDFGKX7QdlpYUcwk= +github.com/libp2p/go-libp2p-routing-helpers v0.7.2 h1:xJMFyhQ3Iuqnk9Q2dYE1eUTzsah7NLw3Qs2zjUV78T0= +github.com/libp2p/go-libp2p-routing-helpers v0.7.2/go.mod h1:cN4mJAD/7zfPKXBcs9ze31JGYAZgzdABEm+q/hkswb8= +github.com/libp2p/go-libp2p-testing v0.12.0 h1:EPvBb4kKMWO29qP4mZGyhVzUyR25dvfUIK5WDu6iPUA= +github.com/libp2p/go-libp2p-testing v0.12.0/go.mod h1:KcGDRXyN7sQCllucn1cOOS+Dmm7ujhfEyXQL5lvkcPg= +github.com/libp2p/go-msgio v0.3.0 h1:mf3Z8B1xcFN314sWX+2vOTShIE0Mmn2TXn3YCUQGNj0= +github.com/libp2p/go-msgio v0.3.0/go.mod h1:nyRM819GmVaF9LX3l03RMh10QdOroF++NBbxAb0mmDM= +github.com/libp2p/go-nat v0.2.0 h1:Tyz+bUFAYqGyJ/ppPPymMGbIgNRH+WqC5QrT5fKrrGk= +github.com/libp2p/go-nat v0.2.0/go.mod h1:3MJr+GRpRkyT65EpVPBstXLvOlAPzUVlG6Pwg9ohLJk= +github.com/libp2p/go-netroute v0.2.1 h1:V8kVrpD8GK0Riv15/7VN6RbUQ3URNZVosw7H2v9tksU= +github.com/libp2p/go-netroute v0.2.1/go.mod h1:hraioZr0fhBjG0ZRXJJ6Zj2IVEVNx6tDTFQfSmcq7mQ= +github.com/libp2p/go-reuseport v0.4.0 h1:nR5KU7hD0WxXCJbmw7r2rhRYruNRl2koHw8fQscQm2s= +github.com/libp2p/go-reuseport v0.4.0/go.mod h1:ZtI03j/wO5hZVDFo2jKywN6bYKWLOy8Se6DrI2E1cLU= +github.com/libp2p/go-yamux/v4 v4.0.1 h1:FfDR4S1wj6Bw2Pqbc8Uz7pCxeRBPbwsBbEdfwiCypkQ= +github.com/libp2p/go-yamux/v4 v4.0.1/go.mod h1:NWjl8ZTLOGlozrXSOZ/HlfG++39iKNnM5wwmtQP1YB4= github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de h1:9TO3cAIGXtEhnIaL+V+BEER86oLrvS+kWobKpbJuye0= github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE= +github.com/linuxkit/virtsock v0.0.0-20201010232012-f8cee7dfc7a3/go.mod h1:3r6x7q95whyfWQpmGZTu3gk3v2YkMi05HEzl7Tf7YEo= github.com/lithammer/dedent v1.1.0 h1:VNzHMVCBNG1j0fh3OrsFRkVUwStdDArbgBWoPAffktY= github.com/lithammer/dedent v1.1.0/go.mod h1:jrXYCQtgg0nJiN+StA2KgR7w6CiQNv9Fd/Z9BP0jIOc= -github.com/lpabon/godbc v0.1.1/go.mod h1:Jo9QV0cf3U6jZABgiJ2skINAXb9j8m51r07g4KI92ZA= +github.com/lunixbochs/vtclean v1.0.0/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI= +github.com/lyft/protoc-gen-star v0.6.0/go.mod h1:TGAoBVkt8w7MPG72TrKIu85MIdXwDuzJYeZuUPFPNwA= +github.com/lyft/protoc-gen-star v0.6.1/go.mod h1:TGAoBVkt8w7MPG72TrKIu85MIdXwDuzJYeZuUPFPNwA= github.com/lyft/protoc-gen-star/v2 v2.0.3/go.mod h1:amey7yeodaJhXSbf/TlLvWiqQfLOSpEk//mLlc+axEk= +github.com/magefile/mage v1.14.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= -github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= -github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= +github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= +github.com/marten-seemann/tcp v0.0.0-20210406111302-dfbc87cc63fd h1:br0buuQ854V8u83wA0rVZ8ttrq5CpaPZdvrK0LP2lOk= +github.com/marten-seemann/tcp v0.0.0-20210406111302-dfbc87cc63fd/go.mod h1:QuCEs1Nt24+FYQEqAAncTDPJIuGs+LxK1MCiFL25pMU= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= +github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= +github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= -github.com/mattn/go-runewidth v0.0.7/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= +github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= +github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= +github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-runewidth v0.0.3/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/mattn/go-shellwords v1.0.12/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= -github.com/mattn/go-sqlite3 v1.14.17 h1:mCRHCLDUBXgpKAqIKsaAaAsrAlbkeomtRFKXh2L6YIM= -github.com/mattn/go-sqlite3 v1.14.17/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg= +github.com/mattn/go-sqlite3 v1.14.14/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= +github.com/mattn/go-sqlite3 v1.14.23 h1:gbShiuAP1W5j9UOksQ06aiiqPMxYecovVGwmTxWtuw0= +github.com/mattn/go-sqlite3 v1.14.23/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= -github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= +github.com/microcosm-cc/bluemonday v1.0.1/go.mod h1:hsXNsILzKxV+sX77C5b8FSuKF00vh2OMYv+xgHpAMF4= github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= +github.com/miekg/dns v1.1.25/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso= +github.com/miekg/dns v1.1.41/go.mod h1:p6aan82bvRIyn+zDIv9xYNUpwa73JcSh9BKwknJysuI= +github.com/miekg/dns v1.1.43/go.mod h1:+evo5L0630/F6ca/Z9+GAqzhjGyn8/c+TBaOyfEl0V4= +github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4= +github.com/miekg/dns v1.1.58/go.mod h1:Ypv+3b/KadlvW9vJfXOTf300O4UqaHFzFCuHz+rPkBY= github.com/miekg/pkcs11 v1.1.1 h1:Ugu9pdy6vAYku5DEpVWVFPYnzV+bxB+iRdbuFSu7TvU= github.com/miekg/pkcs11 v1.1.1/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= -github.com/mindprince/gonvml v0.0.0-20190828220739-9ebdce4bb989 h1:PS1dLCGtD8bb9RPKJrc8bS7qHL6JnW1CZvwzH9dPoUs= -github.com/mindprince/gonvml v0.0.0-20190828220739-9ebdce4bb989/go.mod h1:2eu9pRWp8mo84xCg6KswZ+USQHjwgRhNp06sozOdsTY= +github.com/mikioh/tcp v0.0.0-20190314235350-803a9b46060c h1:bzE/A84HN25pxAuk9Eej1Kz9OUelF97nAc82bDquQI8= +github.com/mikioh/tcp v0.0.0-20190314235350-803a9b46060c/go.mod h1:0SQS9kMwD2VsyFEB++InYyBJroV/FRmBgcydeSUcJms= +github.com/mikioh/tcpinfo v0.0.0-20190314235526-30a79bb1804b h1:z78hV3sbSMAUoyUMM0I83AUIT6Hu17AWfgjzIbtrYFc= +github.com/mikioh/tcpinfo v0.0.0-20190314235526-30a79bb1804b/go.mod h1:lxPUiZwKoFL8DUUmalo2yJJUCxbPKtm8OKfqr2/FTNU= +github.com/mikioh/tcpopt v0.0.0-20190314235656-172688c1accc h1:PTfri+PuQmWDqERdnNMiD9ZejrlswWrCpBEZgWOiTrc= +github.com/mikioh/tcpopt v0.0.0-20190314235656-172688c1accc/go.mod h1:cGKTAVKx4SxOuR/czcZ/E2RSJ3sfHs8FpHhQ5CWMf9s= +github.com/minio/asm2plan9s v0.0.0-20200509001527-cdd76441f9d8/go.mod h1:mC1jAcsrzbxHt8iiaC+zU4b1ylILSosueou12R++wfY= +github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1/go.mod h1:pD8RvIylQ358TN4wwqatJ8rNavkEINozVn9DtGI3dfQ= +github.com/minio/c2goasm v0.0.0-20190812172519-36a3d3bbc4f3/go.mod h1:RagcQ7I8IeTMnF8JTXieKnO4Z6JCsikNEzj0DwauVzE= github.com/minio/highwayhash v1.0.2 h1:Aak5U0nElisjDCfPSG79Tgzkn2gl66NxOMspRrKnA/g= github.com/minio/highwayhash v1.0.2/go.mod h1:BQskDq+xkJ12lmlUUi7U0M5Swg3EWR+dLTk+kldvVxY= github.com/minio/md5-simd v1.1.2 h1:Gdi1DZK69+ZVMoNHRXJyNcxrMA4dSxoYHZSQbirFg34= github.com/minio/md5-simd v1.1.2/go.mod h1:MzdKDxYpY2BT9XQFocsiZf/NKVtR7nkE4RoEpN+20RM= -github.com/minio/minio-go/v7 v7.0.33 h1:jLEHTp9jg2zWBa5w9W1i8WXq6o+oGRcjsdk9HbFgdlc= -github.com/minio/minio-go/v7 v7.0.33/go.mod h1:nCrRzjoSUQh8hgKKtu3Y708OLvRLtuASMg2/nvmbarw= -github.com/minio/sha256-simd v1.0.0 h1:v1ta+49hkWZyvaKwrQB8elexRqm6Y0aMLjCNsrYxo6g= +github.com/minio/minio-go/v7 v7.0.70 h1:1u9NtMgfK1U42kUxcsl5v0yj6TEOPR497OAQxpJnn2g= +github.com/minio/minio-go/v7 v7.0.70/go.mod h1:4yBA8v80xGA30cfM3fz0DKYMXunWl/AV/6tWEs9ryzo= +github.com/minio/sha256-simd v0.1.1-0.20190913151208-6de447530771/go.mod h1:B5e1o+1/KgNmWrSQK08Y6Z1Vb5pwIktudl0J58iy0KM= github.com/minio/sha256-simd v1.0.0/go.mod h1:OuYzVNI5vcoYIAmbIvHPl3N3jUzVedXbKy5RFepssQM= +github.com/minio/sha256-simd v1.0.1 h1:6kaan5IFmwTNynnKKpDHe6FWHohJOHhCPchzK49dzMM= +github.com/minio/sha256-simd v1.0.1/go.mod h1:Pz6AKMiUdngCLpeTL/RJY1M9rUuPMYujV5xJjtbRSN8= github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible h1:aKW/4cBs+yK6gpqU3K/oIwk9Q/XICqd3zOX/UFuvqmk= github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible/go.mod h1:8AuVvqP/mXw1px98n46wfvcGfQ4ci2FwoAjKYxuo3Z4= github.com/mistifyio/go-zfs/v3 v3.0.1 h1:YaoXgBePoMA12+S1u/ddkv+QqxcfiZK4prI6HPnkFiU= github.com/mistifyio/go-zfs/v3 v3.0.1/go.mod h1:CzVgeB0RvF2EGzQnytKVvVSDwmKJXxkOTUGbNrTja/k= github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= -github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS42BGNg= github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY= github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= -github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= -github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= -github.com/moby/ipvs v1.0.1/go.mod h1:2pngiyseZbIKXNv7hsKj3O9UEz30c53MT9005gt2hxQ= +github.com/mndrix/tap-go v0.0.0-20171203230836-629fa407e90b/go.mod h1:pzzDgJWZ34fGzaAZGFW22KVZDfyrYW+QABMrWnJBnSs= github.com/moby/locker v1.0.1 h1:fOXqR41zeveg4fFODix+1Ch4mj/gT0NE1XJbp/epuBg= github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= -github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8= github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= +github.com/moby/spdystream v0.4.0 h1:Vy79D6mHeJJjiPdFEL2yku1kl0chZpJfZcPpb16BRl8= +github.com/moby/spdystream v0.4.0/go.mod h1:xBAYlnt/ay+11ShkdFKNAG7LsyK/tmNBVvVOwrfMgdI= github.com/moby/sys/mountinfo v0.5.0/go.mod h1:3bMD3Rg+zkqx8MRYPi7Pyb0Ie97QEBmdxbhnCLlSvSU= -github.com/moby/sys/mountinfo v0.6.0/go.mod h1:3bMD3Rg+zkqx8MRYPi7Pyb0Ie97QEBmdxbhnCLlSvSU= -github.com/moby/sys/mountinfo v0.6.2 h1:BzJjoreD5BMFNmD9Rus6gdd1pLuecOFPt8wC+Vygl78= github.com/moby/sys/mountinfo v0.6.2/go.mod h1:IJb6JQeOklcdMU9F5xQ8ZALD+CUr5VlGpwtX+VE0rpI= +github.com/moby/sys/mountinfo v0.7.2 h1:1shs6aH5s4o5H2zQLn796ADW1wMrIwHsyJ2v9KouLrg= +github.com/moby/sys/mountinfo v0.7.2/go.mod h1:1YOa8w8Ih7uW0wALDUgT1dTTSBrZ+HiBLGws92L2RU4= github.com/moby/sys/sequential v0.5.0/go.mod h1:tH2cOOs5V9MlPiXcQzRC+eEyab644PWKGRYaaV5ZZlo= +github.com/moby/sys/sequential v0.6.0 h1:qrx7XFUd/5DxtqcoH1h438hF5TmOvzC/lspjy7zgvCU= +github.com/moby/sys/sequential v0.6.0/go.mod h1:uyv8EUTrca5PnDsdMGXhZe6CCe8U/UiTWd+lL+7b/Ko= +github.com/moby/sys/signal v0.6.0/go.mod h1:GQ6ObYZfqacOwTtlXvcmh9A26dVRul/hbOZn88Kg8Tg= github.com/moby/sys/signal v0.7.0/go.mod h1:GQ6ObYZfqacOwTtlXvcmh9A26dVRul/hbOZn88Kg8Tg= -github.com/moby/sys/symlink v0.2.0 h1:tk1rOM+Ljp0nFmfOIBtlV3rTDlWOwFRhjEeAhZB0nZc= +github.com/moby/sys/signal v0.7.1 h1:PrQxdvxcGijdo6UXXo/lU/TvHUWyPhj7UOpSo8tuvk0= +github.com/moby/sys/signal v0.7.1/go.mod h1:Se1VGehYokAkrSQwL4tDzHvETwUZlnY7S5XtQ50mQp8= github.com/moby/sys/symlink v0.2.0/go.mod h1:7uZVF2dqJjG/NsClqul95CqKOBRQyYSNnJ6BMgR/gFs= -github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6 h1:dcztxKSvZ4Id8iPpHERQBbIJfabdt4wUm5qy3wOL2Zc= -github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6/go.mod h1:E2VnQOmVuvZB6UYnnDB0qG5Nq/1tD9acaOpo6xmt0Kw= +github.com/moby/sys/symlink v0.3.0 h1:GZX89mEZ9u53f97npBy4Rc3vJKj7JBDj/PN2I22GrNU= +github.com/moby/sys/symlink v0.3.0/go.mod h1:3eNdhduHmYPcgsJtZXW1W4XUJdZGBIkttZ8xKqPUJq0= +github.com/moby/sys/user v0.3.0 h1:9ni5DlcW5an3SvRSx4MouotOygvzaXbaSrc/wGDFWPo= +github.com/moby/sys/user v0.3.0/go.mod h1:bG+tYYYJgaMtRKgEmuueC0hJEAZWwtIbZTB+85uoHjs= +github.com/moby/sys/userns v0.1.0 h1:tVLXkFOxVu9A64/yh59slHVv9ahO9UIev4JZusOLG/g= +github.com/moby/sys/userns v0.1.0/go.mod h1:IHUYgu/kao6N8YZlp9Cf444ySSvCmDlmzUcYfDHOl28= +github.com/moby/term v0.0.0-20210610120745-9d4ed1856297/go.mod h1:vgPCkQMyxTZ7IDy8SXRufE172gr8+K/JE/7hHFxHW3A= +github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0= +github.com/moby/term v0.5.0/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -811,21 +1229,48 @@ github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lN github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= -github.com/mohae/deepcopy v0.0.0-20170603005431-491d3605edfb/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8= github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 h1:RWengNIwukTxcDr9M+97sNutRR1RKhG96O6jWumTTnw= github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8= github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 h1:n6/2gBQ3RWajuToeY6ZtZTIKv2v7ThUy5KKusIT0yc0= github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00/go.mod h1:Pm3mSP3c5uWn86xMLZ5Sa7JB9GsEZySvHYXCTK4E9q4= github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A= github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= -github.com/mrunalp/fileutils v0.5.0 h1:NKzVxiH7eSk+OQ4M+ZYW1K6h27RUV3MI6NUTsHhU6Z4= +github.com/mr-tron/base58 v1.1.2/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc= +github.com/mr-tron/base58 v1.2.0 h1:T/HDJBh4ZCPbU39/+c3rRvE0uKBQlU27+QI8LJ4t64o= +github.com/mr-tron/base58 v1.2.0/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc= github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ= +github.com/mrunalp/fileutils v0.5.1 h1:F+S7ZlNKnrwHfSwdlgNSkKo67ReVf8o9fel6C3dkm/Q= +github.com/mrunalp/fileutils v0.5.1/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ= +github.com/multiformats/go-base32 v0.1.0 h1:pVx9xoSPqEIQG8o+UbAe7DNi51oej1NtK+aGkbLYxPE= +github.com/multiformats/go-base32 v0.1.0/go.mod h1:Kj3tFY6zNr+ABYMqeUNeGvkIC/UYgtWibDcT0rExnbI= +github.com/multiformats/go-base36 v0.2.0 h1:lFsAbNOGeKtuKozrtBsAkSVhv1p9D0/qedU9rQyccr0= +github.com/multiformats/go-base36 v0.2.0/go.mod h1:qvnKE++v+2MWCfePClUEjE78Z7P2a1UV0xHgWc0hkp4= +github.com/multiformats/go-multiaddr v0.1.1/go.mod h1:aMKBKNEYmzmDmxfX88/vz+J5IU55txyt0p4aiWVohjo= +github.com/multiformats/go-multiaddr v0.2.0/go.mod h1:0nO36NvPpyV4QzvTLi/lafl2y95ncPj0vFwVF6k6wJ4= +github.com/multiformats/go-multiaddr v0.12.3 h1:hVBXvPRcKG0w80VinQ23P5t7czWgg65BmIvQKjDydU8= +github.com/multiformats/go-multiaddr v0.12.3/go.mod h1:sBXrNzucqkFJhvKOiwwLyqamGa/P5EIXNPLovyhQCII= +github.com/multiformats/go-multiaddr-dns v0.3.1 h1:QgQgR+LQVt3NPTjbrLLpsaT2ufAA2y0Mkk+QRVJbW3A= +github.com/multiformats/go-multiaddr-dns v0.3.1/go.mod h1:G/245BRQ6FJGmryJCrOuTdB37AMA5AMOVuO6NY3JwTk= +github.com/multiformats/go-multiaddr-fmt v0.1.0 h1:WLEFClPycPkp4fnIzoFoV9FVd49/eQsuaL3/CWe167E= +github.com/multiformats/go-multiaddr-fmt v0.1.0/go.mod h1:hGtDIW4PU4BqJ50gW2quDuPVjyWNZxToGUh/HwTZYJo= +github.com/multiformats/go-multibase v0.2.0 h1:isdYCVLvksgWlMW9OZRYJEa9pZETFivncJHmHnnd87g= +github.com/multiformats/go-multibase v0.2.0/go.mod h1:bFBZX4lKCA/2lyOFSAoKH5SS6oPyjtnzK/XTFDPkNuk= +github.com/multiformats/go-multicodec v0.9.0 h1:pb/dlPnzee/Sxv/j4PmkDRxCOi3hXTz3IbPKOXWJkmg= +github.com/multiformats/go-multicodec v0.9.0/go.mod h1:L3QTQvMIaVBkXOXXtVmYE+LI16i14xuaojr/H7Ai54k= +github.com/multiformats/go-multihash v0.0.8/go.mod h1:YSLudS+Pi8NHE7o6tb3D8vrpKa63epEDmG8nTduyAew= +github.com/multiformats/go-multihash v0.2.3 h1:7Lyc8XfX/IY2jWb/gI7JP+o7JEq9hOa7BFvVU9RSh+U= +github.com/multiformats/go-multihash v0.2.3/go.mod h1:dXgKXCXjBzdscBLk9JkjINiEsCKRVch90MdaGiKsvSM= +github.com/multiformats/go-multistream v0.5.0 h1:5htLSLl7lvJk3xx3qT/8Zm9J4K8vEOf/QGkvOGQAyiE= +github.com/multiformats/go-multistream v0.5.0/go.mod h1:n6tMZiwiP2wUsR8DgfDWw1dydlEqV3l6N3/GBsX6ILA= +github.com/multiformats/go-varint v0.0.1/go.mod h1:3Ls8CIEsrijN6+B7PbrXRPxHRPuXSrVKRY101jdMZYE= +github.com/multiformats/go-varint v0.0.7 h1:sWSGR+f/eu5ABZA2ZpYKBILXTTs9JWpdEM/nEGOHFS8= +github.com/multiformats/go-varint v0.0.7/go.mod h1:r8PUYw/fD/SjBCiKOoDlGF6QawOELpZAu9eioSos/OU= github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/mvdan/xurls v1.1.0/go.mod h1:tQlNn3BED8bE/15hnSL2HLkDeLWpNPAwtw7wkEq44oU= -github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= +github.com/mwitkow/go-http-dialer v0.0.0-20161116154839-378f744fb2b8 h1:BhQQWYKJwXPtAhm12d4gQU4LKS9Yov22yOrDc2QA7ho= +github.com/mwitkow/go-http-dialer v0.0.0-20161116154839-378f744fb2b8/go.mod h1:ntWhh7pzdiiRKBMxUB5iG+Q2gmZBxGxpX1KyK6N8kX8= github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f h1:y5//uYreIhSUg3J1GEMiLbxo1LJaP8RfCpH6pymGZus= github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= github.com/natefinch/lumberjack v2.0.0+incompatible h1:4QJd3OLAMgj7ph+yZTuX13Ld4UpgHp07nNdFX7mqFfM= @@ -833,54 +1278,105 @@ github.com/natefinch/lumberjack v2.0.0+incompatible/go.mod h1:Wi9p2TTF5DG5oU+6Yf github.com/nats-io/jsm.go v0.0.31-0.20220317133147-fe318f464eee h1:+l6i7zS8N1LOokm7dzShezI9STRGrzp0O49Pw8Jetdk= github.com/nats-io/jsm.go v0.0.31-0.20220317133147-fe318f464eee/go.mod h1:EKSYvbvWAoh0hIfuZ+ieWm8u0VOTRTeDfuQvNPKRqEg= github.com/nats-io/jwt/v2 v2.2.1-0.20220113022732-58e87895b296/go.mod h1:0tqz9Hlu6bCBFLWAASKhE5vUA4c24L9KPUUgvwumE/k= -github.com/nats-io/jwt/v2 v2.5.3 h1:/9SWvzc6hTfamcgXJ3uYRpgj+QuY2aLNqRiqrKcrpEo= -github.com/nats-io/jwt/v2 v2.5.3/go.mod h1:iysuPemFcc7p4IoYots3IuELSI4EDe9Y0bQMe+I3Bf4= +github.com/nats-io/jwt/v2 v2.5.5 h1:ROfXb50elFq5c9+1ztaUbdlrArNFl2+fQWP6B8HGEq4= +github.com/nats-io/jwt/v2 v2.5.5/go.mod h1:ZdWS1nZa6WMZfFwwgpEaqBV8EPGVgOTDHN/wTbz0Y5A= github.com/nats-io/nats-server/v2 v2.7.5-0.20220309212130-5c0d1999ff72/go.mod h1:1vZ2Nijh8tcyNe8BDVyTviCd9NYzRbubQYiEHsvOQWc= -github.com/nats-io/nats-server/v2 v2.10.5 h1:hhWt6m9ja/mNnm6ixc85jCthDaiUFPaeJI79K/MD980= -github.com/nats-io/nats-server/v2 v2.10.5/go.mod h1:xUMTU4kS//SDkJCSvFwN9SyJ9nUuLhSkzB/Qz0dvjjg= +github.com/nats-io/nats-server/v2 v2.10.12 h1:G6u+RDrHkw4bkwn7I911O5jqys7jJVRY6MwgndyUsnE= +github.com/nats-io/nats-server/v2 v2.10.12/go.mod h1:H1n6zXtYLFCgXcf/SF8QNTSIFuS8tyZQMN9NguUHdEs= github.com/nats-io/nats.go v1.13.1-0.20220308171302-2f2f6968e98d/go.mod h1:BPko4oXsySz4aSWeFgOHLZs3G4Jq4ZAyE6/zMCxRT6w= -github.com/nats-io/nats.go v1.31.0 h1:/WFBHEc/dOKBF6qf1TZhrdEfTmOZ5JzdJ+Y3m6Y/p7E= -github.com/nats-io/nats.go v1.31.0/go.mod h1:di3Bm5MLsoB4Bx61CBTsxuarI36WbhAwOm8QrW39+i8= +github.com/nats-io/nats.go v1.34.0 h1:fnxnPCNiwIG5w08rlMcEKTUw4AV/nKyGCOJE8TdhSPk= +github.com/nats-io/nats.go v1.34.0/go.mod h1:Ubdu4Nh9exXdSz0RVWRFBbRfrbSxOYd26oF0wkWclB8= github.com/nats-io/nkeys v0.3.0/go.mod h1:gvUNGjVcM2IPr5rCsRsC6Wb3Hr2CQAm08dsxtV6A5y4= -github.com/nats-io/nkeys v0.4.6 h1:IzVe95ru2CT6ta874rt9saQRkWfe2nFj1NtvYSLqMzY= -github.com/nats-io/nkeys v0.4.6/go.mod h1:4DxZNzenSVd1cYQoAa8948QY3QDjrHfcfVADymtkpts= +github.com/nats-io/nkeys v0.4.7 h1:RwNJbbIdYCoClSDNY7QVKZlyb/wfT6ugvFCiKy6vDvI= +github.com/nats-io/nkeys v0.4.7/go.mod h1:kqXRgRDPlGy7nGaEDMuYzmiJCIAAWDK0IMBtDmGD0nc= github.com/nats-io/nuid v1.0.1 h1:5iA8DT8V7q8WK2EScv2padNa/rTESc1KdnPw4TC2paw= github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c= +github.com/neelance/astrewrite v0.0.0-20160511093645-99348263ae86/go.mod h1:kHJEU3ofeGjhHklVoIGuVj85JJwZ6kWPaJwCIxgnFmo= +github.com/neelance/sourcemap v0.0.0-20151028013722-8c68805598ab/go.mod h1:Qr6/a/Q4r9LP1IltGz7tA7iOK1WonHEYhu1HRBA7ZiM= github.com/networkplumbing/go-nft v0.2.0/go.mod h1:HnnM+tYvlGAsMU7yoYwXEVLLiDW9gdMmb5HoGcwpuQs= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= -github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= -github.com/olekukonko/tablewriter v0.0.4/go.mod h1:zq6QwlOf5SlnkVbMSr5EoBv3636FWnp+qbPhuoO21uA= github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= -github.com/onsi/ginkgo v1.13.0/go.mod h1:+REjRxOmWfHCjfv9TTWB1jD1Frx4XydAD3zm1lskyM0= -github.com/onsi/ginkgo v1.16.4 h1:29JGrr5oVBm5ulCWet69zQkzWipVXIol6ygQUe/EzNc= github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= +github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= +github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= github.com/onsi/ginkgo/v2 v2.1.3/go.mod h1:vw5CSIxN1JObi/U8gcbwft7ZxR2dgaR70JSE3/PpL4c= github.com/onsi/ginkgo/v2 v2.1.4/go.mod h1:um6tUpWM/cxCK3/FK8BXqEiUMUwRgSM4JXG47RKZmLU= github.com/onsi/ginkgo/v2 v2.1.6/go.mod h1:MEH45j8TBi6u9BMogfbp0stKC5cdGjumZj5Y7AG4VIk= -github.com/onsi/ginkgo/v2 v2.9.4 h1:xR7vG4IXt5RWx6FfIjyAtsoMAtnc3C/rFXBBd2AjZwE= +github.com/onsi/ginkgo/v2 v2.3.0/go.mod h1:Eew0uilEqZmIEZr8JrvYlvOM7Rr6xzTmMV8AyFNU9d0= +github.com/onsi/ginkgo/v2 v2.4.0/go.mod h1:iHkDK1fKGcBoEHT5W7YBq4RFWaQulw+caOMkAt4OrFo= +github.com/onsi/ginkgo/v2 v2.5.0/go.mod h1:Luc4sArBICYCS8THh8v3i3i5CuSZO+RaQRaJoeNwomw= +github.com/onsi/ginkgo/v2 v2.6.1/go.mod h1:yjiuMwPokqY1XauOgju45q3sJt6VzQ/Fict1LFVcsAo= +github.com/onsi/ginkgo/v2 v2.7.0/go.mod h1:yjiuMwPokqY1XauOgju45q3sJt6VzQ/Fict1LFVcsAo= +github.com/onsi/ginkgo/v2 v2.8.1/go.mod h1:N1/NbDngAFcSLdyZ+/aYTYGSlq9qMCS/cNKGJjy+csc= +github.com/onsi/ginkgo/v2 v2.9.0/go.mod h1:4xkjoL/tZv4SMWeww56BU5kAt19mVB47gTWxmrTcxyk= +github.com/onsi/ginkgo/v2 v2.9.1/go.mod h1:FEcmzVcCHl+4o9bQZVab+4dC9+j+91t2FHSzmGAPfuo= +github.com/onsi/ginkgo/v2 v2.9.2/go.mod h1:WHcJJG2dIlcCqVfBAwUCrJxSPFb6v4azBwgxeMeDuts= +github.com/onsi/ginkgo/v2 v2.9.5/go.mod h1:tvAoo1QUJwNEU2ITftXTpR7R1RbCzoZUOs3RonqW57k= +github.com/onsi/ginkgo/v2 v2.9.7/go.mod h1:cxrmXWykAwTwhQsJOPfdIDiJ+l2RYq7U8hFU+M/1uw0= +github.com/onsi/ginkgo/v2 v2.11.0/go.mod h1:ZhrRA5XmEE3x3rhlzamx/JJvujdZoJ2uvgI7kR0iZvM= +github.com/onsi/ginkgo/v2 v2.13.0/go.mod h1:TE309ZR8s5FsKKpuB1YAQYBzCaAfUgatB/xlT/ETL/o= +github.com/onsi/ginkgo/v2 v2.17.1/go.mod h1:llBI3WDLL9Z6taip6f33H76YcWtJv+7R3HigUjbIBOs= +github.com/onsi/ginkgo/v2 v2.17.2/go.mod h1:nP2DPOQoNsQmsVyv5rDA8JkXQoCs6goXIvr/PRJ1eCc= +github.com/onsi/ginkgo/v2 v2.19.0/go.mod h1:rlwLi9PilAFJ8jCg9UE1QP6VBpd6/xj3SRC0d6TU0To= +github.com/onsi/ginkgo/v2 v2.20.0 h1:PE84V2mHqoT1sglvHc8ZdQtPcwmvvt29WLEEO3xmdZw= +github.com/onsi/ginkgo/v2 v2.20.0/go.mod h1:lG9ey2Z29hR41WMVthyJBGUBcBhGOtoPF2VFMvBXFCI= +github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= -github.com/onsi/gomega v1.15.0/go.mod h1:cIuvLEne0aoVhAgh/O6ac0Op8WWw9H6eYCriF+tEHG0= github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro= github.com/onsi/gomega v1.20.1/go.mod h1:DtrZpjmvpn2mPm4YWQa0/ALMDj9v4YxLgojwPeREyVo= -github.com/onsi/gomega v1.27.6 h1:ENqfyGeS5AX/rlXDd/ETokDz93u0YufY1Pgxuy/PvWE= +github.com/onsi/gomega v1.21.1/go.mod h1:iYAIXgPSaDHak0LCMA+AWBpIKBr8WZicMxnE8luStNc= +github.com/onsi/gomega v1.22.1/go.mod h1:x6n7VNe4hw0vkyYUM4mjIXx3JbLiPaBPNgB7PRQ1tuM= +github.com/onsi/gomega v1.24.0/go.mod h1:Z/NWtiqwBrwUt4/2loMmHL63EDLnYHmVbuBpDr2vQAg= +github.com/onsi/gomega v1.24.1/go.mod h1:3AOiACssS3/MajrniINInwbfOOtfZvplPzuRSmvt1jM= +github.com/onsi/gomega v1.24.2/go.mod h1:gs3J10IS7Z7r7eXRoNJIrNqU4ToQukCJhFtKrWgHWnk= +github.com/onsi/gomega v1.26.0/go.mod h1:r+zV744Re+DiYCIPRlYOTxn0YkOLcAnW8k1xXdMPGhM= +github.com/onsi/gomega v1.27.1/go.mod h1:aHX5xOykVYzWOV4WqQy0sy8BQptgukenXpCXfadcIAw= +github.com/onsi/gomega v1.27.3/go.mod h1:5vG284IBtfDAmDyrK+eGyZmUgUlmi+Wngqo557cZ6Gw= +github.com/onsi/gomega v1.27.4/go.mod h1:riYq/GJKh8hhoM01HN6Vmuy93AarCXCBGpvFDK3q3fQ= +github.com/onsi/gomega v1.27.6/go.mod h1:PIQNjfQwkP3aQAH7lf7j87O/5FiNr+ZR8+ipb+qQlhg= +github.com/onsi/gomega v1.27.7/go.mod h1:1p8OOlwo2iUUDsHnOrjE5UKYJ+e3W8eQ3qSlRahPmr4= +github.com/onsi/gomega v1.27.8/go.mod h1:2J8vzI/s+2shY9XHRApDkdgPo1TKT7P2u6fXeJKFnNQ= +github.com/onsi/gomega v1.27.10/go.mod h1:RsS8tutOdbdgzbPtzzATp12yT7kM5I5aElG3evPbQ0M= +github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= +github.com/onsi/gomega v1.33.0/go.mod h1:+925n5YtiFsLzzafLUHzVMBpvvRAzrydIBiSIxjX3wY= +github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0= +github.com/onsi/gomega v1.34.1 h1:EUMJIKUjM8sKjYbtxQI9A4z2o+rruxnzNvpknOXie6k= +github.com/onsi/gomega v1.34.1/go.mod h1:kU1QgUvBDLXBJq618Xvm2LUX6rSAfRaFRTcdOeDLwwY= +github.com/open-policy-agent/opa v0.59.0/go.mod h1:rdJSkEc4oQ+0074/3Fsgno5bkPsYxTjU5aLNmMujIvI= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= -github.com/opencontainers/image-spec v1.0.3-0.20211202183452-c5a74bcca799 h1:rc3tiVYb5z54aKaDfakKn0dDjIyPpTtszkjuMzyt7ec= -github.com/opencontainers/image-spec v1.0.3-0.20211202183452-c5a74bcca799/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/runc v1.1.8 h1:zICRlc+C1XzivLc3nzE+cbJV4LIi8tib6YG0MqC6OqA= -github.com/opencontainers/runc v1.1.8/go.mod h1:CbUumNnWCuTGFukNXahoo/RFBZvDAgRh/smNYNOhA50= -github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417 h1:3snG66yBm59tKhhSPQrQ/0bCrv1LQbKt40LnUPiUxdc= +github.com/opencontainers/image-spec v1.0.2/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= +github.com/opencontainers/image-spec v1.1.0-rc2/go.mod h1:3OVijpioIKYWTqjiG0zfF6wvoJ4fAXGbjdZuI2NgsRQ= +github.com/opencontainers/image-spec v1.1.0-rc2.0.20221005185240-3a7f492d3f1b/go.mod h1:3OVijpioIKYWTqjiG0zfF6wvoJ4fAXGbjdZuI2NgsRQ= +github.com/opencontainers/image-spec v1.1.0-rc3/go.mod h1:X4pATf0uXsnn3g5aiGIsVnJBR4mxhKzfwmvK/B2NTm8= +github.com/opencontainers/image-spec v1.1.0-rc5/go.mod h1:X4pATf0uXsnn3g5aiGIsVnJBR4mxhKzfwmvK/B2NTm8= +github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug= +github.com/opencontainers/image-spec v1.1.0/go.mod h1:W4s4sFTMaBeK1BQLXbG4AdM2szdn85PY75RI83NrTrM= +github.com/opencontainers/runtime-spec v1.0.2/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/selinux v1.10.1 h1:09LIPVRP3uuZGQvgR+SgMSNBd1Eb3vlRbGqQpoHsF8w= -github.com/opencontainers/selinux v1.10.1/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= +github.com/opencontainers/runtime-spec v1.0.3-0.20220825212826-86290f6a00fb/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= +github.com/opencontainers/runtime-spec v1.0.3-0.20220909204839-494a5a6aca78/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= +github.com/opencontainers/runtime-spec v1.1.0/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= +github.com/opencontainers/runtime-spec v1.2.0 h1:z97+pHb3uELt/yiAWD691HNHQIF07bE7dzrbT927iTk= +github.com/opencontainers/runtime-spec v1.2.0/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= +github.com/opencontainers/runtime-tools v0.9.0/go.mod h1:r3f7wjNzSs2extwzU3Y+6pKfobzPh+kKFJ3ofN+3nfs= +github.com/opencontainers/runtime-tools v0.9.1-0.20221107090550-2e043c6bd626 h1:DmNGcqH3WDbV5k8OJ+esPWbqUOX5rMLR2PMvziDMJi0= +github.com/opencontainers/runtime-tools v0.9.1-0.20221107090550-2e043c6bd626/go.mod h1:BRHJJd0E+cx42OybVYSgUvZmU0B8P9gZuRXlZUP7TKI= +github.com/opencontainers/selinux v1.11.0 h1:+5Zbo97w3Lbmb3PeqQtpmTkMwsW5nRI3YaLpt7tQ7oU= +github.com/opencontainers/selinux v1.11.0/go.mod h1:E5dMC3VPuVvVHDYmi78qvhJp8+M586T4DlDRYpFkyec= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= +github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= +github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= +github.com/openzipkin/zipkin-go v0.1.1/go.mod h1:NtoC/o8u3JlF1lSlyPNswIbeQH9bJTmOf0Erfk+hxe8= +github.com/orisano/pixelmatch v0.0.0-20220722002657-fb0b55479cde/go.mod h1:nZgzbfBr3hhjoZnS66nKrHmduYNpc34ny7RK4z5/HM0= github.com/otiai10/copy v1.7.0 h1:hVoPiN+t+7d2nzzwMiDHPSOogsWAStewq3TwU05+clE= github.com/otiai10/copy v1.7.0/go.mod h1:rmRl6QPdJj6EiUqXQ/4Nn2lLXoNQjFCQbbNrxgc/t3U= github.com/otiai10/curr v0.0.0-20150429015615-9b4961190c95/go.mod h1:9qAhocn7zKJG+0mI8eUu6xqkFDYS2kb2saOteoSB3cE= @@ -889,156 +1385,192 @@ github.com/otiai10/mint v1.3.0/go.mod h1:F5AjcsTsWUqX+Na9fpHb52P8pcRX2CI6A3ctIT9 github.com/otiai10/mint v1.3.3 h1:7JgpsBaN0uMkyju4tbYHu0mnM55hNKVYLsXmwr15NQI= github.com/otiai10/mint v1.3.3/go.mod h1:/yxELlJQ0ufhjUwhshSj+wFjZ78CnZ48/1wtmBH1OTc= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= +github.com/pbnjay/memory v0.0.0-20210728143218-7b4eea64cf58 h1:onHthvaw9LFnH4t2DcNVpwGmV9E1BkGknEliJkfwQj0= +github.com/pbnjay/memory v0.0.0-20210728143218-7b4eea64cf58/go.mod h1:DXv8WO4yhMYhSNPKjeNKa5WY9YCIEBRbNzFFPJbWO6Y= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= -github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= -github.com/pelletier/go-toml v1.9.4/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3ve8= github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= +github.com/pelletier/go-toml/v2 v2.2.3 h1:YmeHyLY8mFWbdkNWwpr+qIL2bEqT0o95WSdkNHvL12M= +github.com/pelletier/go-toml/v2 v2.2.3/go.mod h1:MfCQTFTvCcUyyvvwm1+G6H/jORL20Xlb6rzQu9GuUkc= github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= +github.com/peterh/liner v1.2.2/go.mod h1:xFwJyiKIXJZUKItq5dGHZSTBRAuG/CpeNpWLyiNRNwI= +github.com/phpdave11/gofpdf v1.4.2/go.mod h1:zpO6xFn9yxo3YLyMvW8HcKWVdbNqgIfOOp2dXMnm1mY= +github.com/phpdave11/gofpdi v1.0.12/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI= +github.com/phpdave11/gofpdi v1.0.13/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI= github.com/pierrec/lz4 v2.6.0+incompatible h1:Ix9yFKn1nSPBLFl/yZknTp8TU5G4Ps0JDmguYK6iH1A= github.com/pierrec/lz4 v2.6.0+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY= +github.com/pierrec/lz4/v4 v4.1.15/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4= github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= -github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/polydawn/refmt v0.89.0 h1:ADJTApkvkeBZsN0tBTx8QjpD9JkmxbKp0cxfr9qszm4= +github.com/polydawn/refmt v0.89.0/go.mod h1:/zvteZs/GwLtCgZ4BL6CBsk9IKIlexP43ObX9AxTqTw= github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= github.com/pquerna/cachecontrol v0.1.0 h1:yJMy84ti9h/+OEWa752kBTKv4XC30OtVVHYv/8cTqKc= github.com/pquerna/cachecontrol v0.1.0/go.mod h1:NrUG3Z7Rdu85UNR3vm7SOsl1nFIeSiQnrHV5K9mBcUI= -github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= -github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= -github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= -github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g= -github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= -github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0= -github.com/prometheus/client_golang v1.11.1/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0= -github.com/prometheus/client_golang v1.12.1/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY= -github.com/prometheus/client_golang v1.14.0 h1:nJdhIvne2eSX/XRAFV9PcvFFRbrjbcTUj0VP62TMhnw= -github.com/prometheus/client_golang v1.14.0/go.mod h1:8vpkKitgIVNcqrRBWh1C4TIUQgYNtG/XQE4E/Zae36Y= +github.com/prashantv/gostub v1.1.0/go.mod h1:A5zLQHz7ieHGG7is6LLXLz7I8+3LZzsrV0P1IAHhP5U= +github.com/prometheus/client_golang v1.19.1 h1:wZWJDwK+NameRJuPGDhlnFgx8e8HN3XHQeLaYJFJBOE= +github.com/prometheus/client_golang v1.19.1/go.mod h1:mP78NwGzrVks5S2H6ab8+ZZGJLZUq1hoULYBAYBw1Ho= github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= -github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.3.0/go.mod h1:LDGWKZIo7rky3hgvBe+caln+Dr3dPggB5dvjtD7w9+w= -github.com/prometheus/client_model v0.4.0 h1:5lQXD3cAg1OXBf4Wq03gTrXHeaV0TQvGfUooCfx1yqY= -github.com/prometheus/client_model v0.4.0/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU= -github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= -github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc= -github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= -github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc= -github.com/prometheus/common v0.32.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= -github.com/prometheus/common v0.37.0/go.mod h1:phzohg0JFMnBEFGxTDbfu3QyL5GI8gTQJFhYO5B3mfA= -github.com/prometheus/common v0.39.0 h1:oOyhkDq05hPZKItWVBkJ6g6AtGxi+fy7F4JvUV8uhsI= -github.com/prometheus/common v0.39.0/go.mod h1:6XBZ7lYdLCbkAVhwRsWTZn+IN5AB9F/NXd5w0BbEX0Y= -github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.0-20190522114515-bc1a522cf7b1/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= -github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= +github.com/prometheus/client_model v0.4.1-0.20230718164431-9a2bf3000d16/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU= +github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI= +github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= +github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= +github.com/prometheus/common v0.55.0 h1:KEi6DK7lXW/m7Ig5i47x0vRzuBsHuvJdi5ee6Y3G1dc= +github.com/prometheus/common v0.55.0/go.mod h1:2SECS4xJG1kd8XF9IcM1gMX6510RAEL65zxzNImwdc8= +github.com/prometheus/procfs v0.0.0-20180725123919-05ee40e3a273/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= -github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0uaxHdg830/4= -github.com/prometheus/procfs v0.9.0 h1:wzCHvIvM5SxWqYvwgVL7yJY8Lz3PKn49KQtpgMYJfhI= -github.com/prometheus/procfs v0.9.0/go.mod h1:+pB4zwohETzFnmlpe6yd2lSc+0/46IYZRB/chUwxUZY= -github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= -github.com/rancher/dynamiclistener v0.3.6 h1:iAFWeiFNra6tYlt4k+jINrK3hOxZ8mjW2S/9nA6sxKs= -github.com/rancher/dynamiclistener v0.3.6/go.mod h1:VqBaJNi+bZmre0+gi+2Jb6jbn7ovHzRueW+M7QhVKsk= -github.com/rancher/lasso v0.0.0-20230830164424-d684fdeb6f29 h1:+kige/h8/LnzWgPjB5NUIHz/pWiW/lFpqcTUkN5uulY= -github.com/rancher/lasso v0.0.0-20230830164424-d684fdeb6f29/go.mod h1:kgk9kJVMj9FIrrXU0iyM6u/9Je4bEjPImqswkTVaKsQ= -github.com/rancher/remotedialer v0.3.0 h1:y1EO8JCsgZo0RcqTUp6U8FXcBAv27R+TLnWRcpvX1sM= -github.com/rancher/remotedialer v0.3.0/go.mod h1:BwwztuvViX2JrLLUwDlsYt5DiyUwHLlzynRwkZLAY0Q= -github.com/rancher/wharfie v0.5.3 h1:6hiO26H7YTgChbLAE6JppxFRjaH3tbKfMItv/LqV0Q0= -github.com/rancher/wharfie v0.5.3/go.mod h1:Ebpai7digxegLroBseeC54XRBt5we3DgFS6kAE2ho+o= -github.com/rancher/wrangler v1.1.1-0.20230807182002-35cb42e6a915 h1:CNwXnngrb5PgPe4nr7G5jS298YkhS6udMnNvyBOboFQ= -github.com/rancher/wrangler v1.1.1-0.20230807182002-35cb42e6a915/go.mod h1:0oPjv01nvzeavcmeuT0xMlGKs9IJaNk5NCPPQq1n8Ro= -github.com/rasky/go-xdr v0.0.0-20170217172119-4930550ba2e2/go.mod h1:Nfe4efndBz4TibWycNE+lqyJZiMX4ycx+QKV8Ta0f/o= -github.com/remyoudompheng/bigfft v0.0.0-20170806203942-52369c62f446/go.mod h1:uYEyJGbgTkfkS4+E/PavXkNJcbFIpEtjt2B0KDQ5+9M= +github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM= +github.com/prometheus/procfs v0.11.1/go.mod h1:eesXgaPo1q7lBpVMoMy0ZOFTth9hBn4W/y0/p/ScXhY= +github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= +github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= +github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= +github.com/quic-go/qpack v0.4.0 h1:Cr9BXA1sQS2SmDUWjSofMPNKmvF6IiIfDRmgU0w1ZCo= +github.com/quic-go/qpack v0.4.0/go.mod h1:UZVnYIfi5GRk+zI9UMaCPsmZ2xKJP7XBUvVyT1Knj9A= +github.com/quic-go/quic-go v0.42.0 h1:uSfdap0eveIl8KXnipv9K7nlwZ5IqLlYOpJ58u5utpM= +github.com/quic-go/quic-go v0.42.0/go.mod h1:132kz4kL3F9vxhW3CtQJLDVwcFe5wdWeJXXijhsO57M= +github.com/quic-go/webtransport-go v0.6.0 h1:CvNsKqc4W2HljHJnoT+rMmbRJybShZ0YPFDD3NxaZLY= +github.com/quic-go/webtransport-go v0.6.0/go.mod h1:9KjU4AEBqEQidGHNDkZrb8CAa1abRaosM2yGOyiikEc= +github.com/rancher/dynamiclistener v0.6.0-rc1 h1:Emwf9o7PMLdQNv4lvFx7xJKxDuDa4Y69GvVEGU9U9Js= +github.com/rancher/dynamiclistener v0.6.0-rc1/go.mod h1:BIPgJ8xFSUyuTyGvRMVt++S1qjD3+7Ptvq1TXl6hcTM= +github.com/rancher/lasso v0.0.0-20240724174736-24ab3dbf26f0 h1:rM56SuQHkXyzPqldBDMdBZ8H4tOzyfbKxMlGyKnTQF8= +github.com/rancher/lasso v0.0.0-20240724174736-24ab3dbf26f0/go.mod h1:A/y3BLQkxZXYD60MNDRwAG9WGxXfvd6Z6gWR/a8wPw8= +github.com/rancher/permissions v0.0.0-20240523180510-4001d3d637f7 h1:0Kg2SGoMeU1ll4xPi4DE0+qNHLFO/U5MwtK0WrIdK+o= +github.com/rancher/permissions v0.0.0-20240523180510-4001d3d637f7/go.mod h1:fsbs0YOsGn1ofPD5p+BuI4qDhbMbSJtTegKt6Ucna+c= +github.com/rancher/remotedialer v0.4.1 h1:jwOf2kPRjBBpSFofv1OuZHWaYHeC9Eb6/XgDvbkoTgc= +github.com/rancher/remotedialer v0.4.1/go.mod h1:Ys004RpJuTLSm+k4aYUCoFiOOad37ubYev3TkOFg/5w= +github.com/rancher/wharfie v0.6.7 h1:BhbBVJSLoDQMkZb+zVTLEKckUbq4sc3ZmEYqGakggSY= +github.com/rancher/wharfie v0.6.7/go.mod h1:ew49A9PzRsTngdzXIkgakfhMq3mHMA650HS1OVQpaNA= +github.com/rancher/wrangler v1.1.2 h1:oXbXo9k7y/H4drUpb4RM1c++vT9O3rpoNEfyusGykiU= +github.com/rancher/wrangler v1.1.2/go.mod h1:2k9MyhlBdjcutcBGoOJSUAz0HgDAXnMjv81d3n/AaQc= +github.com/rancher/wrangler/v3 v3.0.0-rc2 h1:XGSPPp6GXELqlLvwJp5MsdqyCPu6SCA4UKJ7rQJzE40= +github.com/rancher/wrangler/v3 v3.0.0-rc2/go.mod h1:f54hh7gFkwwbjsieT2b63FowzTU8FvrBonPe//0CIXo= +github.com/raulk/go-watchdog v1.3.0 h1:oUmdlHxdkXRJlwfG0O9omj8ukerm8MEQavSiDTEtBsk= +github.com/raulk/go-watchdog v1.3.0/go.mod h1:fIvOnLbF0b0ZwkB9YU4mOW9Did//4vPZtDqv66NfsMU= +github.com/rcrowley/go-metrics v0.0.0-20200313005456-10cdbea86bc0/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= +github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs= github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= -github.com/rogpeppe/go-charset v0.0.0-20180617210344-2471d30d28b4/go.mod h1:qgYeAmZ5ZIpBWTGllZSQnw97Dj+woV0toclVaRGI8pc= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= +github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= +github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= +github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= github.com/rootless-containers/rootlesskit v1.0.1 h1:jepqW1txFSowKSMAEkVhWH3Oa1TCY9S400MVYe/6Iro= github.com/rootless-containers/rootlesskit v1.0.1/go.mod h1:t2UAiYagxrJ+wmpFAUIZPcqsm4k2B7ve6g7lILKbloc= -github.com/rs/xid v1.4.0 h1:qd7wPTDkN6KQx2VmMBLrpHkiyQwgFXRnkOLacUiaSNY= -github.com/rs/xid v1.4.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg= -github.com/rubiojr/go-vhd v0.0.0-20200706105327-02e210299021 h1:if3/24+h9Sq6eDx8UUz1SO9cT9tizyIsATfB7b4D3tc= -github.com/rubiojr/go-vhd v0.0.0-20200706105327-02e210299021/go.mod h1:DM5xW0nvfNNm2uytzsvhI3OnX8uzaRAg8UX/CnDqbto= -github.com/russross/blackfriday v1.5.2 h1:HyvC0ARfnZBqnXwABFeSZHpKvJHJJfPz81GNueLj0oo= +github.com/rs/xid v1.5.0 h1:mKX4bl4iPYJtEIxp6CYiUuLQ/8DYMoz0PUdtGgMFRVc= +github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= +github.com/russross/blackfriday v1.6.0/go.mod h1:ti0ldHuxg49ri4ksnFxlkCfN+hvslNlmVHqNRXXJNAY= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/ruudk/golang-pdf417 v0.0.0-20181029194003-1af4ab5afa58/go.mod h1:6lfFZQK844Gfx8o5WFuvpxWRwnSoipWe/p622j1v06w= +github.com/ruudk/golang-pdf417 v0.0.0-20201230142125-a7e3863a1245/go.mod h1:pQAZKsJ8yyVxGRWYNEm9oFB8ieLgKFnamEyDmSA0BRk= github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= -github.com/safchain/ethtool v0.0.0-20210803160452-9aa261dae9b1/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4= -github.com/sclevine/agouti v3.0.0+incompatible/go.mod h1:b4WX9W9L1sfQKXeJf1mUTLZKJ48R1S7H23Ji7oFO5Bw= +github.com/safchain/ethtool v0.2.0/go.mod h1:WkKB1DnNtvsMlDmQ50sgwowDJV/hGbJSOvJoEXs1AJQ= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= -github.com/seccomp/libseccomp-golang v0.9.2-0.20220502022130-f33da4d89646 h1:RpforrEYXWkmGwJHIGnLZ3tTWStkjVVstwzNGqxX2Ds= github.com/seccomp/libseccomp-golang v0.9.2-0.20220502022130-f33da4d89646/go.mod h1:JA8cRccbGaA1s33RQf7Y1+q9gHmZX1yB/z9WDN1C6fg= -github.com/sergi/go-diff v1.1.0 h1:we8PVUC3FE2uYfodKH/nBHMSetSfHDR6scGdBi+erh0= +github.com/seccomp/libseccomp-golang v0.10.0 h1:aA4bp+/Zzi0BnWZ2F1wgNBs5gTpm+na2rWM6M9YjLpY= +github.com/seccomp/libseccomp-golang v0.10.0/go.mod h1:JA8cRccbGaA1s33RQf7Y1+q9gHmZX1yB/z9WDN1C6fg= +github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= +github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ= +github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/shengdoushi/base58 v1.0.0 h1:tGe4o6TmdXFJWoI31VoSWvuaKxf0Px3gqa3sUWhAxBs= github.com/shengdoushi/base58 v1.0.0/go.mod h1:m5uIILfzcKMw6238iWAhP4l3s5+uXyF3+bJKUNhAL9I= +github.com/shurcooL/component v0.0.0-20170202220835-f88ec8f54cc4/go.mod h1:XhFIlyj5a1fBNx5aJTbKoIq0mNaPvOagO+HjB3EtxrY= +github.com/shurcooL/events v0.0.0-20181021180414-410e4ca65f48/go.mod h1:5u70Mqkb5O5cxEA8nxTsgrgLehJeAw6Oc4Ab1c/P1HM= +github.com/shurcooL/github_flavored_markdown v0.0.0-20181002035957-2122de532470/go.mod h1:2dOwnU2uBioM+SGy2aZoq1f/Sd1l9OkAeAUvjSyvgU0= +github.com/shurcooL/go v0.0.0-20180423040247-9e1955d9fb6e/go.mod h1:TDJrrUr11Vxrven61rcy3hJMUqaf/CLWYhHNPmT14Lk= +github.com/shurcooL/go-goon v0.0.0-20170922171312-37c2f522c041/go.mod h1:N5mDOmsrJOB+vfqUK+7DmDyjhSLIIBnXo9lvZJj3MWQ= +github.com/shurcooL/gofontwoff v0.0.0-20180329035133-29b52fc0a18d/go.mod h1:05UtEgK5zq39gLST6uB0cf3NEHjETfB4Fgr3Gx5R9Vw= +github.com/shurcooL/gopherjslib v0.0.0-20160914041154-feb6d3990c2c/go.mod h1:8d3azKNyqcHP1GaQE/c6dDgjkgSx2BZ4IoEi4F1reUI= +github.com/shurcooL/highlight_diff v0.0.0-20170515013008-09bb4053de1b/go.mod h1:ZpfEhSmds4ytuByIcDnOLkTHGUI6KNqRNPDLHDk+mUU= +github.com/shurcooL/highlight_go v0.0.0-20181028180052-98c3abbbae20/go.mod h1:UDKB5a1T23gOMUJrI+uSuH0VRDStOiUVSjBTRDVBVag= +github.com/shurcooL/home v0.0.0-20181020052607-80b7ffcb30f9/go.mod h1:+rgNQw2P9ARFAs37qieuu7ohDNQ3gds9msbT2yn85sg= +github.com/shurcooL/htmlg v0.0.0-20170918183704-d01228ac9e50/go.mod h1:zPn1wHpTIePGnXSHpsVPWEktKXHr6+SS6x/IKRb7cpw= +github.com/shurcooL/httperror v0.0.0-20170206035902-86b7830d14cc/go.mod h1:aYMfkZ6DWSJPJ6c4Wwz3QtW22G7mf/PEgaB9k/ik5+Y= +github.com/shurcooL/httpfs v0.0.0-20171119174359-809beceb2371/go.mod h1:ZY1cvUeJuFPAdZ/B6v7RHavJWZn2YPVFQ1OSXhCGOkg= +github.com/shurcooL/httpgzip v0.0.0-20180522190206-b1c53ac65af9/go.mod h1:919LwcH0M7/W4fcZ0/jy0qGght1GIhqyS/EgWGH2j5Q= +github.com/shurcooL/issues v0.0.0-20181008053335-6292fdc1e191/go.mod h1:e2qWDig5bLteJ4fwvDAc2NHzqFEthkqn7aOZAOpj+PQ= +github.com/shurcooL/issuesapp v0.0.0-20180602232740-048589ce2241/go.mod h1:NPpHK2TI7iSaM0buivtFUc9offApnI0Alt/K8hcHy0I= +github.com/shurcooL/notifications v0.0.0-20181007000457-627ab5aea122/go.mod h1:b5uSkrEVM1jQUspwbixRBhaIjIzL2xazXp6kntxYle0= +github.com/shurcooL/octicon v0.0.0-20181028054416-fa4f57f9efb2/go.mod h1:eWdoE5JD4R5UVWDucdOPg1g2fqQRq78IQa9zlOV1vpQ= +github.com/shurcooL/reactions v0.0.0-20181006231557-f2e0b4ca5b82/go.mod h1:TCR1lToEk4d2s07G3XGfz2QrgHXg4RJBvjrOozvoWfk= +github.com/shurcooL/sanitized_anchor_name v0.0.0-20170918181015-86672fcb3f95/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= -github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= -github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= +github.com/shurcooL/users v0.0.0-20180125191416-49c67e49c537/go.mod h1:QJTqeLYEDaXHZDBsXlPCDqdhQuJkuw4NOtaxYe3xii4= +github.com/shurcooL/webdavfs v0.0.0-20170829043945-18c3829fa133/go.mod h1:hKmq5kWdCj2z2KEozexVbfEZIWiTjhE0+UjmZgPqehw= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= -github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= -github.com/smartystreets/assertions v1.1.0/go.mod h1:tcbTF8ujkAEcZ8TElKY+i30BzYlVhC/LOxJk7iOWnoo= +github.com/smartystreets/assertions v1.2.0 h1:42S6lae5dvLc7BrLu/0ugRtcFVjoJNMC/N3yZFZkDFs= +github.com/smartystreets/assertions v1.2.0/go.mod h1:tcbTF8ujkAEcZ8TElKY+i30BzYlVhC/LOxJk7iOWnoo= github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= +github.com/smartystreets/goconvey v1.7.2 h1:9RBaZCeXEQ3UselpuwUQHltGVXvdwm6cv1hgR6gDIPg= +github.com/smartystreets/goconvey v1.7.2/go.mod h1:Vw0tHAZW6lzCRk3xgdin6fKYcG+G3Pg9vgXWeJpQFMM= github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= github.com/soheilhy/cmux v0.1.5 h1:jjzc5WVemNEDTLwv9tlmemhC73tI08BNOIGwBOo10Js= github.com/soheilhy/cmux v0.1.5/go.mod h1:T7TcVDs9LWfQgPlPsdngu6I6QIoyIFZDDC6sNE1GqG0= +github.com/sourcegraph/annotate v0.0.0-20160123013949-f4cad6c6324d/go.mod h1:UdhH50NIW0fCiwBSr0co2m7BnFLdv4fQTgdqdJTHFeE= +github.com/sourcegraph/go-diff v0.6.0/go.mod h1:iBszgVvyxdc8SFZ7gm69go2KDdt3ag071iBaWPF6cjs= +github.com/sourcegraph/syntaxhighlight v0.0.0-20170531221838-bd320f5d308e/go.mod h1:HuIsMU8RRBOtsCgI77wP899iHVBQpCmg4ErYMZB+2IA= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= +github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI= +github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= github.com/spf13/afero v1.3.3/go.mod h1:5KUK8ByomD5Ti5Artl0RtHeI5pTF7MIDuXL3yY520V4= github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I= +github.com/spf13/afero v1.9.2/go.mod h1:iUV7ddyEEZPO5gA3zD4fJt6iStLlL+Lg4m2cihcDf8Y= +github.com/spf13/afero v1.10.0/go.mod h1:UBogFpq8E9Hx+xc5CNTTEpTnuHVmXDwZcZcE1eb/UhQ= +github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8= +github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY= github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cobra v0.0.2-0.20171109065643-2da4a54c5cee/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= -github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE= +github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU= github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo= -github.com/spf13/cobra v1.2.1/go.mod h1:ExllRjgxM/piMAM+3tAZvg8fsklGAf3tPfi+i8t68Nk= -github.com/spf13/cobra v1.4.0/go.mod h1:Wo4iy3BUC+X2Fybo0PDqwJIv3dNRiZLHQymsfxlB84g= -github.com/spf13/cobra v1.6.1 h1:o94oiPyS4KD1mPy2fmcYYHHfCxLqYjJOhGsCHFZtEzA= github.com/spf13/cobra v1.6.1/go.mod h1:IOw/AERYS7UzyrGinqmz6HLUo219MORXGxhbaJUqzrY= +github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= +github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= +github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= -github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo= github.com/spf13/pflag v1.0.1-0.20171106142849-4c012f6dcd95/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE= +github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= github.com/spf13/viper v1.7.0/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg= -github.com/spf13/viper v1.8.1/go.mod h1:o0Pch8wJ9BVSWGQMbra6iw0oQ5oktSIBaujf1rJH9Ns= -github.com/stefanberger/go-pkcs11uri v0.0.0-20201008174630-78d3cae3a980 h1:lIOOHPEbXzO3vnmx2gok1Tfs31Q8GQqKLc8vVqyQq/I= github.com/stefanberger/go-pkcs11uri v0.0.0-20201008174630-78d3cae3a980/go.mod h1:AO3tvPzVZ/ayst6UlUKUv6rcPQInYe3IknH3jYhAKu8= -github.com/stoewer/go-strcase v1.2.0 h1:Z2iHWqGXH00XYgqDmNgQbIBxf3wrNq0F3feEy0ainaU= +github.com/stefanberger/go-pkcs11uri v0.0.0-20230803200340-78284954bff6 h1:pnnLyeX7o/5aX8qUQ69P/mLojDqwda8hFOCBTmP/6hw= +github.com/stefanberger/go-pkcs11uri v0.0.0-20230803200340-78284954bff6/go.mod h1:39R/xuhNgVhi+K0/zst4TLrJrVmbm6LVgl4A0+ZFS5M= github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= +github.com/stoewer/go-strcase v1.3.0 h1:g0eASXYtp+yvN9fK8sH94oCIk0fau9uV1/ZdJ0AVEzs= +github.com/stoewer/go-strcase v1.3.0/go.mod h1:fAH5hQ5pehh+j3nZfvwdk2RgEgQjAoM8wodgtPmh1xo= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= +github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= @@ -1049,52 +1581,76 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 h1:kdXcSzyDtseVEc4yCz2qF8ZrQvIDBJLl4S1c3GCXmoI= github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= -github.com/tchap/go-patricia v2.2.6+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ23RP/odRBOTVjwp2cDyi6I= -github.com/tchap/go-patricia v2.3.0+incompatible h1:GkY4dP3cEfEASBPPkWd+AmjYxhmDkqO9/zg7R0lSQRs= -github.com/tchap/go-patricia v2.3.0+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ23RP/odRBOTVjwp2cDyi6I= +github.com/syndtr/goleveldb v1.0.0 h1:fBdIW9lB4Iz0n9khmH8w27SJ3QEJ7+IgjPEwGSZiFdE= +github.com/syndtr/goleveldb v1.0.0/go.mod h1:ZVVdQEZoIme9iO1Ch2Jdy24qqXrMMOU6lpPAyBWyWuQ= +github.com/tarm/serial v0.0.0-20180830185346-98f6abe2eb07/go.mod h1:kDXzergiv9cbyO7IOYJZWg1U88JhDg3PB6klq9Hg2pA= +github.com/tchap/go-patricia/v2 v2.3.1 h1:6rQp39lgIYZ+MHmdEq4xzuk1t7OdC35z/xm0BGhTkes= +github.com/tchap/go-patricia/v2 v2.3.1/go.mod h1:VZRHKAb53DLaG+nA9EaYYiaEx6YztwDlLElMsnSHD4k= github.com/tidwall/btree v1.6.0 h1:LDZfKfQIBHGHWSwckhXI0RPSXzlo+KYdjK7FWSqOzzg= github.com/tidwall/btree v1.6.0/go.mod h1:twD9XRA5jj9VUQGELzDO4HPQTNJsoWWfYEL+EUQ2cKY= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20220101234140-673ab2c3ae75 h1:6fotK7otjonDflCTK0BCfls4SPy3NcCVb5dqqmbRknE= github.com/tmc/grpc-websocket-proxy v0.0.0-20220101234140-673ab2c3ae75/go.mod h1:KO6IkyS8Y3j8OdNO85qEYBsRPuteD+YciPomcXdrMnk= -github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= +github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= +github.com/urfave/cli v1.19.1/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/urfave/cli v1.22.4/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= -github.com/urfave/cli v1.22.12 h1:igJgVw1JdKH+trcLWLeLwZjU9fEfPesQ+9/e4MQ44S8= +github.com/urfave/cli v1.22.10/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/urfave/cli v1.22.12/go.mod h1:sSBEIC79qR6OvcmsD4U3KABeOTxDqQtdDnaFuUN30b8= -github.com/urfave/cli/v2 v2.11.2 h1:FVfNg4m3vbjbBpLYxW//WjxUoHvJ9TlppXcqY9Q9ZfA= -github.com/urfave/cli/v2 v2.11.2/go.mod h1:f8iq5LtQ/bLxafbdBSLPPNsgaW0l/2fYYEHhAyPlwvo= -github.com/urfave/negroni v1.0.0/go.mod h1:Meg73S6kFm/4PpbYdq35yYWoCZ9mS/YSx+lKnmiohz4= -github.com/vbatts/tar-split v0.11.2 h1:Via6XqJr0hceW4wff3QRzD5gAk/tatMw/4ZA7cTlIME= +github.com/urfave/cli v1.22.14/go.mod h1:X0eDS6pD6Exaclxm99NJ3FiCDRED7vIHpx2mDOHLvkA= +github.com/urfave/cli v1.22.15 h1:nuqt+pdC/KqswQKhETJjo7pvn/k4xMUxgW6liI7XpnM= +github.com/urfave/cli v1.22.15/go.mod h1:wSan1hmo5zeyLGBjRJbzRTNk8gwoYa2B9n4q9dmRIc0= +github.com/urfave/cli/v2 v2.27.4 h1:o1owoI+02Eb+K107p27wEX9Bb8eqIoZCfLXloLUSWJ8= +github.com/urfave/cli/v2 v2.27.4/go.mod h1:m4QzxcD2qpra4z7WhzEGn74WZLViBnMpb1ToCAKdGRQ= github.com/vbatts/tar-split v0.11.2/go.mod h1:vV3ZuO2yWSVsz+pfFzDG/upWH1JhjOiEaWq6kXyQ3VI= +github.com/vbatts/tar-split v0.11.5 h1:3bHCTIheBm1qFTcgh9oPu+nNBtX+XJIupG/vacinCts= +github.com/vbatts/tar-split v0.11.5/go.mod h1:yZbwRsSeGjusneWgA781EKej9HF8vme8okylkAeNKLk= +github.com/vektah/gqlparser/v2 v2.4.5/go.mod h1:flJWIR04IMQPGz+BXLrORkrARBxv/rtyIAFvd/MceW0= +github.com/veraison/go-cose v1.0.0-rc.1/go.mod h1:7ziE85vSq4ScFTg6wyoMXjucIGOf4JkFEZi/an96Ct4= +github.com/viant/assertly v0.4.8/go.mod h1:aGifi++jvCrUaklKEKT0BU95igDNaqkvz+49uaYMPRU= +github.com/viant/toolbox v0.24.0/go.mod h1:OxMCG57V0PXuIP2HNQrtJf2CjqdmbrOx5EkMILuUhzM= github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= -github.com/vishvananda/netlink v1.1.1-0.20210330154013-f5de75959ad5/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho= github.com/vishvananda/netlink v1.2.1-beta.2 h1:Llsql0lnQEbHj0I1OuKyp8otXp0r3q0mPkuhwHfStVs= github.com/vishvananda/netlink v1.2.1-beta.2/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho= github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU= github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= github.com/vishvananda/netns v0.0.0-20210104183010-2eb08e3e575f/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= -github.com/vishvananda/netns v0.0.2 h1:Cn05BRLm+iRP/DZxyVSsfVyrzgjDbwHwkVt38qvXnNI= -github.com/vishvananda/netns v0.0.2/go.mod h1:yitZXdAVI+yPFSb4QUe+VW3vOVl4PZPNcBgbPxAtJxw= -github.com/vmware/govmomi v0.30.6 h1:O3tjSwQBy0XwI5uK1/yVIfQ1LP9bAECEDUfifnyGs9U= -github.com/vmware/govmomi v0.30.6/go.mod h1:epgoslm97rLECMV4D+08ORzUBEU7boFSepKjt7AYVGg= -github.com/vmware/vmw-guestinfo v0.0.0-20170707015358-25eff159a728/go.mod h1:x9oS4Wk2s2u4tS29nEaDLdzvuHdB19CvSGJjPgkZJNk= +github.com/vishvananda/netns v0.0.4 h1:Oeaw1EM2JMxD51g9uhtC0D7erkIjgmj8+JZc26m1YX8= +github.com/vishvananda/netns v0.0.4/go.mod h1:SpkAiCQRtJ6TvvxPnOSyH3BMl6unz3xZlaprSwhNNJM= +github.com/warpfork/go-wish v0.0.0-20220906213052-39a1cc7a02d0 h1:GDDkbFiaK8jsSDJfjId/PEGEShv6ugrt4kYsC5UIDaQ= +github.com/warpfork/go-wish v0.0.0-20220906213052-39a1cc7a02d0/go.mod h1:x6AKhvSSexNrVSrViXSHUEbICjmGXhtgABaHIySUSGw= +github.com/whyrusleeping/go-keyspace v0.0.0-20160322163242-5b898ac5add1 h1:EKhdznlJHPMoKr0XTrX+IlJs1LH3lyx2nfr1dOlZ79k= +github.com/whyrusleeping/go-keyspace v0.0.0-20160322163242-5b898ac5add1/go.mod h1:8UvriyWtv5Q5EOgjHaSseUEdkQfvwFv1I/In/O2M9gc= +github.com/wk8/go-ordered-map/v2 v2.1.8 h1:5h/BUHu93oj4gIdvHHHGsScSTMijfx5PeYkE/fJgbpc= +github.com/wk8/go-ordered-map/v2 v2.1.8/go.mod h1:5nJHM5DyteebpVlHnWMV0rPz6Zp7+xBAnxjb1X5vnTw= +github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= +github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= +github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= +github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb h1:zGWFAtiMcyryUHoUjUJX0/lt1H2+i2Ka2n+D3DImSNo= +github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= +github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHovont7NscjpAxXsDA8S8BMYve8Y5+7cuRE7R0= +github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= +github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17UxZ74= +github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= +github.com/xhit/go-str2duration/v2 v2.1.0/go.mod h1:ohY8p+0f07DiV6Em5LKB0s2YpLtXVyJfNt1+BlmyAsU= github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= github.com/xiang90/probing v0.0.0-20221125231312-a49e3df8f510 h1:S2dVYn90KE98chqDkyE9Z4N61UnQd+KOfgp5Iu53llk= github.com/xiang90/probing v0.0.0-20221125231312-a49e3df8f510/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= -github.com/xlab/treeprint v1.1.0 h1:G/1DjNkPpfZCFt9CSh6b5/nY4VimlbHF3Rh4obvtzDk= -github.com/xlab/treeprint v1.1.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0= +github.com/xlab/treeprint v1.2.0 h1:HzHnuAF1plUN2zGlAFHbSQP2qJ0ZAD3XF5XD7OesXRQ= +github.com/xlab/treeprint v1.2.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0= github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= -github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRTfdpNzjtPYqr8smhKouy9mxVdGPU= -github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8= +github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 h1:gEOO8jv9F4OT7lGCjxCBTO/36wtF6j2nSip77qHd4x4= +github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1/go.mod h1:Ohn+xnUBiLI6FVj/9LpzZWtj1/D6lUovWYBkxHVV3aM= +github.com/yashtewari/glob-intersection v0.1.0/go.mod h1:LK7pIC3piUjovexikBbJ26Yml7g8xa5bsjfx2v1fwok= +github.com/yashtewari/glob-intersection v0.2.0/go.mod h1:LK7pIC3piUjovexikBbJ26Yml7g8xa5bsjfx2v1fwok= github.com/yl2chen/cidranger v1.0.2 h1:lbOWZVCG1tCRX4u24kuM1Tb4nHqWkDxwLdoS+SevawU= github.com/yl2chen/cidranger v1.0.2/go.mod h1:9U1yz7WPYDwf0vpNWFaeRh0bjwz5RVgRy/9UEQfHl0g= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -1104,140 +1660,223 @@ github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9dec github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= +github.com/zeebo/assert v1.3.0/go.mod h1:Pq9JiuJQpG8JLJdtkwrJESF0Foym2/D9XMU5ciN/wJ0= +github.com/zeebo/xxh3 v1.0.2/go.mod h1:5NWz9Sef7zIDm2JHfFlcQvNekmcEl9ekUZQQKCYaDcA= go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= go.etcd.io/bbolt v1.3.6/go.mod h1:qXsaaIqmgQH0T+OPdb99Bf+PKfBBQVAdyD6TY9G8XM4= -go.etcd.io/bbolt v1.3.7 h1:j+zJOnnEjF/kyHlDDgGnVL/AIqIJPq8UoB2GSNfkUfQ= go.etcd.io/bbolt v1.3.7/go.mod h1:N9Mkw9X8x5fupy0IKsmuqVtoGDyxsaDlbk4Rd05IAQw= -go.etcd.io/etcd/client/v2 v2.305.0/go.mod h1:h9puh54ZTgAKtEbut2oe9P4L/oqKCVB6xsXlzd7alYQ= -go.etcd.io/etcd/client/v2 v2.305.3/go.mod h1:RMr4QdniyI8b7LX2IrLNPl9r8tsLUYBrwyxrfNbB6AU= -go.etcd.io/etcd/client/v2 v2.305.4/go.mod h1:Ud+VUwIi9/uQHOMA+4ekToJ12lTxlv0zB/+DHwTGEbU= -go.etcd.io/etcd/client/v2 v2.305.9 h1:YZ2OLi0OvR0H75AcgSUajjd5uqKDKocQUqROTG11jIo= -go.etcd.io/etcd/client/v2 v2.305.9/go.mod h1:0NBdNx9wbxtEQLwAQtrDHwx58m02vXpDcgSYI2seohQ= -go.etcd.io/etcd/pkg/v3 v3.5.3/go.mod h1:a1Z9AfwKuEQMXgLfISmIg+50szwz7gmioUZj669wf60= -go.etcd.io/etcd/pkg/v3 v3.5.4/go.mod h1:OI+TtO+Aa3nhQSppMbwE4ld3uF1/fqqwbpfndbbrEe0= -go.etcd.io/etcd/pkg/v3 v3.5.9 h1:6R2jg/aWd/zB9+9JxmijDKStGJAPFsX3e6BeJkMi6eQ= -go.etcd.io/etcd/pkg/v3 v3.5.9/go.mod h1:BZl0SAShQFk0IpLWR78T/+pyt8AruMHhTNNX73hkNVY= -go.etcd.io/etcd/raft/v3 v3.5.3/go.mod h1:kCV6hIjK2Oe4UBxDM5dWYs5wZGsiSYH7JvGaEXDlpD4= -go.etcd.io/etcd/raft/v3 v3.5.4/go.mod h1:SCuunjYvZFC0fBX0vxMSPjuZmpcSk+XaAcMrD6Do03w= -go.etcd.io/etcd/raft/v3 v3.5.9 h1:ZZ1GIHoUlHsn0QVqiRysAm3/81Xx7+i2d7nSdWxlOiI= -go.etcd.io/etcd/raft/v3 v3.5.9/go.mod h1:WnFkqzFdZua4LVlVXQEGhmooLeyS7mqzS4Pf4BCVqXg= +go.etcd.io/bbolt v1.3.9/go.mod h1:zaO32+Ti0PK1ivdPtgMESzuzL2VPoIG1PCQNvOdo/dE= +go.etcd.io/bbolt v1.3.10/go.mod h1:bK3UQLPJZly7IlNmV7uVHJDxfe5aK9Ll93e/74Y9oEQ= +go.etcd.io/bbolt v1.3.11 h1:yGEzV1wPz2yVCLsD8ZAiGHhHVlczyC9d1rP43/VCRJ0= +go.etcd.io/bbolt v1.3.11/go.mod h1:dksAq7YMXoljX0xu6VF5DMZGbhYYoLUalEiSySYAS4I= go.etcd.io/gofail v0.1.0/go.mod h1:VZBCXYGZhHAinaBiiqYvuDynvahNsAyLFwB3kEHKz1M= go.mozilla.org/pkcs7 v0.0.0-20200128120323-432b2356ecb1 h1:A/5uWzF44DlIgdm/PQFwfMkW0JX+cIcQi/SwLAmZP5M= go.mozilla.org/pkcs7 v0.0.0-20200128120323-432b2356ecb1/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk= +go.opencensus.io v0.18.0/go.mod h1:vKdFvxhtzZ9onBp9VKHK8z/sRpBMnKAsufL7wlDrCOA= +go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= -go.opentelemetry.io/contrib v0.20.0 h1:ubFQUn0VCZ0gPwIoJfBJVpeBlyRMxu8Mm/huKWYd9p0= -go.opentelemetry.io/contrib v0.20.0/go.mod h1:G/EtFaa6qaN7+LxqfIAT3GiZa7Wv5DTBUzl5H4LY0Kc= -go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful v0.20.0 h1:8YW+SL62UmcwRQJFZVfnyOlIUUtmlR13NaMKi+Fa6Fo= -go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful v0.20.0/go.mod h1:oQkZOyq61qZBItEFqhfpobK6X/oDPR7/Qr+MXjVSTks= -go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.20.0 h1:sO4WKdPAudZGKPcpZT4MJn6JaDmpyLrMPDGGyA1SttE= -go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.20.0/go.mod h1:oVGt1LRbBOBq1A5BQLlUg9UaU/54aiHw8cgjV3aWZ/E= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.20.0 h1:Q3C9yzW6I9jqEc8sawxzxZmY48fs9u220KXq6d5s3XU= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.20.0/go.mod h1:2AboqHi0CiIZU0qwhtUfCYD1GeUzvvIXWNkhDt7ZMG4= -go.opentelemetry.io/contrib/propagators v0.20.0 h1:IrLQng5Z7AfzkS4sEsYaj2ejkO4FCkgKdAr1aYKOfNc= -go.opentelemetry.io/contrib/propagators v0.20.0/go.mod h1:yLmt93MeSiARUwrK57bOZ4FBruRN4taLiW1lcGfnOes= -go.opentelemetry.io/otel v0.20.0 h1:eaP0Fqu7SXHwvjiqDq83zImeehOHX8doTvU9AwXON8g= -go.opentelemetry.io/otel v0.20.0/go.mod h1:Y3ugLH2oa81t5QO+Lty+zXf8zC9L26ax4Nzoxm/dooo= -go.opentelemetry.io/otel/exporters/otlp v0.20.0 h1:PTNgq9MRmQqqJY0REVbZFvwkYOA85vbdQU/nVfxDyqg= -go.opentelemetry.io/otel/exporters/otlp v0.20.0/go.mod h1:YIieizyaN77rtLJra0buKiNBOm9XQfkPEKBeuhoMwAM= -go.opentelemetry.io/otel/metric v0.20.0 h1:4kzhXFP+btKm4jwxpjIqjs41A7MakRFUS86bqLHTIw8= -go.opentelemetry.io/otel/metric v0.20.0/go.mod h1:598I5tYlH1vzBjn+BTuhzTCSb/9debfNp6R3s7Pr1eU= -go.opentelemetry.io/otel/oteltest v0.20.0 h1:HiITxCawalo5vQzdHfKeZurV8x7ljcqAgiWzF6Vaeaw= -go.opentelemetry.io/otel/oteltest v0.20.0/go.mod h1:L7bgKf9ZB7qCwT9Up7i9/pn0PWIa9FqQ2IQ8LoxiGnw= -go.opentelemetry.io/otel/sdk v0.20.0 h1:JsxtGXd06J8jrnya7fdI/U/MR6yXA5DtbZy+qoHQlr8= -go.opentelemetry.io/otel/sdk v0.20.0/go.mod h1:g/IcepuwNsoiX5Byy2nNV0ySUF1em498m7hBWC279Yc= -go.opentelemetry.io/otel/sdk/export/metric v0.20.0 h1:c5VRjxCXdQlx1HjzwGdQHzZaVI82b5EbBgOu2ljD92g= -go.opentelemetry.io/otel/sdk/export/metric v0.20.0/go.mod h1:h7RBNMsDJ5pmI1zExLi+bJK+Dr8NQCh0qGhm1KDnNlE= -go.opentelemetry.io/otel/sdk/metric v0.20.0 h1:7ao1wpzHRVKf0OQ7GIxiQJA6X7DLX9o14gmVon7mMK8= -go.opentelemetry.io/otel/sdk/metric v0.20.0/go.mod h1:knxiS8Xd4E/N+ZqKmUPf3gTTZ4/0TjTXukfxjzSTpHE= -go.opentelemetry.io/otel/trace v0.20.0 h1:1DL6EXUdcg95gukhuRRvLDO/4X5THh/5dIV52lqtnbw= -go.opentelemetry.io/otel/trace v0.20.0/go.mod h1:6GjCW8zgDjwGHGa6GkyeB8+/5vjT16gUEi0Nf1iBdgw= -go.opentelemetry.io/proto/otlp v0.7.0 h1:rwOQPCuKAKmwGKq2aVNnYIibI6wnV7EvzgfTCzcdGg8= -go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= -go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5 h1:+FNtrFTmVw0YZGpBGX56XDee331t6JAXeK2bcyhLOOc= -go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5/go.mod h1:nmDLcffg48OtT/PSW0Hg7FvpRQsQh5OSqIylirxKC7o= +go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful v0.44.0 h1:KemlMZlVwBSEGaO91WKgp41BBFsnWqqj9sKRwmOqC40= +go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful v0.44.0/go.mod h1:uq8DrRaen3suIWTpdR/JNHCGpurSvMv9D5Nr5CU5TXc= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.45.0 h1:RsQi0qJ2imFfCvZabqzM9cNXBG8k6gXMv1A0cXRmH6A= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.45.0/go.mod h1:vsh3ySueQCiKPxFLvjWC4Z135gIa34TQ/NSqkDTZYUM= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1/go.mod h1:sEGXWArGqc3tVa+ekntsN65DmVbVeW+7lTKTjZF3/Fo= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0/go.mod h1:SK2UL73Zy1quvRPonmOmRDiWk1KBV3LyIeeIxcEApWw= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.48.0/go.mod h1:rdENBZMT2OE6Ne/KLwpiXudnAsbdrdBaqBvTN8M8BgA= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0/go.mod h1:p8pYQP+m5XfbZm9fxtSKAbM6oIllS7s2AfxrChvc7iw= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0 h1:4K4tsIXefpVJtvA/8srF4V4y0akAoPHkIslgAkjixJA= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0/go.mod h1:jjdQuTGVsXV4vSs+CJ2qYDeDPf9yIJV23qlIzBm73Vg= +go.opentelemetry.io/contrib/propagators/b3 v1.19.0 h1:ulz44cpm6V5oAeg5Aw9HyqGFMS6XM7untlMEhD7YzzA= +go.opentelemetry.io/contrib/propagators/b3 v1.19.0/go.mod h1:OzCmE2IVS+asTI+odXQstRGVfXQ4bXv9nMBRK0nNyqQ= +go.opentelemetry.io/otel v1.14.0/go.mod h1:o4buv+dJzx8rohcUeRmWUZhqupFvzWis188WlggnNeU= +go.opentelemetry.io/otel v1.19.0/go.mod h1:i0QyjOq3UPoTzff0PJB2N66fb4S0+rSbSB15/oyH9fY= +go.opentelemetry.io/otel v1.20.0/go.mod h1:oUIGj3D77RwJdM6PPZImDpSZGDvkD9fhesHny69JFrs= +go.opentelemetry.io/otel v1.21.0/go.mod h1:QZzNPQPm1zLX4gZK4cMi+71eaorMSGT3A4znnUvNNEo= +go.opentelemetry.io/otel v1.22.0/go.mod h1:eoV4iAi3Ea8LkAEI9+GFT44O6T/D0GWAVFyZVCC6pMI= +go.opentelemetry.io/otel v1.23.0/go.mod h1:YCycw9ZeKhcJFrb34iVSkyT0iczq/zYDtZYFufObyB0= +go.opentelemetry.io/otel v1.24.0/go.mod h1:W7b9Ozg4nkF5tWI5zsXkaKKDjdVjpD4oAt9Qi/MArHo= +go.opentelemetry.io/otel v1.27.0/go.mod h1:DMpAK8fzYRzs+bi3rS5REupisuqTheUlSZJ1WnZaPAQ= +go.opentelemetry.io/otel v1.28.0 h1:/SqNcYk+idO0CxKEUOtKQClMK/MimZihKYMruSMViUo= +go.opentelemetry.io/otel v1.28.0/go.mod h1:q68ijF8Fc8CnMHKyzqL6akLO46ePnjkgfIMIjUIX9z4= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.19.0/go.mod h1:IPtUMKL4O3tH5y+iXVyAXqpAwMuzC1IrxVS81rummfE= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.20.0/go.mod h1:GijYcYmNpX1KazD5JmWGsi4P7dDTTTnfv1UbGn84MnU= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.21.0/go.mod h1:zgBdWWAu7oEEMC06MMKc5NLbA/1YDXV1sMpSqEeLQLg= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.27.0/go.mod h1:OQFyQVrDlbe+R7xrEyDr/2Wr67Ol0hRUgsfA+V5A95s= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 h1:3Q/xZUyC1BBkualc9ROb4G8qkH90LXEIICcs5zv1OYY= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0/go.mod h1:s75jGIWA9OfCMzF0xr+ZgfrB5FEbbV7UuYo32ahUiFI= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.19.0/go.mod h1:0+KuTDyKL4gjKCF75pHOX4wuzYDUZYfAQdSu43o+Z2I= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.20.0/go.mod h1:vNUq47TGFioo+ffTSnKNdob241vePmtNZnAODKapKd0= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.21.0/go.mod h1:nUeKExfxAQVbiVFn32YXpXZZHZ61Cc3s3Rn1pDBGAb0= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.27.0/go.mod h1:MOiCmryaYtc+V0Ei+Tx9o5S1ZjA7kzLucuVuyzBZloQ= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.28.0 h1:R3X6ZXmNPRR8ul6i3WgFURCHzaXjHdm0karRG/+dj3s= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.28.0/go.mod h1:QWFXnDavXWwMx2EEcZsf3yxgEKAqsxQ+Syjp+seyInw= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.19.0/go.mod h1:oVdCUtjq9MK9BlS7TtucsQwUcXcymNiEDjgDD2jMtZU= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.28.0 h1:j9+03ymgYhPKmeXGk5Zu+cIZOlVzd9Zv7QIiyItjFBU= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.28.0/go.mod h1:Y5+XiUG4Emn1hTfciPzGPJaSI+RpDts6BnCIir0SLqk= +go.opentelemetry.io/otel/metric v1.19.0/go.mod h1:L5rUsV9kM1IxCj1MmSdS+JQAcVm319EUrDVLrt7jqt8= +go.opentelemetry.io/otel/metric v1.20.0/go.mod h1:90DRw3nfK4D7Sm/75yQ00gTJxtkBxX+wu6YaNymbpVM= +go.opentelemetry.io/otel/metric v1.21.0/go.mod h1:o1p3CA8nNHW8j5yuQLdc1eeqEaPfzug24uvsyIEJRWM= +go.opentelemetry.io/otel/metric v1.22.0/go.mod h1:evJGjVpZv0mQ5QBRJoBF64yMuOf4xCWdXjK8pzFvliY= +go.opentelemetry.io/otel/metric v1.23.0/go.mod h1:MqUW2X2a6Q8RN96E2/nqNoT+z9BSms20Jb7Bbp+HiTo= +go.opentelemetry.io/otel/metric v1.24.0/go.mod h1:VYhLe1rFfxuTXLgj4CBiyz+9WYBA8pNGJgDcSFRKBco= +go.opentelemetry.io/otel/metric v1.27.0/go.mod h1:mVFgmRlhljgBiuk/MP/oKylr4hs85GZAylncepAX/ak= +go.opentelemetry.io/otel/metric v1.28.0 h1:f0HGvSl1KRAU1DLgLGFjrwVyismPlnuU6JD6bOeuA5Q= +go.opentelemetry.io/otel/metric v1.28.0/go.mod h1:Fb1eVBFZmLVTMb6PPohq3TO9IIhUisDsbJoL/+uQW4s= +go.opentelemetry.io/otel/sdk v1.19.0/go.mod h1:NedEbbS4w3C6zElbLdPJKOpJQOrGUJ+GfzpjUvI0v1A= +go.opentelemetry.io/otel/sdk v1.20.0/go.mod h1:rmkSx1cZCm/tn16iWDn1GQbLtsW/LvsdEEFzCSRM6V0= +go.opentelemetry.io/otel/sdk v1.21.0/go.mod h1:Nna6Yv7PWTdgJHVRD9hIYywQBRx7pbox6nwBnZIxl/E= +go.opentelemetry.io/otel/sdk v1.22.0/go.mod h1:iu7luyVGYovrRpe2fmj3CVKouQNdTOkxtLzPvPz1DOc= +go.opentelemetry.io/otel/sdk v1.27.0/go.mod h1:Ha9vbLwJE6W86YstIywK2xFfPjbWlCuwPtMkKdz/Y4A= +go.opentelemetry.io/otel/sdk v1.28.0 h1:b9d7hIry8yZsgtbmM0DKyPWMMUMlK9NEKuIG4aBqWyE= +go.opentelemetry.io/otel/sdk v1.28.0/go.mod h1:oYj7ClPUA7Iw3m+r7GeEjz0qckQRJK2B8zjcZEfu7Pg= +go.opentelemetry.io/otel/trace v1.14.0/go.mod h1:8avnQLK+CG77yNLUae4ea2JDQ6iT+gozhnZjy/rw9G8= +go.opentelemetry.io/otel/trace v1.19.0/go.mod h1:mfaSyvGyEJEI0nyV2I4qhNQnbBOUUmYZpYojqMnX2vo= +go.opentelemetry.io/otel/trace v1.20.0/go.mod h1:HJSK7F/hA5RlzpZ0zKDCHCDHm556LCDtKaAo6JmBFUU= +go.opentelemetry.io/otel/trace v1.21.0/go.mod h1:LGbsEB0f9LGjN+OZaQQ26sohbOmiMR+BaslueVtS/qQ= +go.opentelemetry.io/otel/trace v1.22.0/go.mod h1:RbbHXVqKES9QhzZq/fE5UnOSILqRt40a21sPw2He1xo= +go.opentelemetry.io/otel/trace v1.23.0/go.mod h1:GSGTbIClEsuZrGIzoEHqsVfxgn5UkggkflQwDScNUsk= +go.opentelemetry.io/otel/trace v1.24.0/go.mod h1:HPc3Xr/cOApsBI154IU0OI0HJexz+aw5uPdbs3UCjNU= +go.opentelemetry.io/otel/trace v1.27.0/go.mod h1:6RiD1hkAprV4/q+yd2ln1HG9GoPx39SuvvstaLBl+l4= +go.opentelemetry.io/otel/trace v1.28.0 h1:GhQ9cUuQGmNDd5BTCP2dAvv75RdMxEfTmYejp+lkx9g= +go.opentelemetry.io/otel/trace v1.28.0/go.mod h1:jPyXzNPg6da9+38HEwElrQiHlVMTnVfM3/yv2OlIHaI= +go.opentelemetry.io/proto/otlp v0.15.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U= +go.opentelemetry.io/proto/otlp v1.0.0/go.mod h1:Sy6pihPLfYHkr3NkUbEhGHFhINUSI/v80hjKIs5JXpM= +go.opentelemetry.io/proto/otlp v1.2.0/go.mod h1:gGpR8txAl5M03pDhMC79G6SdqNV26naRm/KDsgaHD8A= +go.opentelemetry.io/proto/otlp v1.3.1 h1:TrMUixzpM0yuc/znrFTP9MMRh8trP93mkCiDVeXrui0= +go.opentelemetry.io/proto/otlp v1.3.1/go.mod h1:0X1WI4de4ZsLrrJNLAQbFeLCm3T7yBkR0XqQ7niQU+8= +go.starlark.net v0.0.0-20230525235612-a134d8f9ddca h1:VdD38733bfYv5tUZwEIskMM93VanwNIi5bIKnDrJdEY= +go.starlark.net v0.0.0-20230525235612-a134d8f9ddca/go.mod h1:jxU+3+j+71eXOW14274+SmmuW82qJzl6iZSeqEtTGds= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= +go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ= -go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= -go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= +go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE= +go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= +go.uber.org/automaxprocs v1.5.3/go.mod h1:eRbA25aqJrxAbsLO0xy5jVwPt7FQnRgjW+efnwa1WM0= +go.uber.org/dig v1.17.1 h1:Tga8Lz8PcYNsWsyHMZ1Vm0OQOUaJNDyvPImgbAu9YSc= +go.uber.org/dig v1.17.1/go.mod h1:Us0rSJiThwCv2GteUN0Q7OKvU7n5J4dxZ9JKUXozFdE= +go.uber.org/fx v1.20.1 h1:zVwVQGS8zYvhh9Xxcu4w1M6ESyeMzebzj2NbSayZ4Mk= +go.uber.org/fx v1.20.1/go.mod h1:iSYNbHf2y55acNCwCXKx7LbWb5WG1Bnue5RDXz1OREg= +go.uber.org/goleak v1.1.11-0.20210813005559-691160354723/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= go.uber.org/goleak v1.1.12/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= -go.uber.org/goleak v1.2.0 h1:xqgm/S+aQvhWFTtR0XK3Jvg7z8kGV8P4X14IzwN3Eqk= go.uber.org/goleak v1.2.0/go.mod h1:XJYK+MuIchqpmGmUSAzotztawfKvYLUIgg7guXrwVUo= +go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= +go.uber.org/mock v0.4.0 h1:VcM4ZOtdbR4f6VXfiOpwpVJDL6lCReaZ6mw31wqh7KU= +go.uber.org/mock v0.4.0/go.mod h1:a6FSlNadKUHUa9IP5Vyt1zh4fC7uAwxMutEAscFbkZc= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= +go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= -go.uber.org/multierr v1.9.0 h1:7fIwc/ZtS0q++VgcfqFDxSBZVv/Xo49/SYnDFupUwlI= -go.uber.org/multierr v1.9.0/go.mod h1:X2jQV1h+kxSjClGpnseKVIxpmcjrj7MNnI0bnlfKTVQ= +go.uber.org/multierr v1.10.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= +go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= +go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= +go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= +go.uber.org/zap v1.16.0/go.mod h1:MA8QOfq0BHJwdXa996Y4dYkAqRKB8/1K1QMMZVaNZjQ= go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo= -go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= -go.uber.org/zap v1.24.0 h1:FiJd5l1UOLj0wCgbSE0rwwXHzEdAZS6hiiSnxJN/D60= -go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= -golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd h1:XcWmESyNjXJMLahc3mqVQJcgSTDxFxhETVlfk9uGc38= -golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +go.uber.org/zap v1.19.1/go.mod h1:j3DNczoxDZroyBnOT1L/Q79cfUMGZxlv/9dzN7SM1rI= +go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= +go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= +go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= +go4.org v0.0.0-20180809161055-417644f6feb5/go.mod h1:MkTOUMDaeVYJUOUsaDXIhWPZYa1yOyC1qaOBpL57BhE= +golang.org/x/build v0.0.0-20190111050920-041ab4dc3f9d/go.mod h1:OWs+y06UdEOHN4y+MfF/py+xQ/tYqIWW03b70/CG9Rw= +golang.org/x/crypto v0.24.0 h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI= +golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190312203227-4b39c73a6495/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= -golang.org/x/exp v0.0.0-20190731235908-ec7cb31e5a56/go.mod h1:JhuoJpWY28nO4Vef9tZUw9qufEGTyX1+7lmHxV5q5G4= golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= +golang.org/x/exp v0.0.0-20191002040644-a1355ae1e2c3/go.mod h1:NOZ3BPKG0ec/BKJQgnvsSFpcKLM5xXVWnvZS97DWHgE= golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/exp v0.0.0-20210220032938-85be41e4509f h1:GrkO5AtFUU9U/1f5ctbIBXtBGeSJbWwIYfIsTcFMaX4= -golang.org/x/exp v0.0.0-20210220032938-85be41e4509f/go.mod h1:I6l2HNBLBZEcrOoCpyKLdY2lHoRZ8lI4x60KMCQDft4= +golang.org/x/exp v0.0.0-20220827204233-334a2380cb91/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE= +golang.org/x/exp v0.0.0-20230515195305-f3d0a9c9a5cc/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w= +golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 h1:2dVuKD2vS7b0QIHQbpyTISPd0LeHDbnYEryqj5Q1ug8= +golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY= golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86hEcLt0YII63i6oz57MZXIpbrjZUs= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20190910094157-69e4b8554b2a/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20200119044424-58c23975cae1/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20200430140353-33d19683fad8/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20200618115811-c13761719519/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20201208152932-35266b937fa6/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20210216034530-4410531fe030/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/image v0.0.0-20210607152325-775e3b0c77b9/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM= +golang.org/x/image v0.0.0-20210628002857-a66eb6448b8d/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM= +golang.org/x/image v0.0.0-20211028202545-6944b10bf410/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM= +golang.org/x/image v0.0.0-20220302094943-723b81ca9867/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM= +golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= +golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= -golang.org/x/mobile v0.0.0-20201217150744-e6ae53a27f4f/go.mod h1:skQtrUTUwhdJvXM/2KKJzY8pDgNr9I/FOMqDVRPBUS4= golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= -golang.org/x/mod v0.1.1-0.20191209134235-331c550502dd/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.3.1-0.20200828183125-ce943fd02449/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.5.0/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro= +golang.org/x/mod v0.5.1/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro= golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.6.0/go.mod h1:4mET923SAdbXp2ki8ey+zGs1SLqsuM2Y0uvdZR/fUNI= golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.11.0 h1:bUO06HqtnRcc/7l71XBe4WcqTZ+3AH1J59zWDDwLKgU= golang.org/x/mod v0.11.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= -golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= +golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.20.0 h1:utOm6MM3R3dnawAiJgn0y+xvuYRsm1RKM/4giyfDgV0= +golang.org/x/mod v0.20.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ= +golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/oauth2 v0.0.0-20181203162652-d668ce993890/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20211005180243-6b3c2da341f1/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= +golang.org/x/oauth2 v0.0.0-20220309155454-6242fa91716a/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= golang.org/x/oauth2 v0.0.0-20220608161450-d0670ef3b1eb/go.mod h1:jaDAt6Dkxork7LmZnYtzbRWj0W47D86a3TGe0YHBvmE= golang.org/x/oauth2 v0.0.0-20220622183110-fd043fe589d2/go.mod h1:jaDAt6Dkxork7LmZnYtzbRWj0W47D86a3TGe0YHBvmE= @@ -1245,16 +1884,25 @@ golang.org/x/oauth2 v0.0.0-20220822191816-0ebed06d0094/go.mod h1:h4gKUeWbJ4rQPri golang.org/x/oauth2 v0.0.0-20220909003341-f21342109be1/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= golang.org/x/oauth2 v0.0.0-20221006150949-b44042a4b9c1/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= golang.org/x/oauth2 v0.0.0-20221014153046-6fdb5e3db783/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= -golang.org/x/oauth2 v0.4.0/go.mod h1:RznEsdpjGAINPTOF0UH/t+xJ75L18YO3Ho6Pyn+uRec= golang.org/x/oauth2 v0.5.0/go.mod h1:9/XBHVqLaWO3/BRHs5jbpYCnOZVjj5V0ndyaAM7KB4I= golang.org/x/oauth2 v0.6.0/go.mod h1:ycmewcwgD4Rpr3eZJLSB4Kyyljb3qDh40vJ8STE5HKw= golang.org/x/oauth2 v0.7.0/go.mod h1:hPLQkd9LyjfXTiRohC/41GhcFqxisoUQ99sCUOHO9x4= golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE= -golang.org/x/oauth2 v0.10.0 h1:zHCpF2Khkwy4mMB4bv0U37YtJdTGW8jI0glAApi0Kh8= golang.org/x/oauth2 v0.10.0/go.mod h1:kTpgurOux7LqtuxjuyZa4Gj2gdezIt/jQtGnNFfypQI= +golang.org/x/oauth2 v0.11.0/go.mod h1:LdF7O/8bLR/qWK9DrpXmbHLTouvRHK0SgJl0GmDBchk= +golang.org/x/oauth2 v0.13.0/go.mod h1:/JMhi4ZRXAf4HG9LiNmxvk+45+96RUlVThiH8FzNBn0= +golang.org/x/oauth2 v0.15.0/go.mod h1:q48ptWNTY5XWf+JNten23lcvHpLJ0ZSxF5ttTHKVCAM= +golang.org/x/oauth2 v0.16.0/go.mod h1:hqZ+0LWXsiVoZpeld6jVt06P3adbS2Uu911W1SsJv2o= +golang.org/x/oauth2 v0.17.0/go.mod h1:OzPDGQiuQMguemayvdylqddI7qcD9lnSDb+1FiwQ5HA= +golang.org/x/oauth2 v0.18.0/go.mod h1:Wf7knwG0MPoWIMMBgFlEaSUDaKskp0dCfrlJRJXbBi8= +golang.org/x/oauth2 v0.20.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/oauth2 v0.21.0 h1:tsimM75w1tF/uws5rbeHzIWxEqElMehnc+iW793zsZs= +golang.org/x/oauth2 v0.21.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/perf v0.0.0-20180704124530-6e6d33e29852/go.mod h1:JLpeXjPJfIyPr5TlbXLkXWLhP8nz10XfvxElABhCtcw= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -1264,59 +1912,89 @@ golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220819030929-7fc1605a5dde/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220929204114-8fcdb60fdcc0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E= +golang.org/x/sync v0.2.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= -golang.org/x/sys v0.2.0 h1:ljd4t30dBnAvMZaQCevtY0xLLD0A+bRZXbgLMLU1F/A= -golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= -golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= +golang.org/x/sync v0.4.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= +golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ= +golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws= +golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/telemetry v0.0.0-20240208230135-b75ee8823808/go.mod h1:KG1lNk5ZFNssSZLrpVb4sMXKMpGwGXOxSG3rnu2gZQQ= +golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE= +golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= +golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= +golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= +golang.org/x/term v0.21.0/go.mod h1:ooXLefLobQVslOqselCNF4SxFAaoS6KujMbsGzSDmX0= +golang.org/x/term v0.23.0 h1:F6D4vR+EHoL9/sWAWgAR1H2DcHr4PareCbAaCo1RpuU= +golang.org/x/term v0.23.0/go.mod h1:DgV24QBUrK6jhZXl+20l6UWznPlwAHm1Q1mGHtydmSk= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.10.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= +golang.org/x/text v0.18.0 h1:XvMDiNzPAl0jr17s6W9lcaIhGUfUORdGCNsuLmPG224= +golang.org/x/text v0.18.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= +golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20220210224613-90d013bbcef8/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.4.0 h1:Z81tqI5ddIoXDPvVQ7/7CC9TnLM7ubaFG2qXYd5BbYY= -golang.org/x/time v0.4.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= +golang.org/x/time v0.1.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= +golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20181030000716-a0a13e073c7b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190206041539-40960b6deb8e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20190907020128-2ca718005c18/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20190927191325-030b2cf1153e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191112195655-aa38f8e97acc/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -1325,7 +2003,6 @@ golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200117012304-6edc0a871e69/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= @@ -1343,21 +2020,45 @@ golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roY golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE= +golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201124115921-2c860bdd6e78/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.9/go.mod h1:nABZi5QlRsZVlzPpHl034qft6wpY4eDcsTt5AaioBiU= golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA= -golang.org/x/tools v0.5.0/go.mod h1:N+Kgy78s5I24c24dU8OfWNEotWjutIs8SnJvn5IDq+k= +golang.org/x/tools v0.3.0/go.mod h1:/rWhSS2+zyEVwoJf8YAX6L2f0ntZ7Kn/mGgAWcipA5k= +golang.org/x/tools v0.4.0/go.mod h1:UE5sM2OK9E/d67R0ANs2xJizIymRP5gJU295PvKXxjQ= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/tools v0.8.0/go.mod h1:JxBZ99ISMI5ViVkT1tr6tdNmXeTrcpVSD3vZ1RsRdN4= -golang.org/x/tools v0.10.0 h1:tvDr/iQoUqNdohiYm0LmmKcBk+q86lb9EprIUFhHHGg= +golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s= +golang.org/x/tools v0.9.1/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc= +golang.org/x/tools v0.9.3/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc= golang.org/x/tools v0.10.0/go.mod h1:UJwyiVBsOA2uwvK/e5OY3GTpDUJriEd+/YlqAwLPmyM= +golang.org/x/tools v0.11.0/go.mod h1:anzJrxPjNtfgiYQYirP2CPGzGLxrH2u2QBhn6Bf3qY8= +golang.org/x/tools v0.12.0/go.mod h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM= +golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= +golang.org/x/tools v0.16.1/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0= +golang.org/x/tools v0.17.0/go.mod h1:xsh6VxdV005rRVaS6SSAf9oiAqljS7UZUacMZ8Bnsps= +golang.org/x/tools v0.18.0/go.mod h1:GL7B4CwcLLeo59yx/9UWWuNOW1n3VZ4f5axWfML7Lcg= +golang.org/x/tools v0.20.0/go.mod h1:WvitBU7JJf6A4jOdg4S1tviW9bhUxkgeCui/0JHctQg= +golang.org/x/tools v0.21.0/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= +golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= +golang.org/x/tools v0.24.0 h1:J1shsA93PJUEVaUSaay7UXAyE8aimq3GW0pjlolpa24= +golang.org/x/tools v0.24.0/go.mod h1:YhNqVBIfWHdzvTLs0d8LCuMhkKUgSUKldakyV7W/WDQ= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -1366,84 +2067,206 @@ golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20220517211312-f3a8303e98df/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= golang.org/x/xerrors v0.0.0-20220609144429-65e65417b02f/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= +golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028/go.mod h1:NDW/Ps6MPRej6fsCIbMTohpP40sJ/P/vI1MoTEGwX90= gonum.org/v1/gonum v0.0.0-20180816165407-929014505bf4/go.mod h1:Y+Yx5eoAFn32cQvJDxZx5Dpnq+c3wtXuadVZAcxbbBo= -gonum.org/v1/gonum v0.0.0-20190331200053-3d26580ed485/go.mod h1:2ltnJ7xHfj0zHS40VVPYEAAMTa3ZGguvHGBSJeRWqE0= -gonum.org/v1/gonum v0.6.2 h1:4r+yNT0+8SWcOkXP+63H2zQbN+USnC73cjGUxnDF94Q= -gonum.org/v1/gonum v0.6.2/go.mod h1:9mxDZsDKxgMAuccQkewq682L+0eCu4dCN2yonUJTCLU= +gonum.org/v1/gonum v0.8.2/go.mod h1:oe/vMfY3deqTw+1EZJhuvEW2iwGF1bW9wwu7XCu0+v0= +gonum.org/v1/gonum v0.9.3/go.mod h1:TZumC3NeyVQskjXqmyWt4S3bINhy7B4eYwW69EbyX+0= +gonum.org/v1/gonum v0.11.0/go.mod h1:fSG4YDCxxUZQJ7rKsQrj0gMOg00Il0Z96/qMA4bVQhA= +gonum.org/v1/gonum v0.13.0 h1:a0T3bh+7fhRyqeNbiC3qVHYmkiQgit3wnNan/2c0HMM= +gonum.org/v1/gonum v0.13.0/go.mod h1:/WPYRckkfWrhWefxyYTfrTtQR0KH4iyHNuzxqXAKyAU= gonum.org/v1/netlib v0.0.0-20190313105609-8cb42192e0e0/go.mod h1:wa6Ws7BG/ESfp6dHfk7C6KdzKA7wR7u/rKwOGE66zvw= -gonum.org/v1/netlib v0.0.0-20190331212654-76723241ea4e h1:jRyg0XfpwWlhEV8mDfdNGBeSJM2fuyh9Yjrnd8kF2Ts= -gonum.org/v1/netlib v0.0.0-20190331212654-76723241ea4e/go.mod h1:kS+toOQn6AQKjmKJ7gzohV1XkqsFehRA2FbsbkopSuQ= gonum.org/v1/plot v0.0.0-20190515093506-e2840ee46a6b/go.mod h1:Wt8AAjI+ypCyYX3nZBvf6cAIx93T+c/OS2HFAYskSZc= -google.golang.org/api v0.60.0 h1:eq/zs5WPH4J9undYM9IP1O7dSr7Yh8Y0GtSCpzGzIUk= -google.golang.org/api v0.60.0/go.mod h1:d7rl65NZAkEQ90JFzqBjcRq1TVeG5ZoGV3sSpEnnVb4= +gonum.org/v1/plot v0.9.0/go.mod h1:3Pcqqmp6RHvJI72kgb8fThyUnav364FOsdDo2aGW5lY= +gonum.org/v1/plot v0.10.1/go.mod h1:VZW5OlhkL1mysU9vaqNHnsy86inf6Ot+jB3r+BczCEo= +google.golang.org/api v0.0.0-20180910000450-7ca32eb868bf/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= +google.golang.org/api v0.0.0-20181030000543-1d582fd0359e/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= +google.golang.org/api v0.1.0/go.mod h1:UGEZY7KEX120AnNLIHFMKIo4obdJhkp2tPbaPlQx13Y= +google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= +google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= +google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= +google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= +google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= +google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= +google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= +google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= +google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg= +google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE= +google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= +google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU= +google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94= +google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59tHXo= +google.golang.org/api v0.48.0/go.mod h1:71Pr1vy+TAZRPkPs/xlCf5SsU8WjuAWv1Pfjbtukyy4= +google.golang.org/api v0.50.0/go.mod h1:4bNT5pAuq5ji4SRZm+5QIkjny9JAyVD/3gaSihNefaw= +google.golang.org/api v0.51.0/go.mod h1:t4HdrdoNgyN5cbEfm7Lum0lcLDLiise1F8qDKX00sOU= +google.golang.org/api v0.54.0/go.mod h1:7C4bFFOvVDGXjfDTAsgGwDgAxRDeQ4X8NvUedIt6z3k= +google.golang.org/api v0.55.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE= +google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdrMgI= +google.golang.org/api v0.61.0/go.mod h1:xQRti5UdCmoCEqFxcz93fTl338AVqDgyaDRuOZ3hg9I= +google.golang.org/api v0.63.0/go.mod h1:gs4ij2ffTRXwuzzgJl/56BdwJaA194ijkfn++9tDuPo= +google.golang.org/api v0.67.0/go.mod h1:ShHKP8E60yPsKNw/w8w+VYaj9H6buA5UqDp8dhbQZ6g= +google.golang.org/api v0.70.0/go.mod h1:Bs4ZM2HGifEvXwd50TtW70ovgJffJYw2oRCOFU/SkfA= +google.golang.org/api v0.74.0/go.mod h1:ZpfMZOVRMywNyvJFeqL9HRWBgAuRfSjJFpe9QtRRyDs= +google.golang.org/api v0.75.0/go.mod h1:pU9QmyHLnzlpar1Mjt4IbapUCy8J+6HD6GeELN69ljA= +google.golang.org/api v0.77.0/go.mod h1:pU9QmyHLnzlpar1Mjt4IbapUCy8J+6HD6GeELN69ljA= +google.golang.org/api v0.80.0/go.mod h1:xY3nI94gbvBrE0J6NHXhxOmW97HG7Khjkku6AFB3Hyg= +google.golang.org/api v0.84.0/go.mod h1:NTsGnUFJMYROtiquksZHBWtHfeMC7iYthki7Eq3pa8o= +google.golang.org/api v0.85.0/go.mod h1:AqZf8Ep9uZ2pyTvgL+x0D3Zt0eoT9b5E8fmzfu6FO2g= +google.golang.org/api v0.93.0/go.mod h1:+Sem1dnrKlrXMR/X0bPnMWyluQe4RsNoYfmNLhOIkzw= +google.golang.org/api v0.96.0/go.mod h1:w7wJQLTM+wvQpNf5JyEcBoxK0RH7EDrh/L4qfsuJ13s= +google.golang.org/api v0.97.0/go.mod h1:w7wJQLTM+wvQpNf5JyEcBoxK0RH7EDrh/L4qfsuJ13s= +google.golang.org/api v0.99.0/go.mod h1:1YOf74vkVndF7pG6hIHuINsM7eWwpVTAfNMNiL91A08= +google.golang.org/api v0.100.0/go.mod h1:ZE3Z2+ZOr87Rx7dqFsdRQkRBk36kDtp/h+QpHbB7a70= +google.golang.org/api v0.102.0/go.mod h1:3VFl6/fzoA+qNuS1N1/VfXY4LjoXN/wzeIp7TweWwGo= +google.golang.org/api v0.103.0/go.mod h1:hGtW6nK1AC+d9si/UBhw8Xli+QMOf6xyNAyJw4qU9w0= +google.golang.org/api v0.106.0/go.mod h1:2Ts0XTHNVWxypznxWOYUeI4g3WdP9Pk2Qk58+a/O9MY= +google.golang.org/api v0.108.0/go.mod h1:2Ts0XTHNVWxypznxWOYUeI4g3WdP9Pk2Qk58+a/O9MY= +google.golang.org/api v0.110.0/go.mod h1:7FC4Vvx1Mooxh8C5HWjzZHcavuS2f6pmJpZx60ca7iI= +google.golang.org/api v0.111.0/go.mod h1:qtFHvU9mhgTJegR31csQ+rwxyUTHOKFqCKWp1J0fdw0= +google.golang.org/api v0.114.0/go.mod h1:ifYI2ZsFK6/uGddGfAD5BMxlnkBqCmqHSDUVi45N5Yg= +google.golang.org/api v0.118.0/go.mod h1:76TtD3vkgmZ66zZzp72bUUklpmQmKlhh6sYtIjYK+5E= +google.golang.org/api v0.122.0/go.mod h1:gcitW0lvnyWjSp9nKxAbdHKIZ6vF4aajGueeslZOyms= +google.golang.org/api v0.125.0/go.mod h1:mBwVAtz+87bEN6CbA1GtZPDOqY2R5ONPqJeIlvyo4Aw= +google.golang.org/api v0.126.0/go.mod h1:mBwVAtz+87bEN6CbA1GtZPDOqY2R5ONPqJeIlvyo4Aw= +google.golang.org/api v0.128.0/go.mod h1:Y611qgqaE92On/7g65MQgxYul3c0rEB894kniWLY750= +google.golang.org/api v0.149.0/go.mod h1:Mwn1B7JTXrzXtnvmzQE2BD6bYZQ8DShKZDZbeN9I7qI= +google.golang.org/api v0.150.0/go.mod h1:ccy+MJ6nrYFgE3WgRx/AMXOxOmU8Q4hSa+jjibzhxcg= +google.golang.org/api v0.155.0/go.mod h1:GI5qK5f40kCpHfPn6+YzGAByIKWv8ujFnmoWm7Igduk= +google.golang.org/api v0.160.0/go.mod h1:0mu0TpK33qnydLvWqbImq2b1eQ5FHRSDCBzAxX9ZHyw= +google.golang.org/api v0.162.0/go.mod h1:6SulDkfoBIg4NFmCuZ39XeeAgSHCPecfSUuDyYlAHs0= +google.golang.org/api v0.166.0/go.mod h1:4FcBc686KFi7QI/U51/2GKKevfZMpM17sCdibqe/bSA= +google.golang.org/api v0.169.0/go.mod h1:gpNOiMA2tZ4mf5R9Iwf4rK/Dcz0fbdIgWYWVoxmsyLg= +google.golang.org/appengine v1.2.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/appengine v1.3.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/genproto v0.0.0-20220107163113-42d7afdf6368 h1:Et6SkiuvnBn+SgrSYXs/BrUpGB4mbdwt4R3vaPIlicA= -google.golang.org/genproto v0.0.0-20220107163113-42d7afdf6368/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto/googleapis/api v0.0.0-20230526203410-71b5a4ffd15e/go.mod h1:vHYtlOoi6TsQ3Uk2yxR7NI5z8uoV+3pZtR4jmHIkRig= +google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= +google.golang.org/genproto v0.0.0-20230525234035-dd9d682886f9 h1:jLonXEme2DCOtOpnGWxpvzXCE7lc9QmQbjEX8tt3I8g= +google.golang.org/genproto v0.0.0-20230525234035-dd9d682886f9/go.mod h1:9ExIQyXL5hZrHzQceCwuSYwZZ5QZBazOcprJ5rgs3lY= +google.golang.org/genproto/googleapis/api v0.0.0-20230525234020-1aefcd67740a/go.mod h1:ts19tUU+Z0ZShN1y3aPyq2+O3d5FUNNgT6FtOzmrNn8= +google.golang.org/genproto/googleapis/api v0.0.0-20230525234035-dd9d682886f9/go.mod h1:vHYtlOoi6TsQ3Uk2yxR7NI5z8uoV+3pZtR4jmHIkRig= google.golang.org/genproto/googleapis/api v0.0.0-20230530153820-e85fd2cbaebc/go.mod h1:vHYtlOoi6TsQ3Uk2yxR7NI5z8uoV+3pZtR4jmHIkRig= google.golang.org/genproto/googleapis/api v0.0.0-20230711160842-782d3b101e98/go.mod h1:rsr7RhLuwsDKL7RmgDDCUc6yaGr1iqceVb5Wv6f6YvQ= +google.golang.org/genproto/googleapis/api v0.0.0-20230803162519-f966b187b2e5/go.mod h1:5DZzOUPCLYL3mNkQ0ms0F3EuUNZ7py1Bqeq6sxzI7/Q= +google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d/go.mod h1:KjSP20unUpOx5kyQUFa7k4OJg0qeJ7DEZflGDu2p6Bk= +google.golang.org/genproto/googleapis/api v0.0.0-20231016165738-49dd2c1f3d0b/go.mod h1:IBQ646DjkDkvUIsVq/cc03FUFQ9wbZu7yE396YcL870= +google.golang.org/genproto/googleapis/api v0.0.0-20231120223509-83a465c0220f/go.mod h1:Uy9bTZJqmfrw2rIBxgGLnamc78euZULUBrLZ9XTITKI= +google.golang.org/genproto/googleapis/api v0.0.0-20231211222908-989df2bf70f3/go.mod h1:k2dtGpRrbsSyKcNPKKI5sstZkrNCZwpU/ns96JoHbGg= +google.golang.org/genproto/googleapis/api v0.0.0-20240102182953-50ed04b92917/go.mod h1:CmlNWB9lSezaYELKS5Ym1r44VrrbPUa7JTvw+6MbpJ0= +google.golang.org/genproto/googleapis/api v0.0.0-20240116215550-a9fa1716bcac/go.mod h1:B5xPO//w8qmBDjGReYLpR6UJPnkldGkCSMoH/2vxJeg= +google.golang.org/genproto/googleapis/api v0.0.0-20240125205218-1f4bbc51befe/go.mod h1:4jWUdICTdgc3Ibxmr8nAJiiLHwQBY0UI0XZcEMaFKaA= +google.golang.org/genproto/googleapis/api v0.0.0-20240205150955-31a09d347014/go.mod h1:rbHMSEDyoYX62nRVLOCc4Qt1HbsdytAYoVwgjiOhF3I= +google.golang.org/genproto/googleapis/api v0.0.0-20240221002015-b0ce06bbee7c/go.mod h1:5iCWqnniDlqZHrd3neWVTOwvh/v6s3232omMecelax8= +google.golang.org/genproto/googleapis/api v0.0.0-20240227224415-6ceb2ff114de/go.mod h1:5iCWqnniDlqZHrd3neWVTOwvh/v6s3232omMecelax8= +google.golang.org/genproto/googleapis/api v0.0.0-20240311132316-a219d84964c2/go.mod h1:O1cOfN1Cy6QEYr7VxtjOyP5AdAuR0aJ/MYZaaof623Y= +google.golang.org/genproto/googleapis/api v0.0.0-20240318140521-94a12d6c2237/go.mod h1:Z5Iiy3jtmioajWHDGFk7CeugTyHtPvMHA4UTmUkyalE= +google.golang.org/genproto/googleapis/api v0.0.0-20240513163218-0867130af1f8/go.mod h1:vPrPUTsDCYxXWjP7clS81mZ6/803D8K4iM9Ma27VKas= +google.golang.org/genproto/googleapis/api v0.0.0-20240520151616-dc85e6b867a5/go.mod h1:RGnPtTG7r4i8sPlNyDeikXF99hMM+hN6QMm4ooG9g2g= +google.golang.org/genproto/googleapis/api v0.0.0-20240528184218-531527333157/go.mod h1:99sLkeliLXfdj2J75X3Ho+rrVCaJze0uwN7zDDkjPVU= +google.golang.org/genproto/googleapis/api v0.0.0-20240814211410-ddb44dafa142 h1:wKguEg1hsxI2/L3hUYrpo1RVi48K+uTyzKqprwLXsb8= +google.golang.org/genproto/googleapis/api v0.0.0-20240814211410-ddb44dafa142/go.mod h1:d6be+8HhtEtucleCbxpPW9PA9XwISACu8nvpPqF0BVo= +google.golang.org/genproto/googleapis/bytestream v0.0.0-20230530153820-e85fd2cbaebc/go.mod h1:ylj+BE99M198VPbBh6A8d9n3w8fChvyLK3wwBOjXBFA= +google.golang.org/genproto/googleapis/bytestream v0.0.0-20231030173426-d783a09b4405/go.mod h1:GRUCuLdzVqZte8+Dl/D4N25yLzcGqqWaYkeVOwulFqw= +google.golang.org/genproto/googleapis/bytestream v0.0.0-20231212172506-995d672761c0/go.mod h1:guYXGPwC6jwxgWKW5Y405fKWOFNwlvUlUnzyp9i0uqo= +google.golang.org/genproto/googleapis/bytestream v0.0.0-20240116215550-a9fa1716bcac/go.mod h1:ZSvZ8l+AWJwXw91DoTjWjaVLpWU6o0eZ4YLYpH8aLeQ= +google.golang.org/genproto/googleapis/bytestream v0.0.0-20240125205218-1f4bbc51befe/go.mod h1:SCz6T5xjNXM4QFPRwxHcfChp7V+9DcXR3ay2TkHR8Tg= +google.golang.org/genproto/googleapis/bytestream v0.0.0-20240213162025-012b6fc9bca9/go.mod h1:om8Bj876Z0v9ei+RD1LnEWig7vpHQ371PUqsgjmLQEA= +google.golang.org/genproto/googleapis/bytestream v0.0.0-20240304161311-37d4d3c04a78/go.mod h1:vh/N7795ftP0AkN1w8XKqN4w1OdUKXW5Eummda+ofv8= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234015-3fc162c6f38a/go.mod h1:xURIpW9ES5+/GZhnV6beoEtxQrnkRGIfP5VQG2tCBLc= google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234030-28d5490b6b19/go.mod h1:66JfowdXAEgad5O9NnYcsNPLCPZJD++2L9X0PCMODrA= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230526203410-71b5a4ffd15e/go.mod h1:66JfowdXAEgad5O9NnYcsNPLCPZJD++2L9X0PCMODrA= google.golang.org/genproto/googleapis/rpc v0.0.0-20230530153820-e85fd2cbaebc/go.mod h1:66JfowdXAEgad5O9NnYcsNPLCPZJD++2L9X0PCMODrA= google.golang.org/genproto/googleapis/rpc v0.0.0-20230706204954-ccb25ca9f130/go.mod h1:8mL13HKkDa+IuJ8yruA3ci0q+0vsUz4m//+ottjwS5o= google.golang.org/genproto/googleapis/rpc v0.0.0-20230711160842-782d3b101e98/go.mod h1:TUfxEVdsvPg18p6AslUXFoLdpED4oBnGwyqk3dV1XzM= -google.golang.org/grpc v1.58.3 h1:BjnpXut1btbtgN/6sp+brB2Kbm2LjNXnidYujAVbSoQ= -google.golang.org/grpc v1.58.3/go.mod h1:tgX3ZQDlNJGU96V6yHh1T/JeoBQ2TXdr43YbYSsCJk0= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230731190214-cbb8c96f2d6d/go.mod h1:TUfxEVdsvPg18p6AslUXFoLdpED4oBnGwyqk3dV1XzM= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230803162519-f966b187b2e5/go.mod h1:zBEcrKX2ZOcEkHWxBPAIvYUWOKKMIhYcmNiUIu2ji3I= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231002182017-d307bd883b97/go.mod h1:v7nGkzlmW8P3n/bKmWBn2WpBjpOEx8Q6gMueudAmKfY= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231012201019-e917dd12ba7a/go.mod h1:4cYg8o5yUbm77w8ZX00LhMVNl/YVBFJRYWDc0uYWMs0= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231016165738-49dd2c1f3d0b/go.mod h1:swOH3j0KzcDDgGUWr+SNpyTen5YrXjS3eyPzFYKc6lc= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231030173426-d783a09b4405/go.mod h1:67X1fPuzjcrkymZzZV1vvkFeTn2Rvc6lYF9MYFGCcwE= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17/go.mod h1:oQ5rr10WTTMvP4A36n8JpR1OrO1BEiV4f78CneXZxkA= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231120223509-83a465c0220f/go.mod h1:L9KNLi232K1/xB6f7AlSX692koaRnKaWSR0stBki0Yc= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231212172506-995d672761c0/go.mod h1:FUoWkonphQm3RhTS+kOEhF8h0iDpm4tdXolVCeZ9KKA= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240102182953-50ed04b92917/go.mod h1:xtjpI3tXFPP051KaWnhvxkiubL/6dJ18vLVf7q2pTOU= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240116215550-a9fa1716bcac/go.mod h1:daQN87bsDqDoe316QbbvX60nMoJQa4r6Ds0ZuoAe5yA= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240125205218-1f4bbc51befe/go.mod h1:PAREbraiVEVGVdTZsVWjSbbTtSyGbAgIIvni8a8CD5s= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240213162025-012b6fc9bca9/go.mod h1:YUWgXUFRPfoYK1IHMuxH5K6nPEXSCzIMljnQ59lLRCk= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240221002015-b0ce06bbee7c/go.mod h1:H4O17MA/PE9BsGx3w+a+W2VOLLD1Qf7oJneAoU6WktY= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240227224415-6ceb2ff114de/go.mod h1:H4O17MA/PE9BsGx3w+a+W2VOLLD1Qf7oJneAoU6WktY= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240228201840-1f18d85a4ec2/go.mod h1:UCOku4NytXMJuLQE5VuqA5lX3PcHCBo8pxNyvkf4xBs= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240228224816-df926f6c8641/go.mod h1:UCOku4NytXMJuLQE5VuqA5lX3PcHCBo8pxNyvkf4xBs= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240304161311-37d4d3c04a78/go.mod h1:UCOku4NytXMJuLQE5VuqA5lX3PcHCBo8pxNyvkf4xBs= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240314234333-6e1732d8331c/go.mod h1:WtryC6hu0hhx87FDGxWCDptyssuo68sk10vYjF+T9fY= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240318140521-94a12d6c2237/go.mod h1:WtryC6hu0hhx87FDGxWCDptyssuo68sk10vYjF+T9fY= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240509183442-62759503f434/go.mod h1:I7Y+G38R2bu5j1aLzfFmQfTcU/WnFuqDwLZAbvKTKpM= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240513163218-0867130af1f8/go.mod h1:I7Y+G38R2bu5j1aLzfFmQfTcU/WnFuqDwLZAbvKTKpM= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240515191416-fc5f0ca64291/go.mod h1:EfXuqaE1J41VCDicxHzUDm+8rk+7ZdXzHV0IhO/I6s0= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240521202816-d264139d666e/go.mod h1:EfXuqaE1J41VCDicxHzUDm+8rk+7ZdXzHV0IhO/I6s0= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240701130421-f6361c86f094/go.mod h1:Ue6ibwXGpU+dqIcODieyLOcgj7z8+IcskoNIgZxtrFY= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240814211410-ddb44dafa142 h1:e7S5W7MGGLaSu8j3YjdezkZ+m1/Nm0uRVRMEMGk26Xs= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240814211410-ddb44dafa142/go.mod h1:UqMtugtsSgubUsoxbuAoiCXvqvErP7Gf0so0mK9tHxU= +google.golang.org/grpc v1.64.0 h1:KH3VH9y/MgNQg1dE7b3XfVK0GsPSIzJwdF617gUSbvY= +google.golang.org/grpc v1.64.0/go.mod h1:oxjF8E3FBnjp+/gVFYdWacaLDx9na1aqy9oovLpxQYg= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.29.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= google.golang.org/protobuf v1.29.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= +google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= +google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= +gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= +gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/gcfg.v1 v1.2.0 h1:0HIbH907iBTAntm+88IJV2qmJALDAh8sPekI9Vc1fm0= -gopkg.in/gcfg.v1 v1.2.0/go.mod h1:yesOnuUOFQAhST5vPY4nbZsb/huCgGGXlipJsBn0b3o= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/natefinch/lumberjack.v2 v2.0.0 h1:1Lc07Kr7qY4U2YPouBjpCLxpiyxIVoxqXgkXLknAOE8= gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= +gopkg.in/natefinch/lumberjack.v2 v2.2.1 h1:bBRl1b0OH9s/DuPhuXpNl+VtCaJXFZ5/uEFST95x9zc= +gopkg.in/natefinch/lumberjack.v2 v2.2.1/go.mod h1:YD8tP3GAjkrDg1eZH7EGmyESg/lsYskCTPBJVb9jqSc= gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= -gopkg.in/square/go-jose.v2 v2.2.2 h1:orlkJ3myw8CN1nVQHBFfloD+L3egixIa4FvUP6RosSA= -gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= +gopkg.in/square/go-jose.v2 v2.6.0 h1:NGk74WTnPKBNUhNzQX7PYcTLUjoq7mzKk2OKbvwk2iI= +gopkg.in/square/go-jose.v2 v2.6.0/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= -gopkg.in/warnings.v0 v0.1.1 h1:XM28wIgFzaBmeZ5dNHIpWLQpt/9DGKxk+rCg/22nnYE= -gopkg.in/warnings.v0 v0.1.1/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= @@ -1452,47 +2275,94 @@ gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= gotest.tools/v3 v3.0.3/go.mod h1:Z7Lb0S5l+klDB31fvDQX8ss/FlKDxtlFlw3Oa8Ymbl8= gotest.tools/v3 v3.4.0 h1:ZazjZUfuVeZGLAmlKKuyv3IKP5orXcwtOwDQH6YVr6o= gotest.tools/v3 v3.4.0/go.mod h1:CtbdzLSsqVhDgMtKsx03ird5YTGB3ar27v0u/yKBW5g= +grpc.go4.org v0.0.0-20170609214715-11d0a25b4919/go.mod h1:77eQGdRu53HpSqPFJFmuJdjuHRquDANNeA4x7B8WQ9o= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -inet.af/tcpproxy v0.0.0-20200125044825-b6bb9b5b8252 h1:gmJCKidOfjKDUHF1jjke+I+2iQIyE3HNNxu2OKO/FUI= -inet.af/tcpproxy v0.0.0-20200125044825-b6bb9b5b8252/go.mod h1:zq+R+tLcdHugi7Jt+FtIQY6m6wtX34lr2CdQVH2fhW0= +honnef.co/go/tools v0.1.3/go.mod h1:NgwopIslSNH47DimFoV78dnkksY2EFtX0ajyb3K/las= +inet.af/tcpproxy v0.0.0-20231102063150-2862066fc2a9 h1:zomTWJvjwLbKRgGameQtpK6DNFUbZ2oNJuWhgUkGp3M= +inet.af/tcpproxy v0.0.0-20231102063150-2862066fc2a9/go.mod h1:Tojt5kmHpDIR2jMojxzZK2w2ZR7OILODmUo2gaSwjrk= +k8s.io/cri-client v0.31.1 h1:w5D7BAhiaSVVDZqHs7YUZPpuUCybx8tCxfdBuDBw7zo= +k8s.io/cri-client v0.31.1/go.mod h1:voVfZexZQwvlf/JD8w30sGN0k22LRcHRfCj7+m4kAXE= k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= -k8s.io/gengo v0.0.0-20211129171323-c02415ce4185 h1:TT1WdmqqXareKxZ/oNXEUSwKlLiHzPMyB0t8BaFeBYI= -k8s.io/gengo v0.0.0-20211129171323-c02415ce4185/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= -k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 h1:MQ8BAZPZlWk3S9K4a9NCkIFQtZShWqoha7snGixVgEA= -k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1/go.mod h1:C/N6wCaBHeBHkHUesQOQy2/MZqGgMAFPqGsGQLdbZBU= -k8s.io/system-validators v1.8.0/go.mod h1:gP1Ky+R9wtrSiFbrpEPwWMeYz9yqyy1S/KOh0Vci7WI= +k8s.io/gengo v0.0.0-20240228010128-51d4e06bde70 h1:D9H6wq7PAmub2g4XUrekNWMFVI0JIz7s0F64HBPsPOw= +k8s.io/gengo v0.0.0-20240228010128-51d4e06bde70/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= +k8s.io/gengo/v2 v2.0.0-20240228010128-51d4e06bde70 h1:NGrVE502P0s0/1hudf8zjgwki1X/TByhmAoILTarmzo= +k8s.io/gengo/v2 v2.0.0-20240228010128-51d4e06bde70/go.mod h1:VH3AT8AaQOqiGjMF9p0/IM1Dj+82ZwjfxUP1IxaHE+8= +k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM= +k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= +k8s.io/kube-openapi v0.0.0-20240730131305-7a9a4e85957e h1:OnKkExfhk4yxMqvBSPzUfhv3zQ96FWJ+UOZzLrAFyAo= +k8s.io/kube-openapi v0.0.0-20240730131305-7a9a4e85957e/go.mod h1:0CVn9SVo8PeW5/JgsBZZIFmmTk5noOM8WXf2e1tCihE= k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20211116205334-6203023598ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20230220204549-a5ecb0141aa5 h1:kmDqav+P+/5e1i9tFfHq1qcF3sOrDp+YEkVDAHu7Jwk= -k8s.io/utils v0.0.0-20230220204549-a5ecb0141aa5/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -modernc.org/cc v1.0.0/go.mod h1:1Sk4//wdnYJiUIxnW8ddKpaOJCF37yAdqYnkxUpaYxw= -modernc.org/golex v1.0.0/go.mod h1:b/QX9oBD/LhixY6NDh+IdGv17hgB+51fET1i2kPSmvk= -modernc.org/mathutil v1.0.0/go.mod h1:wU0vUrJsVWBZ4P6e7xtFJEhFSNsfRLJ8H458uRjg03k= -modernc.org/strutil v1.0.0/go.mod h1:lstksw84oURvj9y3tn8lGvRxyRC1S2+g5uuIzNfIOBs= -modernc.org/xc v1.0.0/go.mod h1:mRNCo0bvLjGhHO9WsyuKVU4q0ceiDDDoEeWDJHrNx8I= +k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 h1:pUdcCO1Lk/tbT5ztQWOBi5HBgbBP1J8+AsQnQCKsi8A= +k8s.io/utils v0.0.0-20240711033017-18e509b52bc8/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +lukechampine.com/blake3 v1.2.1 h1:YuqqRuaqsGV71BV/nm9xlI0MKUv4QC54jQnBChWbGnI= +lukechampine.com/blake3 v1.2.1/go.mod h1:0OFRp7fBtAylGVCO40o87sbupkyIGgbpv1+M1k1LM6k= +lukechampine.com/uint128 v1.1.1/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk= +lukechampine.com/uint128 v1.2.0/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk= +modernc.org/cc/v3 v3.36.0/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI= +modernc.org/cc/v3 v3.36.2/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI= +modernc.org/cc/v3 v3.36.3/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI= +modernc.org/ccgo/v3 v3.0.0-20220428102840-41399a37e894/go.mod h1:eI31LL8EwEBKPpNpA4bU1/i+sKOwOrQy8D87zWUcRZc= +modernc.org/ccgo/v3 v3.0.0-20220430103911-bc99d88307be/go.mod h1:bwdAnOoaIt8Ax9YdWGjxWsdkPcZyRPHqrOvJxaKAKGw= +modernc.org/ccgo/v3 v3.16.4/go.mod h1:tGtX0gE9Jn7hdZFeU88slbTh1UtCYKusWOoCJuvkWsQ= +modernc.org/ccgo/v3 v3.16.6/go.mod h1:tGtX0gE9Jn7hdZFeU88slbTh1UtCYKusWOoCJuvkWsQ= +modernc.org/ccgo/v3 v3.16.8/go.mod h1:zNjwkizS+fIFDrDjIAgBSCLkWbJuHF+ar3QRn+Z9aws= +modernc.org/ccgo/v3 v3.16.9/go.mod h1:zNMzC9A9xeNUepy6KuZBbugn3c0Mc9TeiJO4lgvkJDo= +modernc.org/ccorpus v1.11.6/go.mod h1:2gEUTrWqdpH2pXsmTM1ZkjeSrUWDpjMu2T6m29L/ErQ= +modernc.org/httpfs v1.0.6/go.mod h1:7dosgurJGp0sPaRanU53W4xZYKh14wfzX420oZADeHM= +modernc.org/libc v0.0.0-20220428101251-2d5f3daf273b/go.mod h1:p7Mg4+koNjc8jkqwcoFBJx7tXkpj00G77X7A72jXPXA= +modernc.org/libc v1.16.0/go.mod h1:N4LD6DBE9cf+Dzf9buBlzVJndKr/iJHG97vGLHYnb5A= +modernc.org/libc v1.16.1/go.mod h1:JjJE0eu4yeK7tab2n4S1w8tlWd9MxXLRzheaRnAKymU= +modernc.org/libc v1.16.17/go.mod h1:hYIV5VZczAmGZAnG15Vdngn5HSF5cSkbvfz2B7GRuVU= +modernc.org/libc v1.16.19/go.mod h1:p7Mg4+koNjc8jkqwcoFBJx7tXkpj00G77X7A72jXPXA= +modernc.org/libc v1.17.0/go.mod h1:XsgLldpP4aWlPlsjqKRdHPqCxCjISdHfM/yeWC5GyW0= +modernc.org/libc v1.17.1/go.mod h1:FZ23b+8LjxZs7XtFMbSzL/EhPxNbfZbErxEHc7cbD9s= +modernc.org/mathutil v1.2.2/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= +modernc.org/mathutil v1.4.1/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= +modernc.org/mathutil v1.5.0/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= +modernc.org/memory v1.1.1/go.mod h1:/0wo5ibyrQiaoUoH7f9D8dnglAmILJ5/cxZlRECf+Nw= +modernc.org/memory v1.2.0/go.mod h1:/0wo5ibyrQiaoUoH7f9D8dnglAmILJ5/cxZlRECf+Nw= +modernc.org/memory v1.2.1/go.mod h1:PkUhL0Mugw21sHPeskwZW4D6VscE/GQJOnIpCnW6pSU= +modernc.org/opt v0.1.1/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0= +modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0= +modernc.org/sqlite v1.18.1/go.mod h1:6ho+Gow7oX5V+OiOQ6Tr4xeqbx13UZ6t+Fw9IRUG4d4= +modernc.org/strutil v1.1.1/go.mod h1:DE+MQQ/hjKBZS2zNInV5hhcipt5rLPWkmpbGeW5mmdw= +modernc.org/strutil v1.1.3/go.mod h1:MEHNA7PdEnEwLvspRMtWTNnp2nnyvMfkimT1NKNAGbw= +modernc.org/tcl v1.13.1/go.mod h1:XOLfOwzhkljL4itZkK6T72ckMgvj0BDsnKNdZVUOecw= +modernc.org/token v1.0.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM= +modernc.org/z v1.5.1/go.mod h1:eWFB510QWW5Th9YGZT81s+LwvaAs3Q2yr4sP0rmLkv8= +oras.land/oras-go/v2 v2.3.1/go.mod h1:5AQXVEu1X/FKp1F9DMOb5ZItZBOa0y5dha0yCm4NR9c= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.37 h1:fAPTNEpzQMOLMGwOHNbUkR2xXTQwMJOZYNx+/mLlOh0= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.37/go.mod h1:vfnxT4FXNT8eGvO+xi/DsyC/qHmdujqwrUa1WSspCsk= -sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.30.3 h1:2770sDpzrjjsAtVhSeUFseziht227YAWYHLGNM8QPwY= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.30.3/go.mod h1:Ve9uj1L+deCXFrPOk1LpFXqTg7LCFzFso6PA48q/XZw= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/kustomize/api v0.12.1 h1:7YM7gW3kYBwtKvoY216ZzY+8hM+lV53LUayghNRJ0vM= -sigs.k8s.io/kustomize/api v0.12.1/go.mod h1:y3JUhimkZkR6sbLNwfJHxvo1TCLwuwm14sCYnkH6S1s= -sigs.k8s.io/kustomize/cmd/config v0.10.9/go.mod h1:T0s850zPV3wKfBALA0dyeP/K74jlJcoP8Pr9ZWwE3MQ= -sigs.k8s.io/kustomize/kustomize/v4 v4.5.7 h1:cDW6AVMl6t/SLuQaezMET8hgnadZGIAr8tUrxFVOrpg= -sigs.k8s.io/kustomize/kustomize/v4 v4.5.7/go.mod h1:VSNKEH9D9d9bLiWEGbS6Xbg/Ih0tgQalmPvntzRxZ/Q= -sigs.k8s.io/kustomize/kyaml v0.13.9 h1:Qz53EAaFFANyNgyOEJbT/yoIHygK40/ZcvU3rgry2Tk= -sigs.k8s.io/kustomize/kyaml v0.13.9/go.mod h1:QsRbD0/KcU+wdk0/L0fIp2KLnohkVzs6fQ85/nOXac4= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= +sigs.k8s.io/kustomize/api v0.17.2 h1:E7/Fjk7V5fboiuijoZHgs4aHuexi5Y2loXlVOAVAG5g= +sigs.k8s.io/kustomize/api v0.17.2/go.mod h1:UWTz9Ct+MvoeQsHcJ5e+vziRRkwimm3HytpZgIYqye0= +sigs.k8s.io/kustomize/kustomize/v5 v5.4.2 h1:9Zl5Gqg3XMdBEvkR54pVLCBj7FVO7W+VPNDDEzD6AyE= +sigs.k8s.io/kustomize/kustomize/v5 v5.4.2/go.mod h1:5ypfJVYlPb2MKKeoGknVLxvHemDlQT+szI4+KOhnD6k= +sigs.k8s.io/kustomize/kyaml v0.17.1 h1:TnxYQxFXzbmNG6gOINgGWQt09GghzgTP6mIurOgrLCQ= +sigs.k8s.io/kustomize/kyaml v0.17.1/go.mod h1:9V0mCjIEYjlXuCdYsSXvyoy2BTsLESH7TlGV81S282U= sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= -sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= +sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= +sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= +tags.cncf.io/container-device-interface v0.7.2/go.mod h1:Xb1PvXv2BhfNb3tla4r9JL129ck1Lxv9KuU6eVOfKto= +tags.cncf.io/container-device-interface v0.8.0 h1:8bCFo/g9WODjWx3m6EYl3GfUG31eKJbaggyBDxEldRc= +tags.cncf.io/container-device-interface v0.8.0/go.mod h1:Apb7N4VdILW0EVdEMRYXIDVRZfNJZ+kmEUss2kRRQ6Y= +tags.cncf.io/container-device-interface/specs-go v0.7.0/go.mod h1:hMAwAbMZyBLdmYqWgYcKH0F/yctNpV3P35f+/088A80= +tags.cncf.io/container-device-interface/specs-go v0.8.0 h1:QYGFzGxvYK/ZLMrjhvY0RjpUavIn4KcmRmVP/JjdBTA= +tags.cncf.io/container-device-interface/specs-go v0.8.0/go.mod h1:BhJIkjjPh4qpys+qm4DAYtUyryaTDg9zris+AczXyws= diff --git a/main.go b/main.go index 86d56ef32..998401eb9 100644 --- a/main.go +++ b/main.go @@ -32,23 +32,23 @@ func main() { cmds.NewAgentCommand(agent.Run), cmds.NewKubectlCommand(kubectl.Run), cmds.NewCRICTL(crictl.Run), - cmds.NewEtcdSnapshotCommand(etcdsnapshot.Save, - cmds.NewEtcdSnapshotSubcommands( - etcdsnapshot.Delete, - etcdsnapshot.List, - etcdsnapshot.Prune, - etcdsnapshot.Save), + cmds.NewEtcdSnapshotCommands( + etcdsnapshot.Delete, + etcdsnapshot.List, + etcdsnapshot.Prune, + etcdsnapshot.Save, ), - cmds.NewSecretsEncryptCommand(cli.ShowAppHelp, - cmds.NewSecretsEncryptSubcommands( - secretsencrypt.Status, - secretsencrypt.Enable, - secretsencrypt.Disable, - secretsencrypt.Prepare, - secretsencrypt.Rotate, - secretsencrypt.Reencrypt), + cmds.NewSecretsEncryptCommands( + secretsencrypt.Status, + secretsencrypt.Enable, + secretsencrypt.Disable, + secretsencrypt.Prepare, + secretsencrypt.Rotate, + secretsencrypt.Reencrypt, + secretsencrypt.RotateKeys, ), cmds.NewCertCommands( + cert.Check, cert.Rotate, cert.RotateCA, ), diff --git a/pkg/agent/config/config.go b/pkg/agent/config/config.go index 66a6b1982..04a720bca 100644 --- a/pkg/agent/config/config.go +++ b/pkg/agent/config/config.go @@ -15,21 +15,25 @@ import ( "os" "path/filepath" "regexp" + "strconv" "strings" "time" "github.com/pkg/errors" - "github.com/rancher/wrangler/pkg/slice" + "github.com/rancher/wharfie/pkg/registries" + "github.com/rancher/wrangler/v3/pkg/slice" "github.com/sirupsen/logrus" + "github.com/xiaods/k8e/pkg/agent/containerd" "github.com/xiaods/k8e/pkg/agent/proxy" agentutil "github.com/xiaods/k8e/pkg/agent/util" "github.com/xiaods/k8e/pkg/cli/cmds" "github.com/xiaods/k8e/pkg/clientaccess" - "github.com/xiaods/k8e/pkg/containerd" "github.com/xiaods/k8e/pkg/daemons/config" "github.com/xiaods/k8e/pkg/daemons/control/deps" + "github.com/xiaods/k8e/pkg/spegel" "github.com/xiaods/k8e/pkg/util" "github.com/xiaods/k8e/pkg/version" + "github.com/xiaods/k8e/pkg/vpn" "k8s.io/apimachinery/pkg/util/json" "k8s.io/apimachinery/pkg/util/wait" utilsnet "k8s.io/utils/net" @@ -45,8 +49,8 @@ const ( // so this is somewhat computationally expensive on the server side, and is retried with jitter // to avoid having clients hammer on the server at fixed periods. // A call to this will bock until agent configuration is successfully returned by the -// server. -func Get(ctx context.Context, agent cmds.Agent, proxy proxy.Proxy) *config.Node { +// server, or the context is cancelled. +func Get(ctx context.Context, agent cmds.Agent, proxy proxy.Proxy) (*config.Node, error) { var agentConfig *config.Node var err error @@ -54,6 +58,8 @@ func Get(ctx context.Context, agent cmds.Agent, proxy proxy.Proxy) *config.Node // does not support jittering, so we instead use wait.JitterUntilWithContext, and cancel // the context on success. ctx, cancel := context.WithCancel(ctx) + defer cancel() + wait.JitterUntilWithContext(ctx, func(ctx context.Context) { agentConfig, err = get(ctx, &agent, proxy) if err != nil { @@ -62,7 +68,7 @@ func Get(ctx context.Context, agent cmds.Agent, proxy proxy.Proxy) *config.Node cancel() } }, 5*time.Second, 1.0, true) - return agentConfig + return agentConfig, err } // APIServers returns a list of apiserver endpoints, suitable for seeding client loadbalancer configurations. @@ -72,14 +78,14 @@ func APIServers(ctx context.Context, node *config.Node, proxy proxy.Proxy) []str var addresses []string var err error - wait.PollImmediateUntilWithContext(ctx, 5*time.Second, func(ctx context.Context) (bool, error) { + _ = wait.PollUntilContextCancel(ctx, 5*time.Second, true, func(ctx context.Context) (bool, error) { addresses, err = getAPIServers(ctx, node, proxy) if err != nil { logrus.Infof("Failed to retrieve list of apiservers from server: %v", err) return false, err } if len(addresses) == 0 { - logrus.Infof("Waiting for apiserver addresses") + logrus.Infof("Waiting for supervisor to provide apiserver addresses") return false, nil } return true, nil @@ -156,7 +162,7 @@ func ensureNodeID(nodeIDFile string) (string, error) { id, err := os.ReadFile(nodeIDFile) return strings.TrimSpace(string(id)), err } - id := make([]byte, 4) + id := make([]byte, 4, 4) _, err := cryptorand.Read(id) if err != nil { return "", err @@ -170,13 +176,22 @@ func ensureNodePassword(nodePasswordFile string) (string, error) { password, err := os.ReadFile(nodePasswordFile) return strings.TrimSpace(string(password)), err } - password := make([]byte, 16) + password := make([]byte, 16, 16) _, err := cryptorand.Read(password) if err != nil { return "", err } nodePassword := hex.EncodeToString(password) - return nodePassword, os.WriteFile(nodePasswordFile, []byte(nodePassword+"\n"), 0600) + + if err = os.WriteFile(nodePasswordFile, []byte(nodePassword+"\n"), 0600); err != nil { + return nodePassword, err + } + + if err = configureACL(nodePasswordFile); err != nil { + return nodePassword, err + } + + return nodePassword, nil } func upgradeOldNodePasswordPath(oldNodePasswordFile, newNodePasswordFile string) { @@ -283,19 +298,22 @@ func isValidResolvConf(resolvConfFile string) bool { nameserver := regexp.MustCompile(`^nameserver\s+([^\s]*)`) scanner := bufio.NewScanner(file) + foundNameserver := false for scanner.Scan() { ipMatch := nameserver.FindStringSubmatch(scanner.Text()) if len(ipMatch) == 2 { ip := net.ParseIP(ipMatch[1]) if ip == nil || !ip.IsGlobalUnicast() { return false + } else { + foundNameserver = true } } } if err := scanner.Err(); err != nil { return false } - return true + return foundNameserver } func locateOrGenerateResolvConf(envInfo *cmds.Agent) string { @@ -322,7 +340,6 @@ func get(ctx context.Context, envInfo *cmds.Agent, proxy proxy.Proxy) (*config.N if envInfo.Debug { logrus.SetLevel(logrus.DebugLevel) } - clientKubeletCert := filepath.Join(envInfo.DataDir, "agent", "client-kubelet.crt") clientKubeletKey := filepath.Join(envInfo.DataDir, "agent", "client-kubelet.key") withCert := clientaccess.WithClientCertificate(clientKubeletCert, clientKubeletKey) @@ -335,14 +352,14 @@ func get(ctx context.Context, envInfo *cmds.Agent, proxy proxy.Proxy) (*config.N if err != nil { return nil, errors.Wrap(err, "failed to retrieve configuration from server") } - // If the supervisor and externally-facing apiserver are not on the same port, tell the proxy where to find the apiserver. if controlConfig.SupervisorPort != controlConfig.HTTPSPort { - isIPv6 := utilsnet.IsIPv6(net.ParseIP([]string{envInfo.NodeIP.String()}[0])) - if err := proxy.SetAPIServerPort(ctx, controlConfig.HTTPSPort, isIPv6); err != nil { - return nil, errors.Wrapf(err, "failed to setup access to API Server port %d on at %s", controlConfig.HTTPSPort, proxy.SupervisorURL()) + isIPv6 := utilsnet.IsIPv6(net.ParseIP(util.GetFirstValidIPString(envInfo.NodeIP))) + if err := proxy.SetAPIServerPort(controlConfig.HTTPSPort, isIPv6); err != nil { + return nil, errors.Wrapf(err, "failed to set apiserver port to %d", controlConfig.HTTPSPort) } } + apiServerURL := proxy.APIServerURL() clientCAFile := filepath.Join(envInfo.DataDir, "agent", "client-ca.crt") if err := getHostFile(clientCAFile, "", info); err != nil { @@ -361,7 +378,7 @@ func get(ctx context.Context, envInfo *cmds.Agent, proxy proxy.Proxy) (*config.N if envInfo.Rootless { nodePasswordRoot = filepath.Join(envInfo.DataDir, "agent") } - nodeConfigPath := filepath.Join(nodePasswordRoot, "etc", "k8e", "node") + nodeConfigPath := filepath.Join(nodePasswordRoot, "etc", "rancher", "node") if err := os.MkdirAll(nodeConfigPath, 0755); err != nil { return nil, err } @@ -375,6 +392,51 @@ func get(ctx context.Context, envInfo *cmds.Agent, proxy proxy.Proxy) (*config.N return nil, err } + // If there is a VPN, we must overwrite NodeIP + var vpnInfo vpn.VPNInfo + if envInfo.VPNAuth != "" { + vpnInfo, err = vpn.GetVPNInfo(envInfo.VPNAuth) + if err != nil { + return nil, err + } + + // Pass ipv4, ipv6 or both depending on nodeIPs mode + var vpnIPs []net.IP + if utilsnet.IsIPv4(nodeIPs[0]) && vpnInfo.IPv4Address != nil { + vpnIPs = append(vpnIPs, vpnInfo.IPv4Address) + if vpnInfo.IPv6Address != nil { + vpnIPs = append(vpnIPs, vpnInfo.IPv6Address) + } + } else if utilsnet.IsIPv6(nodeIPs[0]) && vpnInfo.IPv6Address != nil { + vpnIPs = append(vpnIPs, vpnInfo.IPv6Address) + if vpnInfo.IPv4Address != nil { + vpnIPs = append(vpnIPs, vpnInfo.IPv4Address) + } + } else { + return nil, errors.Errorf("address family mismatch when assigning VPN addresses to node: node=%v, VPN ipv4=%v ipv6=%v", nodeIPs, vpnInfo.IPv4Address, vpnInfo.IPv6Address) + } + + // Overwrite nodeip and throw a warning if user explicitly set those parameters + if len(vpnIPs) != 0 { + logrus.Infof("Node-ip changed to %v due to VPN", vpnIPs) + if len(envInfo.NodeIP) != 0 { + logrus.Warn("VPN provider overrides configured node-ip parameter") + } + if len(envInfo.NodeExternalIP) != 0 { + logrus.Warn("VPN provider overrides node-external-ip parameter") + } + nodeIPs = vpnIPs + } + } + + if controlConfig.ClusterIPRange != nil { + if utilsnet.IPFamilyOfCIDR(controlConfig.ClusterIPRange) != utilsnet.IPFamilyOf(nodeIPs[0]) && len(nodeIPs) > 1 { + firstNodeIP := nodeIPs[0] + nodeIPs[0] = nodeIPs[1] + nodeIPs[1] = firstNodeIP + } + } + nodeExternalIPs, err := util.ParseStringSliceToIPs(envInfo.NodeExternalIP) if err != nil { return nil, fmt.Errorf("invalid node-external-ip: %w", err) @@ -390,29 +452,39 @@ func get(ctx context.Context, envInfo *cmds.Agent, proxy proxy.Proxy) (*config.N os.Setenv("NODE_NAME", nodeName) + // Ensure that the kubelet's server certificate is valid for all configured node IPs. Note + // that in the case of an external CCM, additional IPs may be added by the infra provider + // that the cert will not be valid for, as they are not present in the list collected here. nodeExternalAndInternalIPs := append(nodeIPs, nodeExternalIPs...) + + // Ask the server to generate a kubelet server cert+key. These files are unique to this node. servingCert, err := getServingCert(nodeName, nodeExternalAndInternalIPs, servingKubeletCert, servingKubeletKey, newNodePasswordFile, info) if err != nil { - return nil, err + return nil, errors.Wrap(err, servingKubeletCert) } + // Ask the server to genrate a kubelet client cert+key. These files are unique to this node. if err := getNodeNamedHostFile(clientKubeletCert, clientKubeletKey, nodeName, nodeIPs, newNodePasswordFile, info); err != nil { - return nil, err + return nil, errors.Wrap(err, clientKubeletCert) } + // Generate a kubeconfig for the kubelet. kubeconfigKubelet := filepath.Join(envInfo.DataDir, "agent", "kubelet.kubeconfig") - if err := deps.KubeConfig(kubeconfigKubelet, proxy.APIServerURL(), serverCAFile, clientKubeletCert, clientKubeletKey); err != nil { + if err := deps.KubeConfig(kubeconfigKubelet, apiServerURL, serverCAFile, clientKubeletCert, clientKubeletKey); err != nil { return nil, err } clientK8eControllerCert := filepath.Join(envInfo.DataDir, "agent", "client-"+version.Program+"-controller.crt") clientK8eControllerKey := filepath.Join(envInfo.DataDir, "agent", "client-"+version.Program+"-controller.key") + + // Ask the server to send us its agent controller client cert+key. These files are not unique to this node. if err := getHostFile(clientK8eControllerCert, clientK8eControllerKey, info); err != nil { - return nil, err + return nil, errors.Wrap(err, clientK8eControllerCert) } + // Generate a kubeconfig for the agent controller. kubeconfigK8eController := filepath.Join(envInfo.DataDir, "agent", version.Program+"controller.kubeconfig") - if err := deps.KubeConfig(kubeconfigK8eController, proxy.APIServerURL(), serverCAFile, clientK8eControllerCert, clientK8eControllerKey); err != nil { + if err := deps.KubeConfig(kubeconfigK8eController, apiServerURL, serverCAFile, clientK8eControllerCert, clientK8eControllerKey); err != nil { return nil, err } @@ -421,8 +493,12 @@ func get(ctx context.Context, envInfo *cmds.Agent, proxy proxy.Proxy) (*config.N SELinux: envInfo.EnableSELinux, ContainerRuntimeEndpoint: envInfo.ContainerRuntimeEndpoint, ImageServiceEndpoint: envInfo.ImageServiceEndpoint, + EnablePProf: envInfo.EnablePProf, + EmbeddedRegistry: controlConfig.EmbeddedRegistry, EgressSelectorMode: controlConfig.EgressSelectorMode, ServerHTTPSPort: controlConfig.HTTPSPort, + SupervisorPort: controlConfig.SupervisorPort, + SupervisorMetrics: controlConfig.SupervisorMetrics, Token: info.String(), } nodeConfig.Images = filepath.Join(envInfo.DataDir, "agent", "images") @@ -473,22 +549,28 @@ func get(ctx context.Context, envInfo *cmds.Agent, proxy proxy.Proxy) (*config.N } } nodeConfig.Containerd.Opt = filepath.Join(envInfo.DataDir, "agent", "containerd") - if !envInfo.Debug { - nodeConfig.Containerd.Log = filepath.Join(envInfo.DataDir, "agent", "containerd", "containerd.log") - } + nodeConfig.Containerd.Log = filepath.Join(envInfo.DataDir, "agent", "containerd", "containerd.log") + nodeConfig.Containerd.Registry = filepath.Join(envInfo.DataDir, "agent", "etc", "containerd", "certs.d") + nodeConfig.Containerd.NoDefault = envInfo.ContainerdNoDefault + nodeConfig.Containerd.Debug = envInfo.Debug applyContainerdStateAndAddress(nodeConfig) applyCRIDockerdAddress(nodeConfig) - applyContainerdQoSClassConfigFileIfPresent(envInfo, nodeConfig) + applyContainerdQoSClassConfigFileIfPresent(envInfo, &nodeConfig.Containerd) nodeConfig.Containerd.Template = filepath.Join(envInfo.DataDir, "agent", "etc", "containerd", "config.toml.tmpl") nodeConfig.Certificate = servingCert - nodeConfig.AgentConfig.NodeIPs = nodeIPs - listenAddress, _, _, err := util.GetDefaultAddresses(nodeIPs[0]) - if err != nil { - return nil, errors.Wrap(err, "cannot configure IPv4/IPv6 node-ip") + if envInfo.BindAddress != "" { + nodeConfig.AgentConfig.ListenAddress = envInfo.BindAddress + } else { + listenAddress, _, _, err := util.GetDefaultAddresses(nodeIPs[0]) + if err != nil { + return nil, errors.Wrap(err, "cannot configure IPv4/IPv6 node-ip") + } + nodeConfig.AgentConfig.ListenAddress = listenAddress } + nodeConfig.AgentConfig.NodeIP = nodeIPs[0].String() - nodeConfig.AgentConfig.ListenAddress = listenAddress + nodeConfig.AgentConfig.NodeIPs = nodeIPs nodeConfig.AgentConfig.NodeExternalIPs = nodeExternalIPs // if configured, set NodeExternalIP to the first IPv4 address, for legacy clients @@ -553,11 +635,45 @@ func get(ctx context.Context, envInfo *cmds.Agent, proxy proxy.Proxy) (*config.N nodeConfig.AgentConfig.NodeLabels = envInfo.Labels nodeConfig.AgentConfig.ImageCredProvBinDir = envInfo.ImageCredProvBinDir nodeConfig.AgentConfig.ImageCredProvConfig = envInfo.ImageCredProvConfig - nodeConfig.AgentConfig.PrivateRegistry = envInfo.PrivateRegistry nodeConfig.AgentConfig.DisableCCM = controlConfig.DisableCCM + nodeConfig.AgentConfig.MinTLSVersion = controlConfig.MinTLSVersion + nodeConfig.AgentConfig.CipherSuites = controlConfig.CipherSuites nodeConfig.AgentConfig.Rootless = envInfo.Rootless nodeConfig.AgentConfig.PodManifests = filepath.Join(envInfo.DataDir, "agent", DefaultPodManifestPath) nodeConfig.AgentConfig.ProtectKernelDefaults = envInfo.ProtectKernelDefaults + nodeConfig.AgentConfig.VLevel = cmds.LogConfig.VLevel + nodeConfig.AgentConfig.VModule = cmds.LogConfig.VModule + nodeConfig.AgentConfig.LogFile = cmds.LogConfig.LogFile + nodeConfig.AgentConfig.AlsoLogToStderr = cmds.LogConfig.AlsoLogToStderr + + privRegistries, err := registries.GetPrivateRegistries(envInfo.PrivateRegistry) + if err != nil { + return nil, err + } + nodeConfig.AgentConfig.Registry = privRegistries.Registry + + if nodeConfig.EmbeddedRegistry { + psk, err := hex.DecodeString(controlConfig.IPSECPSK) + if err != nil { + return nil, err + } + if len(psk) < 32 { + return nil, errors.New("insufficient PSK bytes") + } + + conf := spegel.DefaultRegistry + conf.ExternalAddress = nodeConfig.AgentConfig.NodeIP + conf.InternalAddress = controlConfig.Loopback(false) + conf.RegistryPort = strconv.Itoa(controlConfig.SupervisorPort) + conf.ClientCAFile = clientCAFile + conf.ClientCertFile = clientK8eControllerCert + conf.ClientKeyFile = clientK8eControllerKey + conf.ServerCAFile = serverCAFile + conf.ServerCertFile = servingKubeletCert + conf.ServerKeyFile = servingKubeletKey + conf.PSK = psk[:32] + conf.InjectMirror(nodeConfig) + } if err := validateNetworkConfig(nodeConfig); err != nil { return nil, err @@ -596,13 +712,19 @@ func getConfig(info *clientaccess.Info) (*config.Control, error) { return controlControl, json.Unmarshal(data, controlControl) } +// getReadyz returns nil if the server is ready, or an error if not. +func getReadyz(info *clientaccess.Info) error { + _, err := info.Get("/v1-" + version.Program + "/readyz") + return err +} + // validateNetworkConfig ensures that the network configuration values provided by the server make sense. func validateNetworkConfig(nodeConfig *config.Node) error { // Old versions of the server do not send enough information to correctly start the NPC. Users // need to upgrade the server to at least the same version as the agent, or disable the NPC // cluster-wide. if nodeConfig.AgentConfig.ServiceCIDR == nil || nodeConfig.AgentConfig.ServiceNodePortRange.Size == 0 { - return fmt.Errorf("incompatible down-level server detected; servers must be upgraded to at least %s, or restarted with --disable-network-policy", version.Version) + return fmt.Errorf("incompatible down-level server detected; servers must be upgraded to at least %s", version.Version) } return nil diff --git a/pkg/agent/config/config_internal_test.go b/pkg/agent/config/config_internal_test.go new file mode 100644 index 000000000..92aa41e5a --- /dev/null +++ b/pkg/agent/config/config_internal_test.go @@ -0,0 +1,40 @@ +package config + +import ( + "os" + "testing" +) + +func Test_isValidResolvConf(t *testing.T) { + tests := []struct { + name string + fileContent string + expectedResult bool + }{ + {name: "Valid ResolvConf", fileContent: "nameserver 8.8.8.8\nnameserver 2001:4860:4860::8888\n", expectedResult: true}, + {name: "Invalid ResolvConf", fileContent: "nameserver 999.999.999.999\nnameserver not.an.ip\n", expectedResult: false}, + {name: "Wrong Nameserver", fileContent: "search example.com\n", expectedResult: false}, + {name: "One valid nameserver", fileContent: "test test.com\nnameserver 8.8.8.8", expectedResult: true}, + {name: "Non GlobalUnicast", fileContent: "nameserver ::1\nnameserver 169.254.0.1\nnameserver fe80::1\n", expectedResult: false}, + {name: "Empty File", fileContent: "", expectedResult: false}, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + tmpfile, err := os.CreateTemp("", "resolv.conf") + if err != nil { + t.Fatal(err) + } + defer os.Remove(tmpfile.Name()) + + if _, err := tmpfile.WriteString(tt.fileContent); err != nil { + t.Errorf("error writing to file: %v with content: %v", tmpfile.Name(), tt.fileContent) + } + + res := isValidResolvConf(tmpfile.Name()) + if res != tt.expectedResult { + t.Errorf("isValidResolvConf(%s) = %v; want %v", tt.name, res, tt.expectedResult) + } + }) + } +} \ No newline at end of file diff --git a/pkg/agent/config/config_linux.go b/pkg/agent/config/config_linux.go index cb551fb1d..944fac1a1 100644 --- a/pkg/agent/config/config_linux.go +++ b/pkg/agent/config/config_linux.go @@ -8,9 +8,9 @@ import ( "os" "path/filepath" - "github.com/sirupsen/logrus" "github.com/xiaods/k8e/pkg/cli/cmds" "github.com/xiaods/k8e/pkg/daemons/config" + "github.com/sirupsen/logrus" ) func applyContainerdStateAndAddress(nodeConfig *config.Node) { @@ -22,20 +22,32 @@ func applyCRIDockerdAddress(nodeConfig *config.Node) { nodeConfig.CRIDockerd.Address = "unix:///run/k8e/cri-dockerd/cri-dockerd.sock" } -func applyContainerdQoSClassConfigFileIfPresent(envInfo *cmds.Agent, nodeConfig *config.Node) { - blockioPath := filepath.Join(envInfo.DataDir, "agent", "etc", "containerd", "blockio_config.yaml") +func applyContainerdQoSClassConfigFileIfPresent(envInfo *cmds.Agent, containerdConfig *config.Containerd) { + containerdConfigDir := filepath.Join(envInfo.DataDir, "agent", "etc", "containerd") + + blockioPath := filepath.Join(containerdConfigDir, "blockio_config.yaml") // Set containerd config if file exists - if _, err := os.Stat(blockioPath); !errors.Is(err, os.ErrNotExist) { - logrus.Infof("BlockIO configuration file found") - nodeConfig.Containerd.BlockIOConfig = blockioPath + if fileInfo, err := os.Stat(blockioPath); !errors.Is(err, os.ErrNotExist) { + if fileInfo.Mode().IsRegular() { + logrus.Infof("BlockIO configuration file found") + containerdConfig.BlockIOConfig = blockioPath + } } - rdtPath := filepath.Join(envInfo.DataDir, "agent", "etc", "containerd", "rdt_config.yaml") + rdtPath := filepath.Join(containerdConfigDir, "rdt_config.yaml") // Set containerd config if file exists - if _, err := os.Stat(rdtPath); !errors.Is(err, os.ErrNotExist) { - logrus.Infof("RDT configuration file found") - nodeConfig.Containerd.RDTConfig = rdtPath + if fileInfo, err := os.Stat(rdtPath); !errors.Is(err, os.ErrNotExist) { + if fileInfo.Mode().IsRegular() { + logrus.Infof("RDT configuration file found") + containerdConfig.RDTConfig = rdtPath + } } } + +// configureACL will configure an Access Control List for the specified file. +// On Linux, this function is a no-op +func configureACL(file string) error { + return nil +} \ No newline at end of file diff --git a/pkg/agent/config/config_linux_test.go b/pkg/agent/config/config_linux_test.go new file mode 100644 index 000000000..281719e8d --- /dev/null +++ b/pkg/agent/config/config_linux_test.go @@ -0,0 +1,165 @@ +//go:build linux +// +build linux + +package config + +import ( + "os" + "path/filepath" + "reflect" + "testing" + + "github.com/xiaods/k8e/pkg/cli/cmds" + "github.com/xiaods/k8e/pkg/daemons/config" + "github.com/xiaods/k8e/tests" +) + +func Test_UnitApplyContainerdQoSClassConfigFileIfPresent(t *testing.T) { + configControl := config.Control{ + DataDir: "/tmp/k8e/", + } + + if err := tests.GenerateDataDir(&configControl); err != nil { + t.Errorf("Test_UnitApplyContainerdQoSClassConfigFileIfPresent() setup failed = %v", err) + } + defer tests.CleanupDataDir(&configControl) + + containerdConfigDir := filepath.Join(configControl.DataDir, "agent", "etc", "containerd") + os.MkdirAll(containerdConfigDir, 0700) + + type args struct { + envInfo *cmds.Agent + containerdConfig *config.Containerd + } + tests := []struct { + name string + args args + setup func() error + teardown func() + want *config.Containerd + }{ + { + name: "No config file", + args: args{ + envInfo: &cmds.Agent{ + DataDir: configControl.DataDir, + }, + containerdConfig: &config.Containerd{}, + }, + setup: func() error { + return nil + }, + teardown: func() {}, + want: &config.Containerd{}, + }, + { + name: "BlockIO config file", + args: args{ + envInfo: &cmds.Agent{ + DataDir: configControl.DataDir, + }, + containerdConfig: &config.Containerd{}, + }, + setup: func() error { + _, err := os.Create(filepath.Join(containerdConfigDir, "blockio_config.yaml")) + return err + }, + teardown: func() { + os.Remove(filepath.Join(containerdConfigDir, "blockio_config.yaml")) + }, + want: &config.Containerd{ + BlockIOConfig: filepath.Join(containerdConfigDir, "blockio_config.yaml"), + }, + }, + { + name: "RDT config file", + args: args{ + envInfo: &cmds.Agent{ + DataDir: configControl.DataDir, + }, + containerdConfig: &config.Containerd{}, + }, + setup: func() error { + _, err := os.Create(filepath.Join(containerdConfigDir, "rdt_config.yaml")) + return err + }, + teardown: func() { + os.Remove(filepath.Join(containerdConfigDir, "rdt_config.yaml")) + }, + want: &config.Containerd{ + RDTConfig: filepath.Join(containerdConfigDir, "rdt_config.yaml"), + }, + }, + { + name: "Both config files", + args: args{ + envInfo: &cmds.Agent{ + DataDir: configControl.DataDir, + }, + containerdConfig: &config.Containerd{}, + }, + setup: func() error { + _, err := os.Create(filepath.Join(containerdConfigDir, "blockio_config.yaml")) + if err != nil { + return err + } + _, err = os.Create(filepath.Join(containerdConfigDir, "rdt_config.yaml")) + return err + }, + teardown: func() { + os.Remove(filepath.Join(containerdConfigDir, "blockio_config.yaml")) + os.Remove(filepath.Join(containerdConfigDir, "rdt_config.yaml")) + }, + want: &config.Containerd{ + BlockIOConfig: filepath.Join(containerdConfigDir, "blockio_config.yaml"), + RDTConfig: filepath.Join(containerdConfigDir, "rdt_config.yaml"), + }, + }, + { + name: "BlockIO path is a directory", + args: args{ + envInfo: &cmds.Agent{ + DataDir: configControl.DataDir, + }, + containerdConfig: &config.Containerd{}, + }, + setup: func() error { + return os.Mkdir(filepath.Join(containerdConfigDir, "blockio_config.yaml"), 0700) + }, + teardown: func() { + os.Remove(filepath.Join(containerdConfigDir, "blockio_config.yaml")) + }, + want: &config.Containerd{}, + }, + { + name: "RDT path is a directory", + args: args{ + envInfo: &cmds.Agent{ + DataDir: configControl.DataDir, + }, + containerdConfig: &config.Containerd{}, + }, + setup: func() error { + return os.Mkdir(filepath.Join(containerdConfigDir, "rdt_config.yaml"), 0700) + }, + teardown: func() { + os.Remove(filepath.Join(containerdConfigDir, "rdt_config.yaml")) + }, + want: &config.Containerd{}, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + tt.setup() + defer tt.teardown() + + envInfo := tt.args.envInfo + containerdConfig := tt.args.containerdConfig + applyContainerdQoSClassConfigFileIfPresent(envInfo, containerdConfig) + if !reflect.DeepEqual(containerdConfig, tt.want) { + t.Errorf("applyContainerdQoSClassConfigFileIfPresent() = %+v\nWant %+v", containerdConfig, tt.want) + } + }) + } +} \ No newline at end of file diff --git a/pkg/agent/config/config_windows.go b/pkg/agent/config/config_windows.go index 24d3404d1..1432a47c2 100644 --- a/pkg/agent/config/config_windows.go +++ b/pkg/agent/config/config_windows.go @@ -8,6 +8,11 @@ import ( "github.com/xiaods/k8e/pkg/cli/cmds" "github.com/xiaods/k8e/pkg/daemons/config" + "github.com/pkg/errors" + "github.com/rancher/permissions/pkg/access" + "github.com/rancher/permissions/pkg/acl" + "github.com/rancher/permissions/pkg/sid" + "golang.org/x/sys/windows" ) func applyContainerdStateAndAddress(nodeConfig *config.Node) { @@ -19,6 +24,22 @@ func applyCRIDockerdAddress(nodeConfig *config.Node) { nodeConfig.CRIDockerd.Address = "npipe:////.pipe/cri-dockerd" } -func applyContainerdQoSClassConfigFileIfPresent(envInfo *cmds.Agent, nodeConfig *config.Node) { +func applyContainerdQoSClassConfigFileIfPresent(envInfo *cmds.Agent, containerdConfig *config.Containerd) { // QoS-class resource management not supported on windows. } + +// configureACL will configure an Access Control List for the specified file, +// ensuring that only the LocalSystem and Administrators Group have access to the file contents +func configureACL(file string) error { + // by default Apply will use the current user (LocalSystem in the case of a Windows service) + // as the owner and current user group as the allowed group + // additionally, we define a DACL to permit access to the file to the local system and all administrators + if err := acl.Apply(file, nil, nil, []windows.EXPLICIT_ACCESS{ + access.GrantSid(windows.GENERIC_ALL, sid.LocalSystem()), + access.GrantSid(windows.GENERIC_ALL, sid.BuiltinAdministrators()), + }...); err != nil { + return errors.Wrapf(err, "failed to configure Access Control List For %s", file) + } + + return nil +} \ No newline at end of file diff --git a/pkg/agent/containerd/config.go b/pkg/agent/containerd/config.go new file mode 100644 index 000000000..6cf72a849 --- /dev/null +++ b/pkg/agent/containerd/config.go @@ -0,0 +1,288 @@ +package containerd + +import ( + "bufio" + "fmt" + "net" + "net/url" + "os" + "path/filepath" + "strings" + + "github.com/containerd/containerd/remotes/docker" + "github.com/xiaods/k8e/pkg/agent/templates" + util2 "github.com/xiaods/k8e/pkg/agent/util" + "github.com/xiaods/k8e/pkg/daemons/config" + "github.com/xiaods/k8e/pkg/spegel" + "github.com/xiaods/k8e/pkg/version" + "github.com/rancher/wharfie/pkg/registries" + "github.com/sirupsen/logrus" +) + +type HostConfigs map[string]templates.HostConfig + +// writeContainerdConfig renders and saves config.toml from the filled template +func writeContainerdConfig(cfg *config.Node, containerdConfig templates.ContainerdConfig) error { + var containerdTemplate string + containerdTemplateBytes, err := os.ReadFile(cfg.Containerd.Template) + if err == nil { + logrus.Infof("Using containerd template at %s", cfg.Containerd.Template) + containerdTemplate = string(containerdTemplateBytes) + } else if os.IsNotExist(err) { + containerdTemplate = templates.ContainerdConfigTemplate + } else { + return err + } + parsedTemplate, err := templates.ParseTemplateFromConfig(containerdTemplate, containerdConfig) + if err != nil { + return err + } + + return util2.WriteFile(cfg.Containerd.Config, parsedTemplate) +} + +// writeContainerdHosts merges registry mirrors/configs, and renders and saves hosts.toml from the filled template +func writeContainerdHosts(cfg *config.Node, containerdConfig templates.ContainerdConfig) error { + mirrorAddr := net.JoinHostPort(spegel.DefaultRegistry.InternalAddress, spegel.DefaultRegistry.RegistryPort) + hosts := getHostConfigs(containerdConfig.PrivateRegistryConfig, containerdConfig.NoDefaultEndpoint, mirrorAddr) + + // Clean up previous configuration templates + if err := cleanContainerdHosts(cfg.Containerd.Registry, hosts); err != nil { + return err + } + + // Write out new templates + for host, config := range hosts { + hostDir := filepath.Join(cfg.Containerd.Registry, host) + hostsFile := filepath.Join(hostDir, "hosts.toml") + hostsTemplate, err := templates.ParseHostsTemplateFromConfig(templates.HostsTomlTemplate, config) + if err != nil { + return err + } + if err := os.MkdirAll(hostDir, 0700); err != nil { + return err + } + if err := util2.WriteFile(hostsFile, hostsTemplate); err != nil { + return err + } + } + + return nil +} + +// cleanContainerdHosts removes any registry host config dirs containing a hosts.toml file +// with a header that indicates it was created by k8e, or directories where a hosts.toml +// is about to be written. Unmanaged directories not containing this file, or containing +// a file without the header, are left alone. +func cleanContainerdHosts(dir string, hosts HostConfigs) error { + // clean directories for any registries that we are about to generate a hosts.toml for + for host := range hosts { + hostsDir := filepath.Join(dir, host) + os.RemoveAll(hostsDir) + } + + // clean directories that contain a hosts.toml with a header indicating it was created by k8e + ents, err := os.ReadDir(dir) + if err != nil && !os.IsNotExist(err) { + return err + } + + for _, ent := range ents { + if !ent.IsDir() { + continue + } + hostsFile := filepath.Join(dir, ent.Name(), "hosts.toml") + file, err := os.Open(hostsFile) + if err != nil { + if os.IsNotExist(err) { + continue + } + return err + } + line, err := bufio.NewReader(file).ReadString('\n') + if err != nil { + continue + } + if line == templates.HostsTomlHeader { + hostsDir := filepath.Join(dir, ent.Name()) + os.RemoveAll(hostsDir) + } + } + + return nil +} + +// getHostConfigs merges the registry mirrors/configs into HostConfig template structs +func getHostConfigs(registry *registries.Registry, noDefaultEndpoint bool, mirrorAddr string) HostConfigs { + hosts := map[string]templates.HostConfig{} + + // create config for default endpoints + for host, config := range registry.Configs { + if c, err := defaultHostConfig(host, mirrorAddr, config); err != nil { + logrus.Errorf("Failed to generate config for registry %s: %v", host, err) + } else { + if host == "*" { + host = "_default" + } + hosts[host] = *c + } + } + + // create endpoints for mirrors + for host, mirror := range registry.Mirrors { + // create the default config, if it wasn't explicitly mentioned in the config section + config, ok := hosts[host] + if !ok { + if c, err := defaultHostConfig(host, mirrorAddr, configForHost(registry.Configs, host)); err != nil { + logrus.Errorf("Failed to generate config for registry %s: %v", host, err) + continue + } else { + if noDefaultEndpoint { + c.Default = nil + } else if host == "*" { + c.Default = &templates.RegistryEndpoint{URL: &url.URL{}} + } + config = *c + } + } + + // track which endpoints we've already seen to avoid creating duplicates + seenEndpoint := map[string]bool{} + + // TODO: rewrites are currently copied from the mirror settings into each endpoint. + // In the future, we should allow for per-endpoint rewrites, instead of expecting + // all mirrors to have the same structure. This will require changes to the registries.yaml + // structure, which is defined in rancher/wharfie. + for i, endpoint := range mirror.Endpoints { + registryName, url, override, err := normalizeEndpointAddress(endpoint, mirrorAddr) + if err != nil { + logrus.Warnf("Ignoring invalid endpoint URL %d=%s for %s: %v", i, endpoint, host, err) + } else if _, ok := seenEndpoint[url.String()]; ok { + logrus.Warnf("Skipping duplicate endpoint URL %d=%s for %s", i, endpoint, host) + } else { + seenEndpoint[url.String()] = true + var rewrites map[string]string + // Do not apply rewrites to the embedded registry endpoint + if url.Host != mirrorAddr { + rewrites = mirror.Rewrites + } + ep := templates.RegistryEndpoint{ + Config: configForHost(registry.Configs, registryName), + Rewrites: rewrites, + OverridePath: override, + URL: url, + } + if i+1 == len(mirror.Endpoints) && endpointURLEqual(config.Default, &ep) { + // if the last endpoint is the default endpoint, move it there + config.Default = &ep + } else { + config.Endpoints = append(config.Endpoints, ep) + } + } + } + + if host == "*" { + host = "_default" + } + hosts[host] = config + } + + // Clean up hosts and default endpoints where resulting config leaves only defaults + for host, config := range hosts { + // if this host has no endpoints and the default has no config, delete this host + if len(config.Endpoints) == 0 && !endpointHasConfig(config.Default) { + delete(hosts, host) + } + } + + return hosts +} + +// normalizeEndpointAddress normalizes the endpoint address. +// If successful, it returns the registry name, URL, and a bool indicating if the endpoint path should be overridden. +// If unsuccessful, an error is returned. +// Scheme and hostname logic should match containerd: +// https://github.com/containerd/containerd/blob/v1.7.13/remotes/docker/config/hosts.go#L99-L131 +func normalizeEndpointAddress(endpoint, mirrorAddr string) (string, *url.URL, bool, error) { + // Ensure that the endpoint address has a scheme so that the URL is parsed properly + if !strings.Contains(endpoint, "://") { + endpoint = "//" + endpoint + } + endpointURL, err := url.Parse(endpoint) + if err != nil { + return "", nil, false, err + } + port := endpointURL.Port() + + // set default scheme, if not provided + if endpointURL.Scheme == "" { + // localhost on odd ports defaults to http, unless it's the embedded mirror + if docker.IsLocalhost(endpointURL.Host) && port != "" && port != "443" && endpointURL.Host != mirrorAddr { + endpointURL.Scheme = "http" + } else { + endpointURL.Scheme = "https" + } + } + registry := endpointURL.Host + endpointURL.Host, _ = docker.DefaultHost(registry) + // This is the reverse of the DefaultHost normalization + if endpointURL.Host == "registry-1.docker.io" { + registry = "docker.io" + } + + switch endpointURL.Path { + case "", "/", "/v2": + // If the path is empty, /, or /v2, use the default path. + endpointURL.Path = "/v2" + return registry, endpointURL, false, nil + } + + return registry, endpointURL, true, nil +} + +func defaultHostConfig(host, mirrorAddr string, config registries.RegistryConfig) (*templates.HostConfig, error) { + _, url, _, err := normalizeEndpointAddress(host, mirrorAddr) + if err != nil { + return nil, fmt.Errorf("invalid endpoint URL %s for %s: %v", host, host, err) + } + if host == "*" { + url = nil + } + return &templates.HostConfig{ + Program: version.Program, + Default: &templates.RegistryEndpoint{ + URL: url, + Config: config, + }, + }, nil +} + +func configForHost(configs map[string]registries.RegistryConfig, host string) registries.RegistryConfig { + // check for config under modified hostname. If the hostname is unmodified, or there is no config for + // the modified hostname, return the config for the default hostname. + if h, _ := docker.DefaultHost(host); h != host { + if c, ok := configs[h]; ok { + return c + } + } + return configs[host] +} + +// endpointURLEqual compares endpoint URL strings +func endpointURLEqual(a, b *templates.RegistryEndpoint) bool { + var au, bu string + if a != nil && a.URL != nil { + au = a.URL.String() + } + if b != nil && b.URL != nil { + bu = b.URL.String() + } + return au == bu +} + +func endpointHasConfig(ep *templates.RegistryEndpoint) bool { + if ep != nil { + return ep.OverridePath || ep.Config.Auth != nil || ep.Config.TLS != nil || len(ep.Rewrites) > 0 + } + return false +} \ No newline at end of file diff --git a/pkg/agent/containerd/config_linux.go b/pkg/agent/containerd/config_linux.go index 96f6f5e2f..e83b273f2 100644 --- a/pkg/agent/containerd/config_linux.go +++ b/pkg/agent/containerd/config_linux.go @@ -4,25 +4,28 @@ package containerd import ( - "context" "os" "github.com/containerd/containerd" + overlayutils "github.com/containerd/containerd/snapshots/overlay/overlayutils" + fuseoverlayfs "github.com/containerd/fuse-overlayfs-snapshotter" + stargz "github.com/containerd/stargz-snapshotter/service" "github.com/docker/docker/pkg/parsers/kernel" - "github.com/opencontainers/runc/libcontainer/userns" - "github.com/pkg/errors" - "github.com/rancher/wharfie/pkg/registries" - "github.com/sirupsen/logrus" "github.com/xiaods/k8e/pkg/agent/templates" - util2 "github.com/xiaods/k8e/pkg/agent/util" "github.com/xiaods/k8e/pkg/cgroups" "github.com/xiaods/k8e/pkg/daemons/config" "github.com/xiaods/k8e/pkg/version" + "github.com/opencontainers/runc/libcontainer/userns" + "github.com/pkg/errors" + "github.com/sirupsen/logrus" "golang.org/x/sys/unix" - "k8s.io/kubernetes/pkg/kubelet/util" + "k8s.io/cri-client/pkg/util" ) -const socketPrefix = "unix://" +const ( + socketPrefix = "unix://" + runtimesPath = "/usr/local/nvidia/toolkit:/opt/kwasm/bin" +) func getContainerdArgs(cfg *config.Node) []string { args := []string{ @@ -35,14 +38,9 @@ func getContainerdArgs(cfg *config.Node) []string { return args } -// setupContainerdConfig generates the containerd.toml, using a template combined with various +// SetupContainerdConfig generates the containerd.toml, using a template combined with various // runtime configurations and registry mirror settings provided by the administrator. -func setupContainerdConfig(ctx context.Context, cfg *config.Node) error { - privRegistries, err := registries.GetPrivateRegistries(cfg.AgentConfig.PrivateRegistry) - if err != nil { - return err - } - +func SetupContainerdConfig(cfg *config.Node) error { isRunningInUserNS := userns.RunningInUserNS() _, _, controllers := cgroups.CheckCgroups() // "/sys/fs/cgroup" is namespaced @@ -57,23 +55,28 @@ func setupContainerdConfig(ctx context.Context, cfg *config.Node) error { cfg.AgentConfig.Systemd = !isRunningInUserNS && controllers["cpuset"] && os.Getenv("INVOCATION_ID") != "" } - extraRuntimes := findContainerRuntimes(os.DirFS(string(os.PathSeparator))) + // set the path to include the default runtimes and remove the aditional path entries + // that we added after finding the runtimes + originalPath := os.Getenv("PATH") + os.Setenv("PATH", runtimesPath+string(os.PathListSeparator)+originalPath) + extraRuntimes := findContainerRuntimes() + os.Setenv("PATH", originalPath) // Verifies if the DefaultRuntime can be found if _, ok := extraRuntimes[cfg.DefaultRuntime]; !ok && cfg.DefaultRuntime != "" { return errors.Errorf("default runtime %s was not found", cfg.DefaultRuntime) } - var containerdTemplate string containerdConfig := templates.ContainerdConfig{ NodeConfig: cfg, DisableCgroup: disableCgroup, SystemdCgroup: cfg.AgentConfig.Systemd, IsRunningInUserNS: isRunningInUserNS, EnableUnprivileged: kernel.CheckKernelVersion(4, 11, 0), - PrivateRegistryConfig: privRegistries.Registry, + PrivateRegistryConfig: cfg.AgentConfig.Registry, ExtraRuntimes: extraRuntimes, Program: version.Program, + NoDefaultEndpoint: cfg.Containerd.NoDefault, } selEnabled, selConfigured, err := selinuxStatus() @@ -87,24 +90,13 @@ func setupContainerdConfig(ctx context.Context, cfg *config.Node) error { logrus.Warnf("SELinux is enabled for "+version.Program+" but process is not running in context '%s', "+version.Program+"-selinux policy may need to be applied", SELinuxContextType) } - containerdTemplateBytes, err := os.ReadFile(cfg.Containerd.Template) - if err == nil { - logrus.Infof("Using containerd template at %s", cfg.Containerd.Template) - containerdTemplate = string(containerdTemplateBytes) - } else if os.IsNotExist(err) { - containerdTemplate = templates.ContainerdConfigTemplate - } else { - return err - } - parsedTemplate, err := templates.ParseTemplateFromConfig(containerdTemplate, containerdConfig) - if err != nil { + if err := writeContainerdConfig(cfg, containerdConfig); err != nil { return err } - return util2.WriteFile(cfg.Containerd.Config, parsedTemplate) + return writeContainerdHosts(cfg, containerdConfig) } -// Client returns a containerd client for the given address func Client(address string) (*containerd.Client, error) { addr, _, err := util.GetAddressAndDialer(socketPrefix + address) if err != nil { @@ -113,3 +105,15 @@ func Client(address string) (*containerd.Client, error) { return containerd.New(addr) } + +func OverlaySupported(root string) error { + return overlayutils.Supported(root) +} + +func FuseoverlayfsSupported(root string) error { + return fuseoverlayfs.Supported(root) +} + +func StargzSupported(root string) error { + return stargz.Supported(root) +} \ No newline at end of file diff --git a/pkg/agent/containerd/config_test.go b/pkg/agent/containerd/config_test.go new file mode 100644 index 000000000..fa28b999e --- /dev/null +++ b/pkg/agent/containerd/config_test.go @@ -0,0 +1,1517 @@ +package containerd + +import ( + "net" + "net/url" + "os" + "path/filepath" + "strings" + "testing" + + "github.com/xiaods/k8e/pkg/agent/templates" + "github.com/xiaods/k8e/pkg/daemons/config" + "github.com/xiaods/k8e/pkg/spegel" + "github.com/rancher/wharfie/pkg/registries" + "github.com/sirupsen/logrus" + "github.com/stretchr/testify/assert" +) + +func init() { + logrus.SetLevel(logrus.DebugLevel) +} + +func u(s string) *url.URL { + u, err := url.Parse(s) + if err != nil { + panic(err) + } + return u +} + +func Test_UnitGetHostConfigs(t *testing.T) { + type args struct { + registryContent string + noDefaultEndpoint bool + mirrorAddr string + } + tests := []struct { + name string + args args + want HostConfigs + }{ + { + name: "no registries", + want: HostConfigs{}, + }, + { + name: "registry with default endpoint", + args: args{ + registryContent: ` + mirrors: + docker.io: + `, + }, + want: HostConfigs{}, + }, + { + name: "registry with default endpoint explicitly listed", + args: args{ + registryContent: ` + mirrors: + docker.io: + endpoint: + - docker.io + `, + }, + want: HostConfigs{}, + }, + { + name: "registry with default endpoint - embedded registry", + args: args{ + mirrorAddr: "127.0.0.1:6443", + registryContent: ` + mirrors: + docker.io: + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://127.0.0.1:6443/v2"), + Config: registries.RegistryConfig{ + TLS: ®istries.TLSConfig{ + CAFile: "server-ca", + KeyFile: "client-key", + CertFile: "client-cert", + }, + }, + }, + }, + }, + "127.0.0.1:6443": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://127.0.0.1:6443/v2"), + Config: registries.RegistryConfig{ + TLS: ®istries.TLSConfig{ + CAFile: "server-ca", + KeyFile: "client-key", + CertFile: "client-cert", + }, + }, + }, + }, + }, + }, + { + name: "registry with default endpoint and creds", + args: args{ + registryContent: ` + mirrors: + docker.io: + configs: + docker.io: + auth: + username: user + password: pass + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + Config: registries.RegistryConfig{ + Auth: ®istries.AuthConfig{ + Username: "user", + Password: "pass", + }, + }, + }, + }, + }, + }, + { + name: "registry with default endpoint explicitly listed and creds", + args: args{ + registryContent: ` + mirrors: + docker.io: + endpoint: + - docker.io + configs: + docker.io: + auth: + username: user + password: pass + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + Config: registries.RegistryConfig{ + Auth: ®istries.AuthConfig{ + Username: "user", + Password: "pass", + }, + }, + }, + }, + }, + }, + + { + name: "registry with only creds", + args: args{ + registryContent: ` + configs: + docker.io: + auth: + username: user + password: pass + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + Config: registries.RegistryConfig{ + Auth: ®istries.AuthConfig{ + Username: "user", + Password: "pass", + }, + }, + }, + }, + }, + }, + { + name: "private registry with default endpoint", + args: args{ + registryContent: ` + mirrors: + registry.example.com: + `, + }, + want: HostConfigs{}, + }, + { + name: "private registry with default endpoint and creds", + args: args{ + registryContent: ` + mirrors: + registry.example.com: + configs: + registry.example.com: + auth: + username: user + password: pass + `, + }, + want: HostConfigs{ + "registry.example.com": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry.example.com/v2"), + Config: registries.RegistryConfig{ + Auth: ®istries.AuthConfig{ + Username: "user", + Password: "pass", + }, + }, + }, + }, + }, + }, + { + name: "private registry with only creds", + args: args{ + registryContent: ` + configs: + registry.example.com: + auth: + username: user + password: pass + `, + }, + want: HostConfigs{ + "registry.example.com": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry.example.com/v2"), + Config: registries.RegistryConfig{ + Auth: ®istries.AuthConfig{ + Username: "user", + Password: "pass", + }, + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint - full URL with override path", + args: args{ + registryContent: ` + mirrors: + docker.io: + endpoint: + - https://registry.example.com/prefix/v2 + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + OverridePath: true, + URL: u("https://registry.example.com/prefix/v2"), + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint - hostname only with override path", + args: args{ + registryContent: ` + mirrors: + docker.io: + endpoint: + - registry.example.com/prefix/v2 + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + OverridePath: true, + URL: u("https://registry.example.com/prefix/v2"), + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint - hostname only with default path", + args: args{ + registryContent: ` + mirrors: + docker.io: + endpoint: + - registry.example.com/v2 + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://registry.example.com/v2"), + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint - full URL", + args: args{ + registryContent: ` + mirrors: + docker.io: + endpoint: + - https://registry.example.com/v2 + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://registry.example.com/v2"), + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint - URL without path", + args: args{ + registryContent: ` + mirrors: + docker.io: + endpoint: + - https://registry.example.com + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://registry.example.com/v2"), + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint - hostname only", + args: args{ + registryContent: ` + mirrors: + docker.io: + endpoint: + - registry.example.com + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://registry.example.com/v2"), + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint - hostname and port only", + args: args{ + registryContent: ` + mirrors: + docker.io: + endpoint: + - registry.example.com:443 + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://registry.example.com:443/v2"), + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint - ip address only", + args: args{ + registryContent: ` + mirrors: + docker.io: + endpoint: + - 1.2.3.4 + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://1.2.3.4/v2"), + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint - ip and port only", + args: args{ + registryContent: ` + mirrors: + docker.io: + endpoint: + - 1.2.3.4:443 + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://1.2.3.4:443/v2"), + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint - duplicate endpoints", + args: args{ + registryContent: ` + mirrors: + docker.io: + endpoint: + - registry.example.com + - registry.example.com + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://registry.example.com/v2"), + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint - duplicate endpoints in different formats", + args: args{ + registryContent: ` + mirrors: + docker.io: + endpoint: + - registry.example.com + - https://registry.example.com + - https://registry.example.com/v2 + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://registry.example.com/v2"), + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint - duplicate endpoints in different positions", + args: args{ + registryContent: ` + mirrors: + docker.io: + endpoint: + - https://registry.example.com + - https://registry.example.org + - https://registry.example.com + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://registry.example.com/v2"), + }, + { + URL: u("https://registry.example.org/v2"), + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint - localhost and port only", + args: args{ + registryContent: ` + mirrors: + docker.io: + endpoint: + - localhost:5000 + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("http://localhost:5000/v2"), + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint - localhost and port with scheme", + args: args{ + registryContent: ` + mirrors: + docker.io: + endpoint: + - https://localhost:5000 + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://localhost:5000/v2"), + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint - loopback ip and port only", + args: args{ + registryContent: ` + mirrors: + docker.io: + endpoint: + - 127.0.0.1:5000 + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("http://127.0.0.1:5000/v2"), + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint - loopback ip and port with scheme", + args: args{ + registryContent: ` + mirrors: + docker.io: + endpoint: + - https://127.0.0.1:5000 + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://127.0.0.1:5000/v2"), + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint and mirror creds", + args: args{ + registryContent: ` + mirrors: + docker.io: + endpoint: + - https://registry.example.com/v2 + configs: + registry.example.com: + auth: + username: user + password: pass + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://registry.example.com/v2"), + Config: registries.RegistryConfig{ + Auth: ®istries.AuthConfig{ + Username: "user", + Password: "pass", + }, + }, + }, + }, + }, + "registry.example.com": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry.example.com/v2"), + Config: registries.RegistryConfig{ + Auth: ®istries.AuthConfig{ + Username: "user", + Password: "pass", + }, + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint and mirror creds - override path with v2", + args: args{ + registryContent: ` + mirrors: + docker.io: + endpoint: + - https://registry.example.com/prefix/v2 + registry.example.com: + endpoint: + - https://registry.example.com/prefix/v2 + configs: + registry.example.com: + auth: + username: user + password: pass + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + OverridePath: true, + URL: u("https://registry.example.com/prefix/v2"), + Config: registries.RegistryConfig{ + Auth: ®istries.AuthConfig{ + Username: "user", + Password: "pass", + }, + }, + }, + }, + }, + "registry.example.com": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry.example.com/v2"), + Config: registries.RegistryConfig{ + Auth: ®istries.AuthConfig{ + Username: "user", + Password: "pass", + }, + }, + }, + Endpoints: []templates.RegistryEndpoint{ + { + OverridePath: true, + URL: u("https://registry.example.com/prefix/v2"), + Config: registries.RegistryConfig{ + Auth: ®istries.AuthConfig{ + Username: "user", + Password: "pass", + }, + }, + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint and mirror creds - override path without v2", + args: args{ + registryContent: ` + mirrors: + docker.io: + endpoint: + - https://registry.example.com/project/registry + registry.example.com: + endpoint: + - https://registry.example.com/project/registry + configs: + registry.example.com: + auth: + username: user + password: pass + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + OverridePath: true, + URL: u("https://registry.example.com/project/registry"), + Config: registries.RegistryConfig{ + Auth: ®istries.AuthConfig{ + Username: "user", + Password: "pass", + }, + }, + }, + }, + }, + "registry.example.com": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry.example.com/v2"), + Config: registries.RegistryConfig{ + Auth: ®istries.AuthConfig{ + Username: "user", + Password: "pass", + }, + }, + }, + Endpoints: []templates.RegistryEndpoint{ + { + OverridePath: true, + URL: u("https://registry.example.com/project/registry"), + Config: registries.RegistryConfig{ + Auth: ®istries.AuthConfig{ + Username: "user", + Password: "pass", + }, + }, + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint and mirror creds - no default endpoint", + args: args{ + noDefaultEndpoint: true, + registryContent: ` + mirrors: + docker.io: + endpoint: + - https://registry.example.com/v2 + configs: + registry.example.com: + auth: + username: user + password: pass + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://registry.example.com/v2"), + Config: registries.RegistryConfig{ + Auth: ®istries.AuthConfig{ + Username: "user", + Password: "pass", + }, + }, + }, + }, + }, + "registry.example.com": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry.example.com/v2"), + Config: registries.RegistryConfig{ + Auth: ®istries.AuthConfig{ + Username: "user", + Password: "pass", + }, + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint and mirror creds - embedded registry", + args: args{ + mirrorAddr: "127.0.0.1:6443", + registryContent: ` + mirrors: + docker.io: + endpoint: + - https://registry.example.com/v2 + configs: + registry.example.com: + auth: + username: user + password: pass + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://127.0.0.1:6443/v2"), + Config: registries.RegistryConfig{ + TLS: ®istries.TLSConfig{ + CAFile: "server-ca", + KeyFile: "client-key", + CertFile: "client-cert", + }, + }, + }, + { + URL: u("https://registry.example.com/v2"), + Config: registries.RegistryConfig{ + Auth: ®istries.AuthConfig{ + Username: "user", + Password: "pass", + }, + }, + }, + }, + }, + "registry.example.com": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry.example.com/v2"), + Config: registries.RegistryConfig{ + Auth: ®istries.AuthConfig{ + Username: "user", + Password: "pass", + }, + }, + }, + }, + "127.0.0.1:6443": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://127.0.0.1:6443/v2"), + Config: registries.RegistryConfig{ + TLS: ®istries.TLSConfig{ + CAFile: "server-ca", + KeyFile: "client-key", + CertFile: "client-cert", + }, + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint and mirror creds - embedded registry with rewrites", + args: args{ + mirrorAddr: "127.0.0.1:6443", + registryContent: ` + mirrors: + docker.io: + endpoint: + - https://registry.example.com/v2 + rewrite: + "^rancher/(.*)": "docker/rancher-images/$1" + configs: + registry.example.com: + auth: + username: user + password: pass + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://127.0.0.1:6443/v2"), + Config: registries.RegistryConfig{ + TLS: ®istries.TLSConfig{ + CAFile: "server-ca", + KeyFile: "client-key", + CertFile: "client-cert", + }, + }, + }, + { + URL: u("https://registry.example.com/v2"), + Config: registries.RegistryConfig{ + Auth: ®istries.AuthConfig{ + Username: "user", + Password: "pass", + }, + }, + Rewrites: map[string]string{ + "^rancher/(.*)": "docker/rancher-images/$1", + }, + }, + }, + }, + "registry.example.com": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry.example.com/v2"), + Config: registries.RegistryConfig{ + Auth: ®istries.AuthConfig{ + Username: "user", + Password: "pass", + }, + }, + }, + }, + "127.0.0.1:6443": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://127.0.0.1:6443/v2"), + Config: registries.RegistryConfig{ + TLS: ®istries.TLSConfig{ + CAFile: "server-ca", + KeyFile: "client-key", + CertFile: "client-cert", + }, + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint and mirror creds - embedded registry and no default endpoint", + args: args{ + mirrorAddr: "127.0.0.1:6443", + noDefaultEndpoint: true, + registryContent: ` + mirrors: + docker.io: + endpoint: + - https://registry.example.com/v2 + configs: + registry.example.com: + auth: + username: user + password: pass + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://127.0.0.1:6443/v2"), + Config: registries.RegistryConfig{ + TLS: ®istries.TLSConfig{ + CAFile: "server-ca", + KeyFile: "client-key", + CertFile: "client-cert", + }, + }, + }, + { + URL: u("https://registry.example.com/v2"), + Config: registries.RegistryConfig{ + Auth: ®istries.AuthConfig{ + Username: "user", + Password: "pass", + }, + }, + }, + }, + }, + "registry.example.com": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry.example.com/v2"), + Config: registries.RegistryConfig{ + Auth: ®istries.AuthConfig{ + Username: "user", + Password: "pass", + }, + }, + }, + }, + "127.0.0.1:6443": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://127.0.0.1:6443/v2"), + Config: registries.RegistryConfig{ + TLS: ®istries.TLSConfig{ + CAFile: "server-ca", + KeyFile: "client-key", + CertFile: "client-cert", + }, + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint - embedded registry, default endpoint explicitly listed", + args: args{ + mirrorAddr: "127.0.0.1:6443", + registryContent: ` + mirrors: + docker.io: + endpoint: + - registry.example.com + - registry.example.org + - docker.io + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://registry-1.docker.io/v2"), + }, + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://127.0.0.1:6443/v2"), + Config: registries.RegistryConfig{ + TLS: ®istries.TLSConfig{ + CAFile: "server-ca", + KeyFile: "client-key", + CertFile: "client-cert", + }, + }, + }, + { + URL: u("https://registry.example.com/v2"), + }, + { + URL: u("https://registry.example.org/v2"), + }, + }, + }, + "127.0.0.1:6443": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://127.0.0.1:6443/v2"), + Config: registries.RegistryConfig{ + TLS: ®istries.TLSConfig{ + CAFile: "server-ca", + KeyFile: "client-key", + CertFile: "client-cert", + }, + }, + }, + }, + }, + }, + { + name: "registry with mirror endpoint - embedded registry and no default endpoint, default endpoint explicitly listed", + args: args{ + mirrorAddr: "127.0.0.1:6443", + noDefaultEndpoint: true, + registryContent: ` + mirrors: + docker.io: + endpoint: + - registry.example.com + - registry.example.org + - docker.io + `, + }, + want: HostConfigs{ + "docker.io": templates.HostConfig{ + Program: "k8e", + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://127.0.0.1:6443/v2"), + Config: registries.RegistryConfig{ + TLS: ®istries.TLSConfig{ + CAFile: "server-ca", + KeyFile: "client-key", + CertFile: "client-cert", + }, + }, + }, + { + URL: u("https://registry.example.com/v2"), + }, + { + URL: u("https://registry.example.org/v2"), + }, + { + URL: u("https://registry-1.docker.io/v2"), + }, + }, + }, + "127.0.0.1:6443": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://127.0.0.1:6443/v2"), + Config: registries.RegistryConfig{ + TLS: ®istries.TLSConfig{ + CAFile: "server-ca", + KeyFile: "client-key", + CertFile: "client-cert", + }, + }, + }, + }, + }, + }, + { + name: "wildcard mirror endpoint - no endpoints", + args: args{ + registryContent: ` + mirrors: + "*": + `, + }, + want: HostConfigs{}, + }, + { + name: "wildcard mirror endpoint - full URL", + args: args{ + registryContent: ` + mirrors: + "*": + endpoint: + - https://registry.example.com/v2 + `, + }, + want: HostConfigs{ + "_default": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u(""), + }, + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://registry.example.com/v2"), + }, + }, + }, + }, + }, + { + name: "wildcard mirror endpoint - full URL, embedded registry", + args: args{ + mirrorAddr: "127.0.0.1:6443", + registryContent: ` + mirrors: + "*": + endpoint: + - https://registry.example.com/v2 + `, + }, + want: HostConfigs{ + "_default": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u(""), + }, + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://127.0.0.1:6443/v2"), + Config: registries.RegistryConfig{ + TLS: ®istries.TLSConfig{ + CAFile: "server-ca", + KeyFile: "client-key", + CertFile: "client-cert", + }, + }, + }, + { + URL: u("https://registry.example.com/v2"), + }, + }, + }, + "127.0.0.1:6443": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://127.0.0.1:6443/v2"), + Config: registries.RegistryConfig{ + TLS: ®istries.TLSConfig{ + CAFile: "server-ca", + KeyFile: "client-key", + CertFile: "client-cert", + }, + }, + }, + }, + }, + }, + { + name: "wildcard mirror endpoint - full URL, embedded registry, no default", + args: args{ + noDefaultEndpoint: true, + mirrorAddr: "127.0.0.1:6443", + registryContent: ` + mirrors: + "*": + endpoint: + - https://registry.example.com/v2 + `, + }, + want: HostConfigs{ + "_default": templates.HostConfig{ + Program: "k8e", + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://127.0.0.1:6443/v2"), + Config: registries.RegistryConfig{ + TLS: ®istries.TLSConfig{ + CAFile: "server-ca", + KeyFile: "client-key", + CertFile: "client-cert", + }, + }, + }, + { + URL: u("https://registry.example.com/v2"), + }, + }, + }, + "127.0.0.1:6443": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://127.0.0.1:6443/v2"), + Config: registries.RegistryConfig{ + TLS: ®istries.TLSConfig{ + CAFile: "server-ca", + KeyFile: "client-key", + CertFile: "client-cert", + }, + }, + }, + }, + }, + }, + + { + name: "wildcard config", + args: args{ + registryContent: ` + configs: + "*": + auth: + username: user + password: pass + tls: + insecure_skip_verify: true + `, + }, + want: HostConfigs{ + "_default": { + Program: "k8e", + Default: &templates.RegistryEndpoint{ + Config: registries.RegistryConfig{ + Auth: ®istries.AuthConfig{ + Username: "user", + Password: "pass", + }, + TLS: ®istries.TLSConfig{ + InsecureSkipVerify: true, + }, + }, + }, + }, + }, + }, + { + name: "localhost registry - default https endpoint on unspecified port", + args: args{ + registryContent: ` + mirrors: + "localhost": + `, + }, + want: HostConfigs{}, + }, + { + name: "localhost registry - default https endpoint on https port", + args: args{ + registryContent: ` + mirrors: + "localhost:443": + `, + }, + want: HostConfigs{}, + }, + { + name: "localhost registry - default http endpoint on odd port", + args: args{ + registryContent: ` + mirrors: + "localhost:5000": + `, + }, + want: HostConfigs{}, + }, + { + name: "localhost registry - default http endpoint on http port", + args: args{ + registryContent: ` + mirrors: + "localhost:80": + `, + }, + want: HostConfigs{}, + }, + { + name: "localhost registry - default http endpoint on odd port, embedded registry", + args: args{ + mirrorAddr: "127.0.0.1:6443", + registryContent: ` + mirrors: + "localhost:5000": + `, + }, + want: HostConfigs{ + // localhost registries are not handled by the embedded registry mirror. + "127.0.0.1:6443": templates.HostConfig{ + Program: "k8e", + Default: &templates.RegistryEndpoint{ + URL: u("https://127.0.0.1:6443/v2"), + Config: registries.RegistryConfig{ + TLS: ®istries.TLSConfig{ + CAFile: "server-ca", + KeyFile: "client-key", + CertFile: "client-cert", + }, + }, + }, + }, + }, + }, + { + name: "localhost registry - https endpoint on odd port with tls verification disabled", + args: args{ + registryContent: ` + mirrors: + localhost:5000: + endpoint: + - https://localhost:5000 + configs: + localhost:5000: + tls: + insecure_skip_verify: true + `, + }, + want: HostConfigs{ + "localhost:5000": templates.HostConfig{ + Default: &templates.RegistryEndpoint{ + URL: u("http://localhost:5000/v2"), + Config: registries.RegistryConfig{ + TLS: ®istries.TLSConfig{ + InsecureSkipVerify: true, + }, + }, + }, + Program: "k8e", + Endpoints: []templates.RegistryEndpoint{ + { + URL: u("https://localhost:5000/v2"), + Config: registries.RegistryConfig{ + TLS: ®istries.TLSConfig{ + InsecureSkipVerify: true, + }, + }, + }, + }, + }, + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + // replace tabs from the inline yaml with spaces; yaml doesn't support tabs for indentation. + tt.args.registryContent = strings.ReplaceAll(tt.args.registryContent, "\t", " ") + tempDir := t.TempDir() + registriesFile := filepath.Join(tempDir, "registries.yaml") + os.WriteFile(registriesFile, []byte(tt.args.registryContent), 0644) + t.Logf("%s:\n%s", registriesFile, tt.args.registryContent) + + registry, err := registries.GetPrivateRegistries(registriesFile) + if err != nil { + t.Fatalf("failed to parse %s: %v\n", registriesFile, err) + } + + nodeConfig := &config.Node{ + Containerd: config.Containerd{ + Registry: tempDir + "/hosts.d", + }, + AgentConfig: config.Agent{ + ImageServiceSocket: "containerd-stargz-grpc.sock", + Registry: registry.Registry, + Snapshotter: "stargz", + }, + } + + // set up embedded registry, if enabled for the test + if tt.args.mirrorAddr != "" { + conf := spegel.DefaultRegistry + conf.ServerCAFile = "server-ca" + conf.ClientKeyFile = "client-key" + conf.ClientCertFile = "client-cert" + conf.InternalAddress, conf.RegistryPort, _ = net.SplitHostPort(tt.args.mirrorAddr) + conf.InjectMirror(nodeConfig) + } + + // Generate config template struct for all hosts + got := getHostConfigs(registry.Registry, tt.args.noDefaultEndpoint, tt.args.mirrorAddr) + assert.Equal(t, tt.want, got, "getHostConfigs()") + + // Confirm that hosts.toml renders properly for all registries + for host, config := range got { + hostsTemplate, err := templates.ParseHostsTemplateFromConfig(templates.HostsTomlTemplate, config) + assert.NoError(t, err, "ParseHostTemplateFromConfig for %s", host) + t.Logf("%s/hosts.d/%s/hosts.toml\n%s", tempDir, host, hostsTemplate) + } + + // Confirm that the main containerd config.toml renders properly + containerdConfig := templates.ContainerdConfig{ + NodeConfig: nodeConfig, + PrivateRegistryConfig: registry.Registry, + Program: "k8e", + } + configTemplate, err := templates.ParseTemplateFromConfig(templates.ContainerdConfigTemplate, containerdConfig) + assert.NoError(t, err, "ParseTemplateFromConfig") + t.Logf("%s/config.toml\n%s", tempDir, configTemplate) + }) + } +} \ No newline at end of file diff --git a/pkg/agent/containerd/config_windows.go b/pkg/agent/containerd/config_windows.go index 3cf478d6d..60434cbed 100644 --- a/pkg/agent/containerd/config_windows.go +++ b/pkg/agent/containerd/config_windows.go @@ -4,16 +4,13 @@ package containerd import ( - "context" - "os" - "github.com/containerd/containerd" - "github.com/rancher/wharfie/pkg/registries" - "github.com/sirupsen/logrus" "github.com/xiaods/k8e/pkg/agent/templates" - util2 "github.com/xiaods/k8e/pkg/agent/util" "github.com/xiaods/k8e/pkg/daemons/config" - "k8s.io/kubernetes/pkg/kubelet/util" + util3 "github.com/xiaods/k8e/pkg/util" + "github.com/pkg/errors" + "github.com/sirupsen/logrus" + "k8s.io/cri-client/pkg/util" ) func getContainerdArgs(cfg *config.Node) []string { @@ -24,43 +21,27 @@ func getContainerdArgs(cfg *config.Node) []string { return args } -// setupContainerdConfig generates the containerd.toml, using a template combined with various +// SetupContainerdConfig generates the containerd.toml, using a template combined with various // runtime configurations and registry mirror settings provided by the administrator. -func setupContainerdConfig(ctx context.Context, cfg *config.Node) error { - privRegistries, err := registries.GetPrivateRegistries(cfg.AgentConfig.PrivateRegistry) - if err != nil { - return err - } - +func SetupContainerdConfig(cfg *config.Node) error { if cfg.SELinux { logrus.Warn("SELinux isn't supported on windows") } - var containerdTemplate string - containerdConfig := templates.ContainerdConfig{ NodeConfig: cfg, DisableCgroup: true, SystemdCgroup: false, IsRunningInUserNS: false, - PrivateRegistryConfig: privRegistries.Registry, + PrivateRegistryConfig: cfg.AgentConfig.Registry, + NoDefaultEndpoint: cfg.Containerd.NoDefault, } - containerdTemplateBytes, err := os.ReadFile(cfg.Containerd.Template) - if err == nil { - logrus.Infof("Using containerd template at %s", cfg.Containerd.Template) - containerdTemplate = string(containerdTemplateBytes) - } else if os.IsNotExist(err) { - containerdTemplate = templates.ContainerdConfigTemplate - } else { - return err - } - parsedTemplate, err := templates.ParseTemplateFromConfig(containerdTemplate, containerdConfig) - if err != nil { + if err := writeContainerdConfig(cfg, containerdConfig); err != nil { return err } - return util2.WriteFile(cfg.Containerd.Config, parsedTemplate) + return writeContainerdHosts(cfg, containerdConfig) } func Client(address string) (*containerd.Client, error) { @@ -71,3 +52,15 @@ func Client(address string) (*containerd.Client, error) { return containerd.New(addr) } + +func OverlaySupported(root string) error { + return errors.Wrapf(util3.ErrUnsupportedPlatform, "overlayfs is not supported") +} + +func FuseoverlayfsSupported(root string) error { + return errors.Wrapf(util3.ErrUnsupportedPlatform, "fuse-overlayfs is not supported") +} + +func StargzSupported(root string) error { + return errors.Wrapf(util3.ErrUnsupportedPlatform, "stargz is not supported") +} \ No newline at end of file diff --git a/pkg/agent/containerd/containerd.go b/pkg/agent/containerd/containerd.go index 3b64ea877..475a7feec 100644 --- a/pkg/agent/containerd/containerd.go +++ b/pkg/agent/containerd/containerd.go @@ -14,44 +14,55 @@ import ( "github.com/containerd/containerd" "github.com/containerd/containerd/errdefs" "github.com/containerd/containerd/images" - "github.com/containerd/containerd/leases" "github.com/containerd/containerd/namespaces" "github.com/containerd/containerd/pkg/cri/constants" + "github.com/containerd/containerd/pkg/cri/labels" "github.com/containerd/containerd/reference/docker" "github.com/natefinch/lumberjack" "github.com/pkg/errors" "github.com/rancher/wharfie/pkg/tarfile" - "github.com/rancher/wrangler/pkg/merr" + "github.com/rancher/wrangler/v3/pkg/merr" "github.com/sirupsen/logrus" "github.com/xiaods/k8e/pkg/agent/cri" util2 "github.com/xiaods/k8e/pkg/agent/util" "github.com/xiaods/k8e/pkg/daemons/config" "github.com/xiaods/k8e/pkg/version" - "google.golang.org/grpc" - runtimeapi "k8s.io/cri-api/pkg/apis/runtime/v1alpha2" + runtimeapi "k8s.io/cri-api/pkg/apis/runtime/v1" +) + +var ( + // In addition to using the CRI pinned label, we add our own label to indicate that + // the image was pinned by the import process, so that we can clear the pin on subsequent startups. + // ref: https://github.com/containerd/containerd/blob/release/1.7/pkg/cri/labels/labels.go + k8ePinnedImageLabelKey = "io.cattle." + version.Program + ".pinned" + k8ePinnedImageLabelValue = "pinned" ) // Run configures and starts containerd as a child process. Once it is up, images are preloaded // or pulled from files found in the agent images directory. func Run(ctx context.Context, cfg *config.Node) error { - if err := setupContainerdConfig(ctx, cfg); err != nil { - return err - } - args := getContainerdArgs(cfg) stdOut := io.Writer(os.Stdout) stdErr := io.Writer(os.Stderr) if cfg.Containerd.Log != "" { logrus.Infof("Logging containerd to %s", cfg.Containerd.Log) - stdOut = &lumberjack.Logger{ + fileOut := &lumberjack.Logger{ Filename: cfg.Containerd.Log, MaxSize: 50, MaxBackups: 3, MaxAge: 28, Compress: true, } - stdErr = stdOut + // If k8e is started with --debug, write logs to both the log file and stdout/stderr, + // even if a log path is set. + if cfg.Containerd.Debug { + stdOut = io.MultiWriter(stdOut, fileOut) + stdErr = io.MultiWriter(stdErr, fileOut) + } else { + stdOut = fileOut + stdErr = fileOut + } } go func() { @@ -84,24 +95,26 @@ func Run(ctx context.Context, cfg *config.Node) error { cmd.Env = append(env, cenv...) addDeathSig(cmd) - if err := cmd.Run(); err != nil { + err := cmd.Run() + if err != nil && !errors.Is(err, context.Canceled) { logrus.Errorf("containerd exited: %s", err) + os.Exit(1) } - os.Exit(1) + os.Exit(0) }() if err := cri.WaitForService(ctx, cfg.Containerd.Address, "containerd"); err != nil { return err } - return preloadImages(ctx, cfg) + return PreloadImages(ctx, cfg) } -// preloadImages reads the contents of the agent images directory, and attempts to +// PreloadImages reads the contents of the agent images directory, and attempts to // import into containerd any files found there. Supported compressed types are decompressed, and // any .txt files are processed as a list of images that should be pre-pulled from remote registries. // If configured, imported images are retagged as being pulled from additional registries. -func preloadImages(ctx context.Context, cfg *config.Node) error { +func PreloadImages(ctx context.Context, cfg *config.Node) error { fileInfo, err := os.Stat(cfg.Images) if os.IsNotExist(err) { return nil @@ -126,38 +139,29 @@ func preloadImages(ctx context.Context, cfg *config.Node) error { } defer client.Close() + // Image pulls must be done using the CRI client, not the containerd client. + // Repository mirrors and rewrites are handled by the CRI service; if you pull directly + // using the containerd image service it will ignore the configured settings. criConn, err := cri.Connection(ctx, cfg.Containerd.Address) if err != nil { return err } defer criConn.Close() + imageClient := runtimeapi.NewImageServiceClient(criConn) // Ensure that our images are imported into the correct namespace ctx = namespaces.WithNamespace(ctx, constants.K8sContainerdNamespace) - // At startup all leases from k8e are cleared - ls := client.LeasesService() - existingLeases, err := ls.List(ctx) - if err != nil { - return err - } - - for _, lease := range existingLeases { - if lease.ID == version.Program { - logrus.Debugf("Deleting existing lease: %v", lease) - ls.Delete(ctx, lease) - } + // At startup all leases from k8e are cleared; we no longer use leases to lock content + if err := clearLeases(ctx, client); err != nil { + return errors.Wrap(err, "failed to clear leases") } - // Any images found on import are given a lease that never expires - lease, err := ls.Create(ctx, leases.WithID(version.Program)) - if err != nil { - return err + // Clear the pinned labels on all images previously pinned by k8e + if err := clearLabels(ctx, client); err != nil { + return errors.Wrap(err, "failed to clear pinned labels") } - // Ensure that our images are locked by the lease - ctx = leases.WithLease(ctx, lease.ID) - for _, fileInfo := range fileInfos { if fileInfo.IsDir() { continue @@ -166,7 +170,7 @@ func preloadImages(ctx context.Context, cfg *config.Node) error { start := time.Now() filePath := filepath.Join(cfg.Images, fileInfo.Name()) - if err := preloadFile(ctx, cfg, client, criConn, filePath); err != nil { + if err := preloadFile(ctx, cfg, client, imageClient, filePath); err != nil { logrus.Errorf("Error encountered while importing %s: %v", filePath, err) continue } @@ -178,7 +182,8 @@ func preloadImages(ctx context.Context, cfg *config.Node) error { // preloadFile handles loading images from a single tarball or pre-pull image list. // This is in its own function so that we can ensure that the various readers are properly closed, as some // decompressing readers need to be explicitly closed and others do not. -func preloadFile(ctx context.Context, cfg *config.Node, client *containerd.Client, criConn *grpc.ClientConn, filePath string) error { +func preloadFile(ctx context.Context, cfg *config.Node, client *containerd.Client, imageClient runtimeapi.ImageServiceClient, filePath string) error { + var images []images.Image if util2.HasSuffixI(filePath, ".txt") { file, err := os.Open(filePath) if err != nil { @@ -186,57 +191,134 @@ func preloadFile(ctx context.Context, cfg *config.Node, client *containerd.Clien } defer file.Close() logrus.Infof("Pulling images from %s", filePath) - return prePullImages(ctx, criConn, file) + images, err = prePullImages(ctx, client, imageClient, file) + if err != nil { + return errors.Wrap(err, "failed to pull images from "+filePath) + } + } else { + opener, err := tarfile.GetOpener(filePath) + if err != nil { + return err + } + + imageReader, err := opener() + if err != nil { + return err + } + defer imageReader.Close() + + logrus.Infof("Importing images from %s", filePath) + images, err = client.Import(ctx, imageReader, containerd.WithAllPlatforms(true), containerd.WithSkipMissing()) + if err != nil { + return errors.Wrap(err, "failed to import images from "+filePath) + } } - opener, err := tarfile.GetOpener(filePath) - if err != nil { - return err + if err := labelImages(ctx, client, images); err != nil { + return errors.Wrap(err, "failed to add pinned label to images") + } + if err := retagImages(ctx, client, images, cfg.AgentConfig.AirgapExtraRegistry); err != nil { + return errors.Wrap(err, "failed to retag images") } - imageReader, err := opener() + for _, image := range images { + logrus.Infof("Imported %s", image.Name) + } + return nil +} + +// clearLeases deletes any leases left by previous versions of k8e. +// We no longer use leases to lock content; they only locked the +// blobs, not the actual images. +func clearLeases(ctx context.Context, client *containerd.Client) error { + ls := client.LeasesService() + existingLeases, err := ls.List(ctx) if err != nil { return err } - defer imageReader.Close() - - logrus.Infof("Importing images from %s", filePath) + for _, lease := range existingLeases { + if lease.ID == version.Program { + logrus.Debugf("Deleting existing lease: %v", lease) + ls.Delete(ctx, lease) + } + } + return nil +} - images, err := client.Import(ctx, imageReader, containerd.WithAllPlatforms(true)) +// clearLabels removes the pinned labels on all images in the image store that were previously pinned by k8e +func clearLabels(ctx context.Context, client *containerd.Client) error { + var errs []error + imageService := client.ImageService() + images, err := imageService.List(ctx, fmt.Sprintf("labels.%q==%s", k8ePinnedImageLabelKey, k8ePinnedImageLabelValue)) if err != nil { return err } + for _, image := range images { + delete(image.Labels, k8ePinnedImageLabelKey) + delete(image.Labels, labels.PinnedImageLabelKey) + if _, err := imageService.Update(ctx, image, "labels"); err != nil { + errs = append(errs, errors.Wrap(err, "failed to delete labels from image "+image.Name)) + } + } + return merr.NewErrors(errs...) +} - return retagImages(ctx, client, images, cfg.AgentConfig.AirgapExtraRegistry) +// labelImages adds labels to the listed images, indicating that they +// are pinned by k8e and should not be pruned. +func labelImages(ctx context.Context, client *containerd.Client, images []images.Image) error { + var errs []error + imageService := client.ImageService() + for i, image := range images { + if image.Labels[k8ePinnedImageLabelKey] == k8ePinnedImageLabelValue && + image.Labels[labels.PinnedImageLabelKey] == labels.PinnedImageLabelValue { + continue + } + + if image.Labels == nil { + image.Labels = map[string]string{} + } + image.Labels[k8ePinnedImageLabelKey] = k8ePinnedImageLabelValue + image.Labels[labels.PinnedImageLabelKey] = labels.PinnedImageLabelValue + updatedImage, err := imageService.Update(ctx, image, "labels") + if err != nil { + errs = append(errs, errors.Wrap(err, "failed to add labels to image "+image.Name)) + } else { + images[i] = updatedImage + } + } + return merr.NewErrors(errs...) } // retagImages retags all listed images as having been pulled from the given remote registries. // If duplicate images exist, they are overwritten. This is most useful when using a private registry -// for all images, as can be configured by the k8e system-default-registry setting. +// for all images, as can be configured by the RKE2/Rancher system-default-registry setting. func retagImages(ctx context.Context, client *containerd.Client, images []images.Image, registries []string) error { var errs []error imageService := client.ImageService() for _, image := range images { name, err := parseNamedTagged(image.Name) if err != nil { - errs = append(errs, errors.Wrap(err, "failed to parse image name")) + errs = append(errs, errors.Wrap(err, "failed to parse tags for image "+image.Name)) continue } - logrus.Infof("Imported %s", image.Name) for _, registry := range registries { - image.Name = fmt.Sprintf("%s/%s:%s", registry, docker.Path(name), name.Tag()) + newName := fmt.Sprintf("%s/%s:%s", registry, docker.Path(name), name.Tag()) + if newName == image.Name { + continue + } + image.Name = newName if _, err = imageService.Create(ctx, image); err != nil { if errdefs.IsAlreadyExists(err) { if err = imageService.Delete(ctx, image.Name); err != nil { - errs = append(errs, errors.Wrap(err, "failed to delete existing image")) + errs = append(errs, errors.Wrap(err, "failed to delete existing image "+image.Name)) continue } if _, err = imageService.Create(ctx, image); err != nil { - errs = append(errs, errors.Wrap(err, "failed to tag after deleting existing image")) + errs = append(errs, errors.Wrap(err, "failed to tag after deleting existing image "+image.Name)) continue } } else { - errs = append(errs, errors.Wrap(err, "failed to tag image")) + errs = append(errs, errors.Wrap(err, "failed to tag image "+image.Name)) continue } } @@ -261,30 +343,47 @@ func parseNamedTagged(name string) (docker.NamedTagged, error) { } // prePullImages asks containerd to pull images in a given list, so that they -// are ready when the containers attempt to start later. -func prePullImages(ctx context.Context, conn *grpc.ClientConn, images io.Reader) error { - imageClient := runtimeapi.NewImageServiceClient(conn) - scanner := bufio.NewScanner(images) +// are ready when the containers attempt to start later. If the image already exists, +// or is successfully pulled, information about the image is retrieved from the image store. +// NOTE: Pulls MUST be done via CRI API, not containerd API, in order to use mirrors and rewrites. +func prePullImages(ctx context.Context, client *containerd.Client, imageClient runtimeapi.ImageServiceClient, imageList io.Reader) ([]images.Image, error) { + errs := []error{} + images := []images.Image{} + imageService := client.ImageService() + scanner := bufio.NewScanner(imageList) for scanner.Scan() { - line := strings.TrimSpace(scanner.Text()) - resp, err := imageClient.ImageStatus(ctx, &runtimeapi.ImageStatusRequest{ + name := strings.TrimSpace(scanner.Text()) + + if status, err := imageClient.ImageStatus(ctx, &runtimeapi.ImageStatusRequest{ Image: &runtimeapi.ImageSpec{ - Image: line, + Image: name, }, - }) - if err == nil && resp.Image != nil { + }); err == nil && status.Image != nil && len(status.Image.RepoTags) > 0 { + logrus.Infof("Image %s has already been pulled", name) + for _, tag := range status.Image.RepoTags { + if image, err := imageService.Get(ctx, tag); err != nil { + errs = append(errs, err) + } else { + images = append(images, image) + } + } continue } - logrus.Infof("Pulling image %s...", line) - _, err = imageClient.PullImage(ctx, &runtimeapi.PullImageRequest{ + logrus.Infof("Pulling image %s", name) + if _, err := imageClient.PullImage(ctx, &runtimeapi.PullImageRequest{ Image: &runtimeapi.ImageSpec{ - Image: line, + Image: name, }, - }) - if err != nil { - logrus.Errorf("Failed to pull %s: %v", line, err) + }); err != nil { + errs = append(errs, err) + } else { + if image, err := imageService.Get(ctx, name); err != nil { + errs = append(errs, err) + } else { + images = append(images, image) + } } } - return nil + return images, merr.NewErrors(errs...) } diff --git a/pkg/agent/https/https.go b/pkg/agent/https/https.go new file mode 100644 index 000000000..bd8d7210b --- /dev/null +++ b/pkg/agent/https/https.go @@ -0,0 +1,113 @@ +package https + +import ( + "context" + "net/http" + "strconv" + "sync" + + "github.com/gorilla/mux" + "github.com/xiaods/k8e/pkg/daemons/config" + "github.com/xiaods/k8e/pkg/generated/clientset/versioned/scheme" + "github.com/xiaods/k8e/pkg/util" + "github.com/xiaods/k8e/pkg/version" + "k8s.io/apiserver/pkg/apis/apiserver" + "k8s.io/apiserver/pkg/authentication/authenticator" + "k8s.io/apiserver/pkg/authorization/authorizer" + genericapifilters "k8s.io/apiserver/pkg/endpoints/filters" + apirequest "k8s.io/apiserver/pkg/endpoints/request" + "k8s.io/apiserver/pkg/server" + "k8s.io/apiserver/pkg/server/options" +) + +// RouterFunc provides a hook for components to register additional routes to a request router +type RouterFunc func(ctx context.Context, nodeConfig *config.Node) (*mux.Router, error) + +var once sync.Once +var router *mux.Router +var err error + +// Start returns a router with authn/authz filters applied. +// The first time it is called, the router is created and a new HTTPS listener is started if the handler is nil. +// Subsequent calls will return the same router. +func Start(ctx context.Context, nodeConfig *config.Node, runtime *config.ControlRuntime) (*mux.Router, error) { + once.Do(func() { + router = mux.NewRouter().SkipClean(true) + config := server.Config{} + + if runtime == nil { + // If we do not have an existing handler, set up a new listener + tcp, lerr := util.ListenWithLoopback(ctx, nodeConfig.AgentConfig.ListenAddress, strconv.Itoa(nodeConfig.SupervisorPort)) + if lerr != nil { + err = lerr + return + } + + serving := options.NewSecureServingOptions() + serving.Listener = tcp + serving.CipherSuites = nodeConfig.AgentConfig.CipherSuites + serving.MinTLSVersion = nodeConfig.AgentConfig.MinTLSVersion + serving.ServerCert = options.GeneratableKeyCert{ + CertKey: options.CertKey{ + CertFile: nodeConfig.AgentConfig.ServingKubeletCert, + KeyFile: nodeConfig.AgentConfig.ServingKubeletKey, + }, + } + if aerr := serving.ApplyTo(&config.SecureServing); aerr != nil { + err = aerr + return + } + } else { + // If we have an existing handler, wrap it + router.NotFoundHandler = runtime.Handler + runtime.Handler = router + } + + authn := options.NewDelegatingAuthenticationOptions() + authn.Anonymous = &apiserver.AnonymousAuthConfig{ + Enabled: false, + } + authn.SkipInClusterLookup = true + authn.ClientCert = options.ClientCertAuthenticationOptions{ + ClientCA: nodeConfig.AgentConfig.ClientCA, + } + authn.RemoteKubeConfigFile = nodeConfig.AgentConfig.KubeConfigKubelet + if applyErr := authn.ApplyTo(&config.Authentication, config.SecureServing, nil); applyErr != nil { + err = applyErr + return + } + + authz := options.NewDelegatingAuthorizationOptions() + authz.AlwaysAllowPaths = []string{ // skip authz for paths that should not use SubjectAccessReview; basically everything that will use this router other than metrics + "/v1-" + version.Program + "/p2p", // spegel libp2p peer discovery + "/v2/*", // spegel registry mirror + "/debug/pprof/*", // profiling + } + authz.RemoteKubeConfigFile = nodeConfig.AgentConfig.KubeConfigKubelet + if applyErr := authz.ApplyTo(&config.Authorization); applyErr != nil { + err = applyErr + return + } + + router.Use(filterChain(config.Authentication.Authenticator, config.Authorization.Authorizer)) + + if config.SecureServing != nil { + _, _, err = config.SecureServing.Serve(router, 0, ctx.Done()) + } + }) + + return router, err +} + +// filterChain runs the kubernetes authn/authz filter chain using the mux middleware API +func filterChain(authn authenticator.Request, authz authorizer.Authorizer) mux.MiddlewareFunc { + return func(handler http.Handler) http.Handler { + requestInfoResolver := &apirequest.RequestInfoFactory{} + failedHandler := genericapifilters.Unauthorized(scheme.Codecs) + handler = genericapifilters.WithAuthorization(handler, authz, scheme.Codecs) + handler = genericapifilters.WithAuthentication(handler, authn, failedHandler, nil, nil) + handler = genericapifilters.WithRequestInfo(handler, requestInfoResolver) + handler = genericapifilters.WithCacheControl(handler) + return handler + } +} diff --git a/pkg/agent/loadbalancer/servers.go b/pkg/agent/loadbalancer/servers.go index e8e9f83a1..1cdc9e9b6 100644 --- a/pkg/agent/loadbalancer/servers.go +++ b/pkg/agent/loadbalancer/servers.go @@ -2,15 +2,61 @@ package loadbalancer import ( "context" - "errors" + "fmt" "math/rand" "net" + "net/url" + "os" + "strconv" + "time" + + http_dialer "github.com/mwitkow/go-http-dialer" + "github.com/pkg/errors" + "github.com/xiaods/k8e/pkg/version" + "golang.org/x/net/http/httpproxy" + "golang.org/x/net/proxy" "github.com/sirupsen/logrus" "k8s.io/apimachinery/pkg/util/sets" + "k8s.io/apimachinery/pkg/util/wait" ) -var defaultDialer = &net.Dialer{} +var defaultDialer proxy.Dialer = &net.Dialer{} + +// SetHTTPProxy configures a proxy-enabled dialer to be used for all loadbalancer connections, +// if the agent has been configured to allow use of a HTTP proxy, and the environment has been configured +// to indicate use of a HTTP proxy for the server URL. +func SetHTTPProxy(address string) error { + // Check if env variable for proxy is set + if useProxy, _ := strconv.ParseBool(os.Getenv(version.ProgramUpper + "_AGENT_HTTP_PROXY_ALLOWED")); !useProxy || address == "" { + return nil + } + + serverURL, err := url.Parse(address) + if err != nil { + return errors.Wrapf(err, "failed to parse address %s", address) + } + + // Call this directly instead of using the cached environment used by http.ProxyFromEnvironment to allow for testing + proxyFromEnvironment := httpproxy.FromEnvironment().ProxyFunc() + proxyURL, err := proxyFromEnvironment(serverURL) + if err != nil { + return errors.Wrapf(err, "failed to get proxy for address %s", address) + } + if proxyURL == nil { + logrus.Debug(version.ProgramUpper + "_AGENT_HTTP_PROXY_ALLOWED is true but no proxy is configured for URL " + serverURL.String()) + return nil + } + + dialer, err := proxyDialer(proxyURL) + if err != nil { + return errors.Wrapf(err, "failed to create proxy dialer for %s", proxyURL) + } + + defaultDialer = dialer + logrus.Debugf("Using proxy %s for agent connection to %s", proxyURL, serverURL) + return nil +} func (lb *LoadBalancer) setServers(serverAddresses []string) bool { serverAddresses, hasOriginalServer := sortServers(serverAddresses, lb.defaultServerAddress) @@ -29,7 +75,11 @@ func (lb *LoadBalancer) setServers(serverAddresses []string) bool { for addedServer := range newAddresses.Difference(curAddresses) { logrus.Infof("Adding server to load balancer %s: %s", lb.serviceName, addedServer) - lb.servers[addedServer] = &server{connections: make(map[net.Conn]struct{})} + lb.servers[addedServer] = &server{ + address: addedServer, + connections: make(map[net.Conn]struct{}), + healthCheck: func() bool { return true }, + } } for removedServer := range curAddresses.Difference(newAddresses) { @@ -61,43 +111,68 @@ func (lb *LoadBalancer) setServers(serverAddresses []string) bool { return true } +// nextServer attempts to get the next server in the loadbalancer server list. +// If another goroutine has already updated the current server address to point at +// a different address than just failed, nothing is changed. Otherwise, a new server address +// is stored to the currentServerAddress field, and returned for use. +// This function must always be called by a goroutine that holds a read lock on the loadbalancer mutex. func (lb *LoadBalancer) nextServer(failedServer string) (string, error) { - lb.mutex.Lock() - defer lb.mutex.Unlock() + // note: these fields are not protected by the mutex, so we clamp the index value and update + // the index/current address using local variables, to avoid time-of-check vs time-of-use + // race conditions caused by goroutine A incrementing it in between the time goroutine B + // validates its value, and uses it as a list index. + currentServerAddress := lb.currentServerAddress + nextServerIndex := lb.nextServerIndex if len(lb.randomServers) == 0 { return "", errors.New("No servers in load balancer proxy list") } if len(lb.randomServers) == 1 { - return lb.currentServerAddress, nil + return currentServerAddress, nil } - if failedServer != lb.currentServerAddress { - return lb.currentServerAddress, nil + if failedServer != currentServerAddress { + return currentServerAddress, nil } - if lb.nextServerIndex >= len(lb.randomServers) { - lb.nextServerIndex = 0 + if nextServerIndex >= len(lb.randomServers) { + nextServerIndex = 0 } - lb.currentServerAddress = lb.randomServers[lb.nextServerIndex] - lb.nextServerIndex++ + currentServerAddress = lb.randomServers[nextServerIndex] + nextServerIndex++ + + lb.currentServerAddress = currentServerAddress + lb.nextServerIndex = nextServerIndex - return lb.currentServerAddress, nil + return currentServerAddress, nil } -// dialContext dials a new connection, and adds its wrapped connection to the map +// dialContext dials a new connection using the environment's proxy settings, and adds its wrapped connection to the map func (s *server) dialContext(ctx context.Context, network, address string) (net.Conn, error) { - conn, err := defaultDialer.DialContext(ctx, network, address) + conn, err := defaultDialer.Dial(network, address) if err != nil { return nil, err } - // don't lock until adding the connection to the map, otherwise we may block - // while waiting for the dial to time out + + // Wrap the connection and add it to the server's connection map s.mutex.Lock() defer s.mutex.Unlock() - conn = &serverConn{server: s, Conn: conn} - s.connections[conn] = struct{}{} - return conn, nil + wrappedConn := &serverConn{server: s, Conn: conn} + s.connections[wrappedConn] = struct{}{} + return wrappedConn, nil +} + +// proxyDialer creates a new proxy.Dialer that routes connections through the specified proxy. +func proxyDialer(proxyURL *url.URL) (proxy.Dialer, error) { + if proxyURL.Scheme == "http" || proxyURL.Scheme == "https" { + // Create a new HTTP proxy dialer + httpProxyDialer := http_dialer.New(proxyURL) + return httpProxyDialer, nil + } else if proxyURL.Scheme == "socks5" { + // For SOCKS5 proxies, use the proxy package's FromURL + return proxy.FromURL(proxyURL, proxy.Direct) + } + return nil, fmt.Errorf("unsupported proxy scheme: %s", proxyURL.Scheme) } // closeAll closes all connections to the server, and removes their entries from the map @@ -105,10 +180,12 @@ func (s *server) closeAll() { s.mutex.Lock() defer s.mutex.Unlock() - logrus.Debugf("Closing %d connections to load balancer server", len(s.connections)) - for conn := range s.connections { - // Close the connection in a goroutine so that we don't hold the lock while doing so. - go conn.Close() + if l := len(s.connections); l > 0 { + logrus.Infof("Closing %d connections to load balancer server %s", len(s.connections), s.address) + for conn := range s.connections { + // Close the connection in a goroutine so that we don't hold the lock while doing so. + go conn.Close() + } } } @@ -121,3 +198,61 @@ func (sc *serverConn) Close() error { delete(sc.server.connections, sc) return sc.Conn.Close() } + +// SetDefault sets the selected address as the default / fallback address +func (lb *LoadBalancer) SetDefault(serverAddress string) { + lb.mutex.Lock() + defer lb.mutex.Unlock() + + _, hasOriginalServer := sortServers(lb.ServerAddresses, lb.defaultServerAddress) + // if the old default server is not currently in use, remove it from the server map + if server := lb.servers[lb.defaultServerAddress]; server != nil && !hasOriginalServer { + defer server.closeAll() + delete(lb.servers, lb.defaultServerAddress) + } + // if the new default server doesn't have an entry in the map, add one + if _, ok := lb.servers[serverAddress]; !ok { + lb.servers[serverAddress] = &server{ + address: serverAddress, + healthCheck: func() bool { return true }, + connections: make(map[net.Conn]struct{}), + } + } + + lb.defaultServerAddress = serverAddress + logrus.Infof("Updated load balancer %s default server address -> %s", lb.serviceName, serverAddress) +} + +// SetHealthCheck adds a health-check callback to an address, replacing the default no-op function. +func (lb *LoadBalancer) SetHealthCheck(address string, healthCheck func() bool) { + lb.mutex.Lock() + defer lb.mutex.Unlock() + + if server := lb.servers[address]; server != nil { + logrus.Debugf("Added health check for load balancer %s: %s", lb.serviceName, address) + server.healthCheck = healthCheck + } else { + logrus.Errorf("Failed to add health check for load balancer %s: no server found for %s", lb.serviceName, address) + } +} + +// runHealthChecks periodically health-checks all servers. Any servers that fail the health-check will have their +// connections closed, to force clients to switch over to a healthy server. +func (lb *LoadBalancer) runHealthChecks(ctx context.Context) { + previousStatus := map[string]bool{} + wait.Until(func() { + lb.mutex.RLock() + defer lb.mutex.RUnlock() + for address, server := range lb.servers { + status := server.healthCheck() + if status == false && previousStatus[address] == true { + // Only close connections when the server transitions from healthy to unhealthy; + // we don't want to re-close all the connections every time as we might be ignoring + // health checks due to all servers being marked unhealthy. + defer server.closeAll() + } + previousStatus[address] = status + } + }, time.Second, ctx.Done()) + logrus.Debugf("Stopped health checking for load balancer %s", lb.serviceName) +} diff --git a/pkg/agent/proxy/apiproxy.go b/pkg/agent/proxy/apiproxy.go index 6be2f0e37..044f53dfa 100644 --- a/pkg/agent/proxy/apiproxy.go +++ b/pkg/agent/proxy/apiproxy.go @@ -2,6 +2,7 @@ package proxy import ( "context" + "net" sysnet "net" "net/url" "strconv" @@ -14,13 +15,14 @@ import ( type Proxy interface { Update(addresses []string) - SetAPIServerPort(ctx context.Context, port int, isIPv6 bool) error + SetAPIServerPort(port int, isIPv6 bool) error SetSupervisorDefault(address string) IsSupervisorLBEnabled() bool SupervisorURL() string SupervisorAddresses() []string APIServerURL() string IsAPIServerLBEnabled() bool + SetHealthCheck(address string, healthCheck func() bool) } // NewSupervisorProxy sets up a new proxy for retrieving supervisor and apiserver addresses. If @@ -38,9 +40,13 @@ func NewSupervisorProxy(ctx context.Context, lbEnabled bool, dataDir, supervisor supervisorURL: supervisorURL, apiServerURL: supervisorURL, lbServerPort: lbServerPort, + context: ctx, } if lbEnabled { + if err := loadbalancer.SetHTTPProxy(supervisorURL); err != nil { + return nil, err + } lb, err := loadbalancer.New(ctx, dataDir, loadbalancer.SupervisorServiceName, supervisorURL, p.lbServerPort, isIPv6) if err != nil { return nil, err @@ -57,6 +63,7 @@ func NewSupervisorProxy(ctx context.Context, lbEnabled bool, dataDir, supervisor p.fallbackSupervisorAddress = u.Host p.supervisorPort = u.Port() + logrus.Debugf("Supervisor proxy using supervisor=%s apiserver=%s lb=%v", p.supervisorURL, p.apiServerURL, p.lbEnabled) return &p, nil } @@ -67,6 +74,7 @@ type proxy struct { apiServerEnabled bool apiServerURL string + apiServerPort string supervisorURL string supervisorPort string initialSupervisorURL string @@ -75,6 +83,7 @@ type proxy struct { apiServerLB *loadbalancer.LoadBalancer supervisorLB *loadbalancer.LoadBalancer + context context.Context } func (p *proxy) Update(addresses []string) { @@ -93,6 +102,18 @@ func (p *proxy) Update(addresses []string) { p.supervisorAddresses = supervisorAddresses } +func (p *proxy) SetHealthCheck(address string, healthCheck func() bool) { + if p.supervisorLB != nil { + p.supervisorLB.SetHealthCheck(address, healthCheck) + } + + if p.apiServerLB != nil { + host, _, _ := net.SplitHostPort(address) + address = net.JoinHostPort(host, p.apiServerPort) + p.apiServerLB.SetHealthCheck(address, healthCheck) + } +} + func (p *proxy) setSupervisorPort(addresses []string) []string { var newAddresses []string for _, address := range addresses { @@ -111,29 +132,36 @@ func (p *proxy) setSupervisorPort(addresses []string) []string { // load-balancing is enabled, another load-balancer is started on a port one below the supervisor // load-balancer, and the address of this load-balancer is returned instead of the actual apiserver // addresses. -func (p *proxy) SetAPIServerPort(ctx context.Context, port int, isIPv6 bool) error { +func (p *proxy) SetAPIServerPort(port int, isIPv6 bool) error { + if p.apiServerEnabled { + logrus.Debugf("Supervisor proxy apiserver port already set") + return nil + } + u, err := url.Parse(p.initialSupervisorURL) if err != nil { return errors.Wrapf(err, "failed to parse server URL %s", p.initialSupervisorURL) } - u.Host = sysnet.JoinHostPort(u.Hostname(), strconv.Itoa(port)) - - p.apiServerURL = u.String() - p.apiServerEnabled = true + p.apiServerPort = strconv.Itoa(port) + u.Host = sysnet.JoinHostPort(u.Hostname(), p.apiServerPort) if p.lbEnabled && p.apiServerLB == nil { lbServerPort := p.lbServerPort if lbServerPort != 0 { lbServerPort = lbServerPort - 1 } - lb, err := loadbalancer.New(ctx, p.dataDir, loadbalancer.APIServerServiceName, p.apiServerURL, lbServerPort, isIPv6) + lb, err := loadbalancer.New(p.context, p.dataDir, loadbalancer.APIServerServiceName, u.String(), lbServerPort, isIPv6) if err != nil { return err } - p.apiServerURL = lb.LoadBalancerServerURL() p.apiServerLB = lb + p.apiServerURL = lb.LoadBalancerServerURL() + } else { + p.apiServerURL = u.String() } + logrus.Debugf("Supervisor proxy apiserver port changed; apiserver=%s lb=%v", p.apiServerURL, p.lbEnabled) + p.apiServerEnabled = true return nil } diff --git a/pkg/agent/run.go b/pkg/agent/run.go index 0fd786599..eff857ce0 100644 --- a/pkg/agent/run.go +++ b/pkg/agent/run.go @@ -11,15 +11,15 @@ import ( "strings" "time" - systemd "github.com/coreos/go-systemd/daemon" + systemd "github.com/coreos/go-systemd/v22/daemon" "github.com/pkg/errors" "github.com/sirupsen/logrus" "github.com/xiaods/k8e/pkg/agent/config" "github.com/xiaods/k8e/pkg/agent/containerd" - "github.com/xiaods/k8e/pkg/agent/cridockerd" "github.com/xiaods/k8e/pkg/agent/proxy" "github.com/xiaods/k8e/pkg/agent/syssetup" "github.com/xiaods/k8e/pkg/agent/tunnel" + "github.com/xiaods/k8e/pkg/certmonitor" "github.com/xiaods/k8e/pkg/cgroups" "github.com/xiaods/k8e/pkg/cli/cmds" "github.com/xiaods/k8e/pkg/clientaccess" @@ -27,8 +27,11 @@ import ( "github.com/xiaods/k8e/pkg/daemons/agent" daemonconfig "github.com/xiaods/k8e/pkg/daemons/config" "github.com/xiaods/k8e/pkg/daemons/executor" + "github.com/xiaods/k8e/pkg/metrics" "github.com/xiaods/k8e/pkg/nodeconfig" + "github.com/xiaods/k8e/pkg/profile" "github.com/xiaods/k8e/pkg/rootless" + "github.com/xiaods/k8e/pkg/spegel" "github.com/xiaods/k8e/pkg/util" "github.com/xiaods/k8e/pkg/version" v1 "k8s.io/api/core/v1" @@ -45,7 +48,10 @@ import ( ) func run(ctx context.Context, cfg cmds.Agent, proxy proxy.Proxy) error { - nodeConfig := config.Get(ctx, cfg, proxy) + nodeConfig, err := config.Get(ctx, cfg, proxy) + if err != nil { + return errors.Wrap(err, "failed to retrieve agent configuration") + } dualCluster, err := utilsnet.IsDualStackCIDRs(nodeConfig.AgentConfig.ClusterCIDRs) if err != nil { @@ -84,10 +90,36 @@ func run(ctx context.Context, cfg cmds.Agent, proxy proxy.Proxy) error { return fmt.Errorf("dual-stack or IPv6 are not supported on Windows node") } - syssetup.Configure(enableIPv6) + conntrackConfig, err := getConntrackConfig(nodeConfig) + if err != nil { + return errors.Wrap(err, "failed to validate kube-proxy conntrack configuration") + } + syssetup.Configure(enableIPv6, conntrackConfig) nodeConfig.AgentConfig.EnableIPv4 = enableIPv4 nodeConfig.AgentConfig.EnableIPv6 = enableIPv6 + if nodeConfig.EmbeddedRegistry { + if nodeConfig.Docker || nodeConfig.ContainerRuntimeEndpoint != "" { + return errors.New("embedded registry mirror requires embedded containerd") + } + + if err := spegel.DefaultRegistry.Start(ctx, nodeConfig); err != nil { + return errors.Wrap(err, "failed to start embedded registry") + } + } + + if nodeConfig.SupervisorMetrics { + if err := metrics.DefaultMetrics.Start(ctx, nodeConfig); err != nil { + return errors.Wrap(err, "failed to serve metrics") + } + } + + if nodeConfig.EnablePProf { + if err := profile.DefaultProfiler.Start(ctx, nodeConfig); err != nil { + return errors.Wrap(err, "failed to serve pprof") + } + } + if err := setupCriCtlConfig(cfg, nodeConfig); err != nil { return err } @@ -97,21 +129,23 @@ func run(ctx context.Context, cfg cmds.Agent, proxy proxy.Proxy) error { } if nodeConfig.Docker { - if err := cridockerd.Run(ctx, nodeConfig); err != nil { + if err := executor.Docker(ctx, nodeConfig); err != nil { return err } } else if nodeConfig.ContainerRuntimeEndpoint == "" { - if err := containerd.Run(ctx, nodeConfig); err != nil { + if err := containerd.SetupContainerdConfig(nodeConfig); err != nil { + return err + } + if err := executor.Containerd(ctx, nodeConfig); err != nil { return err } } - - // the agent runtime is ready to host workloads when containerd is up and the airgap + // the container runtime is ready to host workloads when containerd is up and the airgap // images have finished loading, as that portion of startup may block for an arbitrary // amount of time depending on how long it takes to import whatever the user has placed // in the images directory. - if cfg.AgentReady != nil { - close(cfg.AgentReady) + if cfg.ContainerRuntimeReady != nil { + close(cfg.ContainerRuntimeReady) } notifySocket := os.Getenv("NOTIFY_SOCKET") @@ -156,18 +190,37 @@ func RunStandalone(ctx context.Context, cfg cmds.Agent) error { return err } - nodeConfig := config.Get(ctx, cfg, proxy) + nodeConfig, err := config.Get(ctx, cfg, proxy) + if err != nil { + return errors.Wrap(err, "failed to retrieve agent configuration") + } + if err := executor.Bootstrap(ctx, nodeConfig, cfg); err != nil { return err } - if cfg.AgentReady != nil { - close(cfg.AgentReady) + if cfg.ContainerRuntimeReady != nil { + close(cfg.ContainerRuntimeReady) } if err := tunnelSetup(ctx, nodeConfig, cfg, proxy); err != nil { return err } + if err := certMonitorSetup(ctx, nodeConfig, cfg); err != nil { + return err + } + + if nodeConfig.SupervisorMetrics { + if err := metrics.DefaultMetrics.Start(ctx, nodeConfig); err != nil { + return errors.Wrap(err, "failed to serve metrics") + } + } + + if nodeConfig.EnablePProf { + if err := profile.DefaultProfiler.Start(ctx, nodeConfig); err != nil { + return errors.Wrap(err, "failed to serve pprof") + } + } <-ctx.Done() return ctx.Err() @@ -207,7 +260,7 @@ func createProxyAndValidateToken(ctx context.Context, cfg *cmds.Agent) (proxy.Pr if err := os.MkdirAll(agentDir, 0700); err != nil { return nil, err } - isIPv6 := utilsnet.IsIPv6(net.ParseIP([]string{cfg.NodeIP.String()}[0])) + isIPv6 := utilsnet.IsIPv6(net.ParseIP(util.GetFirstValidIPString(cfg.NodeIP))) proxy, err := proxy.NewSupervisorProxy(ctx, !cfg.DisableLoadBalancer, agentDir, cfg.ServerURL, cfg.LBServerPort, isIPv6) if err != nil { @@ -329,7 +382,7 @@ func updateLegacyAddressLabels(agentConfig *daemonconfig.Agent, nodeLabels map[s if ls.Has(cp.InternalIPKey) || ls.Has(cp.HostnameKey) { result := map[string]string{ cp.InternalIPKey: agentConfig.NodeIP, - cp.HostnameKey: agentConfig.NodeName, + cp.HostnameKey: getHostname(agentConfig), } if agentConfig.NodeExternalIP != "" { @@ -347,7 +400,7 @@ func updateAddressAnnotations(nodeConfig *daemonconfig.Node, nodeAnnotations map agentConfig := &nodeConfig.AgentConfig result := map[string]string{ cp.InternalIPKey: util.JoinIPs(agentConfig.NodeIPs), - cp.HostnameKey: agentConfig.NodeName, + cp.HostnameKey: getHostname(agentConfig), } if agentConfig.NodeExternalIP != "" { @@ -394,6 +447,10 @@ func setupTunnelAndRunAgent(ctx context.Context, nodeConfig *daemonconfig.Node, if err := tunnelSetup(ctx, nodeConfig, cfg, proxy); err != nil { return err } + if err := certMonitorSetup(ctx, nodeConfig, cfg); err != nil { + return err + } + if !agentRan { return agent.Agent(ctx, nodeConfig, proxy) } @@ -401,20 +458,31 @@ func setupTunnelAndRunAgent(ctx context.Context, nodeConfig *daemonconfig.Node, } func waitForAPIServerAddresses(ctx context.Context, nodeConfig *daemonconfig.Node, cfg cmds.Agent, proxy proxy.Proxy) error { + var localSupervisorDefault bool + if addresses := proxy.SupervisorAddresses(); len(addresses) > 0 { + host, _, _ := net.SplitHostPort(addresses[0]) + if host == "127.0.0.1" || host == "::1" { + localSupervisorDefault = true + } + } + for { select { case <-time.After(5 * time.Second): - logrus.Info("Waiting for apiserver addresses") + logrus.Info("Waiting for control-plane node to register apiserver addresses in etcd") case addresses := <-cfg.APIAddressCh: for i, a := range addresses { host, _, err := net.SplitHostPort(a) if err == nil { addresses[i] = net.JoinHostPort(host, strconv.Itoa(nodeConfig.ServerHTTPSPort)) - if i == 0 { - proxy.SetSupervisorDefault(addresses[i]) - } } } + // If this is an etcd-only node that started up using its local supervisor, + // switch to using a control-plane node as the supervisor. Otherwise, leave the + // configured server address as the default. + if localSupervisorDefault && len(addresses) > 0 { + proxy.SetSupervisorDefault(addresses[0]) + } proxy.Update(addresses) return nil case <-ctx.Done(): @@ -432,3 +500,20 @@ func tunnelSetup(ctx context.Context, nodeConfig *daemonconfig.Node, cfg cmds.Ag } return tunnel.Setup(ctx, nodeConfig, proxy) } + +func certMonitorSetup(ctx context.Context, nodeConfig *daemonconfig.Node, cfg cmds.Agent) error { + if cfg.ClusterReset { + return nil + } + return certmonitor.Setup(ctx, nodeConfig, cfg.DataDir) +} + +// getHostname returns the actual system hostname. +// If the hostname cannot be determined, or is invalid, the node name is used. +func getHostname(agentConfig *daemonconfig.Agent) string { + hostname, err := os.Hostname() + if err != nil || hostname == "" || strings.Contains(hostname, "localhost") { + return agentConfig.NodeName + } + return hostname +} diff --git a/pkg/agent/syssetup/setup.go b/pkg/agent/syssetup/setup.go index a90f5248e..239472a2e 100644 --- a/pkg/agent/syssetup/setup.go +++ b/pkg/agent/syssetup/setup.go @@ -1,5 +1,4 @@ //go:build !windows -// +build !windows package syssetup diff --git a/pkg/agent/syssetup/setup_windows.go b/pkg/agent/syssetup/setup_windows.go deleted file mode 100644 index da012013c..000000000 --- a/pkg/agent/syssetup/setup_windows.go +++ /dev/null @@ -1,5 +0,0 @@ -package syssetup - -func Configure(enableIPv6 bool) { - -} diff --git a/pkg/certmonitor/certmonitor.go b/pkg/certmonitor/certmonitor.go new file mode 100644 index 000000000..2837acc63 --- /dev/null +++ b/pkg/certmonitor/certmonitor.go @@ -0,0 +1,136 @@ +package certmonitor + +import ( + "context" + "crypto/x509" + "fmt" + "os" + "path/filepath" + "strings" + "time" + + "github.com/prometheus/client_golang/prometheus" + certutil "github.com/rancher/dynamiclistener/cert" + "github.com/rancher/wrangler/v3/pkg/merr" + "github.com/sirupsen/logrus" + daemonconfig "github.com/xiaods/k8e/pkg/daemons/config" + "github.com/xiaods/k8e/pkg/daemons/control/deps" + "github.com/xiaods/k8e/pkg/metrics" + "github.com/xiaods/k8e/pkg/util" + "github.com/xiaods/k8e/pkg/util/services" + "github.com/xiaods/k8e/pkg/version" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" + "k8s.io/apimachinery/pkg/util/wait" +) + +var ( + // Check certificates twice an hour. Kubernetes events have a TTL of 1 hour by default, + // so similar events should be aggregated and refreshed by the event recorder as long + // as they are created within the TTL period. + certCheckInterval = time.Minute * 30 + + controllerName = version.Program + "-cert-monitor" + + certificateExpirationSeconds = prometheus.NewGaugeVec(prometheus.GaugeOpts{ + Name: version.Program + "_certificate_expiration_seconds", + Help: "Remaining lifetime on the certificate.", + }, []string{"subject", "usages"}) +) + +// Setup starts the certificate expiration monitor +func Setup(ctx context.Context, nodeConfig *daemonconfig.Node, dataDir string) error { + logrus.Debugf("Starting %s with monitoring period %s", controllerName, certCheckInterval) + metrics.DefaultRegisterer.MustRegister(certificateExpirationSeconds) + + client, err := util.GetClientSet(nodeConfig.AgentConfig.KubeConfigKubelet) + if err != nil { + return err + } + + recorder := util.BuildControllerEventRecorder(client, controllerName, metav1.NamespaceDefault) + + // This is consistent with events attached to the node generated by the kubelet + // https://github.com/kubernetes/kubernetes/blob/612130dd2f4188db839ea5c2dea07a96b0ad8d1c/pkg/kubelet/kubelet.go#L479-L485 + nodeRef := &corev1.ObjectReference{ + Kind: "Node", + Name: nodeConfig.AgentConfig.NodeName, + UID: types.UID(nodeConfig.AgentConfig.NodeName), + Namespace: "", + } + + // Create a dummy controlConfig just to hold the paths for the server certs + controlConfig := daemonconfig.Control{ + DataDir: filepath.Join(dataDir, "server"), + Runtime: &daemonconfig.ControlRuntime{}, + } + deps.CreateRuntimeCertFiles(&controlConfig) + + caMap := map[string][]string{} + nodeList := services.Agent + if _, err := os.Stat(controlConfig.DataDir); err == nil { + nodeList = services.All + caMap, err = services.FilesForServices(controlConfig, services.CA) + if err != nil { + return err + } + } + + nodeMap, err := services.FilesForServices(controlConfig, nodeList) + if err != nil { + return err + } + + go wait.Until(func() { + logrus.Debugf("Running %s certificate expiration check", controllerName) + if err := checkCerts(nodeMap, time.Hour*24*daemonconfig.CertificateRenewDays); err != nil { + message := fmt.Sprintf("Node certificates require attention - restart %s on this node to trigger automatic rotation: %v", version.Program, err) + recorder.Event(nodeRef, corev1.EventTypeWarning, "CertificateExpirationWarning", message) + } + if err := checkCerts(caMap, time.Hour*24*365); err != nil { + message := fmt.Sprintf("Certificate authority certificates require attention - check %s documentation and begin planning rotation: %v", version.Program, err) + recorder.Event(nodeRef, corev1.EventTypeWarning, "CACertificateExpirationWarning", message) + + } + }, certCheckInterval, ctx.Done()) + + return nil +} + +func checkCerts(fileMap map[string][]string, warningPeriod time.Duration) error { + errs := merr.Errors{} + now := time.Now() + warn := now.Add(warningPeriod) + + for service, files := range fileMap { + for _, file := range files { + basename := filepath.Base(file) + certs, _ := certutil.CertsFromFile(file) + for _, cert := range certs { + usages := []string{} + if cert.KeyUsage&x509.KeyUsageCertSign != 0 { + usages = append(usages, "CertSign") + } + for _, eku := range cert.ExtKeyUsage { + switch eku { + case x509.ExtKeyUsageServerAuth: + usages = append(usages, "ServerAuth") + case x509.ExtKeyUsageClientAuth: + usages = append(usages, "ClientAuth") + } + } + certificateExpirationSeconds.WithLabelValues(cert.Subject.String(), strings.Join(usages, ",")).Set(cert.NotAfter.Sub(now).Seconds()) + if now.Before(cert.NotBefore) { + errs = append(errs, fmt.Errorf("%s/%s: certificate %s is not valid before %s", service, basename, cert.Subject, cert.NotBefore.Format(time.RFC3339))) + } else if now.After(cert.NotAfter) { + errs = append(errs, fmt.Errorf("%s/%s: certificate %s expired at %s", service, basename, cert.Subject, cert.NotAfter.Format(time.RFC3339))) + } else if warn.After(cert.NotAfter) { + errs = append(errs, fmt.Errorf("%s/%s: certificate %s will expire within %d days at %s", service, basename, cert.Subject, int(warningPeriod.Hours()/24), cert.NotAfter.Format(time.RFC3339))) + } + } + } + } + + return merr.NewErrors(errs...) +} diff --git a/pkg/cli/cert/cert.go b/pkg/cli/cert/cert.go index 7043f65eb..f72bad5f0 100644 --- a/pkg/cli/cert/cert.go +++ b/pkg/cli/cert/cert.go @@ -5,12 +5,12 @@ import ( "fmt" "os" "path/filepath" - "strconv" + "strings" "time" - "github.com/erikdubbelboer/gspt" "github.com/otiai10/copy" "github.com/pkg/errors" + certutil "github.com/rancher/dynamiclistener/cert" "github.com/sirupsen/logrus" "github.com/urfave/cli" "github.com/xiaods/k8e/pkg/agent/util" @@ -20,38 +20,14 @@ import ( "github.com/xiaods/k8e/pkg/daemons/config" "github.com/xiaods/k8e/pkg/daemons/control/deps" "github.com/xiaods/k8e/pkg/datadir" + "github.com/xiaods/k8e/pkg/proctitle" "github.com/xiaods/k8e/pkg/server" + "github.com/xiaods/k8e/pkg/util/services" "github.com/xiaods/k8e/pkg/version" ) -const ( - adminService = "admin" - apiServerService = "api-server" - controllerManagerService = "controller-manager" - schedulerService = "scheduler" - etcdService = "etcd" - programControllerService = "-controller" - authProxyService = "auth-proxy" - cloudControllerService = "cloud-controller" - kubeletService = "kubelet" - k8eServerService = "-server" -) - -var services = []string{ - adminService, - apiServerService, - controllerManagerService, - schedulerService, - etcdService, - version.Program + programControllerService, - authProxyService, - cloudControllerService, - kubeletService, - version.Program + k8eServerService, -} - func commandSetup(app *cli.Context, cfg *cmds.Server, sc *server.Config) (string, error) { - gspt.SetProcTitle(os.Args[0]) + proctitle.SetProcTitle(os.Args[0]) dataDir, err := datadir.Resolve(cfg.DataDir) if err != nil { @@ -62,29 +38,28 @@ func commandSetup(app *cli.Context, cfg *cmds.Server, sc *server.Config) (string if cfg.Token == "" { fp := filepath.Join(sc.ControlConfig.DataDir, "token") tokenByte, err := os.ReadFile(fp) - if err != nil { + if err != nil && !os.IsNotExist(err) { return "", err } cfg.Token = string(bytes.TrimRight(tokenByte, "\n")) } sc.ControlConfig.Token = cfg.Token - sc.ControlConfig.Runtime = config.NewRuntime(nil) return dataDir, nil } -func Rotate(app *cli.Context) error { +func Check(app *cli.Context) error { if err := cmds.InitLogging(); err != nil { return err } - return rotate(app, &cmds.ServerConfig) + return check(app, &cmds.ServerConfig) } -func rotate(app *cli.Context, cfg *cmds.Server) error { +func check(app *cli.Context, cfg *cmds.Server) error { var serverConfig server.Config - dataDir, err := commandSetup(app, cfg, &serverConfig) + _, err := commandSetup(app, cfg, &serverConfig) if err != nil { return err } @@ -95,155 +70,161 @@ func rotate(app *cli.Context, cfg *cmds.Server) error { return err } - agentDataDir := filepath.Join(dataDir, "agent") - tlsBackupDir, err := backupCertificates(serverConfig.ControlConfig.DataDir, agentDataDir) + if len(cmds.ServicesList) == 0 { + // detecting if the command is being run on an agent or server based on presence of the server data-dir + _, err := os.Stat(serverConfig.ControlConfig.DataDir) + if err != nil { + if !os.IsNotExist(err) { + return err + } + logrus.Infof("Agent detected, checking agent certificates") + cmds.ServicesList = services.Agent + } else { + logrus.Infof("Server detected, checking agent and server certificates") + cmds.ServicesList = services.All + } + } + + fileMap, err := services.FilesForServices(serverConfig.ControlConfig, cmds.ServicesList) + if err != nil { + return err + } + + now := time.Now() + warn := now.Add(time.Hour * 24 * config.CertificateRenewDays) + + for service, files := range fileMap { + logrus.Info("Checking certificates for " + service) + for _, file := range files { + // ignore errors, as some files may not exist, or may not contain certs. + // Only check whatever exists and has certs. + certs, _ := certutil.CertsFromFile(file) + for _, cert := range certs { + if now.Before(cert.NotBefore) { + logrus.Errorf("%s: certificate %s is not valid before %s", file, cert.Subject, cert.NotBefore.Format(time.RFC3339)) + } else if now.After(cert.NotAfter) { + logrus.Errorf("%s: certificate %s expired at %s", file, cert.Subject, cert.NotAfter.Format(time.RFC3339)) + } else if warn.After(cert.NotAfter) { + logrus.Warnf("%s: certificate %s will expire within %d days at %s", file, cert.Subject, config.CertificateRenewDays, cert.NotAfter.Format(time.RFC3339)) + } else { + logrus.Infof("%s: certificate %s is ok, expires at %s", file, cert.Subject, cert.NotAfter.Format(time.RFC3339)) + } + } + } + } + + return nil +} + +func Rotate(app *cli.Context) error { + if err := cmds.InitLogging(); err != nil { + return err + } + return rotate(app, &cmds.ServerConfig) +} + +func rotate(app *cli.Context, cfg *cmds.Server) error { + var serverConfig server.Config + + dataDir, err := commandSetup(app, cfg, &serverConfig) if err != nil { return err } + deps.CreateRuntimeCertFiles(&serverConfig.ControlConfig) + + if err := validateCertConfig(); err != nil { + return err + } + if len(cmds.ServicesList) == 0 { - // detecting if the command is being run on an agent or server + // detecting if the command is being run on an agent or server based on presence of the server data-dir _, err := os.Stat(serverConfig.ControlConfig.DataDir) if err != nil { if !os.IsNotExist(err) { return err } logrus.Infof("Agent detected, rotating agent certificates") - cmds.ServicesList = []string{ - kubeletService, - version.Program + programControllerService, - } + cmds.ServicesList = services.Agent } else { - logrus.Infof("Server detected, rotating server certificates") - cmds.ServicesList = []string{ - adminService, - etcdService, - apiServerService, - controllerManagerService, - cloudControllerService, - schedulerService, - version.Program + k8eServerService, - version.Program + programControllerService, - authProxyService, - kubeletService, - } + logrus.Infof("Server detected, rotating agent and server certificates") + cmds.ServicesList = services.All } } - fileList := []string{} + + fileMap, err := services.FilesForServices(serverConfig.ControlConfig, cmds.ServicesList) + if err != nil { + return err + } + + // back up all the files + agentDataDir := filepath.Join(dataDir, "agent") + tlsBackupDir, err := backupCertificates(serverConfig.ControlConfig.DataDir, agentDataDir, fileMap) + if err != nil { + return err + } + + // The dynamiclistener cache file can't be simply deleted, we need to create a trigger + // file to indicate that the cert needs to be regenerated on startup. for _, service := range cmds.ServicesList { - logrus.Infof("Rotating certificates for %s service", service) - switch service { - case adminService: - fileList = append(fileList, - serverConfig.ControlConfig.Runtime.ClientAdminCert, - serverConfig.ControlConfig.Runtime.ClientAdminKey) - case apiServerService: - fileList = append(fileList, - serverConfig.ControlConfig.Runtime.ClientKubeAPICert, - serverConfig.ControlConfig.Runtime.ClientKubeAPIKey, - serverConfig.ControlConfig.Runtime.ServingKubeAPICert, - serverConfig.ControlConfig.Runtime.ServingKubeAPIKey) - case controllerManagerService: - fileList = append(fileList, - serverConfig.ControlConfig.Runtime.ClientControllerCert, - serverConfig.ControlConfig.Runtime.ClientControllerKey) - case schedulerService: - fileList = append(fileList, - serverConfig.ControlConfig.Runtime.ClientSchedulerCert, - serverConfig.ControlConfig.Runtime.ClientSchedulerKey) - case etcdService: - fileList = append(fileList, - serverConfig.ControlConfig.Runtime.ClientETCDCert, - serverConfig.ControlConfig.Runtime.ClientETCDKey, - serverConfig.ControlConfig.Runtime.ServerETCDCert, - serverConfig.ControlConfig.Runtime.ServerETCDKey, - serverConfig.ControlConfig.Runtime.PeerServerClientETCDCert, - serverConfig.ControlConfig.Runtime.PeerServerClientETCDKey) - case cloudControllerService: - fileList = append(fileList, - serverConfig.ControlConfig.Runtime.ClientCloudControllerCert, - serverConfig.ControlConfig.Runtime.ClientCloudControllerKey) - case version.Program + k8eServerService: + if service == version.Program+services.ProgramServer { dynamicListenerRegenFilePath := filepath.Join(serverConfig.ControlConfig.DataDir, "tls", "dynamic-cert-regenerate") if err := os.WriteFile(dynamicListenerRegenFilePath, []byte{}, 0600); err != nil { return err } logrus.Infof("Rotating dynamic listener certificate") - case version.Program + programControllerService: - fileList = append(fileList, - serverConfig.ControlConfig.Runtime.ClientK8eControllerCert, - serverConfig.ControlConfig.Runtime.ClientK8eControllerKey, - filepath.Join(agentDataDir, "client-"+version.Program+"-controller.crt"), - filepath.Join(agentDataDir, "client-"+version.Program+"-controller.key")) - case authProxyService: - fileList = append(fileList, - serverConfig.ControlConfig.Runtime.ClientAuthProxyCert, - serverConfig.ControlConfig.Runtime.ClientAuthProxyKey) - case kubeletService: - fileList = append(fileList, - serverConfig.ControlConfig.Runtime.ClientKubeletKey, - serverConfig.ControlConfig.Runtime.ServingKubeletKey, - filepath.Join(agentDataDir, "client-kubelet.crt"), - filepath.Join(agentDataDir, "client-kubelet.key"), - filepath.Join(agentDataDir, "serving-kubelet.crt"), - filepath.Join(agentDataDir, "serving-kubelet.key")) - default: - logrus.Fatalf("%s is not a recognized service", service) } } - for _, file := range fileList { - if err := os.Remove(file); err == nil { - logrus.Debugf("file %s is deleted", file) + // remove all files + for service, files := range fileMap { + logrus.Info("Rotating certificates for " + service) + for _, file := range files { + if err := os.Remove(file); err == nil { + logrus.Debugf("file %s is deleted", file) + } } } - logrus.Infof("Successfully backed up certificates for all services to path %s, please restart %s server or agent to rotate certificates", tlsBackupDir, version.Program) + logrus.Infof("Successfully backed up certificates to %s, please restart %s server or agent to rotate certificates", tlsBackupDir, version.Program) return nil } -func backupCertificates(serverDataDir, agentDataDir string) (string, error) { +func backupCertificates(serverDataDir, agentDataDir string, fileMap map[string][]string) (string, error) { + backupDirName := fmt.Sprintf("tls-%d", time.Now().Unix()) serverTLSDir := filepath.Join(serverDataDir, "tls") - tlsBackupDir := filepath.Join(serverDataDir, "tls-"+strconv.Itoa(int(time.Now().Unix()))) + tlsBackupDir := filepath.Join(agentDataDir, backupDirName) + // backup the server TLS dir if it exists if _, err := os.Stat(serverTLSDir); err != nil { - return "", err - } - if err := copy.Copy(serverTLSDir, tlsBackupDir); err != nil { - return "", err - } - certs := []string{ - "client-" + version.Program + "-controller.crt", - "client-" + version.Program + "-controller.key", - "client-kubelet.crt", - "client-kubelet.key", - "serving-kubelet.crt", - "serving-kubelet.key", - "client-kube-proxy.crt", - "client-kube-proxy.key", - } - for _, cert := range certs { - agentCert := filepath.Join(agentDataDir, cert) - tlsBackupCert := filepath.Join(tlsBackupDir, cert) - if err := util.CopyFile(agentCert, tlsBackupCert, true); err != nil { + if !os.IsNotExist(err) { + return "", err + } + } else { + tlsBackupDir = filepath.Join(serverDataDir, backupDirName) + if err := copy.Copy(serverTLSDir, tlsBackupDir); err != nil { return "", err } } - return tlsBackupDir, nil -} -func validService(svc string) bool { - for _, service := range services { - if svc == service { - return true + for _, files := range fileMap { + for _, file := range files { + if strings.HasPrefix(file, agentDataDir) { + cert := filepath.Base(file) + tlsBackupCert := filepath.Join(tlsBackupDir, cert) + if err := util.CopyFile(file, tlsBackupCert, true); err != nil { + return "", err + } + } } } - return false + + return tlsBackupDir, nil } func validateCertConfig() error { for _, s := range cmds.ServicesList { - if !validService(s) { - return errors.New("Service " + s + " is not recognized") + if !services.IsValid(s) { + return errors.New("service " + s + " is not recognized") } } return nil diff --git a/pkg/cli/crictl/crictl.go b/pkg/cli/crictl/crictl.go index 693032c3c..de0f7a56e 100644 --- a/pkg/cli/crictl/crictl.go +++ b/pkg/cli/crictl/crictl.go @@ -4,8 +4,8 @@ import ( "os" "runtime" - "github.com/kubernetes-sigs/cri-tools/cmd/crictl" "github.com/urfave/cli" + "sigs.k8s.io/cri-tools/cmd/crictl" ) func Run(ctx *cli.Context) error { diff --git a/pkg/cli/secretsencrypt/secrets_encrypt.go b/pkg/cli/secretsencrypt/secrets_encrypt.go index 62ec0de7b..ce6208dce 100644 --- a/pkg/cli/secretsencrypt/secrets_encrypt.go +++ b/pkg/cli/secretsencrypt/secrets_encrypt.go @@ -20,10 +20,10 @@ import ( "k8s.io/utils/pointer" ) -func commandPrep(app *cli.Context, cfg *cmds.Server) (*clientaccess.Info, error) { +func commandPrep(cfg *cmds.Server) (*clientaccess.Info, error) { // hide process arguments from ps output, since they may contain // database credentials or other secrets. - gspt.SetProcTitle(os.Args[0] + " secrets-encrypt") + proctitle.SetProcTitle(os.Args[0] + " secrets-encrypt") dataDir, err := server.ResolveDataDir(cfg.DataDir) if err != nil { @@ -46,15 +46,14 @@ func wrapServerError(err error) error { } func Enable(app *cli.Context) error { - var err error - if err = cmds.InitLogging(); err != nil { + if err := cmds.InitLogging(); err != nil { return err } - info, err := commandPrep(app, &cmds.ServerConfig) + info, err := commandPrep(&cmds.ServerConfig) if err != nil { return err } - b, err := json.Marshal(server.EncryptionRequest{Enable: pointer.Bool(true)}) + b, err := json.Marshal(server.EncryptionRequest{Enable: ptr.To(true)}) if err != nil { return err } @@ -66,15 +65,14 @@ func Enable(app *cli.Context) error { } func Disable(app *cli.Context) error { - if err := cmds.InitLogging(); err != nil { return err } - info, err := commandPrep(app, &cmds.ServerConfig) + info, err := commandPrep(&cmds.ServerConfig) if err != nil { return err } - b, err := json.Marshal(server.EncryptionRequest{Enable: pointer.Bool(false)}) + b, err := json.Marshal(server.EncryptionRequest{Enable: ptr.To(false)}) if err != nil { return err } @@ -89,7 +87,7 @@ func Status(app *cli.Context) error { if err := cmds.InitLogging(); err != nil { return err } - info, err := commandPrep(app, &cmds.ServerConfig) + info, err := commandPrep(&cmds.ServerConfig) if err != nil { return err } @@ -147,16 +145,15 @@ func Status(app *cli.Context) error { } func Prepare(app *cli.Context) error { - var err error - if err = cmds.InitLogging(); err != nil { + if err := cmds.InitLogging(); err != nil { return err } - info, err := commandPrep(app, &cmds.ServerConfig) + info, err := commandPrep(&cmds.ServerConfig) if err != nil { return err } b, err := json.Marshal(server.EncryptionRequest{ - Stage: pointer.StringPtr(secretsencrypt.EncryptionPrepare), + Stage: ptr.To(secretsencrypt.EncryptionPrepare), Force: cmds.ServerConfig.EncryptForce, }) if err != nil { @@ -173,12 +170,12 @@ func Rotate(app *cli.Context) error { if err := cmds.InitLogging(); err != nil { return err } - info, err := commandPrep(app, &cmds.ServerConfig) + info, err := commandPrep(&cmds.ServerConfig) if err != nil { return err } b, err := json.Marshal(server.EncryptionRequest{ - Stage: pointer.StringPtr(secretsencrypt.EncryptionRotate), + Stage: ptr.To(secretsencrypt.EncryptionRotate), Force: cmds.ServerConfig.EncryptForce, }) if err != nil { @@ -192,16 +189,15 @@ func Rotate(app *cli.Context) error { } func Reencrypt(app *cli.Context) error { - var err error - if err = cmds.InitLogging(); err != nil { + if err := cmds.InitLogging(); err != nil { return err } - info, err := commandPrep(app, &cmds.ServerConfig) + info, err := commandPrep(&cmds.ServerConfig) if err != nil { return err } b, err := json.Marshal(server.EncryptionRequest{ - Stage: pointer.StringPtr(secretsencrypt.EncryptionReencryptActive), + Stage: ptr.To(secretsencrypt.EncryptionReencryptActive), Force: cmds.ServerConfig.EncryptForce, Skip: cmds.ServerConfig.EncryptSkip, }) @@ -214,3 +210,25 @@ func Reencrypt(app *cli.Context) error { fmt.Println("reencryption started") return nil } + +func RotateKeys(app *cli.Context) error { + if err := cmds.InitLogging(); err != nil { + return err + } + info, err := commandPrep(&cmds.ServerConfig) + if err != nil { + return err + } + b, err := json.Marshal(server.EncryptionRequest{ + Stage: ptr.To(secretsencrypt.EncryptionRotateKeys), + }) + if err != nil { + return err + } + timeout := 70 * time.Second + if err = info.Put("/v1-"+version.Program+"/encrypt/config", b, clientaccess.WithTimeout(timeout)); err != nil { + return wrapServerError(err) + } + fmt.Println("keys rotated, reencryption started") + return nil +} diff --git a/pkg/codegen/main.go b/pkg/codegen/main.go index c7dc9fcad..349780779 100644 --- a/pkg/codegen/main.go +++ b/pkg/codegen/main.go @@ -4,8 +4,8 @@ import ( "os" bindata "github.com/go-bindata/go-bindata" - controllergen "github.com/rancher/wrangler/pkg/controller-gen" - "github.com/rancher/wrangler/pkg/controller-gen/args" + controllergen "github.com/rancher/wrangler/v3/pkg/controller-gen" + "github.com/rancher/wrangler/v3/pkg/controller-gen/args" "github.com/sirupsen/logrus" v1 "github.com/xiaods/k8e/pkg/apis/k8e.cattle.io/v1" ) @@ -69,7 +69,7 @@ func main() { controllergen.Run(args.Options{ OutputPackage: "github.com/xiaods/k8e/pkg/generated", - Boilerplate: "hack/boilerplate.go.txt", + Boilerplate: "scripts/boilerplate.go.txt", Groups: map[string]args.Group{ "k8e.cattle.io": { Types: []interface{}{ diff --git a/pkg/daemons/config/types.go b/pkg/daemons/config/types.go index 63558c37e..b66328bc2 100644 --- a/pkg/daemons/config/types.go +++ b/pkg/daemons/config/types.go @@ -8,12 +8,13 @@ import ( "sort" "strings" "sync" - "time" "github.com/k3s-io/kine/pkg/endpoint" - "github.com/rancher/wrangler/pkg/generated/controllers/core" - "github.com/rancher/wrangler/pkg/leader" + "github.com/rancher/wharfie/pkg/registries" + "github.com/rancher/wrangler/v3/pkg/generated/controllers/core" + "github.com/rancher/wrangler/v3/pkg/leader" "github.com/xiaods/k8e/pkg/generated/controllers/k8e.cattle.io" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" utilnet "k8s.io/apimachinery/pkg/util/net" "k8s.io/apiserver/pkg/authentication/authenticator" "k8s.io/client-go/tools/record" @@ -34,6 +35,9 @@ type Node struct { ContainerRuntimeEndpoint string ImageServiceEndpoint string SELinux bool + EnablePProf bool + SupervisorMetrics bool + EmbeddedRegistry bool EgressSelectorMode string Containerd Containerd CRIDockerd CRIDockerd @@ -42,9 +46,25 @@ type Node struct { Token string Certificate *tls.Certificate ServerHTTPSPort int + SupervisorPort int DefaultRuntime string } +type EtcdS3 struct { + AccessKey string `json:"accessKey,omitempty"` + Bucket string `json:"bucket,omitempty"` + ConfigSecret string `json:"configSecret,omitempty"` + Endpoint string `json:"endpoint,omitempty"` + EndpointCA string `json:"endpointCA,omitempty"` + Folder string `json:"folder,omitempty"` + Proxy string `json:"proxy,omitempty"` + Region string `json:"region,omitempty"` + SecretKey string `json:"secretKey,omitempty"` + Insecure bool `json:"insecure,omitempty"` + SkipSSLVerify bool `json:"skipSSLVerify,omitempty"` + Timeout metav1.Duration `json:"timeout,omitempty"` +} + type Containerd struct { Address string Log string @@ -55,6 +75,8 @@ type Containerd struct { Template string BlockIOConfig string RDTConfig string + Registry string + NoDefault bool SELinux bool Debug bool } @@ -104,17 +126,24 @@ type Agent struct { ImageCredProvBinDir string ImageCredProvConfig string IPSECPSK string - PrivateRegistry string + Registry *registries.Registry SystemDefaultRegistry string AirgapExtraRegistry []string DisableCCM bool + MinTLSVersion string + CipherSuites []string Rootless bool ProtectKernelDefaults bool EnableIPv4 bool EnableIPv6 bool + VLevel int + VModule string + LogFile string + AlsoLogToStderr bool } // CriticalControlArgs contains parameters that all control plane nodes in HA must share +// The cli tag is used to provide better error information to the user on mismatch type CriticalControlArgs struct { ClusterDNSs []net.IP `cli:"cluster-dns"` ClusterIPRanges []*net.IPNet `cli:"cluster-cidr"` @@ -123,11 +152,12 @@ type CriticalControlArgs struct { ClusterIPRange *net.IPNet `cli:"cluster-cidr"` DisableCCM bool `cli:"disable-cloud-controller"` DisableHelmController bool `cli:"disable-helm-controller"` - DisableNPC bool `cli:"disable-network-policy"` EncryptSecrets bool `cli:"secrets-encryption"` + EmbeddedRegistry bool `cli:"embedded-registry"` EgressSelectorMode string `cli:"egress-selector-mode"` ServiceIPRange *net.IPNet `cli:"service-cidr"` ServiceIPRanges []*net.IPNet `cli:"service-cidr"` + SupervisorMetrics bool `cli:"supervisor-metrics"` } type Control struct { @@ -146,16 +176,19 @@ type Control struct { ServiceNodePortRange *utilnet.PortRange KubeConfigOutput string KubeConfigMode string + KubeConfigGroup string HelmJobImage string DataDir string + KineTLS bool Datastore endpoint.Config `json:"-"` Disables map[string]bool + DisableAgent bool DisableAPIServer bool DisableControllerManager bool DisableETCD bool DisableScheduler bool Rootless bool - EnablePProf bool + ServiceLBNamespace string ExtraAPIArgs []string ExtraControllerArgs []string ExtraCloudControllerArgs []string @@ -170,30 +203,22 @@ type Control struct { ClusterInit bool ClusterReset bool ClusterResetRestorePath string - EncryptForce bool - EncryptSkip bool - TLSMinVersion uint16 - TLSCipherSuites []uint16 - EtcdSnapshotName string `json:"-"` - EtcdDisableSnapshots bool `json:"-"` - EtcdExposeMetrics bool `json:"-"` - EtcdSnapshotDir string `json:"-"` - EtcdSnapshotCron string `json:"-"` - EtcdSnapshotRetention int `json:"-"` - EtcdSnapshotCompress bool `json:"-"` - EtcdListFormat string `json:"-"` - EtcdS3 bool `json:"-"` - EtcdS3Endpoint string `json:"-"` - EtcdS3EndpointCA string `json:"-"` - EtcdS3SkipSSLVerify bool `json:"-"` - EtcdS3AccessKey string `json:"-"` - EtcdS3SecretKey string `json:"-"` - EtcdS3BucketName string `json:"-"` - EtcdS3Region string `json:"-"` - EtcdS3Folder string `json:"-"` - EtcdS3Timeout time.Duration `json:"-"` - EtcdS3Insecure bool `json:"-"` + MinTLSVersion string + CipherSuites []string + TLSMinVersion uint16 `json:"-"` + TLSCipherSuites []uint16 `json:"-"` + EtcdSnapshotName string `json:"-"` + EtcdDisableSnapshots bool `json:"-"` + EtcdExposeMetrics bool `json:"-"` + EtcdSnapshotDir string `json:"-"` + EtcdSnapshotCron string `json:"-"` + EtcdSnapshotRetention int `json:"-"` + EtcdSnapshotCompress bool `json:"-"` + EtcdListFormat string `json:"-"` + EtcdS3 *EtcdS3 `json:"-"` ServerNodeName string + VLevel int + VModule string BindAddress string SANs []string @@ -237,18 +262,18 @@ func (c *Control) Loopback(urlSafe bool) string { } type ControlRuntimeBootstrap struct { - ETCDServerCA string - ETCDServerCAKey string - ETCDPeerCA string - ETCDPeerCAKey string - ServerCA string - ServerCAKey string - ClientCA string - ClientCAKey string - ServiceKey string + ETCDServerCA string `rotate:"true"` + ETCDServerCAKey string `rotate:"true"` + ETCDPeerCA string `rotate:"true"` + ETCDPeerCAKey string `rotate:"true"` + ServerCA string `rotate:"true"` + ServerCAKey string `rotate:"true"` + ClientCA string `rotate:"true"` + ClientCAKey string `rotate:"true"` + ServiceKey string `rotate:"true"` PasswdFile string - RequestHeaderCA string - RequestHeaderCAKey string + RequestHeaderCA string `rotate:"true"` + RequestHeaderCAKey string `rotate:"true"` IPSECKey string EncryptionConfig string EncryptionHash string @@ -259,7 +284,7 @@ type ControlRuntime struct { HTTPBootstrap bool APIServerReady <-chan struct{} - AgentReady <-chan struct{} + ContainerRuntimeReady <-chan struct{} ETCDReady <-chan struct{} StartupHooksWg *sync.WaitGroup ClusterControllerStarts map[string]leader.Callback @@ -323,9 +348,9 @@ type ControlRuntime struct { EtcdConfig endpoint.ETCDConfig } -func NewRuntime(agentReady <-chan struct{}) *ControlRuntime { +func NewRuntime(containerRuntimeReady <-chan struct{}) *ControlRuntime { return &ControlRuntime{ - AgentReady: agentReady, + ContainerRuntimeReady: containerRuntimeReady, ClusterControllerStarts: map[string]leader.Callback{}, LeaderElectedClusterControllerStarts: map[string]leader.Callback{}, } diff --git a/pkg/daemons/control/deps/deps.go b/pkg/daemons/control/deps/deps.go index 3bcaf00df..31c47a3d1 100644 --- a/pkg/daemons/control/deps/deps.go +++ b/pkg/daemons/control/deps/deps.go @@ -25,13 +25,12 @@ import ( "github.com/xiaods/k8e/pkg/cloudprovider" "github.com/xiaods/k8e/pkg/daemons/config" "github.com/xiaods/k8e/pkg/passwd" - "github.com/xiaods/k8e/pkg/token" "github.com/xiaods/k8e/pkg/util" "github.com/xiaods/k8e/pkg/version" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/sets" "k8s.io/apiserver/pkg/apis/apiserver" - apiserverconfigv1 "k8s.io/apiserver/pkg/apis/config/v1" + apiserverconfigv1 "k8s.io/apiserver/pkg/apis/apiserver/v1" "k8s.io/apiserver/pkg/authentication/user" "k8s.io/client-go/util/keyutil" ) @@ -40,12 +39,10 @@ const ( ipsecTokenSize = 48 aescbcKeySize = 32 - RequestHeaderCN = "system:auth-proxy" - defaultNewSignedCertExpirationDays = time.Hour * 24 * 365 * 10 //10 year certificate expiration + RequestHeaderCN = "system:auth-proxy" ) -var ( - kubeconfigTemplate = template.Must(template.New("kubeconfig").Parse(`apiVersion: v1 +var kubeconfigTemplate = template.Must(template.New("kubeconfig").Parse(`apiVersion: v1 clusters: - cluster: server: {{.URL}} @@ -66,7 +63,6 @@ users: client-certificate: {{.ClientCert}} client-key: {{.ClientKey}} `)) -) func migratePassword(p *passwd.Passwd) error { server, _ := p.Pass("server") @@ -273,7 +269,7 @@ func genEncryptedNetworkInfo(controlConfig *config.Control) error { return nil } - psk, err := token.Random(ipsecTokenSize) + psk, err := util.Random(ipsecTokenSize) if err != nil { return err } @@ -283,16 +279,14 @@ func genEncryptedNetworkInfo(controlConfig *config.Control) error { } func getServerPass(passwd *passwd.Passwd, config *config.Control) (string, error) { - var ( - err error - ) + var err error serverPass := config.Token if serverPass == "" { serverPass, _ = passwd.Pass("server") } if serverPass == "" { - serverPass, err = token.Random(16) + serverPass, err = util.Random(16) if err != nil { return "", err } @@ -445,14 +439,16 @@ func genServerCerts(config *config.Control) error { } func genETCDCerts(config *config.Control) error { - runtime := config.Runtime regen, err := createSigningCertKey("etcd-server", runtime.ETCDServerCA, runtime.ETCDServerCAKey) if err != nil { return err } - altNames := &certutil.AltNames{} + altNames := &certutil.AltNames{ + DNSNames: []string{"kine.sock"}, + } + addSANs(altNames, config.SANs) if _, err := createClientCertKey(regen, "etcd-client", nil, @@ -628,7 +624,6 @@ func createClientCertKey(regen bool, commonName string, organization []string, a CommonName: commonName, Organization: organization, Usages: extKeyUsage, - ExpiresAt: defaultNewSignedCertExpirationDays, } if altNames != nil { cfg.AltNames = *altNames @@ -776,7 +771,7 @@ func genEncryptionConfigAndState(controlConfig *config.Control) error { if err != nil { return err } - if err := os.WriteFile(runtime.EncryptionConfig, b, 0600); err != nil { + if err := util.AtomicWrite(runtime.EncryptionConfig, b, 0600); err != nil { return err } encryptionConfigHash := sha256.Sum256(b) @@ -837,5 +832,4 @@ func genCloudConfig(controlConfig *config.Control) error { return err } return os.WriteFile(controlConfig.Runtime.CloudControllerConfig, b, 0600) - } diff --git a/pkg/metrics/metrics.go b/pkg/metrics/metrics.go new file mode 100644 index 000000000..9bc0d7ed3 --- /dev/null +++ b/pkg/metrics/metrics.go @@ -0,0 +1,51 @@ +package metrics + +import ( + "context" + "errors" + + "github.com/gorilla/mux" + "github.com/prometheus/client_golang/prometheus/promhttp" + lassometrics "github.com/rancher/lasso/pkg/metrics" + "github.com/xiaods/k8e/pkg/agent/https" + "github.com/xiaods/k8e/pkg/daemons/config" + "k8s.io/component-base/metrics/legacyregistry" +) + +// DefaultRegisterer is the implementation of the +// prometheus Registerer interface that all metrics operations +// will use. +var DefaultRegisterer = legacyregistry.Registerer() + +// DefaultGatherer is the implementation of the +// prometheus Gatherere interface that all metrics operations +// will use. +var DefaultGatherer = legacyregistry.DefaultGatherer + +// DefaultMetrics is the default instance of a Metrics server +var DefaultMetrics = &Config{ + Router: func(context.Context, *config.Node) (*mux.Router, error) { + return nil, errors.New("not implemented") + }, +} + +func init() { + // ensure that lasso exposes metrics through the same registry used by Kubernetes components + lassometrics.MustRegister(DefaultRegisterer) +} + +// Config holds fields for the metrics listener +type Config struct { + // Router will be called to add the metrics API handler to an existing router. + Router https.RouterFunc +} + +// Start starts binds the metrics API to an existing HTTP router. +func (c *Config) Start(ctx context.Context, nodeConfig *config.Node) error { + mRouter, err := c.Router(ctx, nodeConfig) + if err != nil { + return err + } + mRouter.Handle("/metrics", promhttp.HandlerFor(DefaultGatherer, promhttp.HandlerOpts{})) + return nil +} diff --git a/pkg/nodeconfig/nodeconfig_test.go b/pkg/nodeconfig/nodeconfig_test.go index 94f69f506..b9383f341 100644 --- a/pkg/nodeconfig/nodeconfig_test.go +++ b/pkg/nodeconfig/nodeconfig_test.go @@ -30,7 +30,7 @@ var FakeNodeWithAnnotation = &corev1.Node{ ObjectMeta: metav1.ObjectMeta{ Name: "fakeNode-with-annotation", Annotations: map[string]string{ - NodeArgsAnnotation: `["server","--no-flannel"]`, + NodeArgsAnnotation: `["server"]`, NodeEnvAnnotation: `{"` + TestEnvName + `":"fakeNode-with-annotation"}`, NodeConfigHashAnnotation: "FIJ7GZ42FJLYYYPQVVRUGKP3RBJGL5YHUJPWGQMBBVF4OQ6MOSWA====", }, @@ -39,7 +39,7 @@ var FakeNodeWithAnnotation = &corev1.Node{ func Test_UnitSetExistingNodeConfigAnnotations(t *testing.T) { // adding same config - os.Args = []string{version.Program, "server", "--no-flannel"} + os.Args = []string{version.Program, "server"} os.Setenv(version.ProgramUpper+"_NODE_NAME", "fakeNode-with-annotation") nodeUpdated, err := SetNodeConfigAnnotations(FakeNodeConfig, FakeNodeWithAnnotation) if err != nil { @@ -77,10 +77,10 @@ func Test_UnitSetNodeConfigAnnotations(t *testing.T) { args: args{ config: FakeNodeConfig, node: FakeNodeWithAnnotation, - osArgs: []string{version.Program, "server", "--no-flannel"}, + osArgs: []string{version.Program, "server"}, }, want: true, - wantNodeArgs: `["server","--no-flannel"]`, + wantNodeArgs: `["server"]`, wantNodeEnv: `{"` + TestEnvName + `":"fakeNode-with-no-annotation"}`, wantNodeConfigHash: "47ZWLMKZE6NJ7M5KJVPQY4GSJINRZOQEGHOFQFLRQBY3HBQX5HLA====", }, @@ -89,10 +89,10 @@ func Test_UnitSetNodeConfigAnnotations(t *testing.T) { args: args{ config: FakeNodeConfig, node: FakeNodeWithNoAnnotation, - osArgs: []string{version.Program, "server", "--no-flannel", "--write-kubeconfig-mode=777"}, + osArgs: []string{version.Program, "server", "--write-kubeconfig-mode=777"}, }, want: true, - wantNodeArgs: `["server","--no-flannel","--write-kubeconfig-mode","777"]`, + wantNodeArgs: `["server","--write-kubeconfig-mode","777"]`, wantNodeEnv: `{"` + TestEnvName + `":"fakeNode-with-no-annotation"}`, }, } diff --git a/pkg/nodepassword/nodepassword.go b/pkg/nodepassword/nodepassword.go index 7deab8216..4ebff29d5 100644 --- a/pkg/nodepassword/nodepassword.go +++ b/pkg/nodepassword/nodepassword.go @@ -7,7 +7,7 @@ import ( "time" "github.com/pkg/errors" - coreclient "github.com/rancher/wrangler/pkg/generated/controllers/core/v1" + coreclient "github.com/rancher/wrangler/v3/pkg/generated/controllers/core/v1" "github.com/sirupsen/logrus" "github.com/xiaods/k8e/pkg/authenticator/hash" "github.com/xiaods/k8e/pkg/passwd" @@ -15,7 +15,7 @@ import ( v1 "k8s.io/api/core/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/utils/pointer" + "k8s.io/utils/ptr" ) var ( @@ -80,7 +80,7 @@ func Ensure(secretClient coreclient.SecretController, nodeName, pass string) err Name: getSecretName(nodeName), Namespace: metav1.NamespaceSystem, }, - Immutable: pointer.Bool(true), + Immutable: ptr.To(true), Data: map[string][]byte{"hash": []byte(hash)}, }) } diff --git a/pkg/nodepassword/nodepassword_test.go b/pkg/nodepassword/nodepassword_test.go index d14332b3f..4e7de581e 100644 --- a/pkg/nodepassword/nodepassword_test.go +++ b/pkg/nodepassword/nodepassword_test.go @@ -9,7 +9,7 @@ import ( "testing" "github.com/golang/mock/gomock" - "github.com/rancher/wrangler/pkg/generic/fake" + "github.com/rancher/wrangler/v3/pkg/generic/fake" v1 "k8s.io/api/core/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -20,12 +20,12 @@ import ( const migrateNumNodes = 10 const createNumNodes = 3 -func TestAsserts(t *testing.T) { +func Test_UnitAsserts(t *testing.T) { assertEqual(t, 1, 1) assertNotEqual(t, 1, 0) } -func TestEnsureDelete(t *testing.T) { +func Test_UnitEnsureDelete(t *testing.T) { logMemUsage(t) ctrl := gomock.NewController(t) @@ -55,7 +55,7 @@ func TestEnsureDelete(t *testing.T) { logMemUsage(t) } -func TestMigrateFile(t *testing.T) { +func Test_UnitMigrateFile(t *testing.T) { nodePasswordFile := generateNodePasswordFile(migrateNumNodes) defer os.Remove(nodePasswordFile) diff --git a/pkg/proctitle/proctile_windows.go b/pkg/proctitle/proctile_windows.go new file mode 100644 index 000000000..9ade88241 --- /dev/null +++ b/pkg/proctitle/proctile_windows.go @@ -0,0 +1,6 @@ +//go:build windows +// +build windows + +package proctitle + +func SetProcTitle(cmd string) {} diff --git a/pkg/proctitle/proctitle.go b/pkg/proctitle/proctitle.go new file mode 100644 index 000000000..178dfa9ef --- /dev/null +++ b/pkg/proctitle/proctitle.go @@ -0,0 +1,12 @@ +//go:build linux +// +build linux + +package proctitle + +import ( + "github.com/erikdubbelboer/gspt" +) + +func SetProcTitle(cmd string) { + gspt.SetProcTitle(cmd) +} diff --git a/pkg/profile/profile.go b/pkg/profile/profile.go new file mode 100644 index 000000000..503c50ed9 --- /dev/null +++ b/pkg/profile/profile.go @@ -0,0 +1,38 @@ +package profile + +import ( + "context" + "errors" + "net/http/pprof" + + "github.com/gorilla/mux" + "github.com/xiaods/k8e/pkg/agent/https" + "github.com/xiaods/k8e/pkg/daemons/config" +) + +// DefaultProfiler the default instance of a performance profiling server +var DefaultProfiler = &Config{ + Router: func(context.Context, *config.Node) (*mux.Router, error) { + return nil, errors.New("not implemented") + }, +} + +// Config holds fields for the pprof listener +type Config struct { + // Router will be called to add the pprof API handler to an existing router. + Router https.RouterFunc +} + +// Start starts binds the pprof API to an existing HTTP router. +func (c *Config) Start(ctx context.Context, nodeConfig *config.Node) error { + mRouter, err := c.Router(ctx, nodeConfig) + if err != nil { + return err + } + mRouter.HandleFunc("/debug/pprof/cmdline", pprof.Cmdline) + mRouter.HandleFunc("/debug/pprof/profile", pprof.Profile) + mRouter.HandleFunc("/debug/pprof/symbol", pprof.Symbol) + mRouter.HandleFunc("/debug/pprof/trace", pprof.Trace) + mRouter.PathPrefix("/debug/pprof/").HandlerFunc(pprof.Index) + return nil +} diff --git a/pkg/rootless/rootless.go b/pkg/rootless/rootless.go index d3b242aaf..558c923c7 100644 --- a/pkg/rootless/rootless.go +++ b/pkg/rootless/rootless.go @@ -22,16 +22,17 @@ import ( ) var ( - pipeFD = "_K8E_ROOTLESS_FD" - childEnv = "_K8E_ROOTLESS_SOCK" - evacuateCgroup2Env = "_K8E_ROOTLESS_EVACUATE_CGROUP2" // boolean + pipeFD = "_K3S_ROOTLESS_FD" + childEnv = "_K3S_ROOTLESS_SOCK" + evacuateCgroup2Env = "_K3S_ROOTLESS_EVACUATE_CGROUP2" // boolean Sock = "" - mtuEnv = "K8E_ROOTLESS_MTU" - cidrEnv = "K8E_ROOTLESS_CIDR" - enableIPv6Env = "K8E_ROOTLESS_ENABLE_IPV6" - portDriverEnv = "K8E_ROOTLESS_PORT_DRIVER" - disableLoopbackEnv = "K8E_ROOTLESS_DISABLE_HOST_LOOPBACK" + mtuEnv = "K3S_ROOTLESS_MTU" + cidrEnv = "K3S_ROOTLESS_CIDR" + enableIPv6Env = "K3S_ROOTLESS_ENABLE_IPV6" + portDriverEnv = "K3S_ROOTLESS_PORT_DRIVER" + disableLoopbackEnv = "K3S_ROOTLESS_DISABLE_HOST_LOOPBACK" + copyUpDirsEnv = "K3S_ROOTLESS_COPYUPDIRS" ) func Rootless(stateDir string, enableIPv6 bool) error { @@ -89,7 +90,7 @@ func validateSysctl() error { "kernel.unprivileged_userns_clone": "1", // net.ipv4.ip_forward should not need to be 1 in the parent namespace. - // However, the current k8e implementation has a bug that requires net.ipv4.ip_forward=1 + // However, the current k3s implementation has a bug that requires net.ipv4.ip_forward=1 // https://github.com/k3s-io/k3s/issues/2420#issuecomment-715051120 "net.ipv4.ip_forward": "1", } @@ -132,11 +133,6 @@ func createParentOpt(driver portDriver, stateDir string, enableIPv6 bool) (*pare return nil, errors.Wrapf(err, "failed to mkdir %s", stateDir) } - stateDir, err := os.MkdirTemp("", "rootless") - if err != nil { - return nil, err - } - driver.SetStateDir(stateDir) opt := &parent.Opt{ @@ -156,9 +152,9 @@ func createParentOpt(driver portDriver, stateDir string, enableIPv6 bool) (*pare } else { selfCgroup2Dir := filepath.Join("/sys/fs/cgroup", selfCgroup2) if unix.Access(selfCgroup2Dir, unix.W_OK) == nil { - opt.EvacuateCgroup2 = "k8e_evac" + opt.EvacuateCgroup2 = "k3s_evac" } else { - logrus.Warn("Cannot set cgroup2 evacuation, make sure to run k8e as a systemd unit") + logrus.Warn("Cannot set cgroup2 evacuation, make sure to run k3s as a systemd unit") } } @@ -206,10 +202,6 @@ func createParentOpt(driver portDriver, stateDir string, enableIPv6 bool) (*pare return nil, err } - if err != nil { - return nil, err - } - opt.PortDriver, err = driver.NewParentDriver() if err != nil { return nil, err @@ -227,6 +219,9 @@ func createChildOpt(driver portDriver) (*child.Opt, error) { opt.NetworkDriver = slirp4netns.NewChildDriver() opt.PortDriver = driver.NewChildDriver() opt.CopyUpDirs = []string{"/etc", "/var/run", "/run", "/var/lib"} + if copyUpDirs := os.Getenv(copyUpDirsEnv); copyUpDirs != "" { + opt.CopyUpDirs = append(opt.CopyUpDirs, strings.Split(copyUpDirs, ",")...) + } opt.CopyUpDriver = tmpfssymlink.NewChildDriver() opt.MountProcfs = true opt.Reaper = true diff --git a/pkg/secretsencrypt/config.go b/pkg/secretsencrypt/config.go index f7fda3cd8..8bd7789c9 100644 --- a/pkg/secretsencrypt/config.go +++ b/pkg/secretsencrypt/config.go @@ -1,28 +1,45 @@ package secretsencrypt import ( + "bytes" + "context" "crypto/sha256" "encoding/hex" "encoding/json" "fmt" "os" + "time" + "github.com/prometheus/common/expfmt" "github.com/xiaods/k8e/pkg/daemons/config" + "github.com/xiaods/k8e/pkg/util" "github.com/xiaods/k8e/pkg/version" corev1 "k8s.io/api/core/v1" + "k8s.io/client-go/tools/clientcmd" "github.com/sirupsen/logrus" + "github.com/xiaods/k8e/pkg/generated/clientset/versioned/scheme" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - apiserverconfigv1 "k8s.io/apiserver/pkg/apis/config/v1" + "k8s.io/apimachinery/pkg/util/wait" + apiserverconfigv1 "k8s.io/apiserver/pkg/apis/apiserver/v1" + + "k8s.io/client-go/rest" ) const ( - EncryptionStart string = "start" - EncryptionPrepare string = "prepare" - EncryptionRotate string = "rotate" - EncryptionReencryptRequest string = "reencrypt_request" - EncryptionReencryptActive string = "reencrypt_active" - EncryptionReencryptFinished string = "reencrypt_finished" + EncryptionStart string = "start" + EncryptionPrepare string = "prepare" + EncryptionRotate string = "rotate" + EncryptionRotateKeys string = "rotate_keys" + EncryptionReencryptRequest string = "reencrypt_request" + EncryptionReencryptActive string = "reencrypt_active" + EncryptionReencryptFinished string = "reencrypt_finished" + SecretListPageSize int64 = 20 + SecretQPS float32 = 200 + SecretBurst int = 200 + SecretsUpdateErrorEvent string = "SecretsUpdateError" + SecretsProgressEvent string = "SecretsProgress" + SecretsUpdateCompleteEvent string = "SecretsUpdateComplete" ) var EncryptionHashAnnotation = version.Program + ".io/encryption-config-hash" @@ -40,7 +57,10 @@ func GetEncryptionProviders(runtime *config.ControlRuntime) ([]apiserverconfigv1 return curEncryption.Resources[0].Providers, nil } -func GetEncryptionKeys(runtime *config.ControlRuntime) ([]apiserverconfigv1.Key, error) { +// GetEncryptionKeys returns a list of encryption keys from the current encryption configuration. +// If includeIdentity is true, it will also include a fake key representing the identity provider, which +// is used to determine if encryption is enabled/disabled. +func GetEncryptionKeys(runtime *config.ControlRuntime, includeIdentity bool) ([]apiserverconfigv1.Key, error) { providers, err := GetEncryptionProviders(runtime) if err != nil { @@ -52,6 +72,14 @@ func GetEncryptionKeys(runtime *config.ControlRuntime) ([]apiserverconfigv1.Key, var curKeys []apiserverconfigv1.Key for _, p := range providers { + // Since identity doesn't have keys, we make up a fake key to represent it, so we can + // know that encryption is enabled/disabled in the request. + if p.Identity != nil && includeIdentity { + curKeys = append(curKeys, apiserverconfigv1.Key{ + Name: "identity", + Secret: "identity", + }) + } if p.AESCBC != nil { curKeys = append(curKeys, p.AESCBC.Keys...) } @@ -106,7 +134,7 @@ func WriteEncryptionConfig(runtime *config.ControlRuntime, keys []apiserverconfi if err != nil { return err } - return os.WriteFile(runtime.EncryptionConfig, jsonfile, 0600) + return util.AtomicWrite(runtime.EncryptionConfig, jsonfile, 0600) } func GenEncryptionConfigHash(runtime *config.ControlRuntime) (string, error) { @@ -118,11 +146,11 @@ func GenEncryptionConfigHash(runtime *config.ControlRuntime) (string, error) { return hex.EncodeToString(encryptionConfigHash[:]), nil } -// GenReencryptHash generates a sha256 hash fom the existing secrets keys and -// a new key based on the input arguments. +// GenReencryptHash generates a sha256 hash from the existing secrets keys and +// any identity providers plus a new key based on the input arguments. func GenReencryptHash(runtime *config.ControlRuntime, keyName string) (string, error) { - keys, err := GetEncryptionKeys(runtime) + keys, err := GetEncryptionKeys(runtime, true) if err != nil { return "", err } @@ -156,7 +184,9 @@ func BootstrapEncryptionHashAnnotation(node *corev1.Node, runtime *config.Contro return nil } -func WriteEncryptionHashAnnotation(runtime *config.ControlRuntime, node *corev1.Node, stage string) error { +// WriteEncryptionHashAnnotation writes the encryption hash to the node annotation and optionally to a file. +// The file is used to track the last stage of the reencryption process. +func WriteEncryptionHashAnnotation(runtime *config.ControlRuntime, node *corev1.Node, skipFile bool, stage string) error { encryptionConfigHash, err := GenEncryptionConfigHash(runtime) if err != nil { return err @@ -170,5 +200,107 @@ func WriteEncryptionHashAnnotation(runtime *config.ControlRuntime, node *corev1. return err } logrus.Debugf("encryption hash annotation set successfully on node: %s\n", node.ObjectMeta.Name) + if skipFile { + return nil + } return os.WriteFile(runtime.EncryptionHash, []byte(ann), 0600) } + +// WaitForEncryptionConfigReload watches the metrics API, polling the latest time the encryption config was reloaded. +func WaitForEncryptionConfigReload(runtime *config.ControlRuntime, reloadSuccesses, reloadTime int64) error { + var lastFailure string + + ctx := context.Background() + err := wait.PollUntilContextTimeout(ctx, 5*time.Second, 60*time.Second, true, func(ctx context.Context) (bool, error) { + newReloadTime, newReloadSuccess, err := GetEncryptionConfigMetrics(runtime, false) + if err != nil { + return true, err + } + + if newReloadSuccess <= reloadSuccesses || newReloadTime <= reloadTime { + lastFailure = fmt.Sprintf("apiserver has not reloaded encryption configuration (reload success: %d/%d, reload timestamp %d/%d)", newReloadSuccess, reloadSuccesses, newReloadTime, reloadTime) + return false, nil + } + logrus.Infof("encryption config reloaded successfully %d times", newReloadSuccess) + logrus.Debugf("encryption config reloaded at %s", time.Unix(newReloadTime, 0)) + return true, nil + }) + if err != nil { + err = fmt.Errorf("%w: %s", err, lastFailure) + } + return err +} + +// GetEncryptionConfigMetrics fetches the metrics API and returns the last time the encryption config was reloaded +// and the number of times it has been reloaded. +func GetEncryptionConfigMetrics(runtime *config.ControlRuntime, initialMetrics bool) (int64, int64, error) { + var unixUpdateTime int64 + var reloadSuccessCounter int64 + var lastFailure string + restConfig, err := clientcmd.BuildConfigFromFlags("", runtime.KubeConfigSupervisor) + if err != nil { + return 0, 0, err + } + restConfig.GroupVersion = &apiserverconfigv1.SchemeGroupVersion + restConfig.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + restClient, err := rest.RESTClientFor(restConfig) + if err != nil { + return 0, 0, err + } + + // This is wrapped in a poller because on startup no metrics exist. Its only after the encryption config + // is modified and the first reload occurs that the metrics are available. + ctx := context.Background() + err = wait.PollUntilContextTimeout(ctx, 5*time.Second, 60*time.Second, true, func(ctx context.Context) (bool, error) { + data, err := restClient.Get().AbsPath("/metrics").DoRaw(ctx) + if err != nil { + return true, err + } + + reader := bytes.NewReader(data) + var parser expfmt.TextParser + mf, err := parser.TextToMetricFamilies(reader) + if err != nil { + return true, err + } + tsMetric := mf["apiserver_encryption_config_controller_automatic_reload_last_timestamp_seconds"] + // Potentially multiple metrics with different success/failure labels + totalMetrics := mf["apiserver_encryption_config_controller_automatic_reloads_total"] + + // First time, no metrics exist, so return zeros + if tsMetric == nil && totalMetrics == nil && initialMetrics { + return true, nil + } + + if tsMetric == nil { + lastFailure = "encryption config time metric not found" + return false, nil + } + + if totalMetrics == nil { + lastFailure = "encryption config total metric not found" + return false, nil + } + + unixUpdateTime = int64(tsMetric.GetMetric()[0].GetGauge().GetValue()) + if time.Now().Unix() < unixUpdateTime { + return true, fmt.Errorf("encryption reload time is incorrectly ahead of current time") + } + + for _, totalMetric := range totalMetrics.GetMetric() { + logrus.Debugf("totalMetric: %+v", totalMetric) + for _, label := range totalMetric.GetLabel() { + if label.GetName() == "status" && label.GetValue() == "success" { + reloadSuccessCounter = int64(totalMetric.GetCounter().GetValue()) + } + } + } + return true, nil + }) + + if err != nil { + err = fmt.Errorf("%w: %s", err, lastFailure) + } + + return unixUpdateTime, reloadSuccessCounter, err +} diff --git a/pkg/secretsencrypt/controller.go b/pkg/secretsencrypt/controller.go deleted file mode 100644 index 4b68d99fd..000000000 --- a/pkg/secretsencrypt/controller.go +++ /dev/null @@ -1,241 +0,0 @@ -package secretsencrypt - -import ( - "context" - "fmt" - "strings" - - coreclient "github.com/rancher/wrangler/pkg/generated/controllers/core/v1" - "github.com/sirupsen/logrus" - "github.com/xiaods/k8e/pkg/cluster" - "github.com/xiaods/k8e/pkg/daemons/config" - "github.com/xiaods/k8e/pkg/util" - corev1 "k8s.io/api/core/v1" - apierrors "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/api/meta" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/types" - "k8s.io/client-go/kubernetes" - "k8s.io/client-go/tools/pager" - "k8s.io/client-go/tools/record" - "k8s.io/client-go/util/retry" -) - -const ( - controllerAgentName string = "reencrypt-controller" - secretsUpdateStartEvent string = "SecretsUpdateStart" - secretsProgressEvent string = "SecretsProgress" - secretsUpdateCompleteEvent string = "SecretsUpdateComplete" - secretsUpdateErrorEvent string = "SecretsUpdateError" -) - -type handler struct { - ctx context.Context - controlConfig *config.Control - nodes coreclient.NodeController - secrets coreclient.SecretController - recorder record.EventRecorder -} - -func Register( - ctx context.Context, - k8s kubernetes.Interface, - controlConfig *config.Control, - nodes coreclient.NodeController, - secrets coreclient.SecretController, -) error { - h := &handler{ - ctx: ctx, - controlConfig: controlConfig, - nodes: nodes, - secrets: secrets, - recorder: util.BuildControllerEventRecorder(k8s, controllerAgentName, metav1.NamespaceDefault), - } - - nodes.OnChange(ctx, "reencrypt-controller", h.onChangeNode) - return nil -} - -// onChangeNode handles changes to Nodes. We are looking for a specific annotation change -func (h *handler) onChangeNode(nodeName string, node *corev1.Node) (*corev1.Node, error) { - if node == nil { - return nil, nil - } - - ann, ok := node.Annotations[EncryptionHashAnnotation] - if !ok { - return node, nil - } - - // This is consistent with events attached to the node generated by the kubelet - // https://github.com/kubernetes/kubernetes/blob/612130dd2f4188db839ea5c2dea07a96b0ad8d1c/pkg/kubelet/kubelet.go#L479-L485 - nodeRef := &corev1.ObjectReference{ - Kind: "Node", - Name: node.Name, - UID: types.UID(node.Name), - Namespace: "", - } - - if valid, err := h.validateReencryptStage(node, ann); err != nil { - h.recorder.Event(nodeRef, corev1.EventTypeWarning, secretsUpdateErrorEvent, err.Error()) - return node, err - } else if !valid { - return node, nil - } - - reencryptHash, err := GenReencryptHash(h.controlConfig.Runtime, EncryptionReencryptActive) - if err != nil { - h.recorder.Event(nodeRef, corev1.EventTypeWarning, secretsUpdateErrorEvent, err.Error()) - return node, err - } - ann = EncryptionReencryptActive + "-" + reencryptHash - - err = retry.RetryOnConflict(retry.DefaultRetry, func() error { - node, err = h.nodes.Get(nodeName, metav1.GetOptions{}) - if err != nil { - return err - } - node.Annotations[EncryptionHashAnnotation] = ann - _, err = h.nodes.Update(node) - return err - }) - if err != nil { - h.recorder.Event(nodeRef, corev1.EventTypeWarning, secretsUpdateErrorEvent, err.Error()) - return node, err - } - - if err := h.updateSecrets(node); err != nil { - h.recorder.Event(nodeRef, corev1.EventTypeWarning, secretsUpdateErrorEvent, err.Error()) - return node, err - } - - // If skipping, revert back to the previous stage - if h.controlConfig.EncryptSkip { - err = retry.RetryOnConflict(retry.DefaultRetry, func() error { - node, err = h.nodes.Get(nodeName, metav1.GetOptions{}) - if err != nil { - return err - } - BootstrapEncryptionHashAnnotation(node, h.controlConfig.Runtime) - _, err = h.nodes.Update(node) - return err - }) - return node, err - } - - // Remove last key - curKeys, err := GetEncryptionKeys(h.controlConfig.Runtime) - if err != nil { - h.recorder.Event(nodeRef, corev1.EventTypeWarning, secretsUpdateErrorEvent, err.Error()) - return node, err - } - - curKeys = curKeys[:len(curKeys)-1] - if err = WriteEncryptionConfig(h.controlConfig.Runtime, curKeys, true); err != nil { - h.recorder.Event(nodeRef, corev1.EventTypeWarning, secretsUpdateErrorEvent, err.Error()) - return node, err - } - logrus.Infoln("Removed key: ", curKeys[len(curKeys)-1]) - if err != nil { - h.recorder.Event(nodeRef, corev1.EventTypeWarning, secretsUpdateErrorEvent, err.Error()) - return node, err - } - err = retry.RetryOnConflict(retry.DefaultRetry, func() error { - node, err = h.nodes.Get(nodeName, metav1.GetOptions{}) - if err != nil { - return err - } - return WriteEncryptionHashAnnotation(h.controlConfig.Runtime, node, EncryptionReencryptFinished) - }) - if err != nil { - h.recorder.Event(nodeRef, corev1.EventTypeWarning, secretsUpdateErrorEvent, err.Error()) - return node, err - } - if err := cluster.Save(h.ctx, h.controlConfig, true); err != nil { - h.recorder.Event(nodeRef, corev1.EventTypeWarning, secretsUpdateErrorEvent, err.Error()) - return node, err - } - return node, nil -} - -// validateReencryptStage ensures that the request for reencryption is valid and -// that there is only one active reencryption at a time -func (h *handler) validateReencryptStage(node *corev1.Node, annotation string) (bool, error) { - split := strings.Split(annotation, "-") - if len(split) != 2 { - err := fmt.Errorf("invalid annotation %s found on node %s", annotation, node.ObjectMeta.Name) - return false, err - } - stage := split[0] - hash := split[1] - - // Validate the specific stage and the request via sha256 hash - if stage != EncryptionReencryptRequest { - return false, nil - } - if reencryptRequestHash, err := GenReencryptHash(h.controlConfig.Runtime, EncryptionReencryptRequest); err != nil { - return false, err - } else if reencryptRequestHash != hash { - err = fmt.Errorf("invalid hash: %s found on node %s", hash, node.ObjectMeta.Name) - return false, err - } - reencryptActiveHash, err := GenReencryptHash(h.controlConfig.Runtime, EncryptionReencryptActive) - if err != nil { - return false, err - } - labelSelector := labels.Set{util.ControlPlaneRoleLabelKey: "true"}.String() - nodes, err := h.nodes.List(metav1.ListOptions{LabelSelector: labelSelector}) - if err != nil { - return false, err - } - for _, node := range nodes.Items { - if ann, ok := node.Annotations[EncryptionHashAnnotation]; ok { - split := strings.Split(ann, "-") - if len(split) != 2 { - return false, fmt.Errorf("invalid annotation %s found on node %s", ann, node.ObjectMeta.Name) - } - stage := split[0] - hash := split[1] - if stage == EncryptionReencryptActive && hash == reencryptActiveHash { - return false, fmt.Errorf("another reencrypt is already active") - } - } - } - return true, nil -} - -func (h *handler) updateSecrets(node *corev1.Node) error { - nodeRef := &corev1.ObjectReference{ - Kind: "Node", - Name: node.Name, - UID: types.UID(node.Name), - Namespace: "", - } - secretPager := pager.New(pager.SimplePageFunc(func(opts metav1.ListOptions) (runtime.Object, error) { - return h.secrets.List("", opts) - })) - secretsList, _, err := secretPager.List(h.ctx, metav1.ListOptions{}) - if err != nil { - return err - } - i := 0 - err = meta.EachListItem(secretsList, func(obj runtime.Object) error { - if secret, ok := obj.(*corev1.Secret); ok { - if _, err := h.secrets.Update(secret); err != nil && !apierrors.IsConflict(err) { - return fmt.Errorf("failed to update secret: %v", err) - } - if i != 0 && i%10 == 0 { - h.recorder.Eventf(nodeRef, corev1.EventTypeNormal, secretsProgressEvent, "reencrypted %d secrets", i) - } - i++ - } - return nil - }) - if err != nil { - return err - } - h.recorder.Eventf(nodeRef, corev1.EventTypeNormal, secretsUpdateCompleteEvent, "completed reencrypt of %d secrets", i) - return nil -} diff --git a/pkg/server/auth.go b/pkg/server/auth/auth.go similarity index 50% rename from pkg/server/auth.go rename to pkg/server/auth/auth.go index 73588ddba..d6690a3e9 100644 --- a/pkg/server/auth.go +++ b/pkg/server/auth/auth.go @@ -1,16 +1,14 @@ -package server +package auth import ( + "net" "net/http" "github.com/gorilla/mux" + "github.com/pkg/errors" "github.com/sirupsen/logrus" "github.com/xiaods/k8e/pkg/daemons/config" - "github.com/xiaods/k8e/pkg/generated/clientset/versioned/scheme" - apierrors "k8s.io/apimachinery/pkg/api/errors" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/apiserver/pkg/endpoints/handlers/responsewriters" + "github.com/xiaods/k8e/pkg/util" "k8s.io/apiserver/pkg/endpoints/request" ) @@ -25,27 +23,28 @@ func hasRole(mustRoles []string, roles []string) bool { return false } +// doAuth calls the cluster's authenticator to validate that the client has at least one of the listed roles func doAuth(roles []string, serverConfig *config.Control, next http.Handler, rw http.ResponseWriter, req *http.Request) { switch { case serverConfig == nil: logrus.Errorf("Authenticate not initialized: serverConfig is nil") - unauthorized(rw, req) + util.SendError(errors.New("not authorized"), rw, req, http.StatusUnauthorized) return case serverConfig.Runtime.Authenticator == nil: logrus.Errorf("Authenticate not initialized: serverConfig.Runtime.Authenticator is nil") - unauthorized(rw, req) + util.SendError(errors.New("not authorized"), rw, req, http.StatusUnauthorized) return } resp, ok, err := serverConfig.Runtime.Authenticator.AuthenticateRequest(req) if err != nil { logrus.Errorf("Failed to authenticate request from %s: %v", req.RemoteAddr, err) - unauthorized(rw, req) + util.SendError(errors.New("not authorized"), rw, req, http.StatusUnauthorized) return } if !ok || !hasRole(roles, resp.User.GetGroups()) { - forbidden(rw, req) + util.SendError(errors.New("forbidden"), rw, req, http.StatusForbidden) return } @@ -54,7 +53,9 @@ func doAuth(roles []string, serverConfig *config.Control, next http.Handler, rw next.ServeHTTP(rw, req) } -func authMiddleware(serverConfig *config.Control, roles ...string) mux.MiddlewareFunc { +// HasRole returns a middleware function that validates that the request +// is being made with at least one of the listed roles. +func HasRole(serverConfig *config.Control, roles ...string) mux.MiddlewareFunc { return func(next http.Handler) http.Handler { return http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) { doAuth(roles, serverConfig, next, rw, req) @@ -62,26 +63,17 @@ func authMiddleware(serverConfig *config.Control, roles ...string) mux.Middlewar } } -func unauthorized(resp http.ResponseWriter, req *http.Request) { - responsewriters.ErrorNegotiated( - &apierrors.StatusError{ErrStatus: metav1.Status{ - Status: metav1.StatusFailure, - Code: http.StatusUnauthorized, - Reason: metav1.StatusReasonUnauthorized, - Message: "not authorized", - }}, - scheme.Codecs.WithoutConversion(), schema.GroupVersion{}, resp, req, - ) +// IsLocalOrHasRole returns a middleware function that validates that the request +// is from a local client or has at least one of the listed roles. +func IsLocalOrHasRole(serverConfig *config.Control, roles ...string) mux.MiddlewareFunc { + return func(next http.Handler) http.Handler { + return http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) { + client, _, _ := net.SplitHostPort(req.RemoteAddr) + if client == "127.0.0.1" || client == "::1" { + next.ServeHTTP(rw, req) + } else { + doAuth(roles, serverConfig, next, rw, req) + } + }) + } } - -func forbidden(resp http.ResponseWriter, req *http.Request) { - responsewriters.ErrorNegotiated( - &apierrors.StatusError{ErrStatus: metav1.Status{ - Status: metav1.StatusFailure, - Code: http.StatusForbidden, - Reason: metav1.StatusReasonForbidden, - Message: "forbidden", - }}, - scheme.Codecs.WithoutConversion(), schema.GroupVersion{}, resp, req, - ) -} \ No newline at end of file diff --git a/pkg/server/context.go b/pkg/server/context.go index 310313dcb..50bbbd880 100644 --- a/pkg/server/context.go +++ b/pkg/server/context.go @@ -6,12 +6,12 @@ import ( helmcrd "github.com/k3s-io/helm-controller/pkg/crd" "github.com/k3s-io/helm-controller/pkg/generated/controllers/helm.cattle.io" "github.com/pkg/errors" - "github.com/rancher/wrangler/pkg/crd" - "github.com/rancher/wrangler/pkg/generated/controllers/apps" - "github.com/rancher/wrangler/pkg/generated/controllers/batch" - "github.com/rancher/wrangler/pkg/generated/controllers/core" - "github.com/rancher/wrangler/pkg/generated/controllers/rbac" - "github.com/rancher/wrangler/pkg/start" + "github.com/rancher/wrangler/v3/pkg/crd" + "github.com/rancher/wrangler/v3/pkg/generated/controllers/apps" + "github.com/rancher/wrangler/v3/pkg/generated/controllers/batch" + "github.com/rancher/wrangler/v3/pkg/generated/controllers/core" + "github.com/rancher/wrangler/v3/pkg/generated/controllers/rbac" + "github.com/rancher/wrangler/v3/pkg/start" addoncrd "github.com/xiaods/k8e/pkg/crd" "github.com/xiaods/k8e/pkg/generated/controllers/k8e.cattle.io" "github.com/xiaods/k8e/pkg/util" @@ -47,7 +47,6 @@ func NewContext(ctx context.Context, config *Config, forServer bool) (*Context, if err != nil { return nil, err } - restConfig.UserAgent = util.GetUserAgent(version.Program + "-supervisor") k8s, err := kubernetes.NewForConfig(restConfig) diff --git a/pkg/server/router.go b/pkg/server/router.go index 047bed6f8..6ae931209 100644 --- a/pkg/server/router.go +++ b/pkg/server/router.go @@ -18,24 +18,21 @@ import ( "github.com/gorilla/mux" "github.com/pkg/errors" certutil "github.com/rancher/dynamiclistener/cert" - coreclient "github.com/rancher/wrangler/pkg/generated/controllers/core/v1" + coreclient "github.com/rancher/wrangler/v3/pkg/generated/controllers/core/v1" "github.com/sirupsen/logrus" "github.com/xiaods/k8e/pkg/bootstrap" "github.com/xiaods/k8e/pkg/cli/cmds" "github.com/xiaods/k8e/pkg/daemons/config" - "github.com/xiaods/k8e/pkg/generated/clientset/versioned/scheme" "github.com/xiaods/k8e/pkg/nodepassword" + "github.com/xiaods/k8e/pkg/server/auth" "github.com/xiaods/k8e/pkg/util" "github.com/xiaods/k8e/pkg/version" corev1 "k8s.io/api/core/v1" - apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/json" "k8s.io/apimachinery/pkg/util/wait" "k8s.io/apiserver/pkg/authentication/user" - "k8s.io/apiserver/pkg/endpoints/handlers/responsewriters" "k8s.io/apiserver/pkg/endpoints/request" bootstrapapi "k8s.io/cluster-bootstrap/token/api" "k8s.io/kubernetes/pkg/auth/nodeidentifier" @@ -55,7 +52,7 @@ func router(ctx context.Context, config *Config, cfg *cmds.Server) http.Handler prefix := "/v1-" + version.Program authed := mux.NewRouter().SkipClean(true) - authed.Use(authMiddleware(serverConfig, version.Program+":agent", user.NodesGroup, bootstrapapi.BootstrapDefaultGroup)) + authed.Use(auth.HasRole(serverConfig, version.Program+":agent", user.NodesGroup, bootstrapapi.BootstrapDefaultGroup)) authed.Path(prefix + "/serving-kubelet.crt").Handler(servingKubeletCert(serverConfig, serverConfig.Runtime.ServingKubeletKey, nodeAuth)) authed.Path(prefix + "/client-kubelet.crt").Handler(clientKubeletCert(serverConfig, serverConfig.Runtime.ClientKubeletKey, nodeAuth)) authed.Path(prefix + "/client-" + version.Program + "-controller.crt").Handler(fileHandler(serverConfig.Runtime.ClientK8eControllerCert, serverConfig.Runtime.ClientK8eControllerKey)) @@ -73,23 +70,22 @@ func router(ctx context.Context, config *Config, cfg *cmds.Server) http.Handler nodeAuthed := mux.NewRouter().SkipClean(true) nodeAuthed.NotFoundHandler = authed - nodeAuthed.Use(authMiddleware(serverConfig, user.NodesGroup)) + nodeAuthed.Use(auth.HasRole(serverConfig, user.NodesGroup)) nodeAuthed.Path(prefix + "/connect").Handler(serverConfig.Runtime.Tunnel) serverAuthed := mux.NewRouter().SkipClean(true) serverAuthed.NotFoundHandler = nodeAuthed - serverAuthed.Use(authMiddleware(serverConfig, version.Program+":server")) + serverAuthed.Use(auth.HasRole(serverConfig, version.Program+":server")) serverAuthed.Path(prefix + "/encrypt/status").Handler(encryptionStatusHandler(serverConfig)) serverAuthed.Path(prefix + "/encrypt/config").Handler(encryptionConfigHandler(ctx, serverConfig)) serverAuthed.Path(prefix + "/cert/cacerts").Handler(caCertReplaceHandler(serverConfig)) - serverAuthed.Path("/db/info").Handler(nodeAuthed) serverAuthed.Path(prefix + "/server-bootstrap").Handler(bootstrapHandler(serverConfig.Runtime)) serverAuthed.Path(prefix + "/token").Handler(tokenRequestHandler(ctx, serverConfig)) systemAuthed := mux.NewRouter().SkipClean(true) systemAuthed.NotFoundHandler = serverAuthed systemAuthed.MethodNotAllowedHandler = serverAuthed - systemAuthed.Use(authMiddleware(serverConfig, user.SystemPrivilegedGroup)) + systemAuthed.Use(auth.HasRole(serverConfig, user.SystemPrivilegedGroup)) systemAuthed.Methods(http.MethodConnect).Handler(serverConfig.Runtime.Tunnel) staticDir := filepath.Join(serverConfig.DataDir, "static") @@ -107,20 +103,14 @@ func apiserver(runtime *config.ControlRuntime) http.Handler { if runtime != nil && runtime.APIServer != nil { runtime.APIServer.ServeHTTP(resp, req) } else { - responsewriters.ErrorNegotiated( - apierrors.NewServiceUnavailable("apiserver not ready"), - scheme.Codecs.WithoutConversion(), schema.GroupVersion{}, resp, req, - ) + util.SendError(util.ErrAPINotReady, resp, req, http.StatusServiceUnavailable) } }) } func apiserverDisabled() http.Handler { return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { - responsewriters.ErrorNegotiated( - apierrors.NewServiceUnavailable("apiserver disabled"), - scheme.Codecs.WithoutConversion(), schema.GroupVersion{}, resp, req, - ) + util.SendError(util.ErrAPIDisabled, resp, req, http.StatusServiceUnavailable) }) } @@ -130,10 +120,7 @@ func bootstrapHandler(runtime *config.ControlRuntime) http.Handler { } return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { logrus.Warnf("Received HTTP bootstrap request from %s, but embedded etcd is not enabled.", req.RemoteAddr) - responsewriters.ErrorNegotiated( - apierrors.NewBadRequest("etcd disabled"), - scheme.Codecs.WithoutConversion(), schema.GroupVersion{}, resp, req, - ) + util.SendError(errors.New("etcd disabled"), resp, req, http.StatusBadRequest) }) } @@ -144,7 +131,7 @@ func cacerts(serverCA string) http.Handler { var err error ca, err = os.ReadFile(serverCA) if err != nil { - sendError(err, resp, req) + util.SendError(err, resp, req) return } } @@ -212,20 +199,15 @@ func getCACertAndKeys(caCertFile, caKeyFile, signingKeyFile string) ([]*x509.Cer func servingKubeletCert(server *config.Control, keyFile string, auth nodePassBootstrapper) http.Handler { return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { - if req.TLS == nil { - resp.WriteHeader(http.StatusNotFound) - return - } - nodeName, errCode, err := auth(req) if err != nil { - sendError(err, resp, req, errCode) + util.SendError(err, resp, req, errCode) return } caCerts, caKey, key, err := getCACertAndKeys(server.Runtime.ServerCA, server.Runtime.ServerCAKey, server.Runtime.ServingKubeletKey) if err != nil { - sendError(err, resp, req) + util.SendError(err, resp, req) return } @@ -235,7 +217,7 @@ func servingKubeletCert(server *config.Control, keyFile string, auth nodePassBoo for _, v := range strings.Split(nodeIP, ",") { ip := net.ParseIP(v) if ip == nil { - sendError(fmt.Errorf("invalid node IP address %s", ip), resp, req) + util.SendError(fmt.Errorf("invalid node IP address %s", ip), resp, req) return } ips = append(ips, ip) @@ -251,7 +233,7 @@ func servingKubeletCert(server *config.Control, keyFile string, auth nodePassBoo }, }, key, caCerts[0], caKey) if err != nil { - sendError(err, resp, req) + util.SendError(err, resp, req) return } @@ -268,20 +250,15 @@ func servingKubeletCert(server *config.Control, keyFile string, auth nodePassBoo func clientKubeletCert(server *config.Control, keyFile string, auth nodePassBootstrapper) http.Handler { return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { - if req.TLS == nil { - resp.WriteHeader(http.StatusNotFound) - return - } - nodeName, errCode, err := auth(req) if err != nil { - sendError(err, resp, req, errCode) + util.SendError(err, resp, req, errCode) return } caCerts, caKey, key, err := getCACertAndKeys(server.Runtime.ClientCA, server.Runtime.ClientCAKey, server.Runtime.ClientKubeletKey) if err != nil { - sendError(err, resp, req) + util.SendError(err, resp, req) return } @@ -291,7 +268,7 @@ func clientKubeletCert(server *config.Control, keyFile string, auth nodePassBoot Usages: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth}, }, key, caCerts[0], caKey) if err != nil { - sendError(err, resp, req) + util.SendError(err, resp, req) return } @@ -308,10 +285,6 @@ func clientKubeletCert(server *config.Control, keyFile string, auth nodePassBoot func fileHandler(fileName ...string) http.Handler { return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { - if req.TLS == nil { - resp.WriteHeader(http.StatusNotFound) - return - } resp.Header().Set("Content-Type", "text/plain") if len(fileName) == 1 { @@ -322,8 +295,7 @@ func fileHandler(fileName ...string) http.Handler { for _, f := range fileName { bytes, err := os.ReadFile(f) if err != nil { - logrus.Errorf("Failed to read %s: %v", f, err) - resp.WriteHeader(http.StatusInternalServerError) + util.SendError(errors.Wrapf(err, "failed to read %s", f), resp, req, http.StatusInternalServerError) return } resp.Write(bytes) @@ -348,41 +320,34 @@ func apiserversHandler(server *config.Control) http.Handler { resp.Header().Set("content-type", "application/json") if err := json.NewEncoder(resp).Encode(endpoints); err != nil { - logrus.Errorf("Failed to encode apiserver endpoints: %v", err) - resp.WriteHeader(http.StatusInternalServerError) + util.SendError(errors.Wrap(err, "failed to encode apiserver endpoints"), resp, req, http.StatusInternalServerError) } }) } func configHandler(server *config.Control, cfg *cmds.Server) http.Handler { return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { - if req.TLS == nil { - resp.WriteHeader(http.StatusNotFound) - return - } // Startup hooks may read and modify cmds.Server in a goroutine, but as these are copied into // config.Control before the startup hooks are called, any modifications need to be sync'd back // into the struct before it is sent to agents. // At this time we don't sync all the fields, just those known to be touched by startup hooks. resp.Header().Set("content-type", "application/json") if err := json.NewEncoder(resp).Encode(server); err != nil { - logrus.Errorf("Failed to encode agent config: %v", err) - resp.WriteHeader(http.StatusInternalServerError) + util.SendError(errors.Wrap(err, "failed to encode agent config"), resp, req, http.StatusInternalServerError) } }) } func readyzHandler(server *config.Control) http.Handler { return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { - code := http.StatusOK - data := []byte("ok") if server.Runtime.Core == nil { - code = http.StatusInternalServerError - data = []byte("runtime core not ready") + util.SendError(util.ErrCoreNotReady, resp, req, http.StatusServiceUnavailable) + return } - resp.WriteHeader(code) + data := []byte("ok") + resp.WriteHeader(http.StatusOK) resp.Header().Set("Content-Type", "text/plain") - resp.Header().Set("Content-length", strconv.Itoa(len(data))) + resp.Header().Set("Content-Length", strconv.Itoa(len(data))) resp.Write(data) }) } @@ -390,6 +355,7 @@ func readyzHandler(server *config.Control) http.Handler { func ping() http.Handler { return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { data := []byte("pong") + resp.WriteHeader(http.StatusOK) resp.Header().Set("Content-Type", "text/plain") resp.Header().Set("Content-Length", strconv.Itoa(len(data))) resp.Write(data) @@ -400,21 +366,6 @@ func serveStatic(urlPrefix, staticDir string) http.Handler { return http.StripPrefix(urlPrefix, http.FileServer(http.Dir(staticDir))) } -func sendError(err error, resp http.ResponseWriter, req *http.Request, status ...int) { - var code int - if len(status) == 1 { - code = status[0] - } - if code == 0 || code == http.StatusOK { - code = http.StatusInternalServerError - } - logrus.Errorf("Sending HTTP %d response to %s: %v", code, req.RemoteAddr, err) - responsewriters.ErrorNegotiated( - apierrors.NewGenericServerResponse(code, req.Method, schema.GroupResource{}, req.URL.Path, err.Error(), 0, true), - scheme.Codecs.WithoutConversion(), schema.GroupVersion{}, resp, req, - ) -} - // nodePassBootstrapper returns a node name, or http error code and error type nodePassBootstrapper func(req *http.Request) (string, int, error) @@ -458,7 +409,7 @@ func passwordBootstrap(ctx context.Context, config *Config) nodePassBootstrapper return verifyRemotePassword(ctx, config, &mu, deferredNodes, node) } else { // Otherwise, reject the request until the core is ready. - return "", http.StatusServiceUnavailable, errors.New("runtime core not ready") + return "", http.StatusServiceUnavailable, util.ErrCoreNotReady } } @@ -486,12 +437,17 @@ func passwordBootstrap(ctx context.Context, config *Config) nodePassBootstrapper } func verifyLocalPassword(ctx context.Context, config *Config, mu *sync.Mutex, deferredNodes map[string]bool, node *nodeInfo) (string, int, error) { + // do not attempt to verify the node password if the local host is not running an agent and does not have a node resource. + if config.DisableAgent { + return node.Name, http.StatusOK, nil + } + // use same password file location that the agent creates nodePasswordRoot := "/" if config.ControlConfig.Rootless { nodePasswordRoot = filepath.Join(path.Dir(config.ControlConfig.DataDir), "agent") } - nodeConfigPath := filepath.Join(nodePasswordRoot, "etc", "k8e", "node") + nodeConfigPath := filepath.Join(nodePasswordRoot, "etc", "rancher", "node") nodePasswordFile := filepath.Join(nodeConfigPath, "password") passBytes, err := os.ReadFile(nodePasswordFile) @@ -544,7 +500,7 @@ func verifyNode(ctx context.Context, nodeClient coreclient.NodeController, node func ensureSecret(ctx context.Context, config *Config, node *nodeInfo) { runtime := config.ControlConfig.Runtime - wait.PollImmediateUntilWithContext(ctx, time.Second*5, func(ctx context.Context) (bool, error) { + _ = wait.PollUntilContextCancel(ctx, time.Second*5, true, func(ctx context.Context) (bool, error) { if runtime.Core != nil { secretClient := runtime.Core.Core().V1().Secret() // This is consistent with events attached to the node generated by the kubelet diff --git a/pkg/server/secrets-encrypt.go b/pkg/server/secrets-encrypt.go index ee23ad50f..51204d7b1 100644 --- a/pkg/server/secrets-encrypt.go +++ b/pkg/server/secrets-encrypt.go @@ -7,22 +7,31 @@ import ( "encoding/json" "fmt" "io" - "math/big" "net/http" "os" "strings" "time" - "github.com/rancher/wrangler/pkg/generated/controllers/core" + "github.com/blang/semver/v4" + "github.com/pkg/errors" + "github.com/rancher/wrangler/v3/pkg/generated/controllers/core" "github.com/sirupsen/logrus" "github.com/xiaods/k8e/pkg/cluster" "github.com/xiaods/k8e/pkg/daemons/config" "github.com/xiaods/k8e/pkg/secretsencrypt" "github.com/xiaods/k8e/pkg/util" + corev1 "k8s.io/api/core/v1" + apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/labels" - apiserverconfigv1 "k8s.io/apiserver/pkg/apis/config/v1" - "k8s.io/utils/pointer" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/types" + apiserverconfigv1 "k8s.io/apiserver/pkg/apis/apiserver/v1" + "k8s.io/client-go/kubernetes" + "k8s.io/client-go/tools/clientcmd" + "k8s.io/client-go/tools/pager" + "k8s.io/client-go/util/retry" + "k8s.io/utils/ptr" ) const aescbcKeySize = 32 @@ -43,32 +52,29 @@ type EncryptionRequest struct { Skip bool `json:"skip"` } -func getEncryptionRequest(req *http.Request) (EncryptionRequest, error) { +func getEncryptionRequest(req *http.Request) (*EncryptionRequest, error) { b, err := io.ReadAll(req.Body) if err != nil { - return EncryptionRequest{}, err + return nil, err } - result := EncryptionRequest{} + result := &EncryptionRequest{} err = json.Unmarshal(b, &result) return result, err } func encryptionStatusHandler(server *config.Control) http.Handler { return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { - if req.TLS == nil { - resp.WriteHeader(http.StatusNotFound) - return - } status, err := encryptionStatus(server) if err != nil { - genErrorMessage(resp, http.StatusInternalServerError, err, "secrets-encrypt") + util.SendErrorWithID(err, "secret-encrypt", resp, req, http.StatusInternalServerError) return } b, err := json.Marshal(status) if err != nil { - genErrorMessage(resp, http.StatusInternalServerError, err, "secrets-encrypt") + util.SendErrorWithID(err, "secret-encrypt", resp, req, http.StatusInternalServerError) return } + resp.Header().Set("Content-Type", "application/json") resp.Write(b) }) } @@ -82,9 +88,9 @@ func encryptionStatus(server *config.Control) (EncryptionState, error) { return state, err } if providers[1].Identity != nil && providers[0].AESCBC != nil { - state.Enable = pointer.Bool(true) + state.Enable = ptr.To(true) } else if providers[0].Identity != nil && providers[1].AESCBC != nil || !server.EncryptSecrets { - state.Enable = pointer.Bool(false) + state.Enable = ptr.To(false) } if err := verifyEncryptionHashAnnotation(server.Runtime, server.Runtime.Core.Core(), ""); err != nil { @@ -126,7 +132,7 @@ func encryptionEnable(ctx context.Context, server *config.Control, enable bool) if len(providers) > 2 { return fmt.Errorf("more than 2 providers (%d) found in secrets encryption", len(providers)) } - curKeys, err := secretsencrypt.GetEncryptionKeys(server.Runtime) + curKeys, err := secretsencrypt.GetEncryptionKeys(server.Runtime, false) if err != nil { return err } @@ -149,23 +155,21 @@ func encryptionEnable(ctx context.Context, server *config.Control, enable bool) } else { return fmt.Errorf("unable to enable/disable secrets encryption, unknown configuration") } - return cluster.Save(ctx, server, true) + if err := cluster.Save(ctx, server, true); err != nil { + return err + } + return reencryptAndRemoveKey(ctx, server, true, os.Getenv("NODE_NAME")) } func encryptionConfigHandler(ctx context.Context, server *config.Control) http.Handler { return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { - if req.TLS == nil { - resp.WriteHeader(http.StatusNotFound) - return - } if req.Method != http.MethodPut { - resp.WriteHeader(http.StatusBadRequest) + util.SendError(fmt.Errorf("method not allowed"), resp, req, http.StatusMethodNotAllowed) return } encryptReq, err := getEncryptionRequest(req) if err != nil { - resp.WriteHeader(http.StatusBadRequest) - resp.Write([]byte(err.Error())) + util.SendError(err, resp, req, http.StatusBadRequest) return } if encryptReq.Stage != nil { @@ -174,6 +178,8 @@ func encryptionConfigHandler(ctx context.Context, server *config.Control) http.H err = encryptionPrepare(ctx, server, encryptReq.Force) case secretsencrypt.EncryptionRotate: err = encryptionRotate(ctx, server, encryptReq.Force) + case secretsencrypt.EncryptionRotateKeys: + err = encryptionRotateKeys(ctx, server) case secretsencrypt.EncryptionReencryptActive: err = encryptionReencrypt(ctx, server, encryptReq.Force, encryptReq.Skip) default: @@ -184,7 +190,7 @@ func encryptionConfigHandler(ctx context.Context, server *config.Control) http.H } if err != nil { - genErrorMessage(resp, http.StatusBadRequest, err, "secrets-encrypt") + util.SendErrorWithID(err, "secret-encrypt", resp, req, http.StatusBadRequest) return } // If a user kills the k8e server immediately after this call, we run into issues where the files @@ -201,7 +207,7 @@ func encryptionPrepare(ctx context.Context, server *config.Control, force bool) return err } - curKeys, err := secretsencrypt.GetEncryptionKeys(server.Runtime) + curKeys, err := secretsencrypt.GetEncryptionKeys(server.Runtime, false) if err != nil { return err } @@ -215,23 +221,25 @@ func encryptionPrepare(ctx context.Context, server *config.Control, force bool) return err } nodeName := os.Getenv("NODE_NAME") - node, err := server.Runtime.Core.Core().V1().Node().Get(nodeName, metav1.GetOptions{}) + err = retry.RetryOnConflict(retry.DefaultRetry, func() error { + node, err := server.Runtime.Core.Core().V1().Node().Get(nodeName, metav1.GetOptions{}) + if err != nil { + return err + } + return secretsencrypt.WriteEncryptionHashAnnotation(server.Runtime, node, false, secretsencrypt.EncryptionPrepare) + }) if err != nil { return err } - if err = secretsencrypt.WriteEncryptionHashAnnotation(server.Runtime, node, secretsencrypt.EncryptionPrepare); err != nil { - return err - } return cluster.Save(ctx, server, true) } func encryptionRotate(ctx context.Context, server *config.Control, force bool) error { - if err := verifyEncryptionHashAnnotation(server.Runtime, server.Runtime.Core.Core(), secretsencrypt.EncryptionPrepare); err != nil && !force { return err } - curKeys, err := secretsencrypt.GetEncryptionKeys(server.Runtime) + curKeys, err := secretsencrypt.GetEncryptionKeys(server.Runtime, false) if err != nil { return err } @@ -244,44 +252,196 @@ func encryptionRotate(ctx context.Context, server *config.Control, force bool) e } logrus.Infoln("Encryption keys right rotated") nodeName := os.Getenv("NODE_NAME") - node, err := server.Runtime.Core.Core().V1().Node().Get(nodeName, metav1.GetOptions{}) + err = retry.RetryOnConflict(retry.DefaultRetry, func() error { + node, err := server.Runtime.Core.Core().V1().Node().Get(nodeName, metav1.GetOptions{}) + if err != nil { + return err + } + return secretsencrypt.WriteEncryptionHashAnnotation(server.Runtime, node, false, secretsencrypt.EncryptionRotate) + }) if err != nil { return err } - if err := secretsencrypt.WriteEncryptionHashAnnotation(server.Runtime, node, secretsencrypt.EncryptionRotate); err != nil { - return err - } return cluster.Save(ctx, server, true) } func encryptionReencrypt(ctx context.Context, server *config.Control, force bool, skip bool) error { - if err := verifyEncryptionHashAnnotation(server.Runtime, server.Runtime.Core.Core(), secretsencrypt.EncryptionRotate); err != nil && !force { return err } - server.EncryptForce = force - server.EncryptSkip = skip + // Set the reencrypt-active annotation so other nodes know we are in the process of reencrypting. + // As this stage is not persisted, we do not write the annotation to file nodeName := os.Getenv("NODE_NAME") - node, err := server.Runtime.Core.Core().V1().Node().Get(nodeName, metav1.GetOptions{}) + if err := retry.RetryOnConflict(retry.DefaultRetry, func() error { + node, err := server.Runtime.Core.Core().V1().Node().Get(nodeName, metav1.GetOptions{}) + if err != nil { + return err + } + return secretsencrypt.WriteEncryptionHashAnnotation(server.Runtime, node, true, secretsencrypt.EncryptionReencryptActive) + }); err != nil { + return err + } + + return reencryptAndRemoveKey(ctx, server, skip, nodeName) +} + +func addAndRotateKeys(server *config.Control) error { + curKeys, err := secretsencrypt.GetEncryptionKeys(server.Runtime, false) + if err != nil { + return err + } + + if err := AppendNewEncryptionKey(&curKeys); err != nil { + return err + } + logrus.Infoln("Adding secrets-encryption key: ", curKeys[len(curKeys)-1]) + + if err := secretsencrypt.WriteEncryptionConfig(server.Runtime, curKeys, true); err != nil { + return err + } + + // Right rotate elements + rotatedKeys := append(curKeys[len(curKeys)-1:], curKeys[:len(curKeys)-1]...) + logrus.Infoln("Rotating secrets-encryption keys") + return secretsencrypt.WriteEncryptionConfig(server.Runtime, rotatedKeys, true) +} + +// encryptionRotateKeys is both adds and rotates keys, and sets the annotaiton that triggers the +// reencryption process. It is the preferred way to rotate keys, starting with v1.28 +func encryptionRotateKeys(ctx context.Context, server *config.Control) error { + states := secretsencrypt.EncryptionStart + "-" + secretsencrypt.EncryptionReencryptFinished + if err := verifyEncryptionHashAnnotation(server.Runtime, server.Runtime.Core.Core(), states); err != nil { + return err + } + + if err := verifyRotateKeysSupport(server.Runtime.Core.Core()); err != nil { + return err + } + + reloadTime, reloadSuccesses, err := secretsencrypt.GetEncryptionConfigMetrics(server.Runtime, true) + if err != nil { + return err + } + + // Set the reencrypt-active annotation so other nodes know we are in the process of reencrypting. + // As this stage is not persisted, we do not write the annotation to file + nodeName := os.Getenv("NODE_NAME") + if err = retry.RetryOnConflict(retry.DefaultRetry, func() error { + node, err := server.Runtime.Core.Core().V1().Node().Get(nodeName, metav1.GetOptions{}) + if err != nil { + return err + } + return secretsencrypt.WriteEncryptionHashAnnotation(server.Runtime, node, true, secretsencrypt.EncryptionReencryptActive) + }); err != nil { + return err + } + + if err := addAndRotateKeys(server); err != nil { + return err + } + + if err := secretsencrypt.WaitForEncryptionConfigReload(server.Runtime, reloadSuccesses, reloadTime); err != nil { + return err + } + + return reencryptAndRemoveKey(ctx, server, false, nodeName) +} + +func reencryptAndRemoveKey(ctx context.Context, server *config.Control, skip bool, nodeName string) error { + if err := updateSecrets(ctx, server, nodeName); err != nil { + return err + } + + // If skipping, revert back to the previous stage and do not remove the key + if skip { + err := retry.RetryOnConflict(retry.DefaultRetry, func() error { + node, err := server.Runtime.Core.Core().V1().Node().Get(nodeName, metav1.GetOptions{}) + if err != nil { + return err + } + secretsencrypt.BootstrapEncryptionHashAnnotation(node, server.Runtime) + _, err = server.Runtime.Core.Core().V1().Node().Update(node) + return err + }) + return err + } + + // Remove last key + curKeys, err := secretsencrypt.GetEncryptionKeys(server.Runtime, false) if err != nil { return err } - reencryptHash, err := secretsencrypt.GenReencryptHash(server.Runtime, secretsencrypt.EncryptionReencryptRequest) + logrus.Infoln("Removing key: ", curKeys[len(curKeys)-1]) + curKeys = curKeys[:len(curKeys)-1] + if err = secretsencrypt.WriteEncryptionConfig(server.Runtime, curKeys, true); err != nil { + return err + } + + if err = retry.RetryOnConflict(retry.DefaultRetry, func() error { + node, err := server.Runtime.Core.Core().V1().Node().Get(nodeName, metav1.GetOptions{}) + if err != nil { + return err + } + return secretsencrypt.WriteEncryptionHashAnnotation(server.Runtime, node, false, secretsencrypt.EncryptionReencryptFinished) + }); err != nil { + return err + } + + return cluster.Save(ctx, server, true) +} + +func updateSecrets(ctx context.Context, server *config.Control, nodeName string) error { + restConfig, err := clientcmd.BuildConfigFromFlags("", server.Runtime.KubeConfigSupervisor) if err != nil { return err } - ann := secretsencrypt.EncryptionReencryptRequest + "-" + reencryptHash - node.Annotations[secretsencrypt.EncryptionHashAnnotation] = ann - if _, err = server.Runtime.Core.Core().V1().Node().Update(node); err != nil { + // For secrets we need a much higher QPS than default + restConfig.QPS = secretsencrypt.SecretQPS + restConfig.Burst = secretsencrypt.SecretBurst + k8s, err := kubernetes.NewForConfig(restConfig) + if err != nil { return err } - logrus.Debugf("encryption hash annotation set successfully on node: %s\n", node.ObjectMeta.Name) + + nodeRef := &corev1.ObjectReference{ + Kind: "Node", + Name: nodeName, + UID: types.UID(nodeName), + Namespace: "", + } + + // For backwards compatibility with the old controller, we use an event recorder instead of logrus + recorder := util.BuildControllerEventRecorder(k8s, "secrets-reencrypt", metav1.NamespaceDefault) + + secretPager := pager.New(pager.SimplePageFunc(func(opts metav1.ListOptions) (runtime.Object, error) { + return k8s.CoreV1().Secrets(metav1.NamespaceAll).List(ctx, opts) + })) + secretPager.PageSize = secretsencrypt.SecretListPageSize + + i := 0 + if err := secretPager.EachListItem(ctx, metav1.ListOptions{}, func(obj runtime.Object) error { + secret, ok := obj.(*corev1.Secret) + if !ok { + return errors.New("failed to convert object to Secret") + } + if _, err := k8s.CoreV1().Secrets(secret.Namespace).Update(ctx, secret, metav1.UpdateOptions{}); err != nil && !apierrors.IsConflict(err) { + recorder.Eventf(nodeRef, corev1.EventTypeWarning, secretsencrypt.SecretsUpdateErrorEvent, "failed to update secret: %v", err) + return fmt.Errorf("failed to update secret: %v", err) + } + if i != 0 && i%50 == 0 { + recorder.Eventf(nodeRef, corev1.EventTypeNormal, secretsencrypt.SecretsProgressEvent, "reencrypted %d secrets", i) + } + i++ + return nil + }); err != nil { + return err + } + recorder.Eventf(nodeRef, corev1.EventTypeNormal, secretsencrypt.SecretsUpdateCompleteEvent, "reencrypted %d secrets", i) return nil } func AppendNewEncryptionKey(keys *[]apiserverconfigv1.Key) error { - aescbcKey := make([]byte, aescbcKeySize) _, err := rand.Read(aescbcKey) if err != nil { @@ -318,10 +478,32 @@ func getEncryptionHashAnnotation(core core.Interface) (string, string, error) { return "", "", fmt.Errorf("missing annotation on node %s", nodeName) } +// verifyRotateKeysSupport checks that the k8e version is at least v1.28.0 on all control-plane nodes +func verifyRotateKeysSupport(core core.Interface) error { + labelSelector := labels.Set{util.ControlPlaneRoleLabelKey: "true"}.String() + nodes, err := core.V1().Node().List(metav1.ListOptions{LabelSelector: labelSelector}) + if err != nil { + return err + } + for _, node := range nodes.Items { + kubver, err := semver.ParseTolerant(node.Status.NodeInfo.KubeletVersion) + if err != nil { + return fmt.Errorf("failed to parse kubelet version %s: %v", node.Status.NodeInfo.KubeletVersion, err) + } + supportVer, err := semver.Make("1.28.0") + if err != nil { + return err + } + if kubver.LT(supportVer) { + return fmt.Errorf("node %s is running k8e version %s that does not support rotate-keys", node.ObjectMeta.Name, kubver.String()) + } + } + return nil +} + // verifyEncryptionHashAnnotation checks that all nodes are on the same stage, // and that a request for new stage is valid func verifyEncryptionHashAnnotation(runtime *config.ControlRuntime, core core.Interface, prevStage string) error { - var firstHash string var firstNodeName string first := true @@ -362,18 +544,3 @@ func verifyEncryptionHashAnnotation(runtime *config.ControlRuntime, core core.In return nil } - -// genErrorMessage sends and logs a random error ID so that logs can be correlated -// between the REST API (which does not provide any detailed error output, to avoid -// information disclosure) and the server logs. -func genErrorMessage(resp http.ResponseWriter, statusCode int, passedErr error, component string) { - errID, err := rand.Int(rand.Reader, big.NewInt(99999)) - if err != nil { - resp.WriteHeader(http.StatusInternalServerError) - resp.Write([]byte(err.Error())) - return - } - logrus.Warnf("%s error ID %05d: %s", component, errID, passedErr.Error()) - resp.WriteHeader(statusCode) - resp.Write([]byte(fmt.Sprintf("%s error ID %05d", component, errID))) -} diff --git a/pkg/server/server.go b/pkg/server/server.go index 8366688ba..f37f96829 100644 --- a/pkg/server/server.go +++ b/pkg/server/server.go @@ -14,10 +14,10 @@ import ( helmchart "github.com/k3s-io/helm-controller/pkg/controllers/chart" helmcommon "github.com/k3s-io/helm-controller/pkg/controllers/common" "github.com/pkg/errors" - "github.com/rancher/wrangler/pkg/apply" - v1 "github.com/rancher/wrangler/pkg/generated/controllers/core/v1" - "github.com/rancher/wrangler/pkg/leader" - "github.com/rancher/wrangler/pkg/resolvehome" + "github.com/rancher/wrangler/v3/pkg/apply" + v1 "github.com/rancher/wrangler/v3/pkg/generated/controllers/core/v1" + "github.com/rancher/wrangler/v3/pkg/leader" + "github.com/rancher/wrangler/v3/pkg/resolvehome" "github.com/sirupsen/logrus" "github.com/xiaods/k8e/pkg/cli/cmds" "github.com/xiaods/k8e/pkg/clientaccess" @@ -73,7 +73,6 @@ func StartServer(ctx context.Context, config *Config, cfg *cmds.Server) error { return errors.Wrap(err, "startup hook") } } - go startOnAPIServerReady(ctx, config) if err := printTokens(&config.ControlConfig); err != nil { @@ -167,8 +166,8 @@ func apiserverControllers(ctx context.Context, sc *Context, config *Config) { } } - // Re-run context startup after core and leader-elected controllers have started. Additional - // informer caches may need to start for the newly added OnChange callbacks. + // Re-run informer factory startup after core and leader-elected controllers have started. + // Additional caches may need to start for the newly added OnChange/OnRemove callbacks. if err := sc.Start(ctx); err != nil { panic(errors.Wrap(err, "failed to start wranger controllers")) } @@ -220,7 +219,7 @@ func coreControllers(ctx context.Context, sc *Context, config *Config) error { return err } - apply := apply.New(k8s, apply.NewClientFactory(restConfig)).WithDynamicLookup() + apply := apply.New(k8s, apply.NewClientFactory(restConfig)).WithDynamicLookup().WithSetOwnerReference(false, false) helm := sc.Helm.WithAgent(restConfig.UserAgent) batch := sc.Batch.WithAgent(restConfig.UserAgent) auth := sc.Auth.WithAgent(restConfig.UserAgent) @@ -228,6 +227,7 @@ func coreControllers(ctx context.Context, sc *Context, config *Config) error { helmchart.Register(ctx, metav1.NamespaceAll, helmcommon.Name, + "cluster-admin", strconv.Itoa(config.ControlConfig.APIServerPort), k8s, apply, @@ -244,20 +244,9 @@ func coreControllers(ctx context.Context, sc *Context, config *Config) error { core.V1().Secret()) } - if config.ControlConfig.EncryptSecrets { - if err := secretsencrypt.Register(ctx, - sc.K8s, - &config.ControlConfig, - sc.Core.Core().V1().Node(), - sc.Core.Core().V1().Secret()); err != nil { - return err - } - } - if config.ControlConfig.Rootless { return rootlessports.Register(ctx, sc.Core.Core().V1().Service(), - false, config.ControlConfig.HTTPSPort) } @@ -274,9 +263,9 @@ func stageFiles(ctx context.Context, sc *Context, controlConfig *config.Control) } dataDir = filepath.Join(controlConfig.DataDir, "manifests") - dnsIPFamilyPolicy := "PreferDualStack" - if len(controlConfig.ClusterDNSs) == 1 { - dnsIPFamilyPolicy = "SingleStack" + dnsIPFamilyPolicy := "SingleStack" + if len(controlConfig.ClusterDNSs) > 1 { + dnsIPFamilyPolicy = "RequireDualStack" } templateVars := map[string]string{ @@ -442,6 +431,13 @@ func writeKubeConfig(certs string, config *Config) error { util.SetFileModeForPath(kubeConfig, os.FileMode(0600)) } + if config.ControlConfig.KubeConfigGroup != "" { + err := util.SetFileGroupForPath(kubeConfig, config.ControlConfig.KubeConfigGroup) + if err != nil { + logrus.Errorf("Failed to set %s to group %s: %v", kubeConfig, config.ControlConfig.KubeConfigGroup, err) + } + } + if kubeConfigSymlink != kubeConfig { if err := writeConfigSymlink(kubeConfig, kubeConfigSymlink); err != nil { logrus.Errorf("Failed to write kubeconfig symlink: %v", err) diff --git a/pkg/spegel/bootstrap.go b/pkg/spegel/bootstrap.go new file mode 100644 index 000000000..f34147465 --- /dev/null +++ b/pkg/spegel/bootstrap.go @@ -0,0 +1,201 @@ +package spegel + +import ( + "context" + "math/rand" + "os" + "path/filepath" + "strings" + "time" + + "github.com/libp2p/go-libp2p/core/peer" + "github.com/pkg/errors" + "github.com/rancher/wrangler/v3/pkg/merr" + "github.com/sirupsen/logrus" + "github.com/spegel-org/spegel/pkg/routing" + "github.com/xiaods/k8e/pkg/clientaccess" + "github.com/xiaods/k8e/pkg/daemons/config" + "github.com/xiaods/k8e/pkg/util" + "github.com/xiaods/k8e/pkg/version" + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/util/wait" + nodeutil "k8s.io/kubernetes/pkg/controller/util/node" +) + +// explicit interface checks +var _ routing.Bootstrapper = &selfBootstrapper{} +var _ routing.Bootstrapper = &agentBootstrapper{} +var _ routing.Bootstrapper = &serverBootstrapper{} +var _ routing.Bootstrapper = &chainingBootstrapper{} + +type selfBootstrapper struct { + id string +} + +// NewSelfBootstrapper returns a stub p2p bootstrapper that just returns its own ID +func NewSelfBootstrapper() routing.Bootstrapper { + return &selfBootstrapper{} +} + +func (s *selfBootstrapper) Run(_ context.Context, id string) error { + s.id = id + return nil +} + +func (s *selfBootstrapper) Get() (*peer.AddrInfo, error) { + return peer.AddrInfoFromString(s.id) +} + +type agentBootstrapper struct { + server string + token string + clientCert string + clientKey string +} + +// NewAgentBootstrapper returns a p2p bootstrapper that retrieves a peer address from its server +func NewAgentBootstrapper(server, token, dataDir string) routing.Bootstrapper { + return &agentBootstrapper{ + clientCert: filepath.Join(dataDir, "agent", "client-kubelet.crt"), + clientKey: filepath.Join(dataDir, "agent", "client-kubelet.key"), + server: server, + token: token, + } +} + +func (c *agentBootstrapper) Run(_ context.Context, _ string) error { + return nil +} + +func (c *agentBootstrapper) Get() (*peer.AddrInfo, error) { + if c.server == "" || c.token == "" { + return nil, errors.New("cannot get addresses without server and token") + } + + withCert := clientaccess.WithClientCertificate(c.clientCert, c.clientKey) + info, err := clientaccess.ParseAndValidateToken(c.server, c.token, withCert) + if err != nil { + return nil, err + } + + addr, err := info.Get("/v1-" + version.Program + "/p2p") + if err != nil { + return nil, err + } + + addrInfo, err := peer.AddrInfoFromString(string(addr)) + return addrInfo, err +} + +type serverBootstrapper struct { + controlConfig *config.Control +} + +// NewServerBootstrapper returns a p2p bootstrapper that returns an address from a random other cluster member. +func NewServerBootstrapper(controlConfig *config.Control) routing.Bootstrapper { + return &serverBootstrapper{ + controlConfig: controlConfig, + } +} + +func (s *serverBootstrapper) Run(_ context.Context, id string) error { + s.controlConfig.Runtime.ClusterControllerStarts["spegel-p2p"] = func(ctx context.Context) { + nodes := s.controlConfig.Runtime.Core.Core().V1().Node() + _ = wait.PollUntilContextCancel(ctx, 1*time.Second, true, func(ctx context.Context) (bool, error) { + nodeName := os.Getenv("NODE_NAME") + if nodeName == "" { + return false, nil + } + node, err := nodes.Get(nodeName, metav1.GetOptions{}) + if err != nil { + return false, nil + } + + if node.Annotations == nil { + node.Annotations = map[string]string{} + } + node.Annotations[P2pAddressAnnotation] = id + if node.Labels == nil { + node.Labels = map[string]string{} + } + node.Labels[P2pEnabledLabel] = "true" + + if _, err = nodes.Update(node); err != nil { + return false, nil + } + logrus.Infof("Node P2P address annotations and labels added: %s", id) + return true, nil + }) + } + return nil +} + +func (s *serverBootstrapper) Get() (addrInfo *peer.AddrInfo, err error) { + if s.controlConfig.Runtime.Core == nil { + return nil, util.ErrCoreNotReady + } + nodeName := os.Getenv("NODE_NAME") + if nodeName == "" { + return nil, errors.New("node name not set") + } + nodes := s.controlConfig.Runtime.Core.Core().V1().Node() + labelSelector := labels.Set{P2pEnabledLabel: "true"}.String() + nodeList, err := nodes.List(metav1.ListOptions{LabelSelector: labelSelector}) + if err != nil { + return nil, err + } + for _, i := range rand.Perm(len(nodeList.Items)) { + node := nodeList.Items[i] + if node.Name == nodeName { + // don't return our own address + continue + } + if find, condition := nodeutil.GetNodeCondition(&node.Status, v1.NodeReady); find == -1 || condition.Status != v1.ConditionTrue { + // don't return the address of a not-ready node + continue + } + if val, ok := node.Annotations[P2pAddressAnnotation]; ok { + for _, addr := range strings.Split(val, ",") { + if info, err := peer.AddrInfoFromString(addr); err == nil { + return info, nil + } + } + } + } + return nil, errors.New("no ready p2p peers found") +} + +type chainingBootstrapper struct { + bootstrappers []routing.Bootstrapper +} + +// NewChainingBootstrapper returns a p2p bootstrapper that passes through to a list of bootstrappers. +func NewChainingBootstrapper(bootstrappers ...routing.Bootstrapper) routing.Bootstrapper { + return &chainingBootstrapper{ + bootstrappers: bootstrappers, + } +} + +func (c *chainingBootstrapper) Run(ctx context.Context, id string) error { + errs := merr.Errors{} + for _, b := range c.bootstrappers { + if err := b.Run(ctx, id); err != nil { + errs = append(errs, err) + } + } + return merr.NewErrors(errs...) +} + +func (c *chainingBootstrapper) Get() (*peer.AddrInfo, error) { + errs := merr.Errors{} + for _, b := range c.bootstrappers { + addr, err := b.Get() + if err == nil { + return addr, nil + } + errs = append(errs, err) + } + return nil, merr.NewErrors(errs...) +} diff --git a/pkg/spegel/registry.go b/pkg/spegel/registry.go new file mode 100644 index 000000000..de0026fd3 --- /dev/null +++ b/pkg/spegel/registry.go @@ -0,0 +1,44 @@ +package spegel + +import ( + "net" + + "github.com/containerd/containerd/remotes/docker" + "github.com/rancher/wharfie/pkg/registries" + "github.com/xiaods/k8e/pkg/daemons/config" +) + +// InjectMirror configures TLS for the registry mirror client, and adds the mirror address as an endpoint +// to all configured registries. +func (c *Config) InjectMirror(nodeConfig *config.Node) error { + mirrorAddr := net.JoinHostPort(c.InternalAddress, c.RegistryPort) + mirrorURL := "https://" + mirrorAddr + "/v2" + registry := nodeConfig.AgentConfig.Registry + + if registry.Configs == nil { + registry.Configs = map[string]registries.RegistryConfig{} + } + registry.Configs[mirrorAddr] = registries.RegistryConfig{ + TLS: ®istries.TLSConfig{ + CAFile: c.ServerCAFile, + CertFile: c.ClientCertFile, + KeyFile: c.ClientKeyFile, + }, + } + + if registry.Mirrors == nil { + registry.Mirrors = map[string]registries.Mirror{} + } + for host, mirror := range registry.Mirrors { + // Don't handle local registry entries + if !docker.IsLocalhost(host) { + mirror.Endpoints = append([]string{mirrorURL}, mirror.Endpoints...) + registry.Mirrors[host] = mirror + } + } + registry.Mirrors[mirrorAddr] = registries.Mirror{ + Endpoints: []string{mirrorURL}, + } + + return nil +} diff --git a/pkg/spegel/spegel.go b/pkg/spegel/spegel.go new file mode 100644 index 000000000..7733487b4 --- /dev/null +++ b/pkg/spegel/spegel.go @@ -0,0 +1,260 @@ +package spegel + +import ( + "context" + "fmt" + "log" + "net" + "net/http" + "net/url" + "os" + "path/filepath" + "strconv" + "time" + + "github.com/containerd/containerd/remotes/docker" + "github.com/rancher/dynamiclistener/cert" + "github.com/xiaods/k8e/pkg/agent/https" + "github.com/xiaods/k8e/pkg/clientaccess" + "github.com/xiaods/k8e/pkg/daemons/config" + "github.com/xiaods/k8e/pkg/version" + "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/utils/ptr" + + "github.com/go-logr/logr" + "github.com/go-logr/stdr" + "github.com/gorilla/mux" + leveldb "github.com/ipfs/go-ds-leveldb" + ipfslog "github.com/ipfs/go-log/v2" + "github.com/libp2p/go-libp2p" + "github.com/libp2p/go-libp2p/core/crypto" + "github.com/libp2p/go-libp2p/p2p/host/peerstore/pstoreds" + "github.com/pkg/errors" + "github.com/sirupsen/logrus" + "github.com/spegel-org/spegel/pkg/metrics" + "github.com/spegel-org/spegel/pkg/oci" + "github.com/spegel-org/spegel/pkg/registry" + "github.com/spegel-org/spegel/pkg/routing" + "github.com/spegel-org/spegel/pkg/state" + "k8s.io/component-base/metrics/legacyregistry" +) + +// DefaultRegistry is the default instance of a Spegel distributed registry +var DefaultRegistry = &Config{ + Bootstrapper: NewSelfBootstrapper(), + Router: func(context.Context, *config.Node) (*mux.Router, error) { + return nil, errors.New("not implemented") + }, +} + +var ( + P2pAddressAnnotation = "p2p." + version.Program + ".cattle.io/node-address" + P2pEnabledLabel = "p2p." + version.Program + ".cattle.io/enabled" + P2pPortEnv = version.ProgramUpper + "_P2P_PORT" + P2pEnableLatestEnv = version.ProgramUpper + "_P2P_ENABLE_LATEST" + + resolveLatestTag = false +) + +// Config holds fields for a distributed registry +type Config struct { + ClientCAFile string + ClientCertFile string + ClientKeyFile string + + ServerCAFile string + ServerCertFile string + ServerKeyFile string + + // ExternalAddress is the address for other nodes to connect to the registry API. + ExternalAddress string + + // InternalAddress is the address for the local containerd instance to connect to the registry API. + InternalAddress string + + // RegistryPort is the port for the registry API. + RegistryPort string + + // PSK is the preshared key required to join the p2p network. + PSK []byte + + // Bootstrapper is the bootstrapper that will be used to discover p2p peers. + Bootstrapper routing.Bootstrapper + + // HandlerFunc will be called to add the registry API handler to an existing router. + Router https.RouterFunc +} + +// These values are not currently configurable +const ( + resolveRetries = 0 + resolveTimeout = time.Second * 5 + registryNamespace = "k8s.io" + defaultRouterPort = "5001" +) + +func init() { + // ensure that spegel exposes metrics through the same registry used by Kubernetes components + metrics.DefaultRegisterer = legacyregistry.Registerer() + metrics.DefaultGatherer = legacyregistry.DefaultGatherer +} + +// Start starts the embedded p2p router, and binds the registry API to an existing HTTP router. +func (c *Config) Start(ctx context.Context, nodeConfig *config.Node) error { + localAddr := net.JoinHostPort(c.InternalAddress, c.RegistryPort) + // distribute images for all configured mirrors. there doesn't need to be a + // configured endpoint, just having a key for the registry will do. + urls := []url.URL{} + registries := []string{} + for host := range nodeConfig.AgentConfig.Registry.Mirrors { + if host == localAddr { + continue + } + if u, err := url.Parse("https://" + host); err != nil || docker.IsLocalhost(host) { + logrus.Errorf("Distributed registry mirror skipping invalid registry: %s", host) + } else { + urls = append(urls, *u) + registries = append(registries, host) + } + } + + if len(registries) == 0 { + logrus.Errorf("Not starting distributed registry mirror: no registries configured for distributed mirroring") + return nil + } + + logrus.Infof("Starting distributed registry mirror at https://%s:%s/v2 for registries %v", + c.ExternalAddress, c.RegistryPort, registries) + + // set up the various logging logging frameworks + level := ipfslog.LevelInfo + if logrus.IsLevelEnabled(logrus.DebugLevel) { + level = ipfslog.LevelDebug + stdlog := log.New(logrus.StandardLogger().Writer(), "spegel ", log.LstdFlags) + logger := stdr.NewWithOptions(stdlog, stdr.Options{Verbosity: ptr.To(10)}) + ctx = logr.NewContext(ctx, logger) + } + ipfslog.SetAllLoggers(level) + + // Get containerd client + ociOpts := []oci.Option{oci.WithContentPath(filepath.Join(nodeConfig.Containerd.Root, "io.containerd.content.v1.content"))} + ociClient, err := oci.NewContainerd(nodeConfig.Containerd.Address, registryNamespace, nodeConfig.Containerd.Registry, urls, ociOpts...) + if err != nil { + return errors.Wrap(err, "failed to create OCI client") + } + + // create or load persistent private key + keyFile := filepath.Join(nodeConfig.Containerd.Opt, "peer.key") + keyBytes, _, err := cert.LoadOrGenerateKeyFile(keyFile, false) + if err != nil { + return errors.Wrap(err, "failed to load or generate p2p private key") + } + privKey, err := cert.ParsePrivateKeyPEM(keyBytes) + if err != nil { + return errors.Wrap(err, "failed to parse p2p private key") + } + p2pKey, _, err := crypto.KeyPairFromStdKey(privKey) + if err != nil { + return errors.Wrap(err, "failed to convert p2p private key") + } + + // create a peerstore to allow persisting nodes across restarts + peerFile := filepath.Join(nodeConfig.Containerd.Opt, "peerstore.db") + ds, err := leveldb.NewDatastore(peerFile, nil) + if err != nil { + return errors.Wrap(err, "failed to create peerstore datastore") + } + ps, err := pstoreds.NewPeerstore(ctx, ds, pstoreds.DefaultOpts()) + if err != nil { + return errors.Wrap(err, "failed to create peerstore") + } + + // get latest tag configuration override + if env := os.Getenv(P2pEnableLatestEnv); env != "" { + if b, err := strconv.ParseBool(env); err != nil { + logrus.Warnf("Invalid %s value; using default %v", P2pEnableLatestEnv, resolveLatestTag) + } else { + resolveLatestTag = b + } + } + + // get port and start p2p router + routerPort := defaultRouterPort + if env := os.Getenv(P2pPortEnv); env != "" { + if i, err := strconv.Atoi(env); i == 0 || err != nil { + logrus.Warnf("Invalid %s value; using default %v", P2pPortEnv, defaultRouterPort) + } else { + routerPort = env + } + } + routerAddr := net.JoinHostPort(c.ExternalAddress, routerPort) + + logrus.Infof("Starting distributed registry P2P node at %s", routerAddr) + opts := []libp2p.Option{ + libp2p.Identity(p2pKey), + libp2p.Peerstore(ps), + libp2p.PrivateNetwork(c.PSK), + } + router, err := routing.NewP2PRouter(ctx, routerAddr, c.Bootstrapper, c.RegistryPort, opts...) + if err != nil { + return errors.Wrap(err, "failed to create p2p router") + } + go router.Run(ctx) + + caCert, err := os.ReadFile(c.ServerCAFile) + if err != nil { + return errors.Wrap(err, "failed to read server CA") + } + client := clientaccess.GetHTTPClient(caCert, c.ClientCertFile, c.ClientKeyFile) + metrics.Register() + registryOpts := []registry.Option{ + registry.WithLocalAddress(localAddr), + registry.WithResolveLatestTag(resolveLatestTag), + registry.WithResolveRetries(resolveRetries), + registry.WithResolveTimeout(resolveTimeout), + registry.WithTransport(client.Transport), + registry.WithLogger(logr.FromContextOrDiscard(ctx)), + } + reg := registry.NewRegistry(ociClient, router, registryOpts...) + regSvr := reg.Server(":" + c.RegistryPort) + + // Close router on shutdown + go func() { + <-ctx.Done() + router.Close() + }() + + // Track images available in containerd and publish via p2p router + go state.Track(ctx, ociClient, router, resolveLatestTag) + + mRouter, err := c.Router(ctx, nodeConfig) + if err != nil { + return err + } + mRouter.PathPrefix("/v2").Handler(regSvr.Handler) + mRouter.PathPrefix("/v1-" + version.Program + "/p2p").Handler(c.peerInfo()) + + // Wait up to 5 seconds for the p2p network to find peers. This will return + // immediately if the node is bootstrapping from itself. + _ = wait.PollUntilContextTimeout(ctx, time.Second, resolveTimeout, true, func(_ context.Context) (bool, error) { + return router.Ready() + }) + + return nil +} + +// peerInfo sends a peer address retrieved from the bootstrapper via HTTP +func (c *Config) peerInfo() http.HandlerFunc { + return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { + client, _, _ := net.SplitHostPort(req.RemoteAddr) + info, err := c.Bootstrapper.Get() + if err != nil { + http.Error(resp, "Internal Error", http.StatusInternalServerError) + return + } + logrus.Debugf("Serving p2p peer addr %s to client at %s", info, client) + resp.WriteHeader(http.StatusOK) + resp.Header().Set("Content-Type", "text/plain") + fmt.Fprintf(resp, "%s/p2p/%s", info.Addrs[0].String(), info.ID.String()) + }) +} diff --git a/pkg/util/apierrors.go b/pkg/util/apierrors.go new file mode 100644 index 000000000..969824945 --- /dev/null +++ b/pkg/util/apierrors.go @@ -0,0 +1,85 @@ +package util + +import ( + "crypto/rand" + "fmt" + "math/big" + "net/http" + + "github.com/pkg/errors" + "github.com/sirupsen/logrus" + "github.com/xiaods/k8e/pkg/generated/clientset/versioned/scheme" + apierrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/apiserver/pkg/endpoints/handlers/responsewriters" +) + +var ErrAPINotReady = errors.New("apiserver not ready") +var ErrAPIDisabled = errors.New("apiserver disabled") +var ErrCoreNotReady = errors.New("runtime core not ready") + +// SendErrorWithID sends and logs a random error ID so that logs can be correlated +// between the REST API (which does not provide any detailed error output, to avoid +// information disclosure) and the server logs. +func SendErrorWithID(err error, component string, resp http.ResponseWriter, req *http.Request, status ...int) { + errID, _ := rand.Int(rand.Reader, big.NewInt(99999)) + logrus.Errorf("%s error ID %05d: %v", component, errID, err) + SendError(fmt.Errorf("%s error ID %05d", component, errID), resp, req, status...) +} + +// SendError sends a properly formatted error response +func SendError(err error, resp http.ResponseWriter, req *http.Request, status ...int) { + var code int + if len(status) == 1 { + code = status[0] + } + if code == 0 || code == http.StatusOK { + code = http.StatusInternalServerError + } + + // Don't log "apiserver not ready" or "apiserver disabled" errors, they are frequent during startup + if !errors.Is(err, ErrAPINotReady) && !errors.Is(err, ErrAPIDisabled) { + logrus.Errorf("Sending HTTP %d response to %s: %v", code, req.RemoteAddr, err) + } + + var serr *apierrors.StatusError + switch code { + case http.StatusBadRequest: + serr = apierrors.NewBadRequest(err.Error()) + case http.StatusUnauthorized: + serr = apierrors.NewUnauthorized(err.Error()) + case http.StatusForbidden: + serr = newForbidden(err) + case http.StatusInternalServerError: + serr = apierrors.NewInternalError(err) + case http.StatusBadGateway: + serr = newBadGateway(err) + case http.StatusServiceUnavailable: + serr = apierrors.NewServiceUnavailable(err.Error()) + default: + serr = apierrors.NewGenericServerResponse(code, req.Method, schema.GroupResource{}, req.URL.Path, err.Error(), 0, true) + } + + responsewriters.ErrorNegotiated(serr, scheme.Codecs.WithoutConversion(), schema.GroupVersion{}, resp, req) +} + +func newForbidden(err error) *apierrors.StatusError { + return &apierrors.StatusError{ + ErrStatus: metav1.Status{ + Status: metav1.StatusFailure, + Code: http.StatusForbidden, + Reason: metav1.StatusReasonForbidden, + Message: err.Error(), + }} +} + +func newBadGateway(err error) *apierrors.StatusError { + return &apierrors.StatusError{ + ErrStatus: metav1.Status{ + Status: metav1.StatusFailure, + Code: http.StatusBadGateway, + Reason: metav1.StatusReasonInternalError, + Message: err.Error(), + }} +} diff --git a/pkg/util/file.go b/pkg/util/file.go index a23480378..6d1a05ca8 100644 --- a/pkg/util/file.go +++ b/pkg/util/file.go @@ -2,12 +2,88 @@ package util import ( "os" + "os/user" + "path/filepath" + "strconv" + "strings" + "time" + + "github.com/pkg/errors" + "github.com/sirupsen/logrus" ) func SetFileModeForPath(name string, mode os.FileMode) error { return os.Chmod(name, mode) } +func SetFileGroupForPath(name string, group string) error { + // Try to use as group id + gid, err := strconv.Atoi(group) + if err == nil { + return os.Chown(name, -1, gid) + } + + // Otherwise, it must be a group name + g, err := user.LookupGroup(group) + if err != nil { + return err + } + + gid, err = strconv.Atoi(g.Gid) + if err != nil { + return err + } + + return os.Chown(name, -1, gid) +} + func SetFileModeForFile(file *os.File, mode os.FileMode) error { return file.Chmod(mode) } + +// ReadFile reads from a file +func ReadFile(path string) (string, error) { + if path == "" { + return "", nil + } + + for start := time.Now(); time.Since(start) < 4*time.Minute; { + vpnBytes, err := os.ReadFile(path) + if err == nil { + return strings.TrimSpace(string(vpnBytes)), nil + } else if os.IsNotExist(err) { + logrus.Infof("Waiting for %s to be available\n", path) + time.Sleep(2 * time.Second) + } else { + return "", err + } + } + + return "", errors.New("Timeout while trying to read the file") +} + +// AtomicWrite firsts writes data to a temp file, then renames to the destination file. +// This ensures that the destination file is never partially written. +func AtomicWrite(fileName string, data []byte, perm os.FileMode) error { + f, err := os.CreateTemp(filepath.Dir(fileName), filepath.Base(fileName)+".tmp") + if err != nil { + return err + } + tmpName := f.Name() + defer os.Remove(tmpName) + if _, err := f.Write(data); err != nil { + f.Close() + return err + } + if err := f.Chmod(perm); err != nil { + return err + } + if err := f.Sync(); err != nil { + return err + } + if err := f.Close(); err != nil { + return err + } + + return os.Rename(tmpName, fileName) +} diff --git a/pkg/util/net.go b/pkg/util/net.go index 040d7312c..76304c584 100644 --- a/pkg/util/net.go +++ b/pkg/util/net.go @@ -1,12 +1,16 @@ package util import ( + "context" "errors" "fmt" "net" "os" "strings" + "time" + "github.com/rancher/wrangler/v3/pkg/merr" + "github.com/sirupsen/logrus" "github.com/urfave/cli" apinet "k8s.io/apimachinery/pkg/util/net" netutils "k8s.io/utils/net" @@ -85,10 +89,9 @@ func JoinIP4Nets(elems []*net.IPNet) string { // If no IPv6 addresses are found, an error is raised. func getFirst6(elems []net.IP) (net.IP, error) { for _, elem := range elems { - if elem == nil || elem.To16() == nil { - continue + if elem != nil && netutils.IsIPv6(elem) { + return elem, nil } - return elem, nil } return nil, errors.New("no IPv6 address found") } @@ -97,10 +100,9 @@ func getFirst6(elems []net.IP) (net.IP, error) { // If no IPv6 addresses are found, an error is raised. func getFirst6Net(elems []*net.IPNet) (*net.IPNet, error) { for _, elem := range elems { - if elem == nil || elem.IP.To16() == nil { - continue + if elem != nil && netutils.IsIPv6(elem.IP) { + return elem, nil } - return elem, nil } return nil, errors.New("no IPv6 CIDRs found") } @@ -125,7 +127,7 @@ func GetFirst6String(elems []string) (string, error) { func JoinIP6Nets(elems []*net.IPNet) string { var strs []string for _, elem := range elems { - if elem != nil && elem.IP.To4() == nil { + if elem != nil && netutils.IsIPv6(elem.IP) { strs = append(strs, elem.String()) } } @@ -263,3 +265,168 @@ func IPStringToIPNet(address string) (*net.IPNet, error) { _, cidr, err := net.ParseCIDR(address) return cidr, err } + +// GetIPFromInterface is the public function that returns the IP of an interface +func GetIPFromInterface(ifaceName string) (string, error) { + ip, err := getIPFromInterface(ifaceName) + if err != nil { + return "", fmt.Errorf("interface %s does not have a correct global unicast ip: %w", ifaceName, err) + } + logrus.Infof("Found ip %s from iface %s", ip, ifaceName) + return ip, nil +} + +// getIPFromInterface is the private function that returns de IP of an interface +func getIPFromInterface(ifaceName string) (string, error) { + iface, err := net.InterfaceByName(ifaceName) + if err != nil { + return "", err + } + addrs, err := iface.Addrs() + if err != nil { + return "", err + } + if iface.Flags&net.FlagUp == 0 { + return "", fmt.Errorf("the interface %s is not up", ifaceName) + } + + globalUnicasts := []string{} + globalUnicastsIPv6 := []string{} + for _, addr := range addrs { + ip, _, err := net.ParseCIDR(addr.String()) + if err != nil { + return "", fmt.Errorf("unable to parse CIDR for interface %s: %w", iface.Name, err) + } + // if not IPv4 adding it on IPv6 list + if ip.To4() == nil { + if ip.IsGlobalUnicast() { + globalUnicastsIPv6 = append(globalUnicastsIPv6, ip.String()) + } + continue + } + if ip.IsGlobalUnicast() { + globalUnicasts = append(globalUnicasts, ip.String()) + } + } + + if len(globalUnicasts) > 1 { + return "", fmt.Errorf("multiple global unicast addresses defined for %s, please set ip from one of %v", ifaceName, globalUnicasts) + } + if len(globalUnicasts) == 1 && len(globalUnicastsIPv6) == 0 { + return globalUnicasts[0], nil + } else if len(globalUnicastsIPv6) > 0 && len(globalUnicasts) == 1 { + return globalUnicasts[0] + "," + globalUnicastsIPv6[0], nil + } else if len(globalUnicastsIPv6) > 0 { + return globalUnicastsIPv6[0], nil + } + + return "", fmt.Errorf("can't find ip for interface %s", ifaceName) +} + +type multiListener struct { + listeners []net.Listener + closing chan struct{} + conns chan acceptRes +} + +type acceptRes struct { + conn net.Conn + err error +} + +// explicit interface check +var _ net.Listener = &multiListener{} + +var loopbacks = []string{"127.0.0.1", "::1"} + +// ListenWithLoopback listens on the given address, as well as on IPv4 and IPv6 loopback addresses. +// If the address is a wildcard, the listener is return unwrapped. +func ListenWithLoopback(ctx context.Context, addr string, port string) (net.Listener, error) { + lc := &net.ListenConfig{ + KeepAlive: 3 * time.Minute, + Control: permitReuse, + } + l, err := lc.Listen(ctx, "tcp", net.JoinHostPort(addr, port)) + if err != nil { + return nil, err + } + + // If we're listening on a wildcard address, we don't need to wrap with the other loopback addresses + switch addr { + case "", "::", "0.0.0.0": + return l, nil + } + + ml := &multiListener{ + listeners: []net.Listener{l}, + closing: make(chan struct{}), + conns: make(chan acceptRes), + } + + for _, laddr := range loopbacks { + if laddr == addr { + continue + } + if l, err := lc.Listen(ctx, "tcp", net.JoinHostPort(laddr, port)); err == nil { + ml.listeners = append(ml.listeners, l) + } else { + logrus.Debugf("Failed to listen on %s: %v", net.JoinHostPort(laddr, port), err) + } + } + + for i := range ml.listeners { + go ml.accept(ml.listeners[i]) + } + + return ml, nil +} + +// Addr returns the address of the non-loopback address that this multiListener is listening on +func (ml *multiListener) Addr() net.Addr { + return ml.listeners[0].Addr() +} + +// Close closes all the listeners +func (ml *multiListener) Close() error { + close(ml.closing) + var errs merr.Errors + for i := range ml.listeners { + err := ml.listeners[i].Close() + if err != nil { + errs = append(errs, err) + } + } + return merr.NewErrors(errs) +} + +// Accept returns a Conn/err pair from one of the waiting listeners +func (ml *multiListener) Accept() (net.Conn, error) { + select { + case res, ok := <-ml.conns: + if ok { + return res.conn, res.err + } + return nil, fmt.Errorf("connection channel closed") + case <-ml.closing: + return nil, fmt.Errorf("listener closed") + } +} + +// accept runs a loop, accepting connections and trying to send on the result channel +func (ml *multiListener) accept(listener net.Listener) { + for { + conn, err := listener.Accept() + r := acceptRes{ + conn: conn, + err: err, + } + select { + case ml.conns <- r: + case <-ml.closing: + if r.err == nil { + r.conn.Close() + } + return + } + } +} diff --git a/pkg/util/services/services.go b/pkg/util/services/services.go new file mode 100644 index 000000000..146d6f842 --- /dev/null +++ b/pkg/util/services/services.go @@ -0,0 +1,147 @@ +package services + +import ( + "fmt" + "path/filepath" + + "github.com/xiaods/k8e/pkg/daemons/config" + "github.com/xiaods/k8e/pkg/version" +) + +const ( + APIServer = "api-server" + Admin = "admin" + AuthProxy = "auth-proxy" + CertificateAuthority = "certificate-authority" + CloudController = "cloud-controller" + ControllerManager = "controller-manager" + ETCD = "etcd" + Kubelet = "kubelet" + ProgramController = "-controller" + ProgramServer = "-server" + Scheduler = "scheduler" + Supervisor = "supervisor" +) + +var Agent = []string{ + Kubelet, + version.Program + ProgramController, +} + +var Server = []string{ + APIServer, + Admin, + AuthProxy, + CloudController, + ControllerManager, + ETCD, + Scheduler, + Supervisor, + version.Program + ProgramServer, +} + +var All = append(Server, Agent...) + +// CA is intentionally not included in agent, server, or all as it +// requires manual action by the user to rotate these certs. +var CA = []string{ + CertificateAuthority, +} + +func FilesForServices(controlConfig config.Control, services []string) (map[string][]string, error) { + agentDataDir := filepath.Join(controlConfig.DataDir, "..", "agent") + fileMap := map[string][]string{} + for _, service := range services { + switch service { + case Admin: + fileMap[service] = []string{ + controlConfig.Runtime.ClientAdminCert, + controlConfig.Runtime.ClientAdminKey, + } + case APIServer: + fileMap[service] = []string{ + controlConfig.Runtime.ClientKubeAPICert, + controlConfig.Runtime.ClientKubeAPIKey, + controlConfig.Runtime.ServingKubeAPICert, + controlConfig.Runtime.ServingKubeAPIKey, + } + case ControllerManager: + fileMap[service] = []string{ + controlConfig.Runtime.ClientControllerCert, + controlConfig.Runtime.ClientControllerKey, + } + case Scheduler: + fileMap[service] = []string{ + controlConfig.Runtime.ClientSchedulerCert, + controlConfig.Runtime.ClientSchedulerKey, + } + case ETCD: + fileMap[service] = []string{ + controlConfig.Runtime.ClientETCDCert, + controlConfig.Runtime.ClientETCDKey, + controlConfig.Runtime.ServerETCDCert, + controlConfig.Runtime.ServerETCDKey, + controlConfig.Runtime.PeerServerClientETCDCert, + controlConfig.Runtime.PeerServerClientETCDKey, + } + case CloudController: + fileMap[service] = []string{ + controlConfig.Runtime.ClientCloudControllerCert, + controlConfig.Runtime.ClientCloudControllerKey, + } + case version.Program + ProgramController: + fileMap[service] = []string{ + controlConfig.Runtime.ClientK8eControllerCert, + controlConfig.Runtime.ClientK8eControllerKey, + filepath.Join(agentDataDir, "client-"+version.Program+"-controller.crt"), + filepath.Join(agentDataDir, "client-"+version.Program+"-controller.key"), + } + case Supervisor: + fileMap[service] = []string{ + controlConfig.Runtime.ClientSupervisorCert, + controlConfig.Runtime.ClientSupervisorKey, + } + case AuthProxy: + fileMap[service] = []string{ + controlConfig.Runtime.ClientAuthProxyCert, + controlConfig.Runtime.ClientAuthProxyKey, + } + case Kubelet: + fileMap[service] = []string{ + controlConfig.Runtime.ClientKubeletKey, + controlConfig.Runtime.ServingKubeletKey, + filepath.Join(agentDataDir, "client-kubelet.crt"), + filepath.Join(agentDataDir, "client-kubelet.key"), + filepath.Join(agentDataDir, "serving-kubelet.crt"), + filepath.Join(agentDataDir, "serving-kubelet.key"), + } + case CertificateAuthority: + fileMap[service] = []string{ + controlConfig.Runtime.ServerCA, + controlConfig.Runtime.ServerCAKey, + controlConfig.Runtime.ClientCA, + controlConfig.Runtime.ClientCAKey, + controlConfig.Runtime.RequestHeaderCA, + controlConfig.Runtime.RequestHeaderCAKey, + controlConfig.Runtime.ETCDPeerCA, + controlConfig.Runtime.ETCDPeerCAKey, + controlConfig.Runtime.ETCDServerCA, + controlConfig.Runtime.ETCDServerCAKey, + } + case version.Program + ProgramServer: + // not handled here, as the dynamiclistener cert cache is not a standard cert + default: + return nil, fmt.Errorf("%s is not a recognized service", service) + } + } + return fileMap, nil +} + +func IsValid(svc string) bool { + for _, service := range All { + if svc == service { + return true + } + } + return false +} diff --git a/pkg/util/services/services_test.go b/pkg/util/services/services_test.go new file mode 100644 index 000000000..5e32d6189 --- /dev/null +++ b/pkg/util/services/services_test.go @@ -0,0 +1,247 @@ +package services + +import ( + "reflect" + "testing" + + "github.com/xiaods/k8e/pkg/daemons/config" + "github.com/xiaods/k8e/pkg/daemons/control/deps" +) + +func Test_UnitFilesForServices(t *testing.T) { + type args struct { + controlConfig config.Control + services []string + } + tests := []struct { + name string + args args + setup func(controlConfig *config.Control) error + want map[string][]string + wantErr bool + }{ + { + name: "All Services", + args: args{ + services: All, + controlConfig: config.Control{ + DataDir: "/var/lib/rancher/k8e/server", + Runtime: &config.ControlRuntime{}, + }, + }, + setup: func(controlConfig *config.Control) error { + deps.CreateRuntimeCertFiles(controlConfig) + return nil + }, + want: map[string][]string{ + "admin": []string{ + "/var/lib/rancher/k8e/server/tls/client-admin.crt", + "/var/lib/rancher/k8e/server/tls/client-admin.key", + }, + "api-server": []string{ + "/var/lib/rancher/k8e/server/tls/client-kube-apiserver.crt", + "/var/lib/rancher/k8e/server/tls/client-kube-apiserver.key", + "/var/lib/rancher/k8e/server/tls/serving-kube-apiserver.crt", + "/var/lib/rancher/k8e/server/tls/serving-kube-apiserver.key", + }, + "auth-proxy": []string{ + "/var/lib/rancher/k8e/server/tls/client-auth-proxy.crt", + "/var/lib/rancher/k8e/server/tls/client-auth-proxy.key", + }, + "cloud-controller": []string{ + "/var/lib/rancher/k8e/server/tls/client-k8e-cloud-controller.crt", + "/var/lib/rancher/k8e/server/tls/client-k8e-cloud-controller.key", + }, + "controller-manager": []string{ + "/var/lib/rancher/k8e/server/tls/client-controller.crt", + "/var/lib/rancher/k8e/server/tls/client-controller.key", + }, + "etcd": []string{ + "/var/lib/rancher/k8e/server/tls/etcd/client.crt", + "/var/lib/rancher/k8e/server/tls/etcd/client.key", + "/var/lib/rancher/k8e/server/tls/etcd/server-client.crt", + "/var/lib/rancher/k8e/server/tls/etcd/server-client.key", + "/var/lib/rancher/k8e/server/tls/etcd/peer-server-client.crt", + "/var/lib/rancher/k8e/server/tls/etcd/peer-server-client.key", + }, + "k8e-controller": []string{ + "/var/lib/rancher/k8e/server/tls/client-k8e-controller.crt", + "/var/lib/rancher/k8e/server/tls/client-k8e-controller.key", + "/var/lib/rancher/k8e/agent/client-k8e-controller.crt", + "/var/lib/rancher/k8e/agent/client-k8e-controller.key", + }, + "kube-proxy": []string{ + "/var/lib/rancher/k8e/server/tls/client-kube-proxy.crt", + "/var/lib/rancher/k8e/server/tls/client-kube-proxy.key", + "/var/lib/rancher/k8e/agent/client-kube-proxy.crt", + "/var/lib/rancher/k8e/agent/client-kube-proxy.key", + }, + "kubelet": []string{ + "/var/lib/rancher/k8e/server/tls/client-kubelet.key", + "/var/lib/rancher/k8e/server/tls/serving-kubelet.key", + "/var/lib/rancher/k8e/agent/client-kubelet.crt", + "/var/lib/rancher/k8e/agent/client-kubelet.key", + "/var/lib/rancher/k8e/agent/serving-kubelet.crt", + "/var/lib/rancher/k8e/agent/serving-kubelet.key", + }, + "scheduler": []string{ + "/var/lib/rancher/k8e/server/tls/client-scheduler.crt", + "/var/lib/rancher/k8e/server/tls/client-scheduler.key", + }, + "supervisor": []string{ + "/var/lib/rancher/k8e/server/tls/client-supervisor.crt", + "/var/lib/rancher/k8e/server/tls/client-supervisor.key", + }, + }, + }, + { + name: "Server Only", + args: args{ + services: Server, + controlConfig: config.Control{ + DataDir: "/var/lib/rancher/k8e/server", + Runtime: &config.ControlRuntime{}, + }, + }, + setup: func(controlConfig *config.Control) error { + deps.CreateRuntimeCertFiles(controlConfig) + return nil + }, + want: map[string][]string{ + "admin": []string{ + "/var/lib/rancher/k8e/server/tls/client-admin.crt", + "/var/lib/rancher/k8e/server/tls/client-admin.key", + }, + "api-server": []string{ + "/var/lib/rancher/k8e/server/tls/client-kube-apiserver.crt", + "/var/lib/rancher/k8e/server/tls/client-kube-apiserver.key", + "/var/lib/rancher/k8e/server/tls/serving-kube-apiserver.crt", + "/var/lib/rancher/k8e/server/tls/serving-kube-apiserver.key", + }, + "auth-proxy": []string{ + "/var/lib/rancher/k8e/server/tls/client-auth-proxy.crt", + "/var/lib/rancher/k8e/server/tls/client-auth-proxy.key", + }, + "cloud-controller": []string{ + "/var/lib/rancher/k8e/server/tls/client-k8e-cloud-controller.crt", + "/var/lib/rancher/k8e/server/tls/client-k8e-cloud-controller.key", + }, + "controller-manager": []string{ + "/var/lib/rancher/k8e/server/tls/client-controller.crt", + "/var/lib/rancher/k8e/server/tls/client-controller.key", + }, + "etcd": []string{ + "/var/lib/rancher/k8e/server/tls/etcd/client.crt", + "/var/lib/rancher/k8e/server/tls/etcd/client.key", + "/var/lib/rancher/k8e/server/tls/etcd/server-client.crt", + "/var/lib/rancher/k8e/server/tls/etcd/server-client.key", + "/var/lib/rancher/k8e/server/tls/etcd/peer-server-client.crt", + "/var/lib/rancher/k8e/server/tls/etcd/peer-server-client.key", + }, + "scheduler": []string{ + "/var/lib/rancher/k8e/server/tls/client-scheduler.crt", + "/var/lib/rancher/k8e/server/tls/client-scheduler.key", + }, + "supervisor": []string{ + "/var/lib/rancher/k8e/server/tls/client-supervisor.crt", + "/var/lib/rancher/k8e/server/tls/client-supervisor.key", + }, + }, + }, + { + name: "Agent Only", + args: args{ + services: Agent, + controlConfig: config.Control{ + DataDir: "/var/lib/rancher/k8e/server", + Runtime: &config.ControlRuntime{}, + }, + }, + setup: func(controlConfig *config.Control) error { + deps.CreateRuntimeCertFiles(controlConfig) + return nil + }, + want: map[string][]string{ + "k8e-controller": []string{ + "/var/lib/rancher/k8e/server/tls/client-k8e-controller.crt", + "/var/lib/rancher/k8e/server/tls/client-k8e-controller.key", + "/var/lib/rancher/k8e/agent/client-k8e-controller.crt", + "/var/lib/rancher/k8e/agent/client-k8e-controller.key", + }, + "kube-proxy": []string{ + "/var/lib/rancher/k8e/server/tls/client-kube-proxy.crt", + "/var/lib/rancher/k8e/server/tls/client-kube-proxy.key", + "/var/lib/rancher/k8e/agent/client-kube-proxy.crt", + "/var/lib/rancher/k8e/agent/client-kube-proxy.key", + }, + "kubelet": []string{ + "/var/lib/rancher/k8e/server/tls/client-kubelet.key", + "/var/lib/rancher/k8e/server/tls/serving-kubelet.key", + "/var/lib/rancher/k8e/agent/client-kubelet.crt", + "/var/lib/rancher/k8e/agent/client-kubelet.key", + "/var/lib/rancher/k8e/agent/serving-kubelet.crt", + "/var/lib/rancher/k8e/agent/serving-kubelet.key", + }, + }, + }, + { + name: "Invalid", + args: args{ + services: []string{CertificateAuthority}, + controlConfig: config.Control{ + DataDir: "/var/lib/rancher/k8e/server", + Runtime: &config.ControlRuntime{}, + }, + }, + setup: func(controlConfig *config.Control) error { + deps.CreateRuntimeCertFiles(controlConfig) + return nil + }, + want: map[string][]string{ + "certificate-authority": []string{ + "/var/lib/rancher/k8e/server/tls/server-ca.crt", + "/var/lib/rancher/k8e/server/tls/server-ca.key", + "/var/lib/rancher/k8e/server/tls/client-ca.crt", + "/var/lib/rancher/k8e/server/tls/client-ca.key", + "/var/lib/rancher/k8e/server/tls/request-header-ca.crt", + "/var/lib/rancher/k8e/server/tls/request-header-ca.key", + "/var/lib/rancher/k8e/server/tls/etcd/peer-ca.crt", + "/var/lib/rancher/k8e/server/tls/etcd/peer-ca.key", + "/var/lib/rancher/k8e/server/tls/etcd/server-ca.crt", + "/var/lib/rancher/k8e/server/tls/etcd/server-ca.key", + }, + }, + }, + { + name: "Invalid", + args: args{ + services: []string{"foo"}, + controlConfig: config.Control{ + DataDir: "/var/lib/rancher/k8e/server", + Runtime: &config.ControlRuntime{}, + }, + }, + setup: func(controlConfig *config.Control) error { + deps.CreateRuntimeCertFiles(controlConfig) + return nil + }, + wantErr: true, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + if err := tt.setup(&tt.args.controlConfig); err != nil { + t.Errorf("Setup for FilesForServices() failed = %v", err) + return + } + got, err := FilesForServices(tt.args.controlConfig, tt.args.services) + if (err != nil) != tt.wantErr { + t.Errorf("FilesForServices() error = %v, wantErr %v", err, tt.wantErr) + return + } + if !reflect.DeepEqual(got, tt.want) { + t.Errorf("FilesForServices() = %+v\nWant = %+v", got, tt.want) + } + }) + } +} diff --git a/pkg/vpn/vpn.go b/pkg/vpn/vpn.go new file mode 100644 index 000000000..6c3b6a6a8 --- /dev/null +++ b/pkg/vpn/vpn.go @@ -0,0 +1,161 @@ +package vpn + +import ( + "encoding/json" + "fmt" + "net" + "net/url" + "strings" + + "github.com/xiaods/k8e/pkg/util" + + "github.com/pkg/errors" + "github.com/sirupsen/logrus" +) + +const ( + tailscaleIf = "tailscale0" +) + +type TailscaleOutput struct { + TailscaleIPs []string `json:"TailscaleIPs"` +} + +// VPNInfo includes node information of the VPN. It is a general struct in case we want to add more vpn integrations +type VPNInfo struct { + IPv4Address net.IP + IPv6Address net.IP + NodeID string + ProviderName string + VPNInterface string +} + +// vpnCliAuthInfo includes auth information of the VPN. It is a general struct in case we want to add more vpn integrations +type vpnCliAuthInfo struct { + Name string + JoinKey string + ControlServerURL string + ExtraCLIFlags []string +} + +// StartVPN starts the VPN interface. General function in case we want to add more vpn integrations +func StartVPN(vpnAuthConfigFile string) error { + authInfo, err := getVPNAuthInfo(vpnAuthConfigFile) + if err != nil { + return err + } + + logrus.Infof("Starting VPN: %s", authInfo.Name) + switch authInfo.Name { + case "tailscale": + args := []string{ + "up", "--authkey", authInfo.JoinKey, "--timeout=30s", "--reset", + } + if authInfo.ControlServerURL != "" { + args = append(args, "--login-server", authInfo.ControlServerURL) + } + if len(authInfo.ExtraCLIFlags) > 0 { + args = append(args, authInfo.ExtraCLIFlags...) + } + logrus.Debugf("Flags passed to tailscale up: %v", args) + output, err := util.ExecCommand("tailscale", args) + if err != nil { + return errors.Wrap(err, "tailscale up failed: "+output) + } + logrus.Debugf("Output from tailscale up: %v", output) + return nil + default: + return fmt.Errorf("Requested VPN: %s is not supported. We currently only support tailscale", authInfo.Name) + } +} + +// GetVPNInfo returns a VPNInfo object with details about the VPN. General function in case we want to add more vpn integrations +func GetVPNInfo(vpnAuth string) (VPNInfo, error) { + authInfo, err := getVPNAuthInfo(vpnAuth) + if err != nil { + return VPNInfo{}, err + } + + if authInfo.Name == "tailscale" { + return getTailscaleInfo() + } + return VPNInfo{}, nil +} + +// getVPNAuthInfo returns the required authInfo object +func getVPNAuthInfo(vpnAuth string) (vpnCliAuthInfo, error) { + var authInfo vpnCliAuthInfo + + // Separate extraArgs which will be passed directly to the vpn binary command + vpnCommand, extraArgs := processCLIArgs(vpnAuth) + authInfo.ExtraCLIFlags = extraArgs + + vpnParameters := strings.Split(vpnCommand, ",") + for _, vpnKeyValues := range vpnParameters { + vpnKeyValue := strings.Split(vpnKeyValues, "=") + switch vpnKeyValue[0] { + case "name": + authInfo.Name = vpnKeyValue[1] + case "joinKey": + authInfo.JoinKey = vpnKeyValue[1] + case "controlServerURL": + authInfo.ControlServerURL = vpnKeyValue[1] + default: + return vpnCliAuthInfo{}, fmt.Errorf("VPN Error. The passed VPN auth info includes an unknown parameter: %v", vpnKeyValue[0]) + } + } + + if err := isVPNConfigOK(authInfo); err != nil { + return authInfo, err + } + return authInfo, nil +} + +// isVPNConfigOK checks that the config is complete +func isVPNConfigOK(authInfo vpnCliAuthInfo) error { + if authInfo.Name == "tailscale" { + if authInfo.JoinKey == "" { + return errors.New("VPN Error. Tailscale requires a JoinKey") + } + if authInfo.ControlServerURL != "" { + if _, err := url.Parse(authInfo.ControlServerURL); err != nil { + return fmt.Errorf("VPN Error. Invalid control server URL for Tailscale: %w", err) + } + } + return nil + } + + return errors.New("Requested VPN: " + authInfo.Name + " is not supported. We currently only support tailscale") +} + +// getTailscaleInfo returns the IPs of the interface +func getTailscaleInfo() (VPNInfo, error) { + output, err := util.ExecCommand("tailscale", []string{"status", "--json"}) + if err != nil { + return VPNInfo{}, fmt.Errorf("failed to run tailscale status --json: %v", err) + } + + logrus.Debugf("Output from tailscale status --json: %v", output) + + var tailscaleOutput TailscaleOutput + err = json.Unmarshal([]byte(output), &tailscaleOutput) + if err != nil { + return VPNInfo{}, fmt.Errorf("failed to unmarshal tailscale output: %v", err) + } + + // Errors are ignored because the interface might not have ipv4 or ipv6 addresses (that's the only possible error) + ipv4Address, _ := util.GetFirst4String(tailscaleOutput.TailscaleIPs) + ipv6Address, _ := util.GetFirst6String(tailscaleOutput.TailscaleIPs) + + return VPNInfo{IPv4Address: net.ParseIP(ipv4Address), IPv6Address: net.ParseIP(ipv6Address), NodeID: "", ProviderName: "tailscale", VPNInterface: tailscaleIf}, nil +} + +// processCLIArgs separates the extraArgs part from the command. +// Note that tailscale flags of type list are comma separated and don't accept spaces, thus we can use strings.Fields to separate flags +func processCLIArgs(command string) (string, []string) { + subCommands := strings.Split(command, ",extraArgs=") + if len(subCommands) > 1 { + return subCommands[0], strings.Fields(subCommands[1]) + } + return subCommands[0], []string{} +} diff --git a/vendor.go b/vendor.go deleted file mode 100644 index 2583c68b2..000000000 --- a/vendor.go +++ /dev/null @@ -1,17 +0,0 @@ -// +build vendor - -package main - -import ( - _ "github.com/containerd/containerd/cmd/containerd-shim" - _ "github.com/containerd/containerd/cmd/containerd-shim-runc-v2" - _ "github.com/coreos/go-systemd/activation" - _ "github.com/go-bindata/go-bindata" - _ "github.com/go-bindata/go-bindata/go-bindata" - _ "github.com/opencontainers/runc" - _ "github.com/opencontainers/runc/contrib/cmd/recvtty" - _ "github.com/opencontainers/runc/libcontainer/nsenter" - _ "github.com/opencontainers/runc/libcontainer/specconv" -) - -func main() {}