diff --git a/app/vmctl/prometheus/prometheus.go b/app/vmctl/prometheus/prometheus.go index de4e393b0..e3203a739 100644 --- a/app/vmctl/prometheus/prometheus.go +++ b/app/vmctl/prometheus/prometheus.go @@ -1,6 +1,7 @@ package prometheus import ( + "context" "fmt" "time" @@ -120,7 +121,7 @@ func (c *Client) Read(block tsdb.BlockReader) (storage.SeriesSet, error) { if err != nil { return nil, err } - ss := q.Select(false, nil, labels.MustNewMatcher(labels.MatchRegexp, c.filter.label, c.filter.labelValue)) + ss := q.Select(context.Background(), false, nil, labels.MustNewMatcher(labels.MatchRegexp, c.filter.label, c.filter.labelValue)) return ss, nil } diff --git a/app/vmctl/testdata/servers_integration_test/remote_read_server.go b/app/vmctl/testdata/servers_integration_test/remote_read_server.go index eca4183ae..afd7f1d33 100644 --- a/app/vmctl/testdata/servers_integration_test/remote_read_server.go +++ b/app/vmctl/testdata/servers_integration_test/remote_read_server.go @@ -156,7 +156,6 @@ func (rrs *RemoteReadServer) getStreamReadHandler(t *testing.T) http.Handler { } var chks []prompb.Chunk - ctx := context.Background() for idx, r := range req.Queries { startTs := r.StartTimestampMs endTs := r.EndTimestampMs @@ -166,12 +165,12 @@ func (rrs *RemoteReadServer) getStreamReadHandler(t *testing.T) http.Handler { c := remote.NewSampleAndChunkQueryableClient(rrs.storage, nil, matchers, true, cb) - q, err := c.ChunkQuerier(ctx, startTs, endTs) + q, err := c.ChunkQuerier(startTs, endTs) if err != nil { t.Fatalf("error init chunk querier: %s", err) } - ss := q.Select(false, nil, matchers...) + ss := q.Select(context.Background(), false, nil, matchers...) var iter chunks.Iterator for ss.Next() { series := ss.At() diff --git a/go.mod b/go.mod index a6092199a..3e15eb7ca 100644 --- a/go.mod +++ b/go.mod @@ -2,76 +2,72 @@ module github.com/VictoriaMetrics/VictoriaMetrics go 1.20 -replace ( - // Newer versions of this package break vmselect build - github.com/VictoriaMetrics/metricsql => github.com/VictoriaMetrics/metricsql v0.56.2 - // Newer versions of this package break vmctl build - golang.org/x/exp => golang.org/x/exp v0.0.0-20230713183714-613f0c0eb8a1 -) +// Newer versions of this package break vmselect build +replace github.com/VictoriaMetrics/metricsql => github.com/VictoriaMetrics/metricsql v0.56.2 require ( cloud.google.com/go/storage v1.35.1 github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.0 github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.2.0 - github.com/VictoriaMetrics/fastcache v1.12.1 + github.com/VictoriaMetrics/fastcache v1.12.2 // Do not use the original github.com/valyala/fasthttp because of issues // like https://github.com/valyala/fasthttp/commit/996610f021ff45fdc98c2ce7884d5fa4e7f9199b github.com/VictoriaMetrics/fasthttp v1.2.0 - github.com/VictoriaMetrics/metrics v1.24.0 - github.com/VictoriaMetrics/metricsql v0.69.0 - github.com/aws/aws-sdk-go-v2 v1.22.2 - github.com/aws/aws-sdk-go-v2/config v1.25.0 - github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.13.7 - github.com/aws/aws-sdk-go-v2/service/s3 v1.42.1 + github.com/VictoriaMetrics/metrics v1.25.3 + github.com/VictoriaMetrics/metricsql v0.70.0 + github.com/aws/aws-sdk-go-v2 v1.24.0 + github.com/aws/aws-sdk-go-v2/config v1.26.1 + github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.15.7 + github.com/aws/aws-sdk-go-v2/service/s3 v1.47.5 github.com/cespare/xxhash/v2 v2.2.0 github.com/cheggaaa/pb/v3 v3.1.4 github.com/gogo/protobuf v1.3.2 github.com/golang/snappy v0.0.4 github.com/googleapis/gax-go/v2 v2.12.0 github.com/influxdata/influxdb v1.11.2 - github.com/klauspost/compress v1.17.2 - github.com/prometheus/prometheus v0.47.2 - github.com/urfave/cli/v2 v2.25.7 + github.com/klauspost/compress v1.17.4 + github.com/prometheus/prometheus v0.48.1 + github.com/urfave/cli/v2 v2.26.0 github.com/valyala/fastjson v1.6.4 github.com/valyala/fastrand v1.1.0 github.com/valyala/fasttemplate v1.2.2 github.com/valyala/gozstd v1.20.1 github.com/valyala/histogram v1.2.0 github.com/valyala/quicktemplate v1.7.0 - golang.org/x/net v0.18.0 - golang.org/x/oauth2 v0.14.0 - golang.org/x/sys v0.14.0 - google.golang.org/api v0.150.0 + golang.org/x/net v0.19.0 + golang.org/x/oauth2 v0.15.0 + golang.org/x/sys v0.15.0 + google.golang.org/api v0.153.0 gopkg.in/yaml.v2 v2.4.0 ) require ( - cloud.google.com/go v0.110.10 // indirect + cloud.google.com/go v0.111.0 // indirect cloud.google.com/go/compute v1.23.3 // indirect cloud.google.com/go/compute/metadata v0.2.3 // indirect cloud.google.com/go/iam v1.1.5 // indirect github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0 // indirect - github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1 // indirect github.com/AzureAD/microsoft-authentication-library-for-go v1.2.0 // indirect github.com/VividCortex/ewma v1.2.0 // indirect - github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137 // indirect - github.com/aws/aws-sdk-go v1.47.11 // indirect - github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.0 // indirect - github.com/aws/aws-sdk-go-v2/credentials v1.16.0 // indirect - github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.3 // indirect - github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.2 // indirect - github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.2 // indirect - github.com/aws/aws-sdk-go-v2/internal/ini v1.7.0 // indirect - github.com/aws/aws-sdk-go-v2/internal/v4a v1.2.2 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.0 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.2 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.2 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.2 // indirect - github.com/aws/aws-sdk-go-v2/service/sso v1.17.1 // indirect - github.com/aws/aws-sdk-go-v2/service/ssooidc v1.19.1 // indirect - github.com/aws/aws-sdk-go-v2/service/sts v1.25.1 // indirect - github.com/aws/smithy-go v1.16.0 // indirect + github.com/alecthomas/units v0.0.0-20231202071711-9a357b53e9c9 // indirect + github.com/aws/aws-sdk-go v1.48.16 // indirect + github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.4 // indirect + github.com/aws/aws-sdk-go-v2/credentials v1.16.12 // indirect + github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.10 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.9 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.9 // indirect + github.com/aws/aws-sdk-go-v2/internal/ini v1.7.2 // indirect + github.com/aws/aws-sdk-go-v2/internal/v4a v1.2.9 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.9 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.9 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.9 // indirect + github.com/aws/aws-sdk-go-v2/service/sso v1.18.5 // indirect + github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.5 // indirect + github.com/aws/aws-sdk-go-v2/service/sts v1.26.5 // indirect + github.com/aws/smithy-go v1.19.0 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/cpuguy83/go-md2man/v2 v2.0.3 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect @@ -82,7 +78,7 @@ require ( github.com/go-logfmt/logfmt v0.6.0 // indirect github.com/go-logr/logr v1.3.0 // indirect github.com/go-logr/stdr v1.2.2 // indirect - github.com/golang-jwt/jwt/v5 v5.1.0 // indirect + github.com/golang-jwt/jwt/v5 v5.2.0 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.3 // indirect github.com/google/s2a-go v0.1.7 // indirect @@ -115,25 +111,25 @@ require ( github.com/valyala/bytebufferpool v1.0.0 // indirect github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect go.opencensus.io v0.24.0 // indirect - go.opentelemetry.io/collector/pdata v1.0.0-rcv0018 // indirect - go.opentelemetry.io/collector/semconv v0.89.0 // indirect - go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.0 // indirect - go.opentelemetry.io/otel v1.20.0 // indirect - go.opentelemetry.io/otel/metric v1.20.0 // indirect - go.opentelemetry.io/otel/trace v1.20.0 // indirect + go.opentelemetry.io/collector/pdata v1.0.0 // indirect + go.opentelemetry.io/collector/semconv v0.90.1 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1 // indirect + go.opentelemetry.io/otel v1.21.0 // indirect + go.opentelemetry.io/otel/metric v1.21.0 // indirect + go.opentelemetry.io/otel/trace v1.21.0 // indirect go.uber.org/atomic v1.11.0 // indirect go.uber.org/goleak v1.3.0 // indirect go.uber.org/multierr v1.11.0 // indirect - golang.org/x/crypto v0.15.0 // indirect - golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa // indirect + golang.org/x/crypto v0.16.0 // indirect + golang.org/x/exp v0.0.0-20231206192017-f3f8817b8deb // indirect golang.org/x/sync v0.5.0 // indirect golang.org/x/text v0.14.0 // indirect - golang.org/x/time v0.4.0 // indirect + golang.org/x/time v0.5.0 // indirect golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect google.golang.org/appengine v1.6.8 // indirect - google.golang.org/genproto v0.0.0-20231106174013-bbf56f31fb17 // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20231106174013-bbf56f31fb17 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 // indirect + google.golang.org/genproto v0.0.0-20231127180814-3a041ad873d4 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20231127180814-3a041ad873d4 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20231127180814-3a041ad873d4 // indirect google.golang.org/grpc v1.59.0 // indirect google.golang.org/protobuf v1.31.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect diff --git a/go.sum b/go.sum index 18cdbb940..afaa6a28b 100644 --- a/go.sum +++ b/go.sum @@ -13,8 +13,8 @@ cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKV cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs= cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc= cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= -cloud.google.com/go v0.110.10 h1:LXy9GEO+timppncPIAZoOj3l58LIU9k+kn48AN7IO3Y= -cloud.google.com/go v0.110.10/go.mod h1:v1OoFqYxiBkUrruItNM3eT4lLByNjxmJSV/xDKJNnic= +cloud.google.com/go v0.111.0 h1:YHLKNupSD1KqjDbQ3+LVdQ81h/UJbJyZG203cEfnQgM= +cloud.google.com/go v0.111.0/go.mod h1:0mibmpKP1TyOOFYQY5izo0LnT+ecvOQ0Sg3OdmMiNRU= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= @@ -40,35 +40,31 @@ cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RX cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= cloud.google.com/go/storage v1.35.1 h1:B59ahL//eDfx2IIKFBeT5Atm9wnNmj3+8xG/W4WB//w= cloud.google.com/go/storage v1.35.1/go.mod h1:M6M/3V/D3KpzMTJyPOR/HU6n2Si5QdaXYEsng2xgOs8= -github.com/Azure/azure-sdk-for-go v65.0.0+incompatible h1:HzKLt3kIwMm4KeJYTdx9EbjRYTySD/t8i1Ee/W5EGXw= +dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.0 h1:fb8kj/Dh4CSwgsOzHeZY4Xh68cFVbzXx+ONXGMY//4w= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.0/go.mod h1:uReU2sSxZExRPBAg3qKzmAucSi51+SP1OhohieR821Q= github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0 h1:BMAjVKJM0U/CYF27gA0ZMmXGkOcvfFtD0oHVZ1TIPRI= github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0/go.mod h1:1fXstnBMas5kzG+S3q8UoJcmyU6nUeunJcMDHcRYHhs= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.0 h1:d81/ng9rET2YqdVkVwkb6EXeRrLJIwyGnJcAlAWKwhs= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.0/go.mod h1:s4kgfzA0covAXNicZHDMN58jExvcng2mC/DepXiF1EI= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1 h1:6oNBlSdi1QqM1PNW7FPA6xOGA5UNsXnkaYZz9vdPGhA= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1/go.mod h1:s4kgfzA0covAXNicZHDMN58jExvcng2mC/DepXiF1EI= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v4 v4.2.1 h1:UPeCRD+XY7QlaGQte2EVI2iOcWvUYA2XY8w5T/8v0NQ= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork v1.1.0 h1:QM6sE5k2ZT/vI5BEe0r7mqjsUSnhVBFbOsVkEuaEfiA= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v2 v2.2.1 h1:bWh0Z2rOEDfB/ywv/l0iHN1JgyazE6kW/aIA89+CEK0= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage v1.2.0 h1:Ma67P/GGprNwsslzEH6+Kb8nybI8jpDTm4Wmzu2ReK8= github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.2.0 h1:gggzg0SUMs6SQbEw+3LoSsYf9YMjkupeAnHMX8O9mmY= github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.2.0/go.mod h1:+6KLcKIVgxoBDMqMO/Nvy7bZ9a0nbU3I1DtFQK3YvB4= -github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= -github.com/Azure/go-autorest/autorest v0.11.29 h1:I4+HL/JDvErx2LjyzaVxllw2lRDB5/BT2Bm4g20iqYw= -github.com/Azure/go-autorest/autorest/adal v0.9.23 h1:Yepx8CvFxwNKpH6ja7RZ+sKX+DWYNldbLiALMC3BTz8= -github.com/Azure/go-autorest/autorest/date v0.3.0 h1:7gUk1U5M/CQbp9WoqinNzJar+8KY+LPI6wiWrP/myHw= -github.com/Azure/go-autorest/autorest/to v0.4.0 h1:oXVqrxakqqV1UZdSazDOPOLvOIz+XA683u8EctwboHk= -github.com/Azure/go-autorest/autorest/validation v0.3.1 h1:AgyqjAd94fwNAoTjl/WQXg4VvFeRFpO+UhNyRXqF1ac= -github.com/Azure/go-autorest/logger v0.2.1 h1:IG7i4p/mDa2Ce4TRyAO8IHnVhAVF3RFU+ZtXWSmf4Tg= -github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= github.com/AzureAD/microsoft-authentication-library-for-go v1.2.0 h1:hVeq+yCyUi+MsoO/CU95yqCIcdzra5ovzk8Q2BBpV2M= github.com/AzureAD/microsoft-authentication-library-for-go v1.2.0/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow= -github.com/VictoriaMetrics/fastcache v1.12.1 h1:i0mICQuojGDL3KblA7wUNlY5lOK6a4bwt3uRKnkZU40= -github.com/VictoriaMetrics/fastcache v1.12.1/go.mod h1:tX04vaqcNoQeGLD+ra5pU5sWkuxnzWhEzLwhP9w653o= +github.com/VictoriaMetrics/fastcache v1.12.2 h1:N0y9ASrJ0F6h0QaC3o6uJb3NIZ9VKLjCM7NQbSmF7WI= +github.com/VictoriaMetrics/fastcache v1.12.2/go.mod h1:AmC+Nzz1+3G2eCPapF6UcsnkThDcMsQicp4xDukwJYI= github.com/VictoriaMetrics/fasthttp v1.2.0 h1:nd9Wng4DlNtaI27WlYh5mGXCJOmee/2c2blTJwfyU9I= github.com/VictoriaMetrics/fasthttp v1.2.0/go.mod h1:zv5YSmasAoSyv8sBVexfArzFDIGGTN4TfCKAtAw7IfE= github.com/VictoriaMetrics/metrics v1.18.1/go.mod h1:ArjwVz7WpgpegX/JpB0zpNF2h2232kErkEnzH1sxMmA= -github.com/VictoriaMetrics/metrics v1.24.0 h1:ILavebReOjYctAGY5QU2F9X0MYvkcrG3aEn2RKa1Zkw= -github.com/VictoriaMetrics/metrics v1.24.0/go.mod h1:eFT25kvsTidQFHb6U0oa0rTrDRdz4xTYjpL8+UPohys= +github.com/VictoriaMetrics/metrics v1.25.3 h1:Zcxyj8JbAB6CQU51Er3D7RBRupcP55DevVQi9cFqo2Q= +github.com/VictoriaMetrics/metrics v1.25.3/go.mod h1:ZKmlI+QN6b9LUC0OiHNp2LiGQGlBy4U1re6Slooln1o= github.com/VictoriaMetrics/metricsql v0.56.2 h1:quBAbYOlWMhmdgzFSCr1yjtVcdZYZrVQJ7nR9zor7ZM= github.com/VictoriaMetrics/metricsql v0.56.2/go.mod h1:6pP1ZeLVJHqJrHlF6Ij3gmpQIznSsgktEcZgsAWYel0= github.com/VividCortex/ewma v1.2.0 h1:f58SaIzcDXrSy3kWaHNvuJgJ3Nmz59Zji6XoJR/q1ow= @@ -78,54 +74,54 @@ github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuy github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= -github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137 h1:s6gZFSlWYmbqAuRjVTiNNhvNRfY2Wxp9nhfyel4rklc= -github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE= +github.com/alecthomas/units v0.0.0-20231202071711-9a357b53e9c9 h1:ez/4by2iGztzR4L0zgAOR8lTQK9VlyBVVd7G4omaOQs= +github.com/alecthomas/units v0.0.0-20231202071711-9a357b53e9c9/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE= github.com/allegro/bigcache v1.2.1-0.20190218064605-e24eb225f156 h1:eMwmnE/GDgah4HI848JfFxHt+iPb26b4zyfspmqY0/8= github.com/allegro/bigcache v1.2.1-0.20190218064605-e24eb225f156/go.mod h1:Cb/ax3seSYIx7SuZdm2G2xzfwmv3TPSk2ucNfQESPXM= github.com/andybalholm/brotli v1.0.2/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y= github.com/andybalholm/brotli v1.0.3/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig= github.com/armon/go-metrics v0.4.1 h1:hR91U9KYmb6bLBYLQjyM+3j+rcd/UhE+G78SFnF8gJA= github.com/aws/aws-sdk-go v1.38.35/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro= -github.com/aws/aws-sdk-go v1.47.11 h1:Dol+MA+hQblbnXUI3Vk9qvoekU6O1uDEuAItezjiWNQ= -github.com/aws/aws-sdk-go v1.47.11/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= -github.com/aws/aws-sdk-go-v2 v1.22.2 h1:lV0U8fnhAnPz8YcdmZVV60+tr6CakHzqA6P8T46ExJI= -github.com/aws/aws-sdk-go-v2 v1.22.2/go.mod h1:Kd0OJtkW3Q0M0lUWGszapWjEvrXDzRW+D21JNsroB+c= -github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.0 h1:hHgLiIrTRtddC0AKcJr5s7i/hLgcpTt+q/FKxf1Zayk= -github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.0/go.mod h1:w4I/v3NOWgD+qvs1NPEwhd++1h3XPHFaVxasfY6HlYQ= -github.com/aws/aws-sdk-go-v2/config v1.25.0 h1:WCwAqyrM/kqYi6pHjVpq/w2pLydeGKv8Af9vdtO3ciM= -github.com/aws/aws-sdk-go-v2/config v1.25.0/go.mod h1:1QMnmhoWcR6957nC1MUUhhOLx9NOGFSVNG3Mag9vLU4= -github.com/aws/aws-sdk-go-v2/credentials v1.16.0 h1:sSEHkXonpZBSPcyUBDRlZjxOi14qM/UK7/vfKhGwmTo= -github.com/aws/aws-sdk-go-v2/credentials v1.16.0/go.mod h1:tXM8wmaeAhfC7nZoCxb0FzM/aRaB1m1WQ7x0qlBLq80= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.3 h1:G5KawTAkyHH6WyKQCdHiW4h3PmAXNJpOgwKg3H7sDRE= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.3/go.mod h1:hugKmSFnZB+HgNI1sYGT14BUPZkO6alC/e0AWu+0IAQ= -github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.13.7 h1:HDsYN1Qm6fFDKzaGfYVGGBNkifZAHWVBrzrILGhpdIU= -github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.13.7/go.mod h1:998wVfFSQY1hGhRXfv6QYGY08qi/L7Apr1XmJSWS5YI= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.2 h1:AaQsr5vvGR7rmeSWBtTCcw16tT9r51mWijuCQhzLnq8= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.2/go.mod h1:o1IiRn7CWocIFTXJjGKJDOwxv1ibL53NpcvcqGWyRBA= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.2 h1:UZx8SXZ0YtzRiALzYAWcjb9Y9hZUR7MBKaBQ5ouOjPs= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.2/go.mod h1:ipuRpcSaklmxR6C39G187TpBAO132gUfleTGccUPs8c= -github.com/aws/aws-sdk-go-v2/internal/ini v1.7.0 h1:usgqiJtamuGIBj+OvYmMq89+Z1hIKkMJToz1WpoeNUY= -github.com/aws/aws-sdk-go-v2/internal/ini v1.7.0/go.mod h1:6fQQgfuGmw8Al/3M2IgIllycxV7ZW7WCdVSqfBeUiCY= -github.com/aws/aws-sdk-go-v2/internal/v4a v1.2.2 h1:pyVrNAf7Hwz0u39dLKN5t+n0+K/3rMYKuiOoIum3AsU= -github.com/aws/aws-sdk-go-v2/internal/v4a v1.2.2/go.mod h1:mydrfOb9uiOYCxuCPR8YHQNQyGQwUQ7gPMZGBKbH8NY= -github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.0 h1:CJxo7ZBbaIzmXfV3hjcx36n9V87gJsIUPJflwqEHl3Q= -github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.0/go.mod h1:yjVfjuY4nD1EW9i387Kau+I6V5cBA5YnC/mWNopjZrI= -github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.2 h1:f2LhPofnjcdOQKRtumKjMvIHkfSQ8aH/rwKUDEQ/SB4= -github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.2/go.mod h1:q+xX0H4OfuWDuBy7y/LDi4v8IBOWuF+vtp8Z6ex+lw4= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.2 h1:h7j73yuAVVjic8pqswh+L/7r2IHP43QwRyOu6zcCDDE= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.2/go.mod h1:H07AHdK5LSy8F7EJUQhoxyiCNkePoHj2D8P2yGTWafo= -github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.2 h1:gbIaOzpXixUpoPK+js/bCBK1QBDXM22SigsnzGZio0U= -github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.2/go.mod h1:p+S7RNbdGN8qgHDSg2SCQJ9FeMAmvcETQiVpeGhYnNM= -github.com/aws/aws-sdk-go-v2/service/s3 v1.42.1 h1:o6MCcX1rJW8Y3g+hvg2xpjF6JR6DftuYhfl3Nc1WV9Q= -github.com/aws/aws-sdk-go-v2/service/s3 v1.42.1/go.mod h1:UDtxEWbREX6y4KREapT+jjtjoH0TiVSS6f5nfaY1UaM= -github.com/aws/aws-sdk-go-v2/service/sso v1.17.1 h1:km+ZNjtLtpXYf42RdaDZnNHm9s7SYAuDGTafy6nd89A= -github.com/aws/aws-sdk-go-v2/service/sso v1.17.1/go.mod h1:aHBr3pvBSD5MbzOvQtYutyPLLRPbl/y9x86XyJJnUXQ= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.19.1 h1:iRFNqZH4a67IqPvK8xxtyQYnyrlsvwmpHOe9r55ggBA= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.19.1/go.mod h1:pTy5WM+6sNv2tB24JNKFtn6EvciQ5k40ZJ0pq/Iaxj0= -github.com/aws/aws-sdk-go-v2/service/sts v1.25.1 h1:txgVXIXWPXyqdiVn92BV6a/rgtpX31HYdsOYj0sVQQQ= -github.com/aws/aws-sdk-go-v2/service/sts v1.25.1/go.mod h1:VAiJiNaoP1L89STFlEMgmHX1bKixY+FaP+TpRFrmyZ4= -github.com/aws/smithy-go v1.16.0 h1:gJZEH/Fqh+RsvlJ1Zt4tVAtV6bKkp3cC+R6FCZMNzik= -github.com/aws/smithy-go v1.16.0/go.mod h1:NukqUGpCZIILqqiV0NIjeFh24kd/FAa4beRb6nbIUPE= +github.com/aws/aws-sdk-go v1.48.16 h1:mcj2/9J/MJ55Dov+ocMevhR8Jv6jW/fAxbrn4a1JFc8= +github.com/aws/aws-sdk-go v1.48.16/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= +github.com/aws/aws-sdk-go-v2 v1.24.0 h1:890+mqQ+hTpNuw0gGP6/4akolQkSToDJgHfQE7AwGuk= +github.com/aws/aws-sdk-go-v2 v1.24.0/go.mod h1:LNh45Br1YAkEKaAqvmE1m8FUx6a5b/V0oAKV7of29b4= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.4 h1:OCs21ST2LrepDfD3lwlQiOqIGp6JiEUqG84GzTDoyJs= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.4/go.mod h1:usURWEKSNNAcAZuzRn/9ZYPT8aZQkR7xcCtunK/LkJo= +github.com/aws/aws-sdk-go-v2/config v1.26.1 h1:z6DqMxclFGL3Zfo+4Q0rLnAZ6yVkzCRxhRMsiRQnD1o= +github.com/aws/aws-sdk-go-v2/config v1.26.1/go.mod h1:ZB+CuKHRbb5v5F0oJtGdhFTelmrxd4iWO1lf0rQwSAg= +github.com/aws/aws-sdk-go-v2/credentials v1.16.12 h1:v/WgB8NxprNvr5inKIiVVrXPuuTegM+K8nncFkr1usU= +github.com/aws/aws-sdk-go-v2/credentials v1.16.12/go.mod h1:X21k0FjEJe+/pauud82HYiQbEr9jRKY3kXEIQ4hXeTQ= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.10 h1:w98BT5w+ao1/r5sUuiH6JkVzjowOKeOJRHERyy1vh58= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.10/go.mod h1:K2WGI7vUvkIv1HoNbfBA1bvIZ+9kL3YVmWxeKuLQsiw= +github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.15.7 h1:FnLf60PtjXp8ZOzQfhJVsqF0OtYKQZWQfqOLshh8YXg= +github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.15.7/go.mod h1:tDVvl8hyU6E9B8TrnNrZQEVkQlB8hjJwcgpPhgtlnNg= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.9 h1:v+HbZaCGmOwnTTVS86Fleq0vPzOd7tnJGbFhP0stNLs= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.9/go.mod h1:Xjqy+Nyj7VDLBtCMkQYOw1QYfAEZCVLrfI0ezve8wd4= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.9 h1:N94sVhRACtXyVcjXxrwK1SKFIJrA9pOJ5yu2eSHnmls= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.9/go.mod h1:hqamLz7g1/4EJP+GH5NBhcUMLjW+gKLQabgyz6/7WAU= +github.com/aws/aws-sdk-go-v2/internal/ini v1.7.2 h1:GrSw8s0Gs/5zZ0SX+gX4zQjRnRsMJDJ2sLur1gRBhEM= +github.com/aws/aws-sdk-go-v2/internal/ini v1.7.2/go.mod h1:6fQQgfuGmw8Al/3M2IgIllycxV7ZW7WCdVSqfBeUiCY= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.2.9 h1:ugD6qzjYtB7zM5PN/ZIeaAIyefPaD82G8+SJopgvUpw= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.2.9/go.mod h1:YD0aYBWCrPENpHolhKw2XDlTIWae2GKXT1T4o6N6hiM= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4 h1:/b31bi3YVNlkzkBrm9LfpaKoaYZUxIAj4sHfOTmLfqw= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4/go.mod h1:2aGXHFmbInwgP9ZfpmdIfOELL79zhdNYNmReK8qDfdQ= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.9 h1:/90OR2XbSYfXucBMJ4U14wrjlfleq/0SB6dZDPncgmo= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.9/go.mod h1:dN/Of9/fNZet7UrQQ6kTDo/VSwKPIq94vjlU16bRARc= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.9 h1:Nf2sHxjMJR8CSImIVCONRi4g0Su3J+TSTbS7G0pUeMU= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.9/go.mod h1:idky4TER38YIjr2cADF1/ugFMKvZV7p//pVeV5LZbF0= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.9 h1:iEAeF6YC3l4FzlJPP9H3Ko1TXpdjdqWffxXjp8SY6uk= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.9/go.mod h1:kjsXoK23q9Z/tLBrckZLLyvjhZoS+AGrzqzUfEClvMM= +github.com/aws/aws-sdk-go-v2/service/s3 v1.47.5 h1:Keso8lIOS+IzI2MkPZyK6G0LYcK3My2LQ+T5bxghEAY= +github.com/aws/aws-sdk-go-v2/service/s3 v1.47.5/go.mod h1:vADO6Jn+Rq4nDtfwNjhgR84qkZwiC6FqCaXdw/kYwjA= +github.com/aws/aws-sdk-go-v2/service/sso v1.18.5 h1:ldSFWz9tEHAwHNmjx2Cvy1MjP5/L9kNoR0skc6wyOOM= +github.com/aws/aws-sdk-go-v2/service/sso v1.18.5/go.mod h1:CaFfXLYL376jgbP7VKC96uFcU8Rlavak0UlAwk1Dlhc= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.5 h1:2k9KmFawS63euAkY4/ixVNsYYwrwnd5fIvgEKkfZFNM= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.5/go.mod h1:W+nd4wWDVkSUIox9bacmkBP5NMFQeTJ/xqNabpzSR38= +github.com/aws/aws-sdk-go-v2/service/sts v1.26.5 h1:5UYvv8JUvllZsRnfrcMQ+hJ9jNICmcgKPAO1CER25Wg= +github.com/aws/aws-sdk-go-v2/service/sts v1.26.5/go.mod h1:XX5gh4CB7wAs4KhcF46G6C8a2i7eupU19dcAAE+EydU= +github.com/aws/smithy-go v1.19.0 h1:KWFKQV80DpP3vJrrA9sVAHQ5gc2z8i4EzrLhLlWXcBM= +github.com/aws/smithy-go v1.19.0/go.mod h1:NukqUGpCZIILqqiV0NIjeFh24kd/FAa4beRb6nbIUPE= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= @@ -150,10 +146,10 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dennwc/varint v1.0.0 h1:kGNFFSSw8ToIy3obO/kKr8U9GZYUAxQEVuix4zfDWzE= github.com/dennwc/varint v1.0.0/go.mod h1:hnItb35rvZvJrbTALZtY/iQfDs48JKRG1RPpgziApxA= -github.com/digitalocean/godo v1.99.0 h1:gUHO7n9bDaZFWvbzOum4bXE0/09ZuYA9yA8idQHX57E= +github.com/digitalocean/godo v1.104.1 h1:SZNxjAsskM/su0YW9P8Wx3gU0W1Z13b6tZlYNpl5BnA= github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI= github.com/docker/distribution v2.8.2+incompatible h1:T3de5rq0dB1j30rp0sA2rER+m322EBzniBPB6ZIzuh8= -github.com/docker/docker v24.0.4+incompatible h1:s/LVDftw9hjblvqIeTiGYXBCD95nOEEl7qRsRrIOuQI= +github.com/docker/docker v24.0.6+incompatible h1:hceabKCtUgDqPu+qm0NgsaXf28Ljf4/pWFL7xjWWDgE= github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ= github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4= github.com/edsrzf/mmap-go v1.1.0 h1:6EUwBLQ/Mcr1EYLE4Tn1VdW1A4ckqCQWZBw8Hr0kjpQ= @@ -169,6 +165,9 @@ github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4Nij github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= +github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= +github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= @@ -193,10 +192,8 @@ github.com/go-zookeeper/zk v1.0.3 h1:7M2kwOsc//9VeeFiPtf+uSJlVpU66x9Ba5+8XK7/TDg github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang-jwt/jwt v3.2.1+incompatible h1:73Z+4BJcrTC+KczS6WvTPvRGOp1WmfEP4Q1lOd9Z/+c= -github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= -github.com/golang-jwt/jwt/v5 v5.1.0 h1:UGKbA/IPjtS6zLcdB7i5TyACMgSbOTiR8qzXgw8HWQU= -github.com/golang-jwt/jwt/v5 v5.1.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= +github.com/golang-jwt/jwt/v5 v5.2.0 h1:d/ix8ftRUorsN+5eMIlF4T6J8CAt9rch3My2winC1Jw= +github.com/golang-jwt/jwt/v5 v5.2.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -233,7 +230,7 @@ github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= -github.com/google/gnostic v0.6.9 h1:ZK/5VhkoX835RikCHpSUJV9a+S3e1zLh59YnyWeBW+0= +github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= @@ -244,7 +241,6 @@ github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= @@ -272,11 +268,11 @@ github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+ github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/googleapis/gax-go/v2 v2.12.0 h1:A+gCJKdRfqXkr+BIRGtZLibNXf0m1f9E4HG56etFpas= github.com/googleapis/gax-go/v2 v2.12.0/go.mod h1:y+aIqrI5eb1YGMVJfuV3185Ts/D7qKpsEkdD5+I6QGU= -github.com/gophercloud/gophercloud v1.5.0 h1:cDN6XFCLKiiqvYpjQLq9AiM7RDRbIC9450WpPH+yvXo= +github.com/gophercloud/gophercloud v1.7.0 h1:fyJGKh0LBvIZKLvBWvQdIgkaV5yTM3Jh9EYUh+UNCAs= github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc= github.com/grafana/regexp v0.0.0-20221122212121-6b5c0a4cb7fd h1:PpuIBO5P3e9hpqBD0O/HjhShYuM6XE0i/lbE6J94kww= github.com/grafana/regexp v0.0.0-20221122212121-6b5c0a4cb7fd/go.mod h1:M5qHK+eWfAv8VR/265dIuEpL3fNfeC21tXXp9itM24A= -github.com/hashicorp/consul/api v1.22.0 h1:ydEvDooB/A0c/xpsBd8GSt7P2/zYPBui4KrNip0xGjE= +github.com/hashicorp/consul/api v1.25.1 h1:CqrdhYzc8XZuPnhIYZWH45toM0LB9ZeYr/gvpLVI3PE= github.com/hashicorp/cronexpr v1.1.2 h1:wG/ZYIKT+RT3QkOdgYc+xsKWVRgnxJ1OJtjjy84fJ9A= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= @@ -288,14 +284,14 @@ github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5O github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.6.0 h1:uL2shRDx7RTrOrTCUZEGP/wJUFiUI8QT6E7z5o8jga4= -github.com/hashicorp/nomad/api v0.0.0-20230718173136-3a687930bd3e h1:sr4lujmn9heD030xx/Pd4B/JSmvRhFzuotNXaaV0WLs= +github.com/hashicorp/nomad/api v0.0.0-20230721134942-515895c7690c h1:Nc3Mt2BAnq0/VoLEntF/nipX+K1S7pG+RgwiitSv6v0= github.com/hashicorp/serf v0.10.1 h1:Z1H2J60yRKvfDYAOZLd2MU0ND4AH/WDz7xYHDWQsIPY= -github.com/hetznercloud/hcloud-go/v2 v2.0.0 h1:Sg1DJ+MAKvbYAqaBaq9tPbwXBS2ckPIaMtVdUjKu+4g= +github.com/hetznercloud/hcloud-go/v2 v2.4.0 h1:MqlAE+w125PLvJRCpAJmEwrIxoVdUdOyuFUhE/Ukbok= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= github.com/influxdata/influxdb v1.11.2 h1:qOF3uQN1mDfJNEKwbAgJsqehf8IXgKok2vlGm736oGo= github.com/influxdata/influxdb v1.11.2/go.mod h1:eUMkLTE2vQwvSk6KGMrTBLKPaqSuczuelGbggigMPFw= -github.com/ionos-cloud/sdk-go/v6 v6.1.8 h1:493wE/BkZxJf7x79UCE0cYGPZoqQcPiEBALvt7uVGY0= +github.com/ionos-cloud/sdk-go/v6 v6.1.9 h1:Iq3VIXzeEbc8EbButuACgfLMiY5TPVWUPNrF+Vsddo4= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= @@ -316,8 +312,8 @@ github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/klauspost/compress v1.13.4/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= github.com/klauspost/compress v1.13.5/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= -github.com/klauspost/compress v1.17.2 h1:RlWWUY/Dr4fL8qk9YG7DTZ7PDgME2V4csBXA8L/ixi4= -github.com/klauspost/compress v1.17.2/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= +github.com/klauspost/compress v1.17.4 h1:Ej5ixsIri7BrIjBkRZLTo6ghwrEtHFk7ijlczPW4fZ4= +github.com/klauspost/compress v1.17.4/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM= github.com/kolo/xmlrpc v0.0.0-20220921171641-a4b6fa1dd06b h1:udzkj9S/zlT5X367kqJis0QP7YMxobob6zhzq6Yre00= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= @@ -329,7 +325,7 @@ github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= -github.com/linode/linodego v1.19.0 h1:n4WJrcr9+30e9JGZ6DI0nZbm5SdAj1kSwvvt/998YUw= +github.com/linode/linodego v1.23.0 h1:s0ReCZtuN9Z1IoUN9w1RLeYO1dMZUGPwOQ/IBFsBHtU= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= @@ -341,7 +337,7 @@ github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg= github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k= -github.com/miekg/dns v1.1.55 h1:GoQ4hpsj0nFLYe+bWiCToyrBEJXkQfOOIvFGFy0lEgo= +github.com/miekg/dns v1.1.56 h1:5imZaSeoRNvpM9SzWNhEcP9QliKiz20/dA2QabIGVnE= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -359,7 +355,7 @@ github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/image-spec v1.0.2 h1:9yCKha/T5XdGtO0q9Q9a6T5NUCsTn/DrBg0D7ufOcFM= -github.com/ovh/go-ovh v1.4.1 h1:VBGa5wMyQtTP7Zb+w97zRCh9sLtM/2YKRyy+MEJmWaM= +github.com/ovh/go-ovh v1.4.3 h1:Gs3V823zwTFpzgGLZNI6ILS4rmxZgJwJCz54Er9LwD0= github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 h1:KoWmjvw+nsYOo29YJK9vDA65RGE3NrOnUtO7a+RF9HU= github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8/go.mod h1:HKlIX3XHQyzLZPlr7++PzdhaXEj94dEiJgZDTsxEqUI= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -395,8 +391,8 @@ github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4O github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= -github.com/prometheus/prometheus v0.47.2 h1:jWcnuQHz1o1Wu3MZ6nMJDuTI0kU5yJp9pkxh8XEkNvI= -github.com/prometheus/prometheus v0.47.2/go.mod h1:J/bmOSjgH7lFxz2gZhrWEZs2i64vMS+HIuZfmYNhJ/M= +github.com/prometheus/prometheus v0.48.1 h1:CTszphSNTXkuCG6O0IfpKdHcJkvvnAAE1GbELKS+NFk= +github.com/prometheus/prometheus v0.48.1/go.mod h1:SRw624aMAxTfryAcP8rOjg4S/sHHaetx2lyJJ2nM83g= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= @@ -404,7 +400,7 @@ github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFR github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/scaleway/scaleway-sdk-go v1.0.0-beta.20 h1:a9hSJdJcd16e0HoMsnFvaHvxB3pxSD+SC7+CISp7xY0= +github.com/scaleway/scaleway-sdk-go v1.0.0-beta.21 h1:yWfiTPwYxB0l5fGMhl/G+liULugVIHD9AU77iNLrURQ= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= @@ -423,8 +419,8 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -github.com/urfave/cli/v2 v2.25.7 h1:VAzn5oq403l5pHjc4OhD54+XGO9cdKVL/7lDjF+iKUs= -github.com/urfave/cli/v2 v2.25.7/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ= +github.com/urfave/cli/v2 v2.26.0 h1:3f3AMg3HpThFNT4I++TKOejZO8yU55t3JnnSr4S4QEI= +github.com/urfave/cli/v2 v2.26.0/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ= github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw= github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= github.com/valyala/fasthttp v1.30.0/go.mod h1:2rsYD01CKFrjjsvFxx75KlEUNpWNBY9JWD3K/7o2Cus= @@ -456,18 +452,19 @@ go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= -go.opentelemetry.io/collector/pdata v1.0.0-rcv0018 h1:a2IHOZKphRzPagcvOHQHHUE0DlITFSKlIBwaWhPZpl4= -go.opentelemetry.io/collector/pdata v1.0.0-rcv0018/go.mod h1:oNIcTRyEJYIfMcRYyyh5lquDU0Vl+ktTL6ka+p+dYvg= -go.opentelemetry.io/collector/semconv v0.89.0 h1:Sw+MiI3/oiYIY+ebkanZsOaBxXMx3sqnH1/6NaD4rLQ= -go.opentelemetry.io/collector/semconv v0.89.0/go.mod h1:j/8THcqVxFna1FpvA2zYIsUperEtOaRaqoLYIN4doWw= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.0 h1:1eHu3/pUSWaOgltNK3WJFaywKsTIr/PwvHyDmi0lQA0= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.0/go.mod h1:HyABWq60Uy1kjJSa2BVOxUVao8Cdick5AWSKPutqy6U= -go.opentelemetry.io/otel v1.20.0 h1:vsb/ggIY+hUjD/zCAQHpzTmndPqv/ml2ArbsbfBYTAc= -go.opentelemetry.io/otel v1.20.0/go.mod h1:oUIGj3D77RwJdM6PPZImDpSZGDvkD9fhesHny69JFrs= -go.opentelemetry.io/otel/metric v1.20.0 h1:ZlrO8Hu9+GAhnepmRGhSU7/VkpjrNowxRN9GyKR4wzA= -go.opentelemetry.io/otel/metric v1.20.0/go.mod h1:90DRw3nfK4D7Sm/75yQ00gTJxtkBxX+wu6YaNymbpVM= -go.opentelemetry.io/otel/trace v1.20.0 h1:+yxVAPZPbQhbC3OfAkeIVTky6iTFpcr4SiY9om7mXSQ= -go.opentelemetry.io/otel/trace v1.20.0/go.mod h1:HJSK7F/hA5RlzpZ0zKDCHCDHm556LCDtKaAo6JmBFUU= +go.opentelemetry.io/collector/pdata v1.0.0 h1:ECP2jnLztewsHmL1opL8BeMtWVc7/oSlKNhfY9jP8ec= +go.opentelemetry.io/collector/pdata v1.0.0/go.mod h1:TsDFgs4JLNG7t6x9D8kGswXUz4mme+MyNChHx8zSF6k= +go.opentelemetry.io/collector/semconv v0.90.1 h1:2fkQZbefQBbIcNb9Rk1mRcWlFZgQOk7CpST1e1BK8eg= +go.opentelemetry.io/collector/semconv v0.90.1/go.mod h1:j/8THcqVxFna1FpvA2zYIsUperEtOaRaqoLYIN4doWw= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1 h1:aFJWCqJMNjENlcleuuOkGAPH82y0yULBScfXcIEdS24= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1/go.mod h1:sEGXWArGqc3tVa+ekntsN65DmVbVeW+7lTKTjZF3/Fo= +go.opentelemetry.io/otel v1.21.0 h1:hzLeKBZEL7Okw2mGzZ0cc4k/A7Fta0uoPgaJCr8fsFc= +go.opentelemetry.io/otel v1.21.0/go.mod h1:QZzNPQPm1zLX4gZK4cMi+71eaorMSGT3A4znnUvNNEo= +go.opentelemetry.io/otel/metric v1.21.0 h1:tlYWfeo+Bocx5kLEloTjbcDwBuELRrIFxwdQ36PlJu4= +go.opentelemetry.io/otel/metric v1.21.0/go.mod h1:o1p3CA8nNHW8j5yuQLdc1eeqEaPfzug24uvsyIEJRWM= +go.opentelemetry.io/otel/sdk v1.19.0 h1:6USY6zH+L8uMH8L3t1enZPR3WFEmSTADlqldyHtJi3o= +go.opentelemetry.io/otel/trace v1.21.0 h1:WD9i5gzvoUPuXIXH24ZNBudiarZDKuekPqi/E8fpfLc= +go.opentelemetry.io/otel/trace v1.21.0/go.mod h1:LGbsEB0f9LGjN+OZaQQ26sohbOmiMR+BaslueVtS/qQ= go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE= go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= @@ -482,11 +479,22 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= -golang.org/x/crypto v0.15.0 h1:frVn1TEaCEaZcn3Tmd7Y2b5KKPaZ+I32Q2OA3kYp5TA= -golang.org/x/crypto v0.15.0/go.mod h1:4ChreQoLWfG3xLDer1WdlH5NdlQ3+mwnQq1YTKY+72g= -golang.org/x/exp v0.0.0-20230713183714-613f0c0eb8a1 h1:MGwJjxBy0HJshjDNfLsYO8xppfqWlA5ZT9OhtUUhTNw= -golang.org/x/exp v0.0.0-20230713183714-613f0c0eb8a1/go.mod h1:FXUEEKJgO7OQYeo8N01OfiKP8RXMtf6e8aTskBGqWdc= +golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY= +golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= +golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= +golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= +golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= +golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= +golang.org/x/exp v0.0.0-20231206192017-f3f8817b8deb h1:c0vyKkb6yr3KR7jEfJaOSv4lG7xPkbN6r52aJz1d8a8= +golang.org/x/exp v0.0.0-20231206192017-f3f8817b8deb/go.mod h1:iRJReGqOEeBhDZGkGbynYwcHlctCvnjTYIamk7uXpHI= +golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= +golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -497,14 +505,16 @@ golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHl golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= +golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= +golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.6.0/go.mod h1:4mET923SAdbXp2ki8ey+zGs1SLqsuM2Y0uvdZR/fUNI= -golang.org/x/mod v0.11.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc= +golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -539,17 +549,16 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20210510120150-4163338589ed/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= -golang.org/x/net v0.18.0 h1:mIYleuAkSbHh0tCv7RvjL3F6ZVbLjq4+R7zbOn3Kokg= -golang.org/x/net v0.18.0/go.mod h1:/czyP5RqHAH4odGYxBJ1qz0+CE5WZ+2j1YgoEo8F2jQ= +golang.org/x/net v0.19.0 h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c= +golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.14.0 h1:P0Vrf/2538nmC0H+pEQ3MNFRRnVR7RlqyVw+bvm26z0= -golang.org/x/oauth2 v0.14.0/go.mod h1:lAtNWgaWfL4cm7j2OV8TxGi9Qb7ECORx8DktCY74OwM= +golang.org/x/oauth2 v0.15.0 h1:s8pnnxNVzjWyrvYdFUQq5llS1PX2zhPXmccZv99h7uQ= +golang.org/x/oauth2 v0.15.0/go.mod h1:q48ptWNTY5XWf+JNten23lcvHpLJ0ZSxF5ttTHKVCAM= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -567,6 +576,7 @@ golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -574,6 +584,7 @@ golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -603,15 +614,13 @@ golang.org/x/sys v0.0.0-20210616045830-e2b7044e8c71/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q= golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= +golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.14.0 h1:LGK9IlZ8T9jvdy6cTdfKUCltatMFOehAQo9SRC46UQ8= +golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -620,18 +629,18 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= -golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.4.0 h1:Z81tqI5ddIoXDPvVQ7/7CC9TnLM7ubaFG2qXYd5BbYY= -golang.org/x/time v0.4.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= +golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= +golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= @@ -639,7 +648,9 @@ golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBn golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -651,6 +662,7 @@ golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapK golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= @@ -667,8 +679,7 @@ golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA= -golang.org/x/tools v0.11.0 h1:EMCa6U9S2LtZXLAMoWiR/R8dAQFRqbAitmbJ2UKhoi8= +golang.org/x/tools v0.16.0 h1:GO788SKMRunPIBCXiQyo2AaexLstOrVhuAL5YwsckQM= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -691,8 +702,8 @@ google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0M google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= -google.golang.org/api v0.150.0 h1:Z9k22qD289SZ8gCJrk4DrWXkNjtfvKAUo/l1ma8eBYE= -google.golang.org/api v0.150.0/go.mod h1:ccy+MJ6nrYFgE3WgRx/AMXOxOmU8Q4hSa+jjibzhxcg= +google.golang.org/api v0.153.0 h1:N1AwGhielyKFaUqH07/ZSIQR3uNPcV7NVw0vj+j4iR4= +google.golang.org/api v0.153.0/go.mod h1:3qNJX5eOmhiWYc67jRA/3GsDw97UFb5ivv7Y2PrriAY= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= @@ -730,12 +741,12 @@ google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7Fc google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20231106174013-bbf56f31fb17 h1:wpZ8pe2x1Q3f2KyT5f8oP/fa9rHAKgFPr/HZdNuS+PQ= -google.golang.org/genproto v0.0.0-20231106174013-bbf56f31fb17/go.mod h1:J7XzRzVy1+IPwWHZUzoD0IccYZIrXILAQpc+Qy9CMhY= -google.golang.org/genproto/googleapis/api v0.0.0-20231106174013-bbf56f31fb17 h1:JpwMPBpFN3uKhdaekDpiNlImDdkUAyiJ6ez/uxGaUSo= -google.golang.org/genproto/googleapis/api v0.0.0-20231106174013-bbf56f31fb17/go.mod h1:0xJLfVdJqpAPl8tDg1ujOCGzx6LFLttXT5NhllGOXY4= -google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 h1:Jyp0Hsi0bmHXG6k9eATXoYtjd6e2UzZ1SCn/wIupY14= -google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17/go.mod h1:oQ5rr10WTTMvP4A36n8JpR1OrO1BEiV4f78CneXZxkA= +google.golang.org/genproto v0.0.0-20231127180814-3a041ad873d4 h1:W12Pwm4urIbRdGhMEg2NM9O3TWKjNcxQhs46V0ypf/k= +google.golang.org/genproto v0.0.0-20231127180814-3a041ad873d4/go.mod h1:5RBcpGRxr25RbDzY5w+dmaqpSEvl8Gwl1x2CICf60ic= +google.golang.org/genproto/googleapis/api v0.0.0-20231127180814-3a041ad873d4 h1:ZcOkrmX74HbKFYnpPY8Qsw93fC29TbJXspYKaBkSXDQ= +google.golang.org/genproto/googleapis/api v0.0.0-20231127180814-3a041ad873d4/go.mod h1:k2dtGpRrbsSyKcNPKKI5sstZkrNCZwpU/ns96JoHbGg= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231127180814-3a041ad873d4 h1:DC7wcm+i+P1rN3Ff07vL+OndGg5OhNddHyTA+ocPqYE= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231127180814-3a041ad873d4/go.mod h1:eJVxU6o+4G1PSczBr85xmyvSNYAKvAYgkub40YGomFM= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= @@ -791,12 +802,12 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.27.3 h1:yR6oQXXnUEBWEWcvPWS0jQL575KoAboQPfJAuKNrw5Y= -k8s.io/apimachinery v0.27.3 h1:Ubye8oBufD04l9QnNtW05idcOe9Z3GQN8+7PqmuVcUM= -k8s.io/client-go v0.27.3 h1:7dnEGHZEJld3lYwxvLl7WoehK6lAq7GvgjxpA3nv1E8= +k8s.io/api v0.28.2 h1:9mpl5mOb6vXZvqbQmankOfPIGiudghwCoLl1EYfUZbw= +k8s.io/apimachinery v0.28.2 h1:KCOJLrc6gu+wV1BYgwik4AF4vXOlVJPdiqn0yAWWwXQ= +k8s.io/client-go v0.28.2 h1:DNoYI1vGq0slMBN/SWKMZMw0Rq+0EQW6/AK4v9+3VeY= k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8= k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= -k8s.io/kube-openapi v0.0.0-20230525220651-2546d827e515 h1:OmK1d0WrkD3IPfkskvroRykOulHVHf0s0ZIFRjyt+UI= +k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ= k8s.io/utils v0.0.0-20230711102312-30195339c3c7 h1:ZgnF1KZsYxWIifwSNZFZgNtWE89WI5yiP5WwlfDoIyc= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= diff --git a/lib/backup/s3remote/s3.go b/lib/backup/s3remote/s3.go index a5aac8532..b2c7812a4 100644 --- a/lib/backup/s3remote/s3.go +++ b/lib/backup/s3remote/s3.go @@ -148,7 +148,7 @@ func (fs *FS) ListParts() ([]common.Part, error) { continue } - p.ActualSize = uint64(o.Size) + p.ActualSize = uint64(*o.Size) parts = append(parts, p) } diff --git a/vendor/cloud.google.com/go/internal/.repo-metadata-full.json b/vendor/cloud.google.com/go/internal/.repo-metadata-full.json index 31d172047..46c4094d3 100644 --- a/vendor/cloud.google.com/go/internal/.repo-metadata-full.json +++ b/vendor/cloud.google.com/go/internal/.repo-metadata-full.json @@ -619,6 +619,16 @@ "release_level": "stable", "library_type": "GAPIC_AUTO" }, + "cloud.google.com/go/cloudprofiler/apiv2": { + "api_shortname": "cloudprofiler", + "distribution_name": "cloud.google.com/go/cloudprofiler/apiv2", + "description": "Cloud Profiler API", + "language": "go", + "client_library_type": "generated", + "client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/cloudprofiler/latest/apiv2", + "release_level": "preview", + "library_type": "GAPIC_AUTO" + }, "cloud.google.com/go/cloudtasks/apiv2": { "api_shortname": "cloudtasks", "distribution_name": "cloud.google.com/go/cloudtasks/apiv2", @@ -1019,6 +1029,16 @@ "release_level": "stable", "library_type": "GAPIC_AUTO" }, + "cloud.google.com/go/edgenetwork/apiv1": { + "api_shortname": "edgenetwork", + "distribution_name": "cloud.google.com/go/edgenetwork/apiv1", + "description": "Distributed Cloud Edge Network API", + "language": "go", + "client_library_type": "generated", + "client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/edgenetwork/latest/apiv1", + "release_level": "preview", + "library_type": "GAPIC_AUTO" + }, "cloud.google.com/go/errorreporting": { "api_shortname": "clouderrorreporting", "distribution_name": "cloud.google.com/go/errorreporting", @@ -1099,6 +1119,16 @@ "release_level": "stable", "library_type": "GAPIC_AUTO" }, + "cloud.google.com/go/firestore/apiv1/admin": { + "api_shortname": "firestore", + "distribution_name": "cloud.google.com/go/firestore/apiv1/admin", + "description": "Cloud Firestore API", + "language": "go", + "client_library_type": "generated", + "client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/firestore/latest/apiv1/admin", + "release_level": "stable", + "library_type": "GAPIC_AUTO" + }, "cloud.google.com/go/functions/apiv1": { "api_shortname": "cloudfunctions", "distribution_name": "cloud.google.com/go/functions/apiv1", @@ -2279,6 +2309,16 @@ "release_level": "preview", "library_type": "GAPIC_AUTO" }, + "cloud.google.com/go/telcoautomation/apiv1": { + "api_shortname": "telcoautomation", + "distribution_name": "cloud.google.com/go/telcoautomation/apiv1", + "description": "Telco Automation API", + "language": "go", + "client_library_type": "generated", + "client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/telcoautomation/latest/apiv1", + "release_level": "preview", + "library_type": "GAPIC_AUTO" + }, "cloud.google.com/go/texttospeech/apiv1": { "api_shortname": "texttospeech", "distribution_name": "cloud.google.com/go/texttospeech/apiv1", diff --git a/vendor/cloud.google.com/go/internal/trace/trace.go b/vendor/cloud.google.com/go/internal/trace/trace.go index c201d343e..f6b88253b 100644 --- a/vendor/cloud.google.com/go/internal/trace/trace.go +++ b/vendor/cloud.google.com/go/internal/trace/trace.go @@ -16,35 +16,94 @@ package trace import ( "context" + "errors" "fmt" + "os" + "strings" "go.opencensus.io/trace" - "golang.org/x/xerrors" + "go.opentelemetry.io/otel" + "go.opentelemetry.io/otel/attribute" + "go.opentelemetry.io/otel/codes" + ottrace "go.opentelemetry.io/otel/trace" "google.golang.org/api/googleapi" "google.golang.org/genproto/googleapis/rpc/code" "google.golang.org/grpc/status" ) -// StartSpan adds a span to the trace with the given name. +const ( + telemetryPlatformTracingOpenCensus = "opencensus" + telemetryPlatformTracingOpenTelemetry = "opentelemetry" + telemetryPlatformTracingVar = "GOOGLE_API_GO_EXPERIMENTAL_TELEMETRY_PLATFORM_TRACING" +) + +var ( + // TODO(chrisdsmith): Should the name of the OpenTelemetry tracer be public and mutable? + openTelemetryTracerName string = "cloud.google.com/go" + openTelemetryTracingEnabled bool = strings.EqualFold(strings.TrimSpace( + os.Getenv(telemetryPlatformTracingVar)), telemetryPlatformTracingOpenTelemetry) +) + +// IsOpenCensusTracingEnabled returns true if the environment variable +// GOOGLE_API_GO_EXPERIMENTAL_TELEMETRY_PLATFORM_TRACING is NOT set to the +// case-insensitive value "opentelemetry". +func IsOpenCensusTracingEnabled() bool { + return !IsOpenTelemetryTracingEnabled() +} + +// IsOpenTelemetryTracingEnabled returns true if the environment variable +// GOOGLE_API_GO_EXPERIMENTAL_TELEMETRY_PLATFORM_TRACING is set to the +// case-insensitive value "opentelemetry". +func IsOpenTelemetryTracingEnabled() bool { + return openTelemetryTracingEnabled +} + +// StartSpan adds a span to the trace with the given name. If IsOpenCensusTracingEnabled +// returns true, the span will be an OpenCensus span. If IsOpenTelemetryTracingEnabled +// returns true, the span will be an OpenTelemetry span. Set the environment variable +// GOOGLE_API_GO_EXPERIMENTAL_TELEMETRY_PLATFORM_TRACING to the case-insensitive +// value "opentelemetry" before loading the package to use OpenTelemetry tracing. +// The default will remain OpenCensus until [TBD], at which time the default will +// switch to "opentelemetry" and explicitly setting the environment variable to +// "opencensus" will be required to continue using OpenCensus tracing. func StartSpan(ctx context.Context, name string) context.Context { - ctx, _ = trace.StartSpan(ctx, name) + if IsOpenTelemetryTracingEnabled() { + ctx, _ = otel.GetTracerProvider().Tracer(openTelemetryTracerName).Start(ctx, name) + } else { + ctx, _ = trace.StartSpan(ctx, name) + } return ctx } -// EndSpan ends a span with the given error. +// EndSpan ends a span with the given error. If IsOpenCensusTracingEnabled +// returns true, the span will be an OpenCensus span. If IsOpenTelemetryTracingEnabled +// returns true, the span will be an OpenTelemetry span. Set the environment variable +// GOOGLE_API_GO_EXPERIMENTAL_TELEMETRY_PLATFORM_TRACING to the case-insensitive +// value "opentelemetry" before loading the package to use OpenTelemetry tracing. +// The default will remain OpenCensus until [TBD], at which time the default will +// switch to "opentelemetry" and explicitly setting the environment variable to +// "opencensus" will be required to continue using OpenCensus tracing. func EndSpan(ctx context.Context, err error) { - span := trace.FromContext(ctx) - if err != nil { - span.SetStatus(toStatus(err)) + if IsOpenTelemetryTracingEnabled() { + span := ottrace.SpanFromContext(ctx) + if err != nil { + span.SetStatus(codes.Error, toOpenTelemetryStatusDescription(err)) + span.RecordError(err) + } + span.End() + } else { + span := trace.FromContext(ctx) + if err != nil { + span.SetStatus(toStatus(err)) + } + span.End() } - span.End() } -// toStatus interrogates an error and converts it to an appropriate -// OpenCensus status. +// toStatus converts an error to an equivalent OpenCensus status. func toStatus(err error) trace.Status { var err2 *googleapi.Error - if ok := xerrors.As(err, &err2); ok { + if ok := errors.As(err, &err2); ok { return trace.Status{Code: httpStatusCodeToOCCode(err2.Code), Message: err2.Message} } else if s, ok := status.FromError(err); ok { return trace.Status{Code: int32(s.Code()), Message: s.Message()} @@ -53,6 +112,18 @@ func toStatus(err error) trace.Status { } } +// toOpenTelemetryStatus converts an error to an equivalent OpenTelemetry status description. +func toOpenTelemetryStatusDescription(err error) string { + var err2 *googleapi.Error + if ok := errors.As(err, &err2); ok { + return err2.Message + } else if s, ok := status.FromError(err); ok { + return s.Message() + } else { + return err.Error() + } +} + // TODO(deklerk): switch to using OpenCensus function when it becomes available. // Reference: https://github.com/googleapis/googleapis/blob/26b634d2724ac5dd30ae0b0cbfb01f07f2e4050e/google/rpc/code.proto func httpStatusCodeToOCCode(httpStatusCode int) int32 { @@ -86,10 +157,33 @@ func httpStatusCodeToOCCode(httpStatusCode int) int32 { } } -// TODO: (odeke-em): perhaps just pass around spans due to the cost -// incurred from using trace.FromContext(ctx) yet we could avoid -// throwing away the work done by ctx, span := trace.StartSpan. +// TracePrintf retrieves the current OpenCensus or OpenTelemetry span from context, then: +// * calls Span.Annotatef if OpenCensus is enabled; or +// * calls Span.AddEvent if OpenTelemetry is enabled. +// +// If IsOpenCensusTracingEnabled returns true, the expected span must be an +// OpenCensus span. If IsOpenTelemetryTracingEnabled returns true, the expected +// span must be an OpenTelemetry span. Set the environment variable +// GOOGLE_API_GO_EXPERIMENTAL_TELEMETRY_PLATFORM_TRACING to the case-insensitive +// value "opentelemetry" before loading the package to use OpenTelemetry tracing. +// The default will remain OpenCensus until [TBD], at which time the default will +// switch to "opentelemetry" and explicitly setting the environment variable to +// "opencensus" will be required to continue using OpenCensus tracing. func TracePrintf(ctx context.Context, attrMap map[string]interface{}, format string, args ...interface{}) { + if IsOpenTelemetryTracingEnabled() { + attrs := otAttrs(attrMap) + ottrace.SpanFromContext(ctx).AddEvent(fmt.Sprintf(format, args...), ottrace.WithAttributes(attrs...)) + } else { + attrs := ocAttrs(attrMap) + // TODO: (odeke-em): perhaps just pass around spans due to the cost + // incurred from using trace.FromContext(ctx) yet we could avoid + // throwing away the work done by ctx, span := trace.StartSpan. + trace.FromContext(ctx).Annotatef(attrs, format, args...) + } +} + +// ocAttrs converts a generic map to OpenCensus attributes. +func ocAttrs(attrMap map[string]interface{}) []trace.Attribute { var attrs []trace.Attribute for k, v := range attrMap { var a trace.Attribute @@ -107,5 +201,27 @@ func TracePrintf(ctx context.Context, attrMap map[string]interface{}, format str } attrs = append(attrs, a) } - trace.FromContext(ctx).Annotatef(attrs, format, args...) + return attrs +} + +// otAttrs converts a generic map to OpenTelemetry attributes. +func otAttrs(attrMap map[string]interface{}) []attribute.KeyValue { + var attrs []attribute.KeyValue + for k, v := range attrMap { + var a attribute.KeyValue + switch v := v.(type) { + case string: + a = attribute.Key(k).String(v) + case bool: + a = attribute.Key(k).Bool(v) + case int: + a = attribute.Key(k).Int(v) + case int64: + a = attribute.Key(k).Int64(v) + default: + a = attribute.Key(k).String(fmt.Sprintf("%#v", v)) + } + attrs = append(attrs, a) + } + return attrs } diff --git a/vendor/github.com/VictoriaMetrics/fastcache/fastcache.go b/vendor/github.com/VictoriaMetrics/fastcache/fastcache.go index 092ba3719..046af6ceb 100644 --- a/vendor/github.com/VictoriaMetrics/fastcache/fastcache.go +++ b/vendor/github.com/VictoriaMetrics/fastcache/fastcache.go @@ -272,13 +272,27 @@ func (b *bucket) cleanLocked() { bGen := b.gen & ((1 << genSizeBits) - 1) bIdx := b.idx bm := b.m - for k, v := range bm { + newItems := 0 + for _, v := range bm { gen := v >> bucketSizeBits idx := v & ((1 << bucketSizeBits) - 1) if (gen+1 == bGen || gen == maxGen && bGen == 1) && idx >= bIdx || gen == bGen && idx < bIdx { - continue + newItems++ } - delete(bm, k) + } + if newItems < len(bm) { + // Re-create b.m with valid items, which weren't expired yet instead of deleting expired items from b.m. + // This should reduce memory fragmentation and the number Go objects behind b.m. + // See https://github.com/VictoriaMetrics/VictoriaMetrics/issues/5379 + bmNew := make(map[uint64]uint64, newItems) + for k, v := range bm { + gen := v >> bucketSizeBits + idx := v & ((1 << bucketSizeBits) - 1) + if (gen+1 == bGen || gen == maxGen && bGen == 1) && idx >= bIdx || gen == bGen && idx < bIdx { + bmNew[k] = v + } + } + b.m = bmNew } } diff --git a/vendor/github.com/VictoriaMetrics/metrics/go_metrics.go b/vendor/github.com/VictoriaMetrics/metrics/go_metrics.go index f8b606731..5de7cb81d 100644 --- a/vendor/github.com/VictoriaMetrics/metrics/go_metrics.go +++ b/vendor/github.com/VictoriaMetrics/metrics/go_metrics.go @@ -3,12 +3,28 @@ package metrics import ( "fmt" "io" + "math" "runtime" + runtimemetrics "runtime/metrics" + "strings" "github.com/valyala/histogram" ) +// See https://pkg.go.dev/runtime/metrics#hdr-Supported_metrics +var runtimeMetrics = [][2]string{ + {"/sched/latencies:seconds", "go_sched_latencies_seconds"}, + {"/sync/mutex/wait/total:seconds", "go_mutex_wait_seconds_total"}, + {"/cpu/classes/gc/mark/assist:cpu-seconds", "go_gc_mark_assist_cpu_seconds_total"}, + {"/cpu/classes/gc/total:cpu-seconds", "go_gc_cpu_seconds_total"}, + {"/gc/pauses:seconds", "go_gc_pauses_seconds"}, + {"/cpu/classes/scavenge/total:cpu-seconds", "go_scavenge_cpu_seconds_total"}, + {"/gc/gomemlimit:bytes", "go_memlimit_bytes"}, +} + func writeGoMetrics(w io.Writer) { + writeRuntimeMetrics(w) + var ms runtime.MemStats runtime.ReadMemStats(&ms) fmt.Fprintf(w, "go_memstats_alloc_bytes %d\n", ms.Alloc) @@ -17,6 +33,7 @@ func writeGoMetrics(w io.Writer) { fmt.Fprintf(w, "go_memstats_frees_total %d\n", ms.Frees) fmt.Fprintf(w, "go_memstats_gc_cpu_fraction %g\n", ms.GCCPUFraction) fmt.Fprintf(w, "go_memstats_gc_sys_bytes %d\n", ms.GCSys) + fmt.Fprintf(w, "go_memstats_heap_alloc_bytes %d\n", ms.HeapAlloc) fmt.Fprintf(w, "go_memstats_heap_idle_bytes %d\n", ms.HeapIdle) fmt.Fprintf(w, "go_memstats_heap_inuse_bytes %d\n", ms.HeapInuse) @@ -62,3 +79,66 @@ func writeGoMetrics(w io.Writer) { fmt.Fprintf(w, "go_info_ext{compiler=%q, GOARCH=%q, GOOS=%q, GOROOT=%q} 1\n", runtime.Compiler, runtime.GOARCH, runtime.GOOS, runtime.GOROOT()) } + +func writeRuntimeMetrics(w io.Writer) { + samples := make([]runtimemetrics.Sample, len(runtimeMetrics)) + for i, rm := range runtimeMetrics { + samples[i].Name = rm[0] + } + runtimemetrics.Read(samples) + for i, rm := range runtimeMetrics { + writeRuntimeMetric(w, rm[1], &samples[i]) + } +} + +func writeRuntimeMetric(w io.Writer, name string, sample *runtimemetrics.Sample) { + switch sample.Value.Kind() { + case runtimemetrics.KindBad: + panic(fmt.Errorf("BUG: unexpected runtimemetrics.KindBad for sample.Name=%q", sample.Name)) + case runtimemetrics.KindUint64: + fmt.Fprintf(w, "%s %d\n", name, sample.Value.Uint64()) + case runtimemetrics.KindFloat64: + fmt.Fprintf(w, "%s %g\n", name, sample.Value.Float64()) + case runtimemetrics.KindFloat64Histogram: + writeRuntimeHistogramMetric(w, name, sample.Value.Float64Histogram()) + } +} + +func writeRuntimeHistogramMetric(w io.Writer, name string, h *runtimemetrics.Float64Histogram) { + buckets := h.Buckets + counts := h.Counts + if len(buckets) != len(counts)+1 { + panic(fmt.Errorf("the number of buckets must be bigger than the number of counts by 1 in histogram %s; got buckets=%d, counts=%d", name, len(buckets), len(counts))) + } + tailCount := uint64(0) + if strings.HasSuffix(name, "_seconds") { + // Limit the maximum bucket to 1 second, since Go runtime exposes buckets with 10K seconds, + // which have little sense. At the same time such buckets may lead to high cardinality issues + // at the scraper side. + for len(buckets) > 0 && buckets[len(buckets)-1] > 1 { + buckets = buckets[:len(buckets)-1] + tailCount += counts[len(counts)-1] + counts = counts[:len(counts)-1] + } + } + + iStep := float64(len(buckets)) / maxRuntimeHistogramBuckets + + totalCount := uint64(0) + iNext := 0.0 + for i, count := range counts { + totalCount += count + if float64(i) >= iNext { + iNext += iStep + le := buckets[i+1] + if !math.IsInf(le, 1) { + fmt.Fprintf(w, `%s_bucket{le="%g"} %d`+"\n", name, le, totalCount) + } + } + } + totalCount += tailCount + fmt.Fprintf(w, `%s_bucket{le="+Inf"} %d`+"\n", name, totalCount) +} + +// Limit the number of buckets for Go runtime histograms in order to prevent from high cardinality issues at scraper side. +const maxRuntimeHistogramBuckets = 30 diff --git a/vendor/github.com/VictoriaMetrics/metrics/metrics.go b/vendor/github.com/VictoriaMetrics/metrics/metrics.go index 7dfa97219..e9560b2aa 100644 --- a/vendor/github.com/VictoriaMetrics/metrics/metrics.go +++ b/vendor/github.com/VictoriaMetrics/metrics/metrics.go @@ -134,10 +134,26 @@ func WritePrometheus(w io.Writer, exposeProcessMetrics bool) { // // - process_io_storage_written_bytes_total - the number of bytes actually written to disk // +// - go_sched_latencies_seconds - time spent by goroutines in ready state before they start execution +// +// - go_mutex_wait_seconds_total - summary time spent by all the goroutines while waiting for locked mutex +// +// - go_gc_mark_assist_cpu_seconds_total - summary CPU time spent by goroutines in GC mark assist state +// +// - go_gc_cpu_seconds_total - summary time spent in GC +// +// - go_gc_pauses_seconds - duration of GC pauses +// +// - go_scavenge_cpu_seconds_total - CPU time spent on returning the memory to OS +// +// - go_memlimit_bytes - the GOMEMLIMIT env var value +// // - go_memstats_alloc_bytes - memory usage for Go objects in the heap // // - go_memstats_alloc_bytes_total - the cumulative counter for total size of allocated Go objects // +// - go_memstats_buck_hash_sys_bytes - bytes of memory in profiling bucket hash tables +// // - go_memstats_frees_total - the cumulative counter for number of freed Go objects // // - go_memstats_gc_cpu_fraction - the fraction of CPU spent in Go garbage collector @@ -148,20 +164,42 @@ func WritePrometheus(w io.Writer, exposeProcessMetrics bool) { // // - go_memstats_heap_idle_bytes - idle memory ready for new Go object allocations // +// - go_memstats_heap_inuse_bytes - bytes in in-use spans +// // - go_memstats_heap_objects - the number of Go objects in the heap // +// - go_memstats_heap_released_bytes - bytes of physical memory returned to the OS +// // - go_memstats_heap_sys_bytes - memory requested for Go objects from the OS // +// - go_memstats_last_gc_time_seconds - unix timestamp the last garbage collection finished +// +// - go_memstats_lookups_total - the number of pointer lookups performed by the runtime +// // - go_memstats_mallocs_total - the number of allocations for Go objects // +// - go_memstats_mcache_inuse_bytes - bytes of allocated mcache structures +// +// - go_memstats_mcache_sys_bytes - bytes of memory obtained from the OS for mcache structures +// +// - go_memstats_mspan_inuse_bytes - bytes of allocated mspan structures +// +// - go_memstats_mspan_sys_bytes - bytes of memory obtained from the OS for mspan structures +// // - go_memstats_next_gc_bytes - the target heap size when the next garbage collection should start // +// - go_memstats_other_sys_bytes - bytes of memory in miscellaneous off-heap runtime allocations +// // - go_memstats_stack_inuse_bytes - memory used for goroutine stacks // // - go_memstats_stack_sys_bytes - memory requested fromthe OS for goroutine stacks // // - go_memstats_sys_bytes - memory requested by Go runtime from the OS // +// - go_cgo_calls_count - the total number of CGO calls +// +// - go_cpu_count - the number of CPU cores on the host where the app runs +// // The WriteProcessMetrics func is usually called in combination with writing Set metrics // inside "/metrics" handler: // diff --git a/vendor/github.com/alecthomas/units/renovate.json5 b/vendor/github.com/alecthomas/units/renovate.json5 new file mode 100644 index 000000000..897864b85 --- /dev/null +++ b/vendor/github.com/alecthomas/units/renovate.json5 @@ -0,0 +1,11 @@ +{ + $schema: "https://docs.renovatebot.com/renovate-schema.json", + extends: [ + "config:recommended", + ":semanticCommits", + ":semanticCommitTypeAll(chore)", + ":semanticCommitScope(deps)", + "group:allNonMajor", + "schedule:earlyMondays", // Run once a week. + ], +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/config.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/config.go index b361c1386..1ee54cfe0 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/config.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/config.go @@ -150,6 +150,18 @@ type Config struct { // BaseEndpoint is an intermediary transfer location to a service specific // BaseEndpoint on a service's Options. BaseEndpoint *string + + // DisableRequestCompression toggles if an operation request could be + // compressed or not. Will be set to false by default. This variable is sourced from + // environment variable AWS_DISABLE_REQUEST_COMPRESSION or the shared config profile attribute + // disable_request_compression + DisableRequestCompression bool + + // RequestMinCompressSizeBytes sets the inclusive min bytes of a request body that could be + // compressed. Will be set to 10240 by default and must be within 0 and 10485760 bytes inclusively. + // This variable is sourced from environment variable AWS_REQUEST_MIN_COMPRESSION_SIZE_BYTES or + // the shared config profile attribute request_min_compression_size_bytes + RequestMinCompressSizeBytes int64 } // NewConfig returns a new Config pointer that can be chained with builder diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go index a88bb2f75..9a844f30e 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go @@ -3,4 +3,4 @@ package aws // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.22.2" +const goModuleVersion = "1.24.0" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/metadata.go index 2de15528c..d66f0960a 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/metadata.go @@ -65,6 +65,9 @@ func GetServiceID(ctx context.Context) (v string) { // // Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues // to clear all stack values. +// +// Deprecated: This value is unstable. The resolved signing name is available +// in the signer properties object passed to the signer. func GetSigningName(ctx context.Context) (v string) { v, _ = middleware.GetStackValue(ctx, signingNameKey{}).(string) return v @@ -74,6 +77,9 @@ func GetSigningName(ctx context.Context) (v string) { // // Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues // to clear all stack values. +// +// Deprecated: This value is unstable. The resolved signing region is available +// in the signer properties object passed to the signer. func GetSigningRegion(ctx context.Context) (v string) { v, _ = middleware.GetStackValue(ctx, signingRegionKey{}).(string) return v @@ -125,10 +131,13 @@ func SetRequiresLegacyEndpoints(ctx context.Context, value bool) context.Context return middleware.WithStackValue(ctx, requiresLegacyEndpointsKey{}, value) } -// SetSigningName set or modifies the signing name on the context. +// SetSigningName set or modifies the sigv4 or sigv4a signing name on the context. // // Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues // to clear all stack values. +// +// Deprecated: This value is unstable. Use WithSigV4SigningName client option +// funcs instead. func SetSigningName(ctx context.Context, value string) context.Context { return middleware.WithStackValue(ctx, signingNameKey{}, value) } @@ -137,6 +146,9 @@ func SetSigningName(ctx context.Context, value string) context.Context { // // Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues // to clear all stack values. +// +// Deprecated: This value is unstable. Use WithSigV4SigningRegion client option +// funcs instead. func SetSigningRegion(ctx context.Context, value string) context.Context { return middleware.WithStackValue(ctx, signingRegionKey{}, value) } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/private/metrics/metrics.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/private/metrics/metrics.go new file mode 100644 index 000000000..b0133f4c8 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/private/metrics/metrics.go @@ -0,0 +1,319 @@ +// Package metrics implements metrics gathering for SDK development purposes. +// +// This package is designated as private and is intended for use only by the +// AWS client runtime. The exported API therein is not considered stable and +// is subject to breaking changes without notice. +package metrics + +import ( + "context" + "encoding/json" + "fmt" + "sync" + "time" + + "github.com/aws/smithy-go/middleware" +) + +const ( + // ServiceIDKey is the key for the service ID metric. + ServiceIDKey = "ServiceId" + // OperationNameKey is the key for the operation name metric. + OperationNameKey = "OperationName" + // ClientRequestIDKey is the key for the client request ID metric. + ClientRequestIDKey = "ClientRequestId" + // APICallDurationKey is the key for the API call duration metric. + APICallDurationKey = "ApiCallDuration" + // APICallSuccessfulKey is the key for the API call successful metric. + APICallSuccessfulKey = "ApiCallSuccessful" + // MarshallingDurationKey is the key for the marshalling duration metric. + MarshallingDurationKey = "MarshallingDuration" + // InThroughputKey is the key for the input throughput metric. + InThroughputKey = "InThroughput" + // OutThroughputKey is the key for the output throughput metric. + OutThroughputKey = "OutThroughput" + // RetryCountKey is the key for the retry count metric. + RetryCountKey = "RetryCount" + // HTTPStatusCodeKey is the key for the HTTP status code metric. + HTTPStatusCodeKey = "HttpStatusCode" + // AWSExtendedRequestIDKey is the key for the AWS extended request ID metric. + AWSExtendedRequestIDKey = "AwsExtendedRequestId" + // AWSRequestIDKey is the key for the AWS request ID metric. + AWSRequestIDKey = "AwsRequestId" + // BackoffDelayDurationKey is the key for the backoff delay duration metric. + BackoffDelayDurationKey = "BackoffDelayDuration" + // StreamThroughputKey is the key for the stream throughput metric. + StreamThroughputKey = "Throughput" + // ConcurrencyAcquireDurationKey is the key for the concurrency acquire duration metric. + ConcurrencyAcquireDurationKey = "ConcurrencyAcquireDuration" + // PendingConcurrencyAcquiresKey is the key for the pending concurrency acquires metric. + PendingConcurrencyAcquiresKey = "PendingConcurrencyAcquires" + // SigningDurationKey is the key for the signing duration metric. + SigningDurationKey = "SigningDuration" + // UnmarshallingDurationKey is the key for the unmarshalling duration metric. + UnmarshallingDurationKey = "UnmarshallingDuration" + // TimeToFirstByteKey is the key for the time to first byte metric. + TimeToFirstByteKey = "TimeToFirstByte" + // ServiceCallDurationKey is the key for the service call duration metric. + ServiceCallDurationKey = "ServiceCallDuration" + // EndpointResolutionDurationKey is the key for the endpoint resolution duration metric. + EndpointResolutionDurationKey = "EndpointResolutionDuration" + // AttemptNumberKey is the key for the attempt number metric. + AttemptNumberKey = "AttemptNumber" + // MaxConcurrencyKey is the key for the max concurrency metric. + MaxConcurrencyKey = "MaxConcurrency" + // AvailableConcurrencyKey is the key for the available concurrency metric. + AvailableConcurrencyKey = "AvailableConcurrency" +) + +// MetricPublisher provides the interface to provide custom MetricPublishers. +// PostRequestMetrics will be invoked by the MetricCollection middleware to post request. +// PostStreamMetrics will be invoked by ReadCloserWithMetrics to post stream metrics. +type MetricPublisher interface { + PostRequestMetrics(*MetricData) error + PostStreamMetrics(*MetricData) error +} + +// Serializer provides the interface to provide custom Serializers. +// Serialize will transform any input object in its corresponding string representation. +type Serializer interface { + Serialize(obj interface{}) (string, error) +} + +// DefaultSerializer is an implementation of the Serializer interface. +type DefaultSerializer struct{} + +// Serialize uses the default JSON serializer to obtain the string representation of an object. +func (DefaultSerializer) Serialize(obj interface{}) (string, error) { + bytes, err := json.Marshal(obj) + if err != nil { + return "", err + } + return string(bytes), nil +} + +type metricContextKey struct{} + +// MetricContext contains fields to store metric-related information. +type MetricContext struct { + connectionCounter *SharedConnectionCounter + publisher MetricPublisher + data *MetricData +} + +// MetricData stores the collected metric data. +type MetricData struct { + RequestStartTime time.Time + RequestEndTime time.Time + APICallDuration time.Duration + SerializeStartTime time.Time + SerializeEndTime time.Time + MarshallingDuration time.Duration + ResolveEndpointStartTime time.Time + ResolveEndpointEndTime time.Time + EndpointResolutionDuration time.Duration + InThroughput float64 + OutThroughput float64 + RetryCount int + Success uint8 + StatusCode int + ClientRequestID string + ServiceID string + OperationName string + PartitionID string + Region string + RequestContentLength int64 + Stream StreamMetrics + Attempts []AttemptMetrics +} + +// StreamMetrics stores metrics related to streaming data. +type StreamMetrics struct { + ReadDuration time.Duration + ReadBytes int64 + Throughput float64 +} + +// AttemptMetrics stores metrics related to individual attempts. +type AttemptMetrics struct { + ServiceCallStart time.Time + ServiceCallEnd time.Time + ServiceCallDuration time.Duration + FirstByteTime time.Time + TimeToFirstByte time.Duration + ConnRequestedTime time.Time + ConnObtainedTime time.Time + ConcurrencyAcquireDuration time.Duration + CredentialFetchStartTime time.Time + CredentialFetchEndTime time.Time + SignStartTime time.Time + SignEndTime time.Time + SigningDuration time.Duration + DeserializeStartTime time.Time + DeserializeEndTime time.Time + UnMarshallingDuration time.Duration + RetryDelay time.Duration + ResponseContentLength int64 + StatusCode int + RequestID string + ExtendedRequestID string + HTTPClient string + MaxConcurrency int + PendingConnectionAcquires int + AvailableConcurrency int + ActiveRequests int + ReusedConnection bool +} + +// Data returns the MetricData associated with the MetricContext. +func (mc *MetricContext) Data() *MetricData { + return mc.data +} + +// ConnectionCounter returns the SharedConnectionCounter associated with the MetricContext. +func (mc *MetricContext) ConnectionCounter() *SharedConnectionCounter { + return mc.connectionCounter +} + +// Publisher returns the MetricPublisher associated with the MetricContext. +func (mc *MetricContext) Publisher() MetricPublisher { + return mc.publisher +} + +// ComputeRequestMetrics calculates and populates derived metrics based on the collected data. +func (md *MetricData) ComputeRequestMetrics() { + + for idx := range md.Attempts { + attempt := &md.Attempts[idx] + attempt.ConcurrencyAcquireDuration = attempt.ConnObtainedTime.Sub(attempt.ConnRequestedTime) + attempt.SigningDuration = attempt.SignEndTime.Sub(attempt.SignStartTime) + attempt.UnMarshallingDuration = attempt.DeserializeEndTime.Sub(attempt.DeserializeStartTime) + attempt.TimeToFirstByte = attempt.FirstByteTime.Sub(attempt.ServiceCallStart) + attempt.ServiceCallDuration = attempt.ServiceCallEnd.Sub(attempt.ServiceCallStart) + } + + md.APICallDuration = md.RequestEndTime.Sub(md.RequestStartTime) + md.MarshallingDuration = md.SerializeEndTime.Sub(md.SerializeStartTime) + md.EndpointResolutionDuration = md.ResolveEndpointEndTime.Sub(md.ResolveEndpointStartTime) + + md.RetryCount = len(md.Attempts) - 1 + + latestAttempt, err := md.LatestAttempt() + + if err != nil { + fmt.Printf("error retrieving attempts data due to: %s. Skipping Throughput metrics", err.Error()) + } else { + + md.StatusCode = latestAttempt.StatusCode + + if md.Success == 1 { + if latestAttempt.ResponseContentLength > 0 && latestAttempt.ServiceCallDuration > 0 { + md.InThroughput = float64(latestAttempt.ResponseContentLength) / latestAttempt.ServiceCallDuration.Seconds() + } + if md.RequestContentLength > 0 && latestAttempt.ServiceCallDuration > 0 { + md.OutThroughput = float64(md.RequestContentLength) / latestAttempt.ServiceCallDuration.Seconds() + } + } + } +} + +// LatestAttempt returns the latest attempt metrics. +// It returns an error if no attempts are initialized. +func (md *MetricData) LatestAttempt() (*AttemptMetrics, error) { + if md.Attempts == nil || len(md.Attempts) == 0 { + return nil, fmt.Errorf("no attempts initialized. NewAttempt() should be called first") + } + return &md.Attempts[len(md.Attempts)-1], nil +} + +// NewAttempt initializes new attempt metrics. +func (md *MetricData) NewAttempt() { + if md.Attempts == nil { + md.Attempts = []AttemptMetrics{} + } + md.Attempts = append(md.Attempts, AttemptMetrics{}) +} + +// SharedConnectionCounter is a counter shared across API calls. +type SharedConnectionCounter struct { + mu sync.Mutex + + activeRequests int + pendingConnectionAcquire int +} + +// ActiveRequests returns the count of active requests. +func (cc *SharedConnectionCounter) ActiveRequests() int { + cc.mu.Lock() + defer cc.mu.Unlock() + + return cc.activeRequests +} + +// PendingConnectionAcquire returns the count of pending connection acquires. +func (cc *SharedConnectionCounter) PendingConnectionAcquire() int { + cc.mu.Lock() + defer cc.mu.Unlock() + + return cc.pendingConnectionAcquire +} + +// AddActiveRequest increments the count of active requests. +func (cc *SharedConnectionCounter) AddActiveRequest() { + cc.mu.Lock() + defer cc.mu.Unlock() + + cc.activeRequests++ +} + +// RemoveActiveRequest decrements the count of active requests. +func (cc *SharedConnectionCounter) RemoveActiveRequest() { + cc.mu.Lock() + defer cc.mu.Unlock() + + cc.activeRequests-- +} + +// AddPendingConnectionAcquire increments the count of pending connection acquires. +func (cc *SharedConnectionCounter) AddPendingConnectionAcquire() { + cc.mu.Lock() + defer cc.mu.Unlock() + + cc.pendingConnectionAcquire++ +} + +// RemovePendingConnectionAcquire decrements the count of pending connection acquires. +func (cc *SharedConnectionCounter) RemovePendingConnectionAcquire() { + cc.mu.Lock() + defer cc.mu.Unlock() + + cc.pendingConnectionAcquire-- +} + +// InitMetricContext initializes the metric context with the provided counter and publisher. +// It returns the updated context. +func InitMetricContext( + ctx context.Context, counter *SharedConnectionCounter, publisher MetricPublisher, +) context.Context { + if middleware.GetStackValue(ctx, metricContextKey{}) == nil { + ctx = middleware.WithStackValue(ctx, metricContextKey{}, &MetricContext{ + connectionCounter: counter, + publisher: publisher, + data: &MetricData{ + Attempts: []AttemptMetrics{}, + Stream: StreamMetrics{}, + }, + }) + } + return ctx +} + +// Context returns the metric context from the given context. +// It returns nil if the metric context is not found. +func Context(ctx context.Context) *MetricContext { + mctx := middleware.GetStackValue(ctx, metricContextKey{}) + if mctx == nil { + return nil + } + return mctx.(*MetricContext) +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/CHANGELOG.md index 3a982d697..1e1da56b3 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/CHANGELOG.md @@ -1,3 +1,19 @@ +# v1.5.4 (2023-12-07) + +* No change notes available for this release. + +# v1.5.3 (2023-11-30) + +* No change notes available for this release. + +# v1.5.2 (2023-11-29) + +* No change notes available for this release. + +# v1.5.1 (2023-11-15) + +* No change notes available for this release. + # v1.5.0 (2023-10-31) * **Feature**: **BREAKING CHANGE**: Bump minimum go version to 1.19 per the revised [go version support policy](https://aws.amazon.com/blogs/developer/aws-sdk-for-go-aligns-with-go-release-policy-on-supported-runtimes/). diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/go_module_metadata.go index 80f252c61..6759e90e9 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/go_module_metadata.go @@ -3,4 +3,4 @@ package eventstream // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.5.0" +const goModuleVersion = "1.5.4" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/middleware.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/middleware.go index 822fc920a..722ca34c6 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/middleware.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/middleware.go @@ -3,6 +3,7 @@ package retry import ( "context" "fmt" + "github.com/aws/aws-sdk-go-v2/aws/middleware/private/metrics" "strconv" "strings" "time" @@ -225,6 +226,13 @@ func (r *Attempt) handleAttempt( // that time. Potentially early exist if the sleep is canceled via the // context. retryDelay, reqErr := r.retryer.RetryDelay(attemptNum, err) + mctx := metrics.Context(ctx) + if mctx != nil { + attempt, err := mctx.Data().LatestAttempt() + if err != nil { + attempt.RetryDelay = retryDelay + } + } if reqErr != nil { return out, attemptResult, releaseRetryToken, reqErr } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/middleware.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/middleware.go index 0fb9b24e4..f39a369ad 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/middleware.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/middleware.go @@ -11,6 +11,7 @@ import ( "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/aws/middleware/private/metrics" v4Internal "github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4" internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" "github.com/aws/aws-sdk-go-v2/internal/sdk" @@ -58,7 +59,7 @@ func (e *SigningError) Unwrap() error { // S3 PutObject API allows unsigned payload signing auth usage when TLS is enabled, and uses this middleware to // dynamically switch between unsigned and signed payload based on TLS state for request. func UseDynamicPayloadSigningMiddleware(stack *middleware.Stack) error { - _, err := stack.Build.Swap(computePayloadHashMiddlewareID, &dynamicPayloadSigningMiddleware{}) + _, err := stack.Finalize.Swap(computePayloadHashMiddlewareID, &dynamicPayloadSigningMiddleware{}) return err } @@ -71,24 +72,22 @@ func (m *dynamicPayloadSigningMiddleware) ID() string { return computePayloadHashMiddlewareID } -// HandleBuild sets a resolver that directs to the payload sha256 compute handler. -func (m *dynamicPayloadSigningMiddleware) HandleBuild( - ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler, +// HandleFinalize delegates SHA256 computation according to whether the request +// is TLS-enabled. +func (m *dynamicPayloadSigningMiddleware) HandleFinalize( + ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, ) ( - out middleware.BuildOutput, metadata middleware.Metadata, err error, + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) } - // if TLS is enabled, use unsigned payload when supported if req.IsHTTPS() { - return (&unsignedPayload{}).HandleBuild(ctx, in, next) + return (&unsignedPayload{}).HandleFinalize(ctx, in, next) } - - // else fall back to signed payload - return (&computePayloadSHA256{}).HandleBuild(ctx, in, next) + return (&computePayloadSHA256{}).HandleFinalize(ctx, in, next) } // unsignedPayload sets the SigV4 request payload hash to unsigned. @@ -104,7 +103,7 @@ type unsignedPayload struct{} // AddUnsignedPayloadMiddleware adds unsignedPayload to the operation // middleware stack func AddUnsignedPayloadMiddleware(stack *middleware.Stack) error { - return stack.Build.Add(&unsignedPayload{}, middleware.After) + return stack.Finalize.Insert(&unsignedPayload{}, "ResolveEndpointV2", middleware.After) } // ID returns the unsignedPayload identifier @@ -112,23 +111,16 @@ func (m *unsignedPayload) ID() string { return computePayloadHashMiddlewareID } -// HandleBuild sets the payload hash to be an unsigned payload -func (m *unsignedPayload) HandleBuild( - ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler, +// HandleFinalize sets the payload hash magic value to the unsigned sentinel. +func (m *unsignedPayload) HandleFinalize( + ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, ) ( - out middleware.BuildOutput, metadata middleware.Metadata, err error, + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - // This should not compute the content SHA256 if the value is already - // known. (e.g. application pre-computed SHA256 before making API call). - // Does not have any tight coupling to the X-Amz-Content-Sha256 header, if - // that header is provided a middleware must translate it into the context. - contentSHA := GetPayloadHash(ctx) - if len(contentSHA) == 0 { - contentSHA = v4Internal.UnsignedPayload + if GetPayloadHash(ctx) == "" { + ctx = SetPayloadHash(ctx, v4Internal.UnsignedPayload) } - - ctx = SetPayloadHash(ctx, contentSHA) - return next.HandleBuild(ctx, in) + return next.HandleFinalize(ctx, in) } // computePayloadSHA256 computes SHA256 payload hash to sign. @@ -144,13 +136,13 @@ type computePayloadSHA256 struct{} // AddComputePayloadSHA256Middleware adds computePayloadSHA256 to the // operation middleware stack func AddComputePayloadSHA256Middleware(stack *middleware.Stack) error { - return stack.Build.Add(&computePayloadSHA256{}, middleware.After) + return stack.Finalize.Insert(&computePayloadSHA256{}, "ResolveEndpointV2", middleware.After) } // RemoveComputePayloadSHA256Middleware removes computePayloadSHA256 from the // operation middleware stack func RemoveComputePayloadSHA256Middleware(stack *middleware.Stack) error { - _, err := stack.Build.Remove(computePayloadHashMiddlewareID) + _, err := stack.Finalize.Remove(computePayloadHashMiddlewareID) return err } @@ -159,12 +151,17 @@ func (m *computePayloadSHA256) ID() string { return computePayloadHashMiddlewareID } -// HandleBuild compute the payload hash for the request payload -func (m *computePayloadSHA256) HandleBuild( - ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler, +// HandleFinalize computes the payload hash for the request, storing it to the +// context. This is a no-op if a caller has previously set that value. +func (m *computePayloadSHA256) HandleFinalize( + ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, ) ( - out middleware.BuildOutput, metadata middleware.Metadata, err error, + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { + if GetPayloadHash(ctx) != "" { + return next.HandleFinalize(ctx, in) + } + req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, &HashComputationError{ @@ -172,14 +169,6 @@ func (m *computePayloadSHA256) HandleBuild( } } - // This should not compute the content SHA256 if the value is already - // known. (e.g. application pre-computed SHA256 before making API call) - // Does not have any tight coupling to the X-Amz-Content-Sha256 header, if - // that header is provided a middleware must translate it into the context. - if contentSHA := GetPayloadHash(ctx); len(contentSHA) != 0 { - return next.HandleBuild(ctx, in) - } - hash := sha256.New() if stream := req.GetStream(); stream != nil { _, err = io.Copy(hash, stream) @@ -198,7 +187,7 @@ func (m *computePayloadSHA256) HandleBuild( ctx = SetPayloadHash(ctx, hex.EncodeToString(hash.Sum(nil))) - return next.HandleBuild(ctx, in) + return next.HandleFinalize(ctx, in) } // SwapComputePayloadSHA256ForUnsignedPayloadMiddleware replaces the @@ -207,7 +196,7 @@ func (m *computePayloadSHA256) HandleBuild( // Use this to disable computing the Payload SHA256 checksum and instead use // UNSIGNED-PAYLOAD for the SHA256 value. func SwapComputePayloadSHA256ForUnsignedPayloadMiddleware(stack *middleware.Stack) error { - _, err := stack.Build.Swap(computePayloadHashMiddlewareID, &unsignedPayload{}) + _, err := stack.Finalize.Swap(computePayloadHashMiddlewareID, &unsignedPayload{}) return err } @@ -218,13 +207,13 @@ type contentSHA256Header struct{} // AddContentSHA256HeaderMiddleware adds ContentSHA256Header to the // operation middleware stack func AddContentSHA256HeaderMiddleware(stack *middleware.Stack) error { - return stack.Build.Insert(&contentSHA256Header{}, computePayloadHashMiddlewareID, middleware.After) + return stack.Finalize.Insert(&contentSHA256Header{}, computePayloadHashMiddlewareID, middleware.After) } // RemoveContentSHA256HeaderMiddleware removes contentSHA256Header middleware // from the operation middleware stack func RemoveContentSHA256HeaderMiddleware(stack *middleware.Stack) error { - _, err := stack.Build.Remove((*contentSHA256Header)(nil).ID()) + _, err := stack.Finalize.Remove((*contentSHA256Header)(nil).ID()) return err } @@ -233,12 +222,12 @@ func (m *contentSHA256Header) ID() string { return "SigV4ContentSHA256Header" } -// HandleBuild sets the X-Amz-Content-Sha256 header value to the Payload hash +// HandleFinalize sets the X-Amz-Content-Sha256 header value to the Payload hash // stored in the context. -func (m *contentSHA256Header) HandleBuild( - ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler, +func (m *contentSHA256Header) HandleFinalize( + ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, ) ( - out middleware.BuildOutput, metadata middleware.Metadata, err error, + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { req, ok := in.Request.(*smithyhttp.Request) if !ok { @@ -246,25 +235,35 @@ func (m *contentSHA256Header) HandleBuild( } req.Header.Set(v4Internal.ContentSHAKey, GetPayloadHash(ctx)) - - return next.HandleBuild(ctx, in) + return next.HandleFinalize(ctx, in) } -// SignHTTPRequestMiddlewareOptions is the configuration options for the SignHTTPRequestMiddleware middleware. +// SignHTTPRequestMiddlewareOptions is the configuration options for +// [SignHTTPRequestMiddleware]. +// +// Deprecated: [SignHTTPRequestMiddleware] is deprecated. type SignHTTPRequestMiddlewareOptions struct { CredentialsProvider aws.CredentialsProvider Signer HTTPSigner LogSigning bool } -// SignHTTPRequestMiddleware is a `FinalizeMiddleware` implementation for SigV4 HTTP Signing +// SignHTTPRequestMiddleware is a `FinalizeMiddleware` implementation for SigV4 +// HTTP Signing. +// +// Deprecated: AWS service clients no longer use this middleware. Signing as an +// SDK operation is now performed through an internal per-service middleware +// which opaquely selects and uses the signer from the resolved auth scheme. type SignHTTPRequestMiddleware struct { credentialsProvider aws.CredentialsProvider signer HTTPSigner logSigning bool } -// NewSignHTTPRequestMiddleware constructs a SignHTTPRequestMiddleware using the given Signer for signing requests +// NewSignHTTPRequestMiddleware constructs a [SignHTTPRequestMiddleware] using +// the given [Signer] for signing requests. +// +// Deprecated: SignHTTPRequestMiddleware is deprecated. func NewSignHTTPRequestMiddleware(options SignHTTPRequestMiddlewareOptions) *SignHTTPRequestMiddleware { return &SignHTTPRequestMiddleware{ credentialsProvider: options.CredentialsProvider, @@ -273,12 +272,17 @@ func NewSignHTTPRequestMiddleware(options SignHTTPRequestMiddlewareOptions) *Sig } } -// ID is the SignHTTPRequestMiddleware identifier +// ID is the SignHTTPRequestMiddleware identifier. +// +// Deprecated: SignHTTPRequestMiddleware is deprecated. func (s *SignHTTPRequestMiddleware) ID() string { return "Signing" } -// HandleFinalize will take the provided input and sign the request using the SigV4 authentication scheme +// HandleFinalize will take the provided input and sign the request using the +// SigV4 authentication scheme. +// +// Deprecated: SignHTTPRequestMiddleware is deprecated. func (s *SignHTTPRequestMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { @@ -297,7 +301,22 @@ func (s *SignHTTPRequestMiddleware) HandleFinalize(ctx context.Context, in middl return out, metadata, &SigningError{Err: fmt.Errorf("computed payload hash missing from context")} } + mctx := metrics.Context(ctx) + + if mctx != nil { + if attempt, err := mctx.Data().LatestAttempt(); err == nil { + attempt.CredentialFetchStartTime = sdk.NowTime() + } + } + credentials, err := s.credentialsProvider.Retrieve(ctx) + + if mctx != nil { + if attempt, err := mctx.Data().LatestAttempt(); err == nil { + attempt.CredentialFetchEndTime = sdk.NowTime() + } + } + if err != nil { return out, metadata, &SigningError{Err: fmt.Errorf("failed to retrieve credentials: %w", err)} } @@ -318,7 +337,20 @@ func (s *SignHTTPRequestMiddleware) HandleFinalize(ctx context.Context, in middl }) } + if mctx != nil { + if attempt, err := mctx.Data().LatestAttempt(); err == nil { + attempt.SignStartTime = sdk.NowTime() + } + } + err = s.signer.SignHTTP(ctx, credentials, req.Request, payloadHash, signingName, signingRegion, sdk.NowTime(), signerOptions...) + + if mctx != nil { + if attempt, err := mctx.Data().LatestAttempt(); err == nil { + attempt.SignEndTime = sdk.NowTime() + } + } + if err != nil { return out, metadata, &SigningError{Err: fmt.Errorf("failed to sign http request, %w", err)} } @@ -332,17 +364,17 @@ type streamingEventsPayload struct{} // AddStreamingEventsPayload adds the streamingEventsPayload middleware to the stack. func AddStreamingEventsPayload(stack *middleware.Stack) error { - return stack.Build.Add(&streamingEventsPayload{}, middleware.After) + return stack.Finalize.Add(&streamingEventsPayload{}, middleware.Before) } func (s *streamingEventsPayload) ID() string { return computePayloadHashMiddlewareID } -func (s *streamingEventsPayload) HandleBuild( - ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler, +func (s *streamingEventsPayload) HandleFinalize( + ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, ) ( - out middleware.BuildOutput, metadata middleware.Metadata, err error, + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { contentSHA := GetPayloadHash(ctx) if len(contentSHA) == 0 { @@ -351,7 +383,7 @@ func (s *streamingEventsPayload) HandleBuild( ctx = SetPayloadHash(ctx, contentSHA) - return next.HandleBuild(ctx, in) + return next.HandleFinalize(ctx, in) } // GetSignedRequestSignature attempts to extract the signature of the request. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/v4.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/v4.go index 4d162556b..bb61904e1 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/v4.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/v4.go @@ -68,6 +68,9 @@ import ( const ( signingAlgorithm = "AWS4-HMAC-SHA256" authorizationHeader = "Authorization" + + // Version of signing v4 + Version = "SigV4" ) // HTTPSigner is an interface to a SigV4 signer that can sign HTTP requests @@ -103,6 +106,11 @@ type SignerOptions struct { // This will enable logging of the canonical request, the string to sign, and for presigning the subsequent // presigned URL. LogSigning bool + + // Disables setting the session token on the request as part of signing + // through X-Amz-Security-Token. This is needed for variations of v4 that + // present the token elsewhere. + DisableSessionToken bool } // Signer applies AWS v4 signing to given request. Use this to sign requests @@ -136,6 +144,7 @@ type httpSigner struct { DisableHeaderHoisting bool DisableURIPathEscaping bool + DisableSessionToken bool } func (s *httpSigner) Build() (signedRequest, error) { @@ -284,6 +293,7 @@ func (s Signer) SignHTTP(ctx context.Context, credentials aws.Credentials, r *ht Time: v4Internal.NewSigningTime(signingTime.UTC()), DisableHeaderHoisting: options.DisableHeaderHoisting, DisableURIPathEscaping: options.DisableURIPathEscaping, + DisableSessionToken: options.DisableSessionToken, KeyDerivator: s.keyDerivator, } @@ -360,6 +370,7 @@ func (s *Signer) PresignHTTP( IsPreSign: true, DisableHeaderHoisting: options.DisableHeaderHoisting, DisableURIPathEscaping: options.DisableURIPathEscaping, + DisableSessionToken: options.DisableSessionToken, KeyDerivator: s.keyDerivator, } @@ -502,7 +513,8 @@ func (s *httpSigner) setRequiredSigningFields(headers http.Header, query url.Val if s.IsPreSign { query.Set(v4Internal.AmzAlgorithmKey, signingAlgorithm) - if sessionToken := s.Credentials.SessionToken; len(sessionToken) > 0 { + sessionToken := s.Credentials.SessionToken + if !s.DisableSessionToken && len(sessionToken) > 0 { query.Set("X-Amz-Security-Token", sessionToken) } @@ -512,7 +524,7 @@ func (s *httpSigner) setRequiredSigningFields(headers http.Header, query url.Val headers[v4Internal.AmzDateKey] = append(headers[v4Internal.AmzDateKey][:0], amzDate) - if len(s.Credentials.SessionToken) > 0 { + if !s.DisableSessionToken && len(s.Credentials.SessionToken) > 0 { headers[v4Internal.AmzSecurityTokenKey] = append(headers[v4Internal.AmzSecurityTokenKey][:0], s.Credentials.SessionToken) } } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/config/CHANGELOG.md index 26ff2babc..79eae3632 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/config/CHANGELOG.md @@ -1,3 +1,61 @@ +# v1.26.1 (2023-12-08) + +* **Bug Fix**: Correct loading of [services *] sections into shared config. +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.26.0 (2023-12-07) + +* **Feature**: Support modeled request compression. The only algorithm supported at this time is `gzip`. +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.25.12 (2023-12-06) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.25.11 (2023-12-01) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.25.10 (2023-11-30) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.25.9 (2023-11-29) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.25.8 (2023-11-28.3) + +* **Bug Fix**: Correct resolution of S3Express auth disable toggle. + +# v1.25.7 (2023-11-28.2) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.25.6 (2023-11-28) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.25.5 (2023-11-21) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.25.4 (2023-11-20) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.25.3 (2023-11-17) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.25.2 (2023-11-16) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.25.1 (2023-11-15) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.25.0 (2023-11-14) * **Feature**: Add support for dynamic auth token from file and EKS container host in absolute/relative URIs in the HTTP credential provider. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/config.go b/vendor/github.com/aws/aws-sdk-go-v2/config/config.go index dfe629732..50582d89d 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/config.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/config/config.go @@ -70,10 +70,16 @@ var defaultAWSConfigResolvers = []awsConfigResolver{ // httpBearerAuth authentication scheme. resolveBearerAuthToken, - // Sets the sdk app ID if present in shared config profile + // Sets the sdk app ID if present in env var or shared config profile resolveAppID, resolveBaseEndpoint, + + // Sets the DisableRequestCompression if present in env var or shared config profile + resolveDisableRequestCompression, + + // Sets the RequestMinCompressSizeBytes if present in env var or shared config profile + resolveRequestMinCompressSizeBytes, } // A Config represents a generic configuration value or set of values. This type diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/env_config.go b/vendor/github.com/aws/aws-sdk-go-v2/config/env_config.go index 78bc14933..88550198c 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/env_config.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/config/env_config.go @@ -12,6 +12,7 @@ import ( "github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go-v2/feature/ec2/imds" + smithyrequestcompression "github.com/aws/smithy-go/private/requestcompression" ) // CredentialsSourceName provides a name of the provider when config is @@ -74,6 +75,11 @@ const ( awsIgnoreConfiguredEndpoints = "AWS_IGNORE_CONFIGURED_ENDPOINT_URLS" awsEndpointURL = "AWS_ENDPOINT_URL" + + awsDisableRequestCompression = "AWS_DISABLE_REQUEST_COMPRESSION" + awsRequestMinCompressionSizeBytes = "AWS_REQUEST_MIN_COMPRESSION_SIZE_BYTES" + + awsS3DisableExpressSessionAuthEnv = "AWS_S3_DISABLE_EXPRESS_SESSION_AUTH" ) var ( @@ -268,6 +274,22 @@ type EnvConfig struct { // Value to contain configured endpoints to be propagated to // corresponding endpoint resolution field. BaseEndpoint string + + // determine if request compression is allowed, default to false + // retrieved from env var AWS_DISABLE_REQUEST_COMPRESSION + DisableRequestCompression *bool + + // inclusive threshold request body size to trigger compression, + // default to 10240 and must be within 0 and 10485760 bytes inclusive + // retrieved from env var AWS_REQUEST_MIN_COMPRESSION_SIZE_BYTES + RequestMinCompressSizeBytes *int64 + + // Whether S3Express auth is disabled. + // + // This will NOT prevent requests from being made to S3Express buckets, it + // will only bypass the modified endpoint routing and signing behaviors + // associated with the feature. + S3DisableExpressAuth *bool } // loadEnvConfig reads configuration values from the OS's environment variables. @@ -310,6 +332,13 @@ func NewEnvConfig() (EnvConfig, error) { cfg.AppID = os.Getenv(awsSdkAppID) + if err := setBoolPtrFromEnvVal(&cfg.DisableRequestCompression, []string{awsDisableRequestCompression}); err != nil { + return cfg, err + } + if err := setInt64PtrFromEnvVal(&cfg.RequestMinCompressSizeBytes, []string{awsRequestMinCompressionSizeBytes}, smithyrequestcompression.MaxRequestMinCompressSizeBytes); err != nil { + return cfg, err + } + if err := setEndpointDiscoveryTypeFromEnvVal(&cfg.EnableEndpointDiscovery, []string{awsEnableEndpointDiscoveryEnvVar}); err != nil { return cfg, err } @@ -356,6 +385,10 @@ func NewEnvConfig() (EnvConfig, error) { return cfg, err } + if err := setBoolPtrFromEnvVal(&cfg.S3DisableExpressAuth, []string{awsS3DisableExpressSessionAuthEnv}); err != nil { + return cfg, err + } + return cfg, nil } @@ -370,6 +403,20 @@ func (c EnvConfig) getAppID(context.Context) (string, bool, error) { return c.AppID, len(c.AppID) > 0, nil } +func (c EnvConfig) getDisableRequestCompression(context.Context) (bool, bool, error) { + if c.DisableRequestCompression == nil { + return false, false, nil + } + return *c.DisableRequestCompression, true, nil +} + +func (c EnvConfig) getRequestMinCompressSizeBytes(context.Context) (int64, bool, error) { + if c.RequestMinCompressSizeBytes == nil { + return 0, false, nil + } + return *c.RequestMinCompressSizeBytes, true, nil +} + // GetRetryMaxAttempts returns the value of AWS_MAX_ATTEMPTS if was specified, // and not 0. func (c EnvConfig) GetRetryMaxAttempts(ctx context.Context) (int, bool, error) { @@ -626,6 +673,30 @@ func setBoolPtrFromEnvVal(dst **bool, keys []string) error { return nil } +func setInt64PtrFromEnvVal(dst **int64, keys []string, max int64) error { + for _, k := range keys { + value := os.Getenv(k) + if len(value) == 0 { + continue + } + + v, err := strconv.ParseInt(value, 10, 64) + if err != nil { + return fmt.Errorf("invalid value for env var, %s=%s, need int64", k, value) + } else if v < 0 || v > max { + return fmt.Errorf("invalid range for env var min request compression size bytes %q, must be within 0 and 10485760 inclusively", v) + } + if *dst == nil { + *dst = new(int64) + } + + **dst = v + break + } + + return nil +} + func setEndpointDiscoveryTypeFromEnvVal(dst *aws.EndpointDiscoveryEnableState, keys []string) error { for _, k := range keys { value := os.Getenv(k) @@ -736,3 +807,13 @@ func (c EnvConfig) GetEC2IMDSV1FallbackDisabled() (bool, bool) { return *c.EC2IMDSv1Disabled, true } + +// GetS3DisableExpressAuth returns the configured value for +// [EnvConfig.S3DisableExpressAuth]. +func (c EnvConfig) GetS3DisableExpressAuth() (value, ok bool) { + if c.S3DisableExpressAuth == nil { + return false, false + } + + return *c.S3DisableExpressAuth, true +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/config/go_module_metadata.go index 06263c6fb..b7c325d3e 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/config/go_module_metadata.go @@ -3,4 +3,4 @@ package config // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.25.0" +const goModuleVersion = "1.26.1" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/load_options.go b/vendor/github.com/aws/aws-sdk-go-v2/config/load_options.go index 7480bb45e..06596c1b7 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/load_options.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/config/load_options.go @@ -206,6 +206,15 @@ type LoadOptions struct { // The sdk app ID retrieved from env var or shared config to be added to request user agent header AppID string + + // Specifies whether an operation request could be compressed + DisableRequestCompression *bool + + // The inclusive min bytes of a request body that could be compressed + RequestMinCompressSizeBytes *int64 + + // Whether S3 Express auth is disabled. + S3DisableExpressAuth *bool } func (o LoadOptions) getDefaultsMode(ctx context.Context) (aws.DefaultsMode, bool, error) { @@ -253,6 +262,22 @@ func (o LoadOptions) getAppID(ctx context.Context) (string, bool, error) { return o.AppID, len(o.AppID) > 0, nil } +// getDisableRequestCompression returns DisableRequestCompression from config's LoadOptions +func (o LoadOptions) getDisableRequestCompression(ctx context.Context) (bool, bool, error) { + if o.DisableRequestCompression == nil { + return false, false, nil + } + return *o.DisableRequestCompression, true, nil +} + +// getRequestMinCompressSizeBytes returns RequestMinCompressSizeBytes from config's LoadOptions +func (o LoadOptions) getRequestMinCompressSizeBytes(ctx context.Context) (int64, bool, error) { + if o.RequestMinCompressSizeBytes == nil { + return 0, false, nil + } + return *o.RequestMinCompressSizeBytes, true, nil +} + // WithRegion is a helper function to construct functional options // that sets Region on config's LoadOptions. Setting the region to // an empty string, will result in the region value being ignored. @@ -274,6 +299,30 @@ func WithAppID(ID string) LoadOptionsFunc { } } +// WithDisableRequestCompression is a helper function to construct functional options +// that sets DisableRequestCompression on config's LoadOptions. +func WithDisableRequestCompression(DisableRequestCompression *bool) LoadOptionsFunc { + return func(o *LoadOptions) error { + if DisableRequestCompression == nil { + return nil + } + o.DisableRequestCompression = DisableRequestCompression + return nil + } +} + +// WithRequestMinCompressSizeBytes is a helper function to construct functional options +// that sets RequestMinCompressSizeBytes on config's LoadOptions. +func WithRequestMinCompressSizeBytes(RequestMinCompressSizeBytes *int64) LoadOptionsFunc { + return func(o *LoadOptions) error { + if RequestMinCompressSizeBytes == nil { + return nil + } + o.RequestMinCompressSizeBytes = RequestMinCompressSizeBytes + return nil + } +} + // getDefaultRegion returns DefaultRegion from config's LoadOptions func (o LoadOptions) getDefaultRegion(ctx context.Context) (string, bool, error) { if len(o.DefaultRegion) == 0 { @@ -1044,3 +1093,22 @@ func WithDefaultsMode(mode aws.DefaultsMode, optFns ...func(options *DefaultsMod return nil } } + +// GetS3DisableExpressAuth returns the configured value for +// [EnvConfig.S3DisableExpressAuth]. +func (o LoadOptions) GetS3DisableExpressAuth() (value, ok bool) { + if o.S3DisableExpressAuth == nil { + return false, false + } + + return *o.S3DisableExpressAuth, true +} + +// WithS3DisableExpressAuth sets [LoadOptions.S3DisableExpressAuth] +// to the value provided. +func WithS3DisableExpressAuth(v bool) LoadOptionsFunc { + return func(o *LoadOptions) error { + o.S3DisableExpressAuth = &v + return nil + } +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/provider.go b/vendor/github.com/aws/aws-sdk-go-v2/config/provider.go index d52358460..13745fc98 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/provider.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/config/provider.go @@ -191,6 +191,40 @@ func getAppID(ctx context.Context, configs configs) (value string, found bool, e return } +// disableRequestCompressionProvider provides access to the DisableRequestCompression +type disableRequestCompressionProvider interface { + getDisableRequestCompression(context.Context) (bool, bool, error) +} + +func getDisableRequestCompression(ctx context.Context, configs configs) (value bool, found bool, err error) { + for _, cfg := range configs { + if p, ok := cfg.(disableRequestCompressionProvider); ok { + value, found, err = p.getDisableRequestCompression(ctx) + if err != nil || found { + break + } + } + } + return +} + +// requestMinCompressSizeBytesProvider provides access to the MinCompressSizeBytes +type requestMinCompressSizeBytesProvider interface { + getRequestMinCompressSizeBytes(context.Context) (int64, bool, error) +} + +func getRequestMinCompressSizeBytes(ctx context.Context, configs configs) (value int64, found bool, err error) { + for _, cfg := range configs { + if p, ok := cfg.(requestMinCompressSizeBytesProvider); ok { + value, found, err = p.getRequestMinCompressSizeBytes(ctx) + if err != nil || found { + break + } + } + } + return +} + // ec2IMDSRegionProvider provides access to the ec2 imds region // configuration value type ec2IMDSRegionProvider interface { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/resolve.go b/vendor/github.com/aws/aws-sdk-go-v2/config/resolve.go index b5a74b231..fde2e3980 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/resolve.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/config/resolve.go @@ -27,7 +27,6 @@ func resolveDefaultAWSConfig(ctx context.Context, cfg *aws.Config, cfgs configs) } *cfg = aws.Config{ - Credentials: aws.AnonymousCredentials{}, Logger: logging.NewStandardLogger(os.Stderr), ConfigSources: sources, } @@ -140,6 +139,33 @@ func resolveAppID(ctx context.Context, cfg *aws.Config, configs configs) error { return nil } +// resolveDisableRequestCompression extracts the DisableRequestCompression from the configs slice's +// SharedConfig or EnvConfig +func resolveDisableRequestCompression(ctx context.Context, cfg *aws.Config, configs configs) error { + disable, _, err := getDisableRequestCompression(ctx, configs) + if err != nil { + return err + } + + cfg.DisableRequestCompression = disable + return nil +} + +// resolveRequestMinCompressSizeBytes extracts the RequestMinCompressSizeBytes from the configs slice's +// SharedConfig or EnvConfig +func resolveRequestMinCompressSizeBytes(ctx context.Context, cfg *aws.Config, configs configs) error { + minBytes, found, err := getRequestMinCompressSizeBytes(ctx, configs) + if err != nil { + return err + } + // must set a default min size 10240 if not configured + if !found { + minBytes = 10240 + } + cfg.RequestMinCompressSizeBytes = minBytes + return nil +} + // resolveDefaultRegion extracts the first instance of a default region and sets `aws.Config.Region` to the default // region if region had not been resolved from other sources. func resolveDefaultRegion(ctx context.Context, cfg *aws.Config, configs configs) error { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/shared_config.go b/vendor/github.com/aws/aws-sdk-go-v2/config/shared_config.go index 20683bf5f..c546cb7d0 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/shared_config.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/config/shared_config.go @@ -17,6 +17,7 @@ import ( "github.com/aws/aws-sdk-go-v2/internal/ini" "github.com/aws/aws-sdk-go-v2/internal/shareddefaults" "github.com/aws/smithy-go/logging" + smithyrequestcompression "github.com/aws/smithy-go/private/requestcompression" ) const ( @@ -30,7 +31,7 @@ const ( // Prefix for services section. It is referenced in profile via the services // parameter to configure clients for service-specific parameters. - servicesPrefix = `services` + servicesPrefix = `services ` // string equivalent for boolean endpointDiscoveryDisabled = `false` @@ -107,6 +108,13 @@ const ( ignoreConfiguredEndpoints = "ignore_configured_endpoint_urls" endpointURL = "endpoint_url" + + servicesSectionKey = "services" + + disableRequestCompression = "disable_request_compression" + requestMinCompressionSizeBytes = "request_min_compression_size_bytes" + + s3DisableExpressSessionAuthKey = "s3_disable_express_session_auth" ) // defaultSharedConfigProfile allows for swapping the default profile for testing @@ -314,8 +322,25 @@ type SharedConfig struct { // corresponding endpoint resolution field. BaseEndpoint string - // Value to contain services section content. - Services Services + // Services section config. + ServicesSectionName string + Services Services + + // determine if request compression is allowed, default to false + // retrieved from config file's profile field disable_request_compression + DisableRequestCompression *bool + + // inclusive threshold request body size to trigger compression, + // default to 10240 and must be within 0 and 10485760 bytes inclusive + // retrieved from config file's profile field request_min_compression_size_bytes + RequestMinCompressSizeBytes *int64 + + // Whether S3Express auth is disabled. + // + // This will NOT prevent requests from being made to S3Express buckets, it + // will only bypass the modified endpoint routing and signing behaviors + // associated with the feature. + S3DisableExpressAuth *bool } func (c SharedConfig) getDefaultsMode(ctx context.Context) (value aws.DefaultsMode, ok bool, err error) { @@ -435,6 +460,16 @@ func (c SharedConfig) GetUseFIPSEndpoint(ctx context.Context) (value aws.FIPSEnd return c.UseFIPSEndpoint, true, nil } +// GetS3DisableExpressAuth returns the configured value for +// [SharedConfig.S3DisableExpressAuth]. +func (c SharedConfig) GetS3DisableExpressAuth() (value, ok bool) { + if c.S3DisableExpressAuth == nil { + return false, false + } + + return *c.S3DisableExpressAuth, true +} + // GetCustomCABundle returns the custom CA bundle's PEM bytes if the file was func (c SharedConfig) getCustomCABundle(context.Context) (io.Reader, bool, error) { if len(c.CustomCABundle) == 0 { @@ -975,14 +1010,11 @@ func (c *SharedConfig) setFromIniSections(profiles map[string]struct{}, profile c.SSOSession = &ssoSession } - for _, sectionName := range sections.List() { - if strings.HasPrefix(sectionName, servicesPrefix) { - section, ok := sections.GetSection(sectionName) - if ok { - var svcs Services - svcs.setFromIniSection(section) - c.Services = svcs - } + if len(c.ServicesSectionName) > 0 { + if section, ok := sections.GetSection(servicesPrefix + c.ServicesSectionName); ok { + var svcs Services + svcs.setFromIniSection(section) + c.Services = svcs } } @@ -1054,6 +1086,7 @@ func (c *SharedConfig) setFromIniSection(profile string, section ini.Section) er updateEndpointDiscoveryType(&c.EnableEndpointDiscovery, section, enableEndpointDiscoveryKey) updateBoolPtr(&c.S3UseARNRegion, section, s3UseARNRegionKey) updateBoolPtr(&c.S3DisableMultiRegionAccessPoints, section, s3DisableMultiRegionAccessPointsKey) + updateBoolPtr(&c.S3DisableExpressAuth, section, s3DisableExpressSessionAuthKey) if err := updateEC2MetadataServiceEndpointMode(&c.EC2IMDSEndpointMode, section, ec2MetadataServiceEndpointModeKey); err != nil { return fmt.Errorf("failed to load %s from shared config, %v", ec2MetadataServiceEndpointModeKey, err) @@ -1084,6 +1117,13 @@ func (c *SharedConfig) setFromIniSection(profile string, section ini.Section) er updateString(&c.BaseEndpoint, section, endpointURL) + if err := updateDisableRequestCompression(&c.DisableRequestCompression, section, disableRequestCompression); err != nil { + return fmt.Errorf("failed to load %s from shared config, %w", disableRequestCompression, err) + } + if err := updateRequestMinCompressSizeBytes(&c.RequestMinCompressSizeBytes, section, requestMinCompressionSizeBytes); err != nil { + return fmt.Errorf("failed to load %s from shared config, %w", requestMinCompressionSizeBytes, err) + } + // Shared Credentials creds := aws.Credentials{ AccessKeyID: section.String(accessKeyIDKey), @@ -1096,9 +1136,61 @@ func (c *SharedConfig) setFromIniSection(profile string, section ini.Section) er c.Credentials = creds } + updateString(&c.ServicesSectionName, section, servicesSectionKey) + return nil } +func updateRequestMinCompressSizeBytes(bytes **int64, sec ini.Section, key string) error { + if !sec.Has(key) { + return nil + } + + v, ok := sec.Int(key) + if !ok { + return fmt.Errorf("invalid value for min request compression size bytes %s, need int64", sec.String(key)) + } + if v < 0 || v > smithyrequestcompression.MaxRequestMinCompressSizeBytes { + return fmt.Errorf("invalid range for min request compression size bytes %d, must be within 0 and 10485760 inclusively", v) + } + *bytes = new(int64) + **bytes = v + return nil +} + +func updateDisableRequestCompression(disable **bool, sec ini.Section, key string) error { + if !sec.Has(key) { + return nil + } + + v := sec.String(key) + switch { + case v == "true": + *disable = new(bool) + **disable = true + case v == "false": + *disable = new(bool) + **disable = false + default: + return fmt.Errorf("invalid value for shared config profile field, %s=%s, need true or false", key, v) + } + return nil +} + +func (c SharedConfig) getRequestMinCompressSizeBytes(ctx context.Context) (int64, bool, error) { + if c.RequestMinCompressSizeBytes == nil { + return 0, false, nil + } + return *c.RequestMinCompressSizeBytes, true, nil +} + +func (c SharedConfig) getDisableRequestCompression(ctx context.Context) (bool, bool, error) { + if c.DisableRequestCompression == nil { + return false, false, nil + } + return *c.DisableRequestCompression, true, nil +} + func updateDefaultsMode(mode *aws.DefaultsMode, section ini.Section, key string) error { if !section.Has(key) { return nil diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/credentials/CHANGELOG.md index a495fb6db..dd7af71d1 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/credentials/CHANGELOG.md @@ -1,3 +1,51 @@ +# v1.16.12 (2023-12-08) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.16.11 (2023-12-07) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.16.10 (2023-12-06) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.16.9 (2023-12-01) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.16.8 (2023-11-30) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.16.7 (2023-11-29) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.16.6 (2023-11-28.2) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.16.5 (2023-11-28) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.16.4 (2023-11-21) + +* **Bug Fix**: Don't expect error responses to have a JSON payload in the endpointcreds provider. + +# v1.16.3 (2023-11-20) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.16.2 (2023-11-17) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.16.1 (2023-11-15) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.16.0 (2023-11-14) * **Feature**: Add support for dynamic auth token from file and EKS container host in absolute/relative URIs in the HTTP credential provider. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/client.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/client.go index 60b8298f8..df0e7575c 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/client.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/client.go @@ -62,7 +62,16 @@ func New(options Options, optFns ...func(*Options)) *Client { } if options.Retryer == nil { - options.Retryer = retry.NewStandard() + // Amazon-owned implementations of this endpoint are known to sometimes + // return plaintext responses (i.e. no Code) like normal, add a few + // additional status codes + options.Retryer = retry.NewStandard(func(o *retry.StandardOptions) { + o.Retryables = append(o.Retryables, retry.RetryableHTTPStatusCode{ + Codes: map[int]struct{}{ + http.StatusTooManyRequests: {}, + }, + }) + }) } for _, fn := range optFns { @@ -122,9 +131,10 @@ type GetCredentialsOutput struct { // EndpointError is an error returned from the endpoint service type EndpointError struct { - Code string `json:"code"` - Message string `json:"message"` - Fault smithy.ErrorFault `json:"-"` + Code string `json:"code"` + Message string `json:"message"` + Fault smithy.ErrorFault `json:"-"` + statusCode int `json:"-"` } // Error is the error mesage string @@ -146,3 +156,8 @@ func (e *EndpointError) ErrorMessage() string { func (e *EndpointError) ErrorFault() smithy.ErrorFault { return e.Fault } + +// HTTPStatusCode implements retry.HTTPStatusCode. +func (e *EndpointError) HTTPStatusCode() int { + return e.statusCode +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/middleware.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/middleware.go index 40747a53c..ddb28a66d 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/middleware.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/middleware.go @@ -4,6 +4,7 @@ import ( "context" "encoding/json" "fmt" + "io" "net/url" "github.com/aws/smithy-go" @@ -104,17 +105,44 @@ func (d *deserializeOpGetCredential) HandleDeserialize(ctx context.Context, in s } func deserializeError(response *smithyhttp.Response) error { - var errShape *EndpointError - err := json.NewDecoder(response.Body).Decode(&errShape) + // we could be talking to anything, json isn't guaranteed + // see https://github.com/aws/aws-sdk-go-v2/issues/2316 + if response.Header.Get("Content-Type") == "application/json" { + return deserializeJSONError(response) + } + + msg, err := io.ReadAll(response.Body) if err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to decode error message, %w", err)} + return &smithy.DeserializationError{ + Err: fmt.Errorf("read response, %w", err), + } } - if response.StatusCode >= 500 { - errShape.Fault = smithy.FaultServer - } else { - errShape.Fault = smithy.FaultClient + return &EndpointError{ + // no sensible value for Code + Message: string(msg), + Fault: stof(response.StatusCode), + statusCode: response.StatusCode, + } +} + +func deserializeJSONError(response *smithyhttp.Response) error { + var errShape *EndpointError + if err := json.NewDecoder(response.Body).Decode(&errShape); err != nil { + return &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode error message, %w", err), + } } + errShape.Fault = stof(response.StatusCode) + errShape.statusCode = response.StatusCode return errShape } + +// maps HTTP status code to smithy ErrorFault +func stof(code int) smithy.ErrorFault { + if code >= 500 { + return smithy.FaultServer + } + return smithy.FaultClient +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/go_module_metadata.go index 2e04b5863..ec3eb5f6e 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/credentials/go_module_metadata.go @@ -3,4 +3,4 @@ package credentials // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.16.0" +const goModuleVersion = "1.16.12" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/CHANGELOG.md index c566941f9..eef77e9d5 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/CHANGELOG.md @@ -1,3 +1,31 @@ +# v1.14.10 (2023-12-07) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.14.9 (2023-12-01) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.14.8 (2023-11-30) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.14.7 (2023-11-29) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.14.6 (2023-11-28.2) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.14.5 (2023-11-20) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.14.4 (2023-11-15) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.14.3 (2023-11-09) * **Dependency Update**: Updated to the latest SDK module versions diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/go_module_metadata.go index eea163103..ce3e31118 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/go_module_metadata.go @@ -3,4 +3,4 @@ package imds // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.14.3" +const goModuleVersion = "1.14.10" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/CHANGELOG.md index 1bf74c941..64776bda6 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/CHANGELOG.md @@ -1,3 +1,65 @@ +# v1.15.7 (2023-12-08) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.15.6 (2023-12-07) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.15.5 (2023-12-06) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.15.4 (2023-12-01) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.15.3 (2023-11-30) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.15.2 (2023-11-29) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.15.1 (2023-11-28.3) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.15.0 (2023-11-28.2) + +* **Feature**: Add S3Express support. +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.14.4 (2023-11-28) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.14.3 (2023-11-27) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.14.2 (2023-11-21) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.14.1 (2023-11-20) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.14.0 (2023-11-17) + +* **Feature**: **BREAKING CHANGE** Correct nullability of a large number of S3 structure fields. See https://github.com/aws/aws-sdk-go-v2/issues/2162. +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.13.9 (2023-11-16) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.13.8 (2023-11-15) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.13.7 (2023-11-14) * **Dependency Update**: Updated to the latest SDK module versions diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/bucket_region.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/bucket_region.go index 2d8bd7e00..a6a9781e5 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/bucket_region.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/bucket_region.go @@ -65,7 +65,6 @@ func GetBucketRegion(ctx context.Context, client HeadBucketAPIClient, bucket str clientOptionFns := make([]func(*s3.Options), len(optFns)+1) clientOptionFns[0] = func(options *s3.Options) { - options.Credentials = aws.AnonymousCredentials{} options.APIOptions = append(options.APIOptions, captureBucketRegion.RegisterMiddleware) } copy(clientOptionFns[1:], optFns) diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/download.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/download.go index 2ebcea585..06070adad 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/download.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/download.go @@ -436,8 +436,8 @@ func (d *downloader) setTotalBytes(resp *s3.GetObjectOutput) { if resp.ContentRange == nil { // ContentRange is nil when the full file contents is provided, and // is not chunked. Use ContentLength instead. - if resp.ContentLength > 0 { - d.totalBytes = resp.ContentLength + if aws.ToInt64(resp.ContentLength) > 0 { + d.totalBytes = aws.ToInt64(resp.ContentLength) return } } else { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/go_module_metadata.go index 1de122276..dc9bdc397 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/go_module_metadata.go @@ -3,4 +3,4 @@ package manager // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.13.7" +const goModuleVersion = "1.15.7" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/upload.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/upload.go index d68246c2b..d1be506e0 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/upload.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/upload.go @@ -13,8 +13,11 @@ import ( "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/internal/awsutil" + internalcontext "github.com/aws/aws-sdk-go-v2/internal/context" "github.com/aws/aws-sdk-go-v2/service/s3" "github.com/aws/aws-sdk-go-v2/service/s3/types" + smithymiddleware "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" ) // MaxUploadParts is the maximum allowed number of parts in a multi-part upload @@ -308,6 +311,9 @@ func (u Uploader) Upload(ctx context.Context, input *s3.PutObjectInput, opts ... clientOptions = append(clientOptions, func(o *s3.Options) { o.APIOptions = append(o.APIOptions, middleware.AddSDKAgentKey(middleware.FeatureMetadata, userAgentKey), + func(s *smithymiddleware.Stack) error { + return s.Finalize.Insert(&setS3ExpressDefaultChecksum{}, "ResolveEndpointV2", smithymiddleware.After) + }, ) }) clientOptions = append(clientOptions, i.cfg.ClientOptions...) @@ -501,7 +507,7 @@ func (u *uploader) singlePart(r io.ReadSeeker, cleanup func()) (*UploadOutput, e return &UploadOutput{ Location: locationRecorder.location, - BucketKeyEnabled: out.BucketKeyEnabled, + BucketKeyEnabled: aws.ToBool(out.BucketKeyEnabled), ChecksumCRC32: out.ChecksumCRC32, ChecksumCRC32C: out.ChecksumCRC32C, ChecksumSHA1: out.ChecksumSHA1, @@ -568,9 +574,11 @@ type chunk struct { // since S3 required this list to be sent in sorted order. type completedParts []types.CompletedPart -func (a completedParts) Len() int { return len(a) } -func (a completedParts) Swap(i, j int) { a[i], a[j] = a[j], a[i] } -func (a completedParts) Less(i, j int) bool { return a[i].PartNumber < a[j].PartNumber } +func (a completedParts) Len() int { return len(a) } +func (a completedParts) Swap(i, j int) { a[i], a[j] = a[j], a[i] } +func (a completedParts) Less(i, j int) bool { + return aws.ToInt32(a[i].PartNumber) < aws.ToInt32(a[j].PartNumber) +} // upload will perform a multipart upload using the firstBuf buffer containing // the first chunk of data. @@ -639,7 +647,7 @@ func (u *multiuploader) upload(firstBuf io.ReadSeeker, cleanup func()) (*UploadO UploadID: u.uploadID, CompletedParts: u.parts, - BucketKeyEnabled: completeOut.BucketKeyEnabled, + BucketKeyEnabled: aws.ToBool(completeOut.BucketKeyEnabled), ChecksumCRC32: completeOut.ChecksumCRC32, ChecksumCRC32C: completeOut.ChecksumCRC32C, ChecksumSHA1: completeOut.ChecksumSHA1, @@ -722,7 +730,7 @@ func (u *multiuploader) send(c chunk) error { // PutObject as they are never valid for individual parts of a // multipart upload. - PartNumber: c.num, + PartNumber: aws.Int32(c.num), UploadId: &u.uploadID, } // TODO should do copy then clear? @@ -734,7 +742,7 @@ func (u *multiuploader) send(c chunk) error { var completed types.CompletedPart awsutil.Copy(&completed, resp) - completed.PartNumber = c.num + completed.PartNumber = aws.Int32(c.num) u.m.Lock() u.parts = append(u.parts, completed) @@ -806,3 +814,42 @@ type readerAtSeeker interface { io.ReaderAt io.ReadSeeker } + +// setS3ExpressDefaultChecksum defaults to CRC32 for S3Express buckets, +// which is required when uploading to those through transfer manager. +type setS3ExpressDefaultChecksum struct{} + +func (*setS3ExpressDefaultChecksum) ID() string { + return "setS3ExpressDefaultChecksum" +} + +func (*setS3ExpressDefaultChecksum) HandleFinalize( + ctx context.Context, in smithymiddleware.FinalizeInput, next smithymiddleware.FinalizeHandler, +) ( + out smithymiddleware.FinalizeOutput, metadata smithymiddleware.Metadata, err error, +) { + const checksumHeader = "x-amz-checksum-algorithm" + + if internalcontext.GetS3Backend(ctx) != internalcontext.S3BackendS3Express { + return next.HandleFinalize(ctx, in) + } + + // If this is CreateMultipartUpload we need to ensure the checksum + // algorithm header is present. Otherwise everything is driven off the + // context setting and we can let it flow from there. + if middleware.GetOperationName(ctx) == "CreateMultipartUpload" { + r, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) + } + + if internalcontext.GetChecksumInputAlgorithm(ctx) == "" { + r.Header.Set(checksumHeader, "CRC32") + } + return next.HandleFinalize(ctx, in) + } else if internalcontext.GetChecksumInputAlgorithm(ctx) == "" { + ctx = internalcontext.SetChecksumInputAlgorithm(ctx, string(types.ChecksumAlgorithmCrc32)) + } + + return next.HandleFinalize(ctx, in) +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/auth.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/auth.go new file mode 100644 index 000000000..0b81db548 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/auth.go @@ -0,0 +1,45 @@ +package auth + +import ( + "github.com/aws/smithy-go/auth" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// HTTPAuthScheme is the SDK's internal implementation of smithyhttp.AuthScheme +// for pre-existing implementations where the signer was added to client +// config. SDK clients will key off of this type and ensure per-operation +// updates to those signers persist on the scheme itself. +type HTTPAuthScheme struct { + schemeID string + signer smithyhttp.Signer +} + +var _ smithyhttp.AuthScheme = (*HTTPAuthScheme)(nil) + +// NewHTTPAuthScheme returns an auth scheme instance with the given config. +func NewHTTPAuthScheme(schemeID string, signer smithyhttp.Signer) *HTTPAuthScheme { + return &HTTPAuthScheme{ + schemeID: schemeID, + signer: signer, + } +} + +// SchemeID identifies the auth scheme. +func (s *HTTPAuthScheme) SchemeID() string { + return s.schemeID +} + +// IdentityResolver gets the identity resolver for the auth scheme. +func (s *HTTPAuthScheme) IdentityResolver(o auth.IdentityResolverOptions) auth.IdentityResolver { + return o.GetIdentityResolver(s.schemeID) +} + +// Signer gets the signer for the auth scheme. +func (s *HTTPAuthScheme) Signer() smithyhttp.Signer { + return s.signer +} + +// WithSigner returns a new instance of the auth scheme with the updated signer. +func (s *HTTPAuthScheme) WithSigner(signer smithyhttp.Signer) *HTTPAuthScheme { + return NewHTTPAuthScheme(s.schemeID, signer) +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/scheme.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/scheme.go index ff229c048..bbc2ec06e 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/scheme.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/scheme.go @@ -16,6 +16,9 @@ const SigV4 = "sigv4" // Authentication Scheme Signature Version 4A const SigV4A = "sigv4a" +// SigV4S3Express identifies the S3 S3Express auth scheme. +const SigV4S3Express = "sigv4-s3express" + // None is a constant representing the // None Authentication Scheme const None = "none" @@ -24,9 +27,10 @@ const None = "none" // that indicates the list of supported AWS // authentication schemes var SupportedSchemes = map[string]bool{ - SigV4: true, - SigV4A: true, - None: true, + SigV4: true, + SigV4A: true, + SigV4S3Express: true, + None: true, } // AuthenticationScheme is a representation of @@ -93,10 +97,11 @@ func GetAuthenticationSchemes(p *smithy.Properties) ([]AuthenticationScheme, err for _, scheme := range authSchemes { authScheme, _ := scheme.(map[string]interface{}) - switch authScheme["name"] { - case SigV4: + version := authScheme["name"].(string) + switch version { + case SigV4, SigV4S3Express: v4Scheme := AuthenticationSchemeV4{ - Name: SigV4, + Name: version, SigningName: getSigningName(authScheme), SigningRegion: getSigningRegion(authScheme), DisableDoubleEncoding: getDisableDoubleEncoding(authScheme), diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/bearer_token_adapter.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/bearer_token_adapter.go new file mode 100644 index 000000000..f059b5d39 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/bearer_token_adapter.go @@ -0,0 +1,43 @@ +package smithy + +import ( + "context" + "fmt" + "time" + + "github.com/aws/smithy-go" + "github.com/aws/smithy-go/auth" + "github.com/aws/smithy-go/auth/bearer" +) + +// BearerTokenAdapter adapts smithy bearer.Token to smithy auth.Identity. +type BearerTokenAdapter struct { + Token bearer.Token +} + +var _ auth.Identity = (*BearerTokenAdapter)(nil) + +// Expiration returns the time of expiration for the token. +func (v *BearerTokenAdapter) Expiration() time.Time { + return v.Token.Expires +} + +// BearerTokenProviderAdapter adapts smithy bearer.TokenProvider to smithy +// auth.IdentityResolver. +type BearerTokenProviderAdapter struct { + Provider bearer.TokenProvider +} + +var _ (auth.IdentityResolver) = (*BearerTokenProviderAdapter)(nil) + +// GetIdentity retrieves a bearer token using the underlying provider. +func (v *BearerTokenProviderAdapter) GetIdentity(ctx context.Context, _ smithy.Properties) ( + auth.Identity, error, +) { + token, err := v.Provider.RetrieveBearerToken(ctx) + if err != nil { + return nil, fmt.Errorf("get token: %w", err) + } + + return &BearerTokenAdapter{Token: token}, nil +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/bearer_token_signer_adapter.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/bearer_token_signer_adapter.go new file mode 100644 index 000000000..a88281527 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/bearer_token_signer_adapter.go @@ -0,0 +1,35 @@ +package smithy + +import ( + "context" + "fmt" + + "github.com/aws/smithy-go" + "github.com/aws/smithy-go/auth" + "github.com/aws/smithy-go/auth/bearer" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// BearerTokenSignerAdapter adapts smithy bearer.Signer to smithy http +// auth.Signer. +type BearerTokenSignerAdapter struct { + Signer bearer.Signer +} + +var _ (smithyhttp.Signer) = (*BearerTokenSignerAdapter)(nil) + +// SignRequest signs the request with the provided bearer token. +func (v *BearerTokenSignerAdapter) SignRequest(ctx context.Context, r *smithyhttp.Request, identity auth.Identity, _ smithy.Properties) error { + ca, ok := identity.(*BearerTokenAdapter) + if !ok { + return fmt.Errorf("unexpected identity type: %T", identity) + } + + signed, err := v.Signer.SignWithBearerToken(ctx, ca.Token, r) + if err != nil { + return fmt.Errorf("sign request: %w", err) + } + + *r = *signed.(*smithyhttp.Request) + return nil +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/credentials_adapter.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/credentials_adapter.go new file mode 100644 index 000000000..f926c4aaa --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/credentials_adapter.go @@ -0,0 +1,46 @@ +package smithy + +import ( + "context" + "fmt" + "time" + + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/smithy-go" + "github.com/aws/smithy-go/auth" +) + +// CredentialsAdapter adapts aws.Credentials to auth.Identity. +type CredentialsAdapter struct { + Credentials aws.Credentials +} + +var _ auth.Identity = (*CredentialsAdapter)(nil) + +// Expiration returns the time of expiration for the credentials. +func (v *CredentialsAdapter) Expiration() time.Time { + return v.Credentials.Expires +} + +// CredentialsProviderAdapter adapts aws.CredentialsProvider to auth.IdentityResolver. +type CredentialsProviderAdapter struct { + Provider aws.CredentialsProvider +} + +var _ (auth.IdentityResolver) = (*CredentialsProviderAdapter)(nil) + +// GetIdentity retrieves AWS credentials using the underlying provider. +func (v *CredentialsProviderAdapter) GetIdentity(ctx context.Context, _ smithy.Properties) ( + auth.Identity, error, +) { + if v.Provider == nil { + return &CredentialsAdapter{Credentials: aws.Credentials{}}, nil + } + + creds, err := v.Provider.Retrieve(ctx) + if err != nil { + return nil, fmt.Errorf("get credentials: %w", err) + } + + return &CredentialsAdapter{Credentials: creds}, nil +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/smithy.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/smithy.go new file mode 100644 index 000000000..42b458673 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/smithy.go @@ -0,0 +1,2 @@ +// Package smithy adapts concrete AWS auth and signing types to the generic smithy versions. +package smithy diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/v4signer_adapter.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/v4signer_adapter.go new file mode 100644 index 000000000..0c5a2d40c --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/v4signer_adapter.go @@ -0,0 +1,53 @@ +package smithy + +import ( + "context" + "fmt" + + v4 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" + "github.com/aws/aws-sdk-go-v2/internal/sdk" + "github.com/aws/smithy-go" + "github.com/aws/smithy-go/auth" + "github.com/aws/smithy-go/logging" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// V4SignerAdapter adapts v4.HTTPSigner to smithy http.Signer. +type V4SignerAdapter struct { + Signer v4.HTTPSigner + Logger logging.Logger + LogSigning bool +} + +var _ (smithyhttp.Signer) = (*V4SignerAdapter)(nil) + +// SignRequest signs the request with the provided identity. +func (v *V4SignerAdapter) SignRequest(ctx context.Context, r *smithyhttp.Request, identity auth.Identity, props smithy.Properties) error { + ca, ok := identity.(*CredentialsAdapter) + if !ok { + return fmt.Errorf("unexpected identity type: %T", identity) + } + + name, ok := smithyhttp.GetSigV4SigningName(&props) + if !ok { + return fmt.Errorf("sigv4 signing name is required") + } + + region, ok := smithyhttp.GetSigV4SigningRegion(&props) + if !ok { + return fmt.Errorf("sigv4 signing region is required") + } + + hash := v4.GetPayloadHash(ctx) + err := v.Signer.SignHTTP(ctx, ca.Credentials, r.Request, hash, name, region, sdk.NowTime(), func(o *v4.SignerOptions) { + o.DisableURIPathEscaping, _ = smithyhttp.GetDisableDoubleEncoding(&props) + + o.Logger = v.Logger + o.LogSigning = v.LogSigning + }) + if err != nil { + return fmt.Errorf("sign http: %w", err) + } + + return nil +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md index d260b444d..5ceb3b82f 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md @@ -1,3 +1,31 @@ +# v1.2.9 (2023-12-07) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.2.8 (2023-12-01) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.2.7 (2023-11-30) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.2.6 (2023-11-29) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.2.5 (2023-11-28.2) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.2.4 (2023-11-20) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.2.3 (2023-11-15) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.2.2 (2023-11-09) * **Dependency Update**: Updated to the latest SDK module versions diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go index 991b7b84a..da7d0d813 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go @@ -3,4 +3,4 @@ package configsources // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.2.2" +const goModuleVersion = "1.2.9" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/context/context.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/context/context.go new file mode 100644 index 000000000..15bf10477 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/context/context.go @@ -0,0 +1,39 @@ +package context + +import ( + "context" + + "github.com/aws/smithy-go/middleware" +) + +type s3BackendKey struct{} +type checksumInputAlgorithmKey struct{} + +const ( + // S3BackendS3Express identifies the S3Express backend + S3BackendS3Express = "S3Express" +) + +// SetS3Backend stores the resolved endpoint backend within the request +// context, which is required for a variety of custom S3 behaviors. +func SetS3Backend(ctx context.Context, typ string) context.Context { + return middleware.WithStackValue(ctx, s3BackendKey{}, typ) +} + +// GetS3Backend retrieves the stored endpoint backend within the context. +func GetS3Backend(ctx context.Context) string { + v, _ := middleware.GetStackValue(ctx, s3BackendKey{}).(string) + return v +} + +// SetChecksumInputAlgorithm sets the request checksum algorithm on the +// context. +func SetChecksumInputAlgorithm(ctx context.Context, value string) context.Context { + return middleware.WithStackValue(ctx, checksumInputAlgorithmKey{}, value) +} + +// GetChecksumInputAlgorithm returns the checksum algorithm from the context. +func GetChecksumInputAlgorithm(ctx context.Context) string { + v, _ := middleware.GetStackValue(ctx, checksumInputAlgorithmKey{}).(string) + return v +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/partitions.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/partitions.go index 7ea49d4ea..849beffd7 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/partitions.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/partitions.go @@ -11,7 +11,7 @@ func GetPartition(region string) *PartitionConfig { var partitions = []Partition{ { ID: "aws", - RegionRegex: "^(us|eu|ap|sa|ca|me|af)\\-\\w+\\-\\d+$", + RegionRegex: "^(us|eu|ap|sa|ca|me|af|il)\\-\\w+\\-\\d+$", DefaultConfig: PartitionConfig{ Name: "aws", DnsSuffix: "amazonaws.com", @@ -90,6 +90,13 @@ var partitions = []Partition{ SupportsFIPS: nil, SupportsDualStack: nil, }, + "ap-southeast-4": { + Name: nil, + DnsSuffix: nil, + DualStackDnsSuffix: nil, + SupportsFIPS: nil, + SupportsDualStack: nil, + }, "aws-global": { Name: nil, DnsSuffix: nil, @@ -160,6 +167,13 @@ var partitions = []Partition{ SupportsFIPS: nil, SupportsDualStack: nil, }, + "il-central-1": { + Name: nil, + DnsSuffix: nil, + DualStackDnsSuffix: nil, + SupportsFIPS: nil, + SupportsDualStack: nil, + }, "me-central-1": { Name: nil, DnsSuffix: nil, @@ -340,4 +354,28 @@ var partitions = []Partition{ }, }, }, + { + ID: "aws-iso-e", + RegionRegex: "^eu\\-isoe\\-\\w+\\-\\d+$", + DefaultConfig: PartitionConfig{ + Name: "aws-iso-e", + DnsSuffix: "cloud.adc-e.uk", + DualStackDnsSuffix: "cloud.adc-e.uk", + SupportsFIPS: true, + SupportsDualStack: false, + }, + Regions: map[string]RegionOverrides{}, + }, + { + ID: "aws-iso-f", + RegionRegex: "^us\\-isof\\-\\w+\\-\\d+$", + DefaultConfig: PartitionConfig{ + Name: "aws-iso-f", + DnsSuffix: "csp.hci.ic.gov", + DualStackDnsSuffix: "csp.hci.ic.gov", + SupportsFIPS: true, + SupportsDualStack: false, + }, + Regions: map[string]RegionOverrides{}, + }, } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/endpoints.go new file mode 100644 index 000000000..67950ca36 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/endpoints.go @@ -0,0 +1,201 @@ +package endpoints + +import ( + "fmt" + "regexp" + "strings" + + "github.com/aws/aws-sdk-go-v2/aws" +) + +const ( + defaultProtocol = "https" + defaultSigner = "v4" +) + +var ( + protocolPriority = []string{"https", "http"} + signerPriority = []string{"v4"} +) + +// Options provide configuration needed to direct how endpoints are resolved. +type Options struct { + // Disable usage of HTTPS (TLS / SSL) + DisableHTTPS bool +} + +// Partitions is a slice of partition +type Partitions []Partition + +// ResolveEndpoint resolves a service endpoint for the given region and options. +func (ps Partitions) ResolveEndpoint(region string, opts Options) (aws.Endpoint, error) { + if len(ps) == 0 { + return aws.Endpoint{}, fmt.Errorf("no partitions found") + } + + for i := 0; i < len(ps); i++ { + if !ps[i].canResolveEndpoint(region) { + continue + } + + return ps[i].ResolveEndpoint(region, opts) + } + + // fallback to first partition format to use when resolving the endpoint. + return ps[0].ResolveEndpoint(region, opts) +} + +// Partition is an AWS partition description for a service and its' region endpoints. +type Partition struct { + ID string + RegionRegex *regexp.Regexp + PartitionEndpoint string + IsRegionalized bool + Defaults Endpoint + Endpoints Endpoints +} + +func (p Partition) canResolveEndpoint(region string) bool { + _, ok := p.Endpoints[region] + return ok || p.RegionRegex.MatchString(region) +} + +// ResolveEndpoint resolves and service endpoint for the given region and options. +func (p Partition) ResolveEndpoint(region string, options Options) (resolved aws.Endpoint, err error) { + if len(region) == 0 && len(p.PartitionEndpoint) != 0 { + region = p.PartitionEndpoint + } + + e, _ := p.endpointForRegion(region) + + return e.resolve(p.ID, region, p.Defaults, options), nil +} + +func (p Partition) endpointForRegion(region string) (Endpoint, bool) { + if e, ok := p.Endpoints[region]; ok { + return e, true + } + + if !p.IsRegionalized { + return p.Endpoints[p.PartitionEndpoint], region == p.PartitionEndpoint + } + + // Unable to find any matching endpoint, return + // blank that will be used for generic endpoint creation. + return Endpoint{}, false +} + +// Endpoints is a map of service config regions to endpoints +type Endpoints map[string]Endpoint + +// CredentialScope is the credential scope of a region and service +type CredentialScope struct { + Region string + Service string +} + +// Endpoint is a service endpoint description +type Endpoint struct { + // True if the endpoint cannot be resolved for this partition/region/service + Unresolveable aws.Ternary + + Hostname string + Protocols []string + + CredentialScope CredentialScope + + SignatureVersions []string `json:"signatureVersions"` +} + +func (e Endpoint) resolve(partition, region string, def Endpoint, options Options) aws.Endpoint { + var merged Endpoint + merged.mergeIn(def) + merged.mergeIn(e) + e = merged + + var u string + if e.Unresolveable != aws.TrueTernary { + // Only attempt to resolve the endpoint if it can be resolved. + hostname := strings.Replace(e.Hostname, "{region}", region, 1) + + scheme := getEndpointScheme(e.Protocols, options.DisableHTTPS) + u = scheme + "://" + hostname + } + + signingRegion := e.CredentialScope.Region + if len(signingRegion) == 0 { + signingRegion = region + } + signingName := e.CredentialScope.Service + + return aws.Endpoint{ + URL: u, + PartitionID: partition, + SigningRegion: signingRegion, + SigningName: signingName, + SigningMethod: getByPriority(e.SignatureVersions, signerPriority, defaultSigner), + } +} + +func (e *Endpoint) mergeIn(other Endpoint) { + if other.Unresolveable != aws.UnknownTernary { + e.Unresolveable = other.Unresolveable + } + if len(other.Hostname) > 0 { + e.Hostname = other.Hostname + } + if len(other.Protocols) > 0 { + e.Protocols = other.Protocols + } + if len(other.CredentialScope.Region) > 0 { + e.CredentialScope.Region = other.CredentialScope.Region + } + if len(other.CredentialScope.Service) > 0 { + e.CredentialScope.Service = other.CredentialScope.Service + } + if len(other.SignatureVersions) > 0 { + e.SignatureVersions = other.SignatureVersions + } +} + +func getEndpointScheme(protocols []string, disableHTTPS bool) string { + if disableHTTPS { + return "http" + } + + return getByPriority(protocols, protocolPriority, defaultProtocol) +} + +func getByPriority(s []string, p []string, def string) string { + if len(s) == 0 { + return def + } + + for i := 0; i < len(p); i++ { + for j := 0; j < len(s); j++ { + if s[j] == p[i] { + return s[j] + } + } + } + + return s[0] +} + +// MapFIPSRegion extracts the intrinsic AWS region from one that may have an +// embedded FIPS microformat. +func MapFIPSRegion(region string) string { + const fipsInfix = "-fips-" + const fipsPrefix = "fips-" + const fipsSuffix = "-fips" + + if strings.Contains(region, fipsInfix) || + strings.Contains(region, fipsPrefix) || + strings.Contains(region, fipsSuffix) { + region = strings.ReplaceAll(region, fipsInfix, "-") + region = strings.ReplaceAll(region, fipsPrefix, "") + region = strings.ReplaceAll(region, fipsSuffix, "") + } + + return region +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md index 1a188a571..761cc992b 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md @@ -1,3 +1,31 @@ +# v2.5.9 (2023-12-07) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v2.5.8 (2023-12-01) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v2.5.7 (2023-11-30) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v2.5.6 (2023-11-29) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v2.5.5 (2023-11-28.2) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v2.5.4 (2023-11-20) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v2.5.3 (2023-11-15) + +* **Dependency Update**: Updated to the latest SDK module versions + # v2.5.2 (2023-11-09) * **Dependency Update**: Updated to the latest SDK module versions diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go index adb6f6992..caabf668d 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go @@ -3,4 +3,4 @@ package endpoints // goModuleVersion is the tagged release for this module -const goModuleVersion = "2.5.2" +const goModuleVersion = "2.5.9" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/CHANGELOG.md index a04ce9b6f..adbbf4adc 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/CHANGELOG.md @@ -1,3 +1,11 @@ +# v1.7.2 (2023-12-08) + +* **Bug Fix**: Correct loading of [services *] sections into shared config. + +# v1.7.1 (2023-11-16) + +* **Bug Fix**: Fix recognition of trailing comments in shared config properties. # or ; separators that aren't preceded by whitespace at the end of a property value should be considered part of it. + # v1.7.0 (2023-11-13) * **Feature**: Replace the legacy config parser with a modern, less-strict implementation. Parsing failures within a section will now simply ignore the invalid line rather than silently drop the entire section. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/go_module_metadata.go index 9ffee6eed..f0673f3a0 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/go_module_metadata.go @@ -3,4 +3,4 @@ package ini // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.7.0" +const goModuleVersion = "1.7.2" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/parse.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/parse.go index 0fcb8ec07..2422d9046 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/parse.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/parse.go @@ -82,7 +82,7 @@ func (p *parser) handleSubProperty(tok *lineTokenSubProperty) { // "promote" this to a normal property. p.handleProperty(&lineTokenProperty{ Key: tok.Key, - Value: strings.TrimSpace(trimComment(tok.Value)), + Value: strings.TrimSpace(trimPropertyComment(tok.Value)), }) return } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/strings.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/strings.go index 478239a25..661588c22 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/strings.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/strings.go @@ -1,11 +1,21 @@ package ini -import "strings" +import ( + "strings" +) -func trimComment(v string) string { - rest, _, _ := strings.Cut(v, "#") - rest, _, _ = strings.Cut(rest, ";") - return rest +func trimProfileComment(s string) string { + r, _, _ := strings.Cut(s, "#") + r, _, _ = strings.Cut(r, ";") + return r +} + +func trimPropertyComment(s string) string { + r, _, _ := strings.Cut(s, " #") + r, _, _ = strings.Cut(r, " ;") + r, _, _ = strings.Cut(r, "\t#") + r, _, _ = strings.Cut(r, "\t;") + return r } // assumes no surrounding comment diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/tokenize.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/tokenize.go index 9778a1738..89a773684 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/tokenize.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/tokenize.go @@ -30,7 +30,7 @@ func isLineComment(line string) bool { } func asProfile(line string) *lineTokenProfile { // " [ type name ] ; comment" - trimmed := strings.TrimSpace(trimComment(line)) // "[ type name ]" + trimmed := strings.TrimSpace(trimProfileComment(line)) // "[ type name ]" if !isBracketed(trimmed) { return nil } @@ -48,7 +48,8 @@ func asProperty(line string) *lineTokenProperty { return nil } - trimmed := strings.TrimRight(trimComment(line), " \t") + trimmed := trimPropertyComment(line) + trimmed = strings.TrimRight(trimmed, " \t") k, v, ok := splitProperty(trimmed) if !ok { return nil diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/value.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/value.go index ade75bf34..e3706b3c3 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/value.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/value.go @@ -54,18 +54,7 @@ func (v Value) String() string { // MapValue returns a map value for sub properties func (v Value) MapValue() map[string]string { - newlineParts := strings.Split(string(v.str), "\n") - mp := make(map[string]string) - for _, part := range newlineParts { - operandParts := strings.Split(part, "=") - if len(operandParts) < 2 { - continue - } - key := strings.TrimSpace(operandParts[0]) - val := strings.TrimSpace(operandParts[1]) - mp[key] = val - } - return mp + return v.mp } // IntValue returns an integer value diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/CHANGELOG.md index bd6df25e5..982bc97c2 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/CHANGELOG.md @@ -1,3 +1,31 @@ +# v1.2.9 (2023-12-07) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.2.8 (2023-12-01) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.2.7 (2023-11-30) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.2.6 (2023-11-29) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.2.5 (2023-11-28.2) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.2.4 (2023-11-20) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.2.3 (2023-11-15) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.2.2 (2023-11-09) * **Dependency Update**: Updated to the latest SDK module versions diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/go_module_metadata.go index c3f3ccd2d..4bfe4abd0 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/go_module_metadata.go @@ -3,4 +3,4 @@ package v4a // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.2.2" +const goModuleVersion = "1.2.9" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/smithy.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/smithy.go new file mode 100644 index 000000000..516d459d5 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/smithy.go @@ -0,0 +1,86 @@ +package v4a + +import ( + "context" + "fmt" + "time" + + v4 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" + "github.com/aws/aws-sdk-go-v2/internal/sdk" + "github.com/aws/smithy-go" + "github.com/aws/smithy-go/auth" + "github.com/aws/smithy-go/logging" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// CredentialsAdapter adapts v4a.Credentials to smithy auth.Identity. +type CredentialsAdapter struct { + Credentials Credentials +} + +var _ auth.Identity = (*CredentialsAdapter)(nil) + +// Expiration returns the time of expiration for the credentials. +func (v *CredentialsAdapter) Expiration() time.Time { + return v.Credentials.Expires +} + +// CredentialsProviderAdapter adapts v4a.CredentialsProvider to +// auth.IdentityResolver. +type CredentialsProviderAdapter struct { + Provider CredentialsProvider +} + +var _ (auth.IdentityResolver) = (*CredentialsProviderAdapter)(nil) + +// GetIdentity retrieves v4a credentials using the underlying provider. +func (v *CredentialsProviderAdapter) GetIdentity(ctx context.Context, _ smithy.Properties) ( + auth.Identity, error, +) { + creds, err := v.Provider.RetrievePrivateKey(ctx) + if err != nil { + return nil, fmt.Errorf("get credentials: %w", err) + } + + return &CredentialsAdapter{Credentials: creds}, nil +} + +// SignerAdapter adapts v4a.HTTPSigner to smithy http.Signer. +type SignerAdapter struct { + Signer HTTPSigner + Logger logging.Logger + LogSigning bool +} + +var _ (smithyhttp.Signer) = (*SignerAdapter)(nil) + +// SignRequest signs the request with the provided identity. +func (v *SignerAdapter) SignRequest(ctx context.Context, r *smithyhttp.Request, identity auth.Identity, props smithy.Properties) error { + ca, ok := identity.(*CredentialsAdapter) + if !ok { + return fmt.Errorf("unexpected identity type: %T", identity) + } + + name, ok := smithyhttp.GetSigV4SigningName(&props) + if !ok { + return fmt.Errorf("sigv4a signing name is required") + } + + regions, ok := smithyhttp.GetSigV4ASigningRegions(&props) + if !ok { + return fmt.Errorf("sigv4a signing region is required") + } + + hash := v4.GetPayloadHash(ctx) + err := v.Signer.SignHTTP(ctx, ca.Credentials, r.Request, hash, name, regions, sdk.NowTime(), func(o *SignerOptions) { + o.DisableURIPathEscaping, _ = smithyhttp.GetDisableDoubleEncoding(&props) + + o.Logger = v.Logger + o.LogSigning = v.LogSigning + }) + if err != nil { + return fmt.Errorf("sign http: %w", err) + } + + return nil +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/CHANGELOG.md index 39326eada..c3525fd22 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/CHANGELOG.md @@ -1,3 +1,19 @@ +# v1.10.4 (2023-12-07) + +* No change notes available for this release. + +# v1.10.3 (2023-11-30) + +* No change notes available for this release. + +# v1.10.2 (2023-11-29) + +* No change notes available for this release. + +# v1.10.1 (2023-11-15) + +* No change notes available for this release. + # v1.10.0 (2023-10-31) * **Feature**: **BREAKING CHANGE**: Bump minimum go version to 1.19 per the revised [go version support policy](https://aws.amazon.com/blogs/developer/aws-sdk-for-go-aligns-with-go-release-policy-on-supported-runtimes/). diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/go_module_metadata.go index e57bbab9f..cc6384005 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/go_module_metadata.go @@ -3,4 +3,4 @@ package acceptencoding // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.10.0" +const goModuleVersion = "1.10.4" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/CHANGELOG.md index 755c72457..d27305250 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/CHANGELOG.md @@ -1,3 +1,31 @@ +# v1.2.9 (2023-12-07) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.2.8 (2023-12-01) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.2.7 (2023-11-30) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.2.6 (2023-11-29) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.2.5 (2023-11-28.2) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.2.4 (2023-11-20) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.2.3 (2023-11-15) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.2.2 (2023-11-09) * **Dependency Update**: Updated to the latest SDK module versions diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/go_module_metadata.go index 6c1014007..8076821c4 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/go_module_metadata.go @@ -3,4 +3,4 @@ package checksum // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.2.2" +const goModuleVersion = "1.2.9" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/middleware_add.go b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/middleware_add.go index 3e17d2216..610e7ca80 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/middleware_add.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/middleware_add.go @@ -2,7 +2,6 @@ package checksum import ( "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" ) // InputMiddlewareOptions provides the options for the request @@ -81,32 +80,16 @@ func AddInputMiddleware(stack *middleware.Stack, options InputMiddlewareOptions) stack.Build.Remove("ContentChecksum") - // Create the compute checksum middleware that will be added as both a - // build and finalize handler. inputChecksum := &computeInputPayloadChecksum{ RequireChecksum: options.RequireChecksum, EnableTrailingChecksum: options.EnableTrailingChecksum, EnableComputePayloadHash: options.EnableComputeSHA256PayloadHash, EnableDecodedContentLengthHeader: options.EnableDecodedContentLengthHeader, } - - // Insert header checksum after ComputeContentLength middleware, must also - // be before the computePayloadHash middleware handlers. - err = stack.Build.Insert(inputChecksum, - (*smithyhttp.ComputeContentLength)(nil).ID(), - middleware.After) - if err != nil { + if err := stack.Finalize.Insert(inputChecksum, "ResolveEndpointV2", middleware.After); err != nil { return err } - // If trailing checksum is not supported no need for finalize handler to be added. - if options.EnableTrailingChecksum { - err = stack.Finalize.Insert(inputChecksum, "Retry", middleware.After) - if err != nil { - return err - } - } - return nil } @@ -117,7 +100,6 @@ func RemoveInputMiddleware(stack *middleware.Stack) { stack.Initialize.Remove(id) id = (*computeInputPayloadChecksum)(nil).ID() - stack.Build.Remove(id) stack.Finalize.Remove(id) } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/middleware_compute_input_checksum.go b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/middleware_compute_input_checksum.go index 0b3c48912..c7740658a 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/middleware_compute_input_checksum.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/middleware_compute_input_checksum.go @@ -9,6 +9,8 @@ import ( "strconv" v4 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" + internalcontext "github.com/aws/aws-sdk-go-v2/internal/context" + presignedurlcust "github.com/aws/aws-sdk-go-v2/service/internal/presigned-url" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) @@ -70,8 +72,7 @@ type computeInputPayloadChecksum struct { // when used with trailing checksums, and aws-chunked content-encoding. EnableDecodedContentLengthHeader bool - buildHandlerRun bool - deferToFinalizeHandler bool + useTrailer bool } // ID provides the middleware's identifier. @@ -102,13 +103,11 @@ func (e computeInputHeaderChecksumError) Unwrap() error { return e.Err } // // The build handler must be inserted in the stack before ContentPayloadHash // and after ComputeContentLength. -func (m *computeInputPayloadChecksum) HandleBuild( - ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler, +func (m *computeInputPayloadChecksum) HandleFinalize( + ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, ) ( - out middleware.BuildOutput, metadata middleware.Metadata, err error, + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - m.buildHandlerRun = true - req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, computeInputHeaderChecksumError{ @@ -145,13 +144,13 @@ func (m *computeInputPayloadChecksum) HandleBuild( } algorithm = Algorithm("MD5") } - return next.HandleBuild(ctx, in) + return next.HandleFinalize(ctx, in) } // If the checksum header is already set nothing to do. checksumHeader := AlgorithmHTTPHeader(algorithm) if checksum = req.Header.Get(checksumHeader); checksum != "" { - return next.HandleBuild(ctx, in) + return next.HandleFinalize(ctx, in) } computePayloadHash := m.EnableComputePayloadHash @@ -169,22 +168,25 @@ func (m *computeInputPayloadChecksum) HandleBuild( } // If trailing checksums are supported, the request is HTTPS, and the - // stream is not nil or empty, there is nothing to do in the build stage. - // The checksum will be added to the request as a trailing checksum in the - // finalize handler. + // stream is not nil or empty, instead switch to a trailing checksum. // // Nil and empty streams will always be handled as a request header, // regardless if the operation supports trailing checksums or not. - if req.IsHTTPS() { + if req.IsHTTPS() && !presignedurlcust.GetIsPresigning(ctx) { if stream != nil && streamLength != 0 && m.EnableTrailingChecksum { if m.EnableComputePayloadHash { - // payload hash is set as header in Build middleware handler, - // ContentSHA256Header. + // ContentSHA256Header middleware handles the header ctx = v4.SetPayloadHash(ctx, streamingUnsignedPayloadTrailerPayloadHash) } - m.deferToFinalizeHandler = true - return next.HandleBuild(ctx, in) + m.useTrailer = true + mw := &addInputChecksumTrailer{ + EnableTrailingChecksum: m.EnableTrailingChecksum, + RequireChecksum: m.RequireChecksum, + EnableComputePayloadHash: m.EnableComputePayloadHash, + EnableDecodedContentLengthHeader: m.EnableDecodedContentLengthHeader, + } + return mw.HandleFinalize(ctx, in, next) } // If trailing checksums are not enabled but protocol is still HTTPS @@ -225,7 +227,7 @@ func (m *computeInputPayloadChecksum) HandleBuild( ctx = v4.SetPayloadHash(ctx, sha256Checksum) } - return next.HandleBuild(ctx, in) + return next.HandleFinalize(ctx, in) } type computeInputTrailingChecksumError struct { @@ -244,26 +246,28 @@ func (e computeInputTrailingChecksumError) Error() string { } func (e computeInputTrailingChecksumError) Unwrap() error { return e.Err } -// HandleFinalize handles computing the payload's checksum, in the following cases: +// addInputChecksumTrailer // - Is HTTPS, not HTTP // - A checksum was specified via the Input // - Trailing checksums are supported. -// -// The finalize handler must be inserted in the stack before Signing, and after Retry. -func (m *computeInputPayloadChecksum) HandleFinalize( +type addInputChecksumTrailer struct { + EnableTrailingChecksum bool + RequireChecksum bool + EnableComputePayloadHash bool + EnableDecodedContentLengthHeader bool +} + +// ID identifies this middleware. +func (*addInputChecksumTrailer) ID() string { + return "addInputChecksumTrailer" +} + +// HandleFinalize wraps the request body to write the trailing checksum. +func (m *addInputChecksumTrailer) HandleFinalize( ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, ) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - if !m.deferToFinalizeHandler { - if !m.buildHandlerRun { - return out, metadata, computeInputTrailingChecksumError{ - Msg: "build handler was removed without also removing finalize handler", - } - } - return next.HandleFinalize(ctx, in) - } - req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, computeInputTrailingChecksumError{ @@ -374,7 +378,7 @@ func (m *computeInputPayloadChecksum) HandleFinalize( } func getInputAlgorithm(ctx context.Context) (Algorithm, bool, error) { - ctxAlgorithm := getContextInputAlgorithm(ctx) + ctxAlgorithm := internalcontext.GetChecksumInputAlgorithm(ctx) if ctxAlgorithm == "" { return "", false, nil } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/middleware_setup_context.go b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/middleware_setup_context.go index f72952549..3db73afe7 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/middleware_setup_context.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/middleware_setup_context.go @@ -3,6 +3,7 @@ package checksum import ( "context" + internalcontext "github.com/aws/aws-sdk-go-v2/internal/context" "github.com/aws/smithy-go/middleware" ) @@ -35,33 +36,13 @@ func (m *setupInputContext) HandleInitialize( // check is input resource has a checksum algorithm algorithm, ok := m.GetAlgorithm(in.Parameters) if ok && len(algorithm) != 0 { - ctx = setContextInputAlgorithm(ctx, algorithm) + ctx = internalcontext.SetChecksumInputAlgorithm(ctx, algorithm) } } return next.HandleInitialize(ctx, in) } -// inputAlgorithmKey is the key set on context used to identify, retrieves the -// request checksum algorithm if present on the context. -type inputAlgorithmKey struct{} - -// setContextInputAlgorithm sets the request checksum algorithm on the context. -// -// Scoped to stack values. -func setContextInputAlgorithm(ctx context.Context, value string) context.Context { - return middleware.WithStackValue(ctx, inputAlgorithmKey{}, value) -} - -// getContextInputAlgorithm returns the checksum algorithm from the context if -// one was specified. Empty string is returned if one is not specified. -// -// Scoped to stack values. -func getContextInputAlgorithm(ctx context.Context) (v string) { - v, _ = middleware.GetStackValue(ctx, inputAlgorithmKey{}).(string) - return v -} - type setupOutputContext struct { // GetValidationMode is a function to get the checksum validation // mode of the output payload from the input parameters. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/CHANGELOG.md index 99a54769a..1191b30c6 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/CHANGELOG.md @@ -1,3 +1,31 @@ +# v1.10.9 (2023-12-07) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.10.8 (2023-12-01) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.10.7 (2023-11-30) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.10.6 (2023-11-29) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.10.5 (2023-11-28.2) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.10.4 (2023-11-20) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.10.3 (2023-11-15) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.10.2 (2023-11-09) * **Dependency Update**: Updated to the latest SDK module versions diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/go_module_metadata.go index 66b8acd87..aacb4dd24 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/go_module_metadata.go @@ -3,4 +3,4 @@ package presignedurl // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.10.2" +const goModuleVersion = "1.10.9" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/s3shared/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/s3shared/CHANGELOG.md index 2d3ad6a94..3b15285f3 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/s3shared/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/s3shared/CHANGELOG.md @@ -1,3 +1,31 @@ +# v1.16.9 (2023-12-07) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.16.8 (2023-12-01) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.16.7 (2023-11-30) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.16.6 (2023-11-29) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.16.5 (2023-11-28.2) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.16.4 (2023-11-20) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.16.3 (2023-11-15) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.16.2 (2023-11-09) * **Dependency Update**: Updated to the latest SDK module versions diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/s3shared/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/s3shared/go_module_metadata.go index 5c003a13f..5f16c5859 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/s3shared/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/s3shared/go_module_metadata.go @@ -3,4 +3,4 @@ package s3shared // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.16.2" +const goModuleVersion = "1.16.9" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/CHANGELOG.md index 576ddff79..c16b702a6 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/CHANGELOG.md @@ -1,3 +1,64 @@ +# v1.47.5 (2023-12-08) + +* **Bug Fix**: Add non-vhostable buckets to request path when using legacy V1 endpoint resolver. +* **Bug Fix**: Improve uniqueness of default S3Express sesssion credentials cache keying to prevent collision in multi-credential scenarios. +* **Bug Fix**: Reinstate presence of default Retryer in functional options, but still respect max attempts set therein. + +# v1.47.4 (2023-12-07) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.47.3 (2023-12-06) + +* **Bug Fix**: Restore pre-refactor auth behavior where all operations could technically be performed anonymously. + +# v1.47.2 (2023-12-01) + +* **Bug Fix**: Correct wrapping of errors in authentication workflow. +* **Bug Fix**: Correctly recognize cache-wrapped instances of AnonymousCredentials at client construction. +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.47.1 (2023-11-30) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.47.0 (2023-11-29) + +* **Feature**: Expose Options() accessor on service clients. +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.46.0 (2023-11-28.2) + +* **Feature**: Add S3Express support. +* **Feature**: Adds support for S3 Express One Zone. +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.45.1 (2023-11-28) + +* **Bug Fix**: Respect setting RetryMaxAttempts in functional options at client construction. + +# v1.45.0 (2023-11-27) + +* **Feature**: Adding new params - Key and Prefix, to S3 API operations for supporting S3 Access Grants. Note - These updates will not change any of the existing S3 API functionality. + +# v1.44.0 (2023-11-21) + +* **Feature**: Add support for automatic date based partitioning in S3 Server Access Logs. +* **Bug Fix**: Don't send MaxKeys/MaxUploads=0 when unspecified in ListObjectVersions and ListMultipartUploads paginators. + +# v1.43.1 (2023-11-20) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.43.0 (2023-11-17) + +* **Feature**: **BREAKING CHANGE** Correct nullability of a large number of S3 structure fields. See https://github.com/aws/aws-sdk-go-v2/issues/2162. +* **Feature**: Removes all default 0 values for numbers and false values for booleans + +# v1.42.2 (2023-11-15) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.42.1 (2023-11-09) * **Dependency Update**: Updated to the latest SDK module versions diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_client.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_client.go index e921189aa..a3fe93b7f 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_client.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_client.go @@ -11,6 +11,8 @@ import ( "github.com/aws/aws-sdk-go-v2/aws/retry" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http" + internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" + internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" "github.com/aws/aws-sdk-go-v2/internal/v4a" acceptencodingcust "github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding" @@ -56,187 +58,48 @@ func New(options Options, optFns ...func(*Options)) *Client { resolveHTTPSignerV4a(&options) + resolveEndpointResolverV2(&options) + + resolveAuthSchemeResolver(&options) + for _, fn := range optFns { fn(&options) } + finalizeRetryMaxAttempts(&options) + + resolveCredentialProvider(&options) + + ignoreAnonymousAuth(&options) + + resolveExpressCredentials(&options) + + finalizeServiceEndpointAuthResolver(&options) + + resolveAuthSchemes(&options) + client := &Client{ options: options, } - resolveCredentialProvider(&options) + finalizeExpressCredentials(&options, client) return client } -type Options struct { - // Set of options to modify how an operation is invoked. These apply to all - // operations invoked for this client. Use functional options on operation call to - // modify this list for per operation behavior. - APIOptions []func(*middleware.Stack) error - - // The optional application specific identifier appended to the User-Agent header. - AppID string - - // This endpoint will be given as input to an EndpointResolverV2. It is used for - // providing a custom base endpoint that is subject to modifications by the - // processing EndpointResolverV2. - BaseEndpoint *string - - // Configures the events that will be sent to the configured logger. - ClientLogMode aws.ClientLogMode - - // The threshold ContentLength in bytes for HTTP PUT request to receive {Expect: - // 100-continue} header. Setting to -1 will disable adding the Expect header to - // requests; setting to 0 will set the threshold to default 2MB - ContinueHeaderThresholdBytes int64 - - // The credentials object to use when signing requests. - Credentials aws.CredentialsProvider - - // The configuration DefaultsMode that the SDK should use when constructing the - // clients initial default settings. - DefaultsMode aws.DefaultsMode - - // Allows you to disable S3 Multi-Region access points feature. - DisableMultiRegionAccessPoints bool - - // The endpoint options to be used when attempting to resolve an endpoint. - EndpointOptions EndpointResolverOptions - - // The service endpoint resolver. - // - // Deprecated: Deprecated: EndpointResolver and WithEndpointResolver. Providing a - // value for this field will likely prevent you from using any endpoint-related - // service features released after the introduction of EndpointResolverV2 and - // BaseEndpoint. To migrate an EndpointResolver implementation that uses a custom - // endpoint, set the client option BaseEndpoint instead. - EndpointResolver EndpointResolver - - // Resolves the endpoint used for a particular service. This should be used over - // the deprecated EndpointResolver - EndpointResolverV2 EndpointResolverV2 - - // Signature Version 4 (SigV4) Signer - HTTPSignerV4 HTTPSignerV4 - - // The logger writer interface to write logging messages to. - Logger logging.Logger - - // The region to send requests to. (Required) - Region string - - // RetryMaxAttempts specifies the maximum number attempts an API client will call - // an operation that fails with a retryable error. A value of 0 is ignored, and - // will not be used to configure the API client created default retryer, or modify - // per operation call's retry max attempts. When creating a new API Clients this - // member will only be used if the Retryer Options member is nil. This value will - // be ignored if Retryer is not nil. If specified in an operation call's functional - // options with a value that is different than the constructed client's Options, - // the Client's Retryer will be wrapped to use the operation's specific - // RetryMaxAttempts value. - RetryMaxAttempts int - - // RetryMode specifies the retry mode the API client will be created with, if - // Retryer option is not also specified. When creating a new API Clients this - // member will only be used if the Retryer Options member is nil. This value will - // be ignored if Retryer is not nil. Currently does not support per operation call - // overrides, may in the future. - RetryMode aws.RetryMode - - // Retryer guides how HTTP requests should be retried in case of recoverable - // failures. When nil the API client will use a default retryer. The kind of - // default retry created by the API client can be changed with the RetryMode - // option. - Retryer aws.Retryer - - // The RuntimeEnvironment configuration, only populated if the DefaultsMode is set - // to DefaultsModeAuto and is initialized using config.LoadDefaultConfig . You - // should not populate this structure programmatically, or rely on the values here - // within your applications. - RuntimeEnvironment aws.RuntimeEnvironment - - // Allows you to enable arn region support for the service. - UseARNRegion bool - - // Allows you to enable S3 Accelerate feature. All operations compatible with S3 - // Accelerate will use the accelerate endpoint for requests. Requests not - // compatible will fall back to normal S3 requests. The bucket must be enabled for - // accelerate to be used with S3 client with accelerate enabled. If the bucket is - // not enabled for accelerate an error will be returned. The bucket name must be - // DNS compatible to work with accelerate. - UseAccelerate bool - - // Allows you to enable dual-stack endpoint support for the service. - // - // Deprecated: Set dual-stack by setting UseDualStackEndpoint on - // EndpointResolverOptions. When EndpointResolverOptions' UseDualStackEndpoint - // field is set it overrides this field value. - UseDualstack bool - - // Allows you to enable the client to use path-style addressing, i.e., - // https://s3.amazonaws.com/BUCKET/KEY . By default, the S3 client will use virtual - // hosted bucket addressing when possible( https://BUCKET.s3.amazonaws.com/KEY ). - UsePathStyle bool - - // Signature Version 4a (SigV4a) Signer - httpSignerV4a httpSignerV4a - - // The initial DefaultsMode used when the client options were constructed. If the - // DefaultsMode was set to aws.DefaultsModeAuto this will store what the resolved - // value was at that point in time. Currently does not support per operation call - // overrides, may in the future. - resolvedDefaultsMode aws.DefaultsMode - - // The HTTP client to invoke API calls with. Defaults to client's default HTTP - // implementation if nil. - HTTPClient HTTPClient +// Options returns a copy of the client configuration. +// +// Callers SHOULD NOT perform mutations on any inner structures within client +// config. Config overrides should instead be made on a per-operation basis through +// functional options. +func (c *Client) Options() Options { + return c.options.Copy() } -// WithAPIOptions returns a functional option for setting the Client's APIOptions -// option. -func WithAPIOptions(optFns ...func(*middleware.Stack) error) func(*Options) { - return func(o *Options) { - o.APIOptions = append(o.APIOptions, optFns...) - } -} - -// Deprecated: EndpointResolver and WithEndpointResolver. Providing a value for -// this field will likely prevent you from using any endpoint-related service -// features released after the introduction of EndpointResolverV2 and BaseEndpoint. -// To migrate an EndpointResolver implementation that uses a custom endpoint, set -// the client option BaseEndpoint instead. -func WithEndpointResolver(v EndpointResolver) func(*Options) { - return func(o *Options) { - o.EndpointResolver = v - } -} - -// WithEndpointResolverV2 returns a functional option for setting the Client's -// EndpointResolverV2 option. -func WithEndpointResolverV2(v EndpointResolverV2) func(*Options) { - return func(o *Options) { - o.EndpointResolverV2 = v - } -} - -type HTTPClient interface { - Do(*http.Request) (*http.Response, error) -} - -// Copy creates a clone where the APIOptions list is deep copied. -func (o Options) Copy() Options { - to := o - to.APIOptions = make([]func(*middleware.Stack) error, len(o.APIOptions)) - copy(to.APIOptions, o.APIOptions) - - return to -} func (c *Client) invokeOperation(ctx context.Context, opID string, params interface{}, optFns []func(*Options), stackFns ...func(*middleware.Stack, Options) error) (result interface{}, metadata middleware.Metadata, err error) { ctx = middleware.ClearStackValues(ctx) stack := middleware.NewStack(opID, smithyhttp.NewStackRequest) options := c.options.Copy() - resolveEndpointResolverV2(&options) for _, fn := range optFns { fn(&options) @@ -244,12 +107,16 @@ func (c *Client) invokeOperation(ctx context.Context, opID string, params interf setSafeEventStreamClientLogMode(&options, opID) - finalizeRetryMaxAttemptOptions(&options, *c) + finalizeOperationRetryMaxAttempts(&options, *c) finalizeClientEndpointResolverOptions(&options) resolveCredentialProvider(&options) + finalizeOperationExpressCredentials(&options, *c) + + finalizeOperationEndpointAuthResolver(&options) + for _, fn := range stackFns { if err := fn(stack, options); err != nil { return nil, metadata, err @@ -274,6 +141,73 @@ func (c *Client) invokeOperation(ctx context.Context, opID string, params interf return result, metadata, err } +type operationInputKey struct{} + +func setOperationInput(ctx context.Context, input interface{}) context.Context { + return middleware.WithStackValue(ctx, operationInputKey{}, input) +} + +func getOperationInput(ctx context.Context) interface{} { + return middleware.GetStackValue(ctx, operationInputKey{}) +} + +type setOperationInputMiddleware struct { +} + +func (*setOperationInputMiddleware) ID() string { + return "setOperationInput" +} + +func (m *setOperationInputMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + ctx = setOperationInput(ctx, in.Parameters) + return next.HandleSerialize(ctx, in) +} + +func addProtocolFinalizerMiddlewares(stack *middleware.Stack, options Options, operation string) error { + if err := stack.Finalize.Add(&resolveAuthSchemeMiddleware{operation: operation, options: options}, middleware.Before); err != nil { + return fmt.Errorf("add ResolveAuthScheme: %w", err) + } + if err := stack.Finalize.Insert(&getIdentityMiddleware{options: options}, "ResolveAuthScheme", middleware.After); err != nil { + return fmt.Errorf("add GetIdentity: %v", err) + } + if err := stack.Finalize.Insert(&resolveEndpointV2Middleware{options: options}, "GetIdentity", middleware.After); err != nil { + return fmt.Errorf("add ResolveEndpointV2: %v", err) + } + if err := stack.Finalize.Insert(&signRequestMiddleware{}, "ResolveEndpointV2", middleware.After); err != nil { + return fmt.Errorf("add Signing: %w", err) + } + return nil +} +func resolveAuthSchemeResolver(options *Options) { + if options.AuthSchemeResolver == nil { + options.AuthSchemeResolver = &defaultAuthSchemeResolver{} + } +} + +func resolveAuthSchemes(options *Options) { + if options.AuthSchemes == nil { + options.AuthSchemes = []smithyhttp.AuthScheme{ + internalauth.NewHTTPAuthScheme("aws.auth#sigv4", &internalauthsmithy.V4SignerAdapter{ + Signer: options.HTTPSignerV4, + Logger: options.Logger, + LogSigning: options.ClientLogMode.IsSigning(), + }), + internalauth.NewHTTPAuthScheme("com.amazonaws.s3#sigv4express", &s3cust.ExpressSigner{ + Signer: options.HTTPSignerV4, + Logger: options.Logger, + LogSigning: options.ClientLogMode.IsSigning(), + }), + internalauth.NewHTTPAuthScheme("aws.auth#sigv4a", &v4a.SignerAdapter{ + Signer: options.httpSignerV4a, + Logger: options.Logger, + LogSigning: options.ClientLogMode.IsSigning(), + }), + } + } +} + type noSmithyDocumentSerde = smithydocument.NoSerde type legacyEndpointContextSetter struct { @@ -345,6 +279,7 @@ func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { resolveAWSEndpointResolver(cfg, &opts) resolveUseARNRegion(cfg, &opts) resolveDisableMultiRegionAccessPoints(cfg, &opts) + resolveDisableExpressAuth(cfg, &opts) resolveUseDualStackEndpoint(cfg, &opts) resolveUseFIPSEndpoint(cfg, &opts) resolveBaseEndpoint(cfg, &opts) @@ -439,7 +374,15 @@ func resolveAWSRetryMaxAttempts(cfg aws.Config, o *Options) { o.RetryMaxAttempts = cfg.RetryMaxAttempts } -func finalizeRetryMaxAttemptOptions(o *Options, client Client) { +func finalizeRetryMaxAttempts(o *Options) { + if o.RetryMaxAttempts == 0 { + return + } + + o.Retryer = retry.AddWithMaxAttempts(o.Retryer, o.RetryMaxAttempts) +} + +func finalizeOperationRetryMaxAttempts(o *Options, client Client) { if v := o.RetryMaxAttempts; v == 0 || v == client.options.RetryMaxAttempts { return } @@ -466,15 +409,6 @@ func addClientUserAgent(stack *middleware.Stack, options Options) error { return nil } -func addHTTPSignerV4Middleware(stack *middleware.Stack, o Options) error { - mw := v4.NewSignHTTPRequestMiddleware(v4.SignHTTPRequestMiddlewareOptions{ - CredentialsProvider: o.Credentials, - Signer: o.HTTPSignerV4, - LogSigning: o.ClientLogMode.IsSigning(), - }) - return stack.Finalize.Add(mw, middleware.After) -} - type HTTPSignerV4 interface { SignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time, optFns ...func(*v4.SignerOptions)) error } @@ -801,29 +735,71 @@ func withNopHTTPClientAPIOption(o *Options) { o.HTTPClient = smithyhttp.NopClient{} } +type presignContextPolyfillMiddleware struct { +} + +func (*presignContextPolyfillMiddleware) ID() string { + return "presignContextPolyfill" +} + +func (m *presignContextPolyfillMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + rscheme := getResolvedAuthScheme(ctx) + if rscheme == nil { + return out, metadata, fmt.Errorf("no resolved auth scheme") + } + + schemeID := rscheme.Scheme.SchemeID() + ctx = s3cust.SetSignerVersion(ctx, schemeID) + if schemeID == "aws.auth#sigv4" || schemeID == "com.amazonaws.s3#sigv4express" { + if sn, ok := smithyhttp.GetSigV4SigningName(&rscheme.SignerProperties); ok { + ctx = awsmiddleware.SetSigningName(ctx, sn) + } + if sr, ok := smithyhttp.GetSigV4SigningRegion(&rscheme.SignerProperties); ok { + ctx = awsmiddleware.SetSigningRegion(ctx, sr) + } + } else if schemeID == "aws.auth#sigv4a" { + if sn, ok := smithyhttp.GetSigV4ASigningName(&rscheme.SignerProperties); ok { + ctx = awsmiddleware.SetSigningName(ctx, sn) + } + if sr, ok := smithyhttp.GetSigV4ASigningRegions(&rscheme.SignerProperties); ok { + ctx = awsmiddleware.SetSigningRegion(ctx, sr[0]) + } + } + + return next.HandleFinalize(ctx, in) +} + type presignConverter PresignOptions func (c presignConverter) convertToPresignMiddleware(stack *middleware.Stack, options Options) (err error) { - stack.Finalize.Clear() + if _, ok := stack.Finalize.Get((*acceptencodingcust.DisableGzip)(nil).ID()); ok { + stack.Finalize.Remove((*acceptencodingcust.DisableGzip)(nil).ID()) + } stack.Deserialize.Clear() stack.Build.Remove((*awsmiddleware.ClientRequestID)(nil).ID()) stack.Build.Remove("UserAgent") + if err := stack.Finalize.Insert(&presignContextPolyfillMiddleware{}, "Signing", middleware.Before); err != nil { + return err + } + pmw := v4.NewPresignHTTPRequestMiddleware(v4.PresignHTTPRequestMiddlewareOptions{ CredentialsProvider: options.Credentials, Presigner: c.Presigner, LogSigning: options.ClientLogMode.IsSigning(), }) - err = stack.Finalize.Add(pmw, middleware.After) - if err != nil { + if _, err := stack.Finalize.Swap("Signing", pmw); err != nil { return err } if err = smithyhttp.AddNoPayloadDefaultContentTypeRemover(stack); err != nil { return err } - // add multi-region access point presigner + // extended s3 presigning signermv := s3cust.NewPresignHTTPRequestMiddleware(s3cust.PresignHTTPRequestMiddlewareOptions{ CredentialsProvider: options.Credentials, + ExpressCredentials: options.ExpressCredentials, V4Presigner: c.Presigner, V4aPresigner: c.presignerV4a, LogSigning: options.ClientLogMode.IsSigning(), @@ -858,31 +834,31 @@ func addRequestResponseLogging(stack *middleware.Stack, o Options) error { }, middleware.After) } -type endpointDisableHTTPSMiddleware struct { - EndpointDisableHTTPS bool +type disableHTTPSMiddleware struct { + DisableHTTPS bool } -func (*endpointDisableHTTPSMiddleware) ID() string { - return "endpointDisableHTTPSMiddleware" +func (*disableHTTPSMiddleware) ID() string { + return "disableHTTPS" } -func (m *endpointDisableHTTPSMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, +func (m *disableHTTPSMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) } - if m.EndpointDisableHTTPS && !smithyhttp.GetHostnameImmutable(ctx) { + if m.DisableHTTPS && !smithyhttp.GetHostnameImmutable(ctx) { req.URL.Scheme = "http" } - return next.HandleSerialize(ctx, in) + return next.HandleFinalize(ctx, in) +} -} -func addendpointDisableHTTPSMiddleware(stack *middleware.Stack, o Options) error { - return stack.Serialize.Insert(&endpointDisableHTTPSMiddleware{ - EndpointDisableHTTPS: o.EndpointOptions.DisableHTTPS, - }, "OperationSerializer", middleware.Before) +func addDisableHTTPSMiddleware(stack *middleware.Stack, o Options) error { + return stack.Finalize.Insert(&disableHTTPSMiddleware{ + DisableHTTPS: o.EndpointOptions.DisableHTTPS, + }, "ResolveEndpointV2", middleware.After) } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_AbortMultipartUpload.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_AbortMultipartUpload.go index 5932f1f2e..d1e7dceae 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_AbortMultipartUpload.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_AbortMultipartUpload.go @@ -4,32 +4,49 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// This action aborts a multipart upload. After a multipart upload is aborted, no -// additional parts can be uploaded using that upload ID. The storage consumed by -// any previously uploaded parts will be freed. However, if any part uploads are +// This operation aborts a multipart upload. After a multipart upload is aborted, +// no additional parts can be uploaded using that upload ID. The storage consumed +// by any previously uploaded parts will be freed. However, if any part uploads are // currently in progress, those part uploads might or might not succeed. As a // result, it might be necessary to abort a given multipart upload multiple times // in order to completely free all storage consumed by all parts. To verify that -// all parts have been removed, so you don't get charged for the part storage, you -// should call the ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) -// action and ensure that the parts list is empty. For information about -// permissions required to use the multipart upload, see Multipart Upload and -// Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) -// . The following operations are related to AbortMultipartUpload : +// all parts have been removed and prevent getting charged for the part storage, +// you should call the ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) +// API operation and ensure that the parts list is empty. Directory buckets - For +// directory buckets, you must make requests for this API operation to the Zonal +// endpoint. These endpoints support virtual-hosted-style requests in the format +// https://bucket_name.s3express-az_id.region.amazonaws.com/key-name . Path-style +// requests are not supported. For more information, see Regional and Zonal +// endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. Permissions +// - General purpose bucket permissions - For information about permissions +// required to use the multipart upload, see Multipart Upload and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) +// in the Amazon S3 User Guide. +// - Directory bucket permissions - To grant access to this API operation on a +// directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant the +// s3express:CreateSession permission to the directory bucket in a bucket policy +// or an IAM identity-based policy. Then, you make the CreateSession API call on +// the bucket to obtain a session token. With the session token in your request +// header, you can make API requests to this operation. After the session token +// expires, you make another CreateSession API call to generate a new session +// token for use. Amazon Web Services CLI or SDKs create session and refresh the +// session token automatically to avoid service interruptions when a session +// expires. For more information about authorization, see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// . +// +// HTTP Host header syntax Directory buckets - The HTTP Host header syntax is +// Bucket_name.s3express-az_id.region.amazonaws.com . The following operations are +// related to AbortMultipartUpload : // - CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) // - UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) // - CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) @@ -52,16 +69,26 @@ func (c *Client) AbortMultipartUpload(ctx context.Context, params *AbortMultipar type AbortMultipartUploadInput struct { - // The bucket name to which the upload was taking place. When using this action - // with an access point, you must direct requests to the access point hostname. The - // access point hostname takes the form - // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this - // action with an access point through the Amazon Web Services SDKs, you provide - // the access point ARN in place of the bucket name. For more information about - // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form + // The bucket name to which the upload was taking place. Directory buckets - When + // you use this operation with a directory bucket, you must use + // virtual-hosted-style requests in the format + // Bucket_name.s3express-az_id.region.amazonaws.com . Path-style requests are not + // supported. Directory bucket names must be unique in the chosen Availability + // Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 (for + // example, DOC-EXAMPLE-BUCKET--usw2-az2--x-s3 ). For information about bucket + // naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. Access points - When you use this action with an + // access point, you must provide the alias of the access point in place of the + // bucket name or specify the access point ARN. When using the access point ARN, + // you must direct requests to the access point hostname. The access point hostname + // takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. Access points and Object Lambda access points are + // not supported by directory buckets. S3 on Outposts - When you use this action + // with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts + // hostname. The S3 on Outposts hostname takes the form // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you // use this action with S3 on Outposts through the Amazon Web Services SDKs, you // provide the Outposts access point ARN in place of the bucket name. For more @@ -81,27 +108,34 @@ type AbortMultipartUploadInput struct { // This member is required. UploadId *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer noSmithyDocumentSerde } +func (in *AbortMultipartUploadInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.Key = in.Key + +} + type AbortMultipartUploadOutput struct { // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged // Metadata pertaining to the operation's result. @@ -111,6 +145,9 @@ type AbortMultipartUploadOutput struct { } func (c *Client) addOperationAbortMultipartUploadMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpAbortMultipartUpload{}, middleware.After) if err != nil { return err @@ -119,6 +156,10 @@ func (c *Client) addOperationAbortMultipartUploadMiddlewares(stack *middleware.S if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "AbortMultipartUpload"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -140,9 +181,6 @@ func (c *Client) addOperationAbortMultipartUploadMiddlewares(stack *middleware.S if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -158,10 +196,10 @@ func (c *Client) addOperationAbortMultipartUploadMiddlewares(stack *middleware.S if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addAbortMultipartUploadResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpAbortMultipartUploadValidationMiddleware(stack); err != nil { @@ -191,7 +229,7 @@ func (c *Client) addOperationAbortMultipartUploadMiddlewares(stack *middleware.S if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -211,7 +249,6 @@ func newServiceMetadataMiddleware_opAbortMultipartUpload(region string) *awsmidd return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "AbortMultipartUpload", } } @@ -241,139 +278,3 @@ func addAbortMultipartUploadUpdateEndpoint(stack *middleware.Stack, options Opti DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opAbortMultipartUploadResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opAbortMultipartUploadResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opAbortMultipartUploadResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*AbortMultipartUploadInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addAbortMultipartUploadResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opAbortMultipartUploadResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CompleteMultipartUpload.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CompleteMultipartUpload.go index babfebcc6..b9f094f1e 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CompleteMultipartUpload.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CompleteMultipartUpload.go @@ -4,70 +4,92 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) // Completes a multipart upload by assembling previously uploaded parts. You first // initiate the multipart upload and then upload all parts using the UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) +// operation or the UploadPartCopy (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) // operation. After successfully uploading all relevant parts of an upload, you -// call this action to complete the upload. Upon receiving this request, Amazon S3 -// concatenates all the parts in ascending order by part number to create a new -// object. In the Complete Multipart Upload request, you must provide the parts -// list. You must ensure that the parts list is complete. This action concatenates -// the parts that you provide in the list. For each part in the list, you must -// provide the part number and the ETag value, returned after that part was -// uploaded. Processing of a Complete Multipart Upload request could take several -// minutes to complete. After Amazon S3 begins processing the request, it sends an -// HTTP response header that specifies a 200 OK response. While processing is in -// progress, Amazon S3 periodically sends white space characters to keep the -// connection from timing out. A request could fail after the initial 200 OK -// response has been sent. This means that a 200 OK response can contain either a -// success or an error. If you call the S3 API directly, make sure to design your -// application to parse the contents of the response and handle it appropriately. -// If you use Amazon Web Services SDKs, SDKs handle this condition. The SDKs detect -// the embedded error and apply error handling per your configuration settings -// (including automatically retrying the request as appropriate). If the condition -// persists, the SDKs throws an exception (or, for the SDKs that don't use -// exceptions, they return the error). Note that if CompleteMultipartUpload fails, -// applications should be prepared to retry the failed requests. For more -// information, see Amazon S3 Error Best Practices (https://docs.aws.amazon.com/AmazonS3/latest/dev/ErrorBestPractices.html) -// . You cannot use Content-Type: application/x-www-form-urlencoded with Complete -// Multipart Upload requests. Also, if you do not provide a Content-Type header, -// CompleteMultipartUpload returns a 200 OK response. For more information about -// multipart uploads, see Uploading Objects Using Multipart Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html) -// . For information about permissions required to use the multipart upload API, -// see Multipart Upload and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) -// . CompleteMultipartUpload has the following special errors: -// - Error code: EntityTooSmall +// call this CompleteMultipartUpload operation to complete the upload. Upon +// receiving this request, Amazon S3 concatenates all the parts in ascending order +// by part number to create a new object. In the CompleteMultipartUpload request, +// you must provide the parts list and ensure that the parts list is complete. The +// CompleteMultipartUpload API operation concatenates the parts that you provide in +// the list. For each part in the list, you must provide the PartNumber value and +// the ETag value that are returned after that part was uploaded. The processing +// of a CompleteMultipartUpload request could take several minutes to finalize. +// After Amazon S3 begins processing the request, it sends an HTTP response header +// that specifies a 200 OK response. While processing is in progress, Amazon S3 +// periodically sends white space characters to keep the connection from timing +// out. A request could fail after the initial 200 OK response has been sent. This +// means that a 200 OK response can contain either a success or an error. The +// error response might be embedded in the 200 OK response. If you call this API +// operation directly, make sure to design your application to parse the contents +// of the response and handle it appropriately. If you use Amazon Web Services +// SDKs, SDKs handle this condition. The SDKs detect the embedded error and apply +// error handling per your configuration settings (including automatically retrying +// the request as appropriate). If the condition persists, the SDKs throw an +// exception (or, for the SDKs that don't use exceptions, they return an error). +// Note that if CompleteMultipartUpload fails, applications should be prepared to +// retry the failed requests. For more information, see Amazon S3 Error Best +// Practices (https://docs.aws.amazon.com/AmazonS3/latest/dev/ErrorBestPractices.html) +// . You can't use Content-Type: application/x-www-form-urlencoded for the +// CompleteMultipartUpload requests. Also, if you don't provide a Content-Type +// header, CompleteMultipartUpload can still return a 200 OK response. For more +// information about multipart uploads, see Uploading Objects Using Multipart +// Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html) +// in the Amazon S3 User Guide. Directory buckets - For directory buckets, you must +// make requests for this API operation to the Zonal endpoint. These endpoints +// support virtual-hosted-style requests in the format +// https://bucket_name.s3express-az_id.region.amazonaws.com/key-name . Path-style +// requests are not supported. For more information, see Regional and Zonal +// endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. Permissions +// - General purpose bucket permissions - For information about permissions +// required to use the multipart upload API, see Multipart Upload and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) +// in the Amazon S3 User Guide. +// - Directory bucket permissions - To grant access to this API operation on a +// directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant the +// s3express:CreateSession permission to the directory bucket in a bucket policy +// or an IAM identity-based policy. Then, you make the CreateSession API call on +// the bucket to obtain a session token. With the session token in your request +// header, you can make API requests to this operation. After the session token +// expires, you make another CreateSession API call to generate a new session +// token for use. Amazon Web Services CLI or SDKs create session and refresh the +// session token automatically to avoid service interruptions when a session +// expires. For more information about authorization, see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// . +// +// Special errors +// - Error Code: EntityTooSmall // - Description: Your proposed upload is smaller than the minimum allowed // object size. Each part must be at least 5 MB in size, except the last part. -// - 400 Bad Request -// - Error code: InvalidPart +// - HTTP Status Code: 400 Bad Request +// - Error Code: InvalidPart // - Description: One or more of the specified parts could not be found. The -// part might not have been uploaded, or the specified entity tag might not have -// matched the part's entity tag. -// - 400 Bad Request -// - Error code: InvalidPartOrder +// part might not have been uploaded, or the specified ETag might not have matched +// the uploaded part's ETag. +// - HTTP Status Code: 400 Bad Request +// - Error Code: InvalidPartOrder // - Description: The list of parts was not in ascending order. The parts list // must be specified in order by part number. -// - 400 Bad Request -// - Error code: NoSuchUpload +// - HTTP Status Code: 400 Bad Request +// - Error Code: NoSuchUpload // - Description: The specified multipart upload does not exist. The upload ID // might be invalid, or the multipart upload might have been aborted or completed. -// - 404 Not Found +// - HTTP Status Code: 404 Not Found // -// The following operations are related to CompleteMultipartUpload : +// HTTP Host header syntax Directory buckets - The HTTP Host header syntax is +// Bucket_name.s3express-az_id.region.amazonaws.com . The following operations are +// related to CompleteMultipartUpload : // - CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) // - UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) // - AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) @@ -90,16 +112,26 @@ func (c *Client) CompleteMultipartUpload(ctx context.Context, params *CompleteMu type CompleteMultipartUploadInput struct { - // Name of the bucket to which the multipart upload was initiated. When using this - // action with an access point, you must direct requests to the access point - // hostname. The access point hostname takes the form - // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this - // action with an access point through the Amazon Web Services SDKs, you provide - // the access point ARN in place of the bucket name. For more information about - // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form + // Name of the bucket to which the multipart upload was initiated. Directory + // buckets - When you use this operation with a directory bucket, you must use + // virtual-hosted-style requests in the format + // Bucket_name.s3express-az_id.region.amazonaws.com . Path-style requests are not + // supported. Directory bucket names must be unique in the chosen Availability + // Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 (for + // example, DOC-EXAMPLE-BUCKET--usw2-az2--x-s3 ). For information about bucket + // naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. Access points - When you use this action with an + // access point, you must provide the alias of the access point in place of the + // bucket name or specify the access point ARN. When using the access point ARN, + // you must direct requests to the access point hostname. The access point hostname + // takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. Access points and Object Lambda access points are + // not supported by directory buckets. S3 on Outposts - When you use this action + // with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts + // hostname. The S3 on Outposts hostname takes the form // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you // use this action with S3 on Outposts through the Amazon Web Services SDKs, you // provide the Outposts access point ARN in place of the bucket name. For more @@ -147,9 +179,9 @@ type CompleteMultipartUploadInput struct { // in the Amazon S3 User Guide. ChecksumSHA256 *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // The container for the multipart upload request information. @@ -157,83 +189,90 @@ type CompleteMultipartUploadInput struct { // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer // The server-side encryption (SSE) algorithm used to encrypt the object. This - // parameter is needed only when the object was created using a checksum algorithm. - // For more information, see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) - // in the Amazon S3 User Guide. + // parameter is required only when the object was created using a checksum + // algorithm or if your bucket policy requires the use of SSE-C. For more + // information, see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html#ssec-require-condition-key) + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. SSECustomerAlgorithm *string // The server-side encryption (SSE) customer managed key. This parameter is needed // only when the object was created using a checksum algorithm. For more // information, see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. SSECustomerKey *string // The MD5 server-side encryption (SSE) customer managed key. This parameter is // needed only when the object was created using a checksum algorithm. For more // information, see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. SSECustomerKeyMD5 *string noSmithyDocumentSerde } +func (in *CompleteMultipartUploadInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.Key = in.Key + +} + type CompleteMultipartUploadOutput struct { // The name of the bucket that contains the newly created object. Does not return - // the access point ARN or access point alias if used. When using this action with - // an access point, you must direct requests to the access point hostname. The - // access point hostname takes the form - // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this - // action with an access point through the Amazon Web Services SDKs, you provide - // the access point ARN in place of the bucket name. For more information about - // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you - // use this action with S3 on Outposts through the Amazon Web Services SDKs, you - // provide the Outposts access point ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see What is S3 on Outposts? (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) - // in the Amazon S3 User Guide. + // the access point ARN or access point alias if used. Access points are not + // supported by directory buckets. Bucket *string // Indicates whether the multipart upload uses an S3 Bucket Key for server-side - // encryption with Key Management Service (KMS) keys (SSE-KMS). - BucketKeyEnabled bool + // encryption with Key Management Service (KMS) keys (SSE-KMS). This functionality + // is not supported for directory buckets. + BucketKeyEnabled *bool // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32 *string // The base64-encoded, 32-bit CRC32C checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32C *string // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use the API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA1 *string // The base64-encoded, 256-bit SHA-256 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA256 *string @@ -249,6 +288,7 @@ type CompleteMultipartUploadOutput struct { // If the object expiration is configured, this will contain the expiration date ( // expiry-date ) and rule ID ( rule-id ). The value of rule-id is URL-encoded. + // This functionality is not supported for directory buckets. Expiration *string // The object key of the newly created object. @@ -258,19 +298,21 @@ type CompleteMultipartUploadOutput struct { Location *string // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged - // If present, specifies the ID of the Key Management Service (KMS) symmetric - // encryption customer managed key that was used for the object. + // If present, indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. This functionality + // is not supported for directory buckets. SSEKMSKeyId *string // The server-side encryption algorithm used when storing this object in Amazon S3 - // (for example, AES256 , aws:kms ). + // (for example, AES256 , aws:kms ). For directory buckets, only server-side + // encryption with Amazon S3 managed keys (SSE-S3) ( AES256 ) is supported. ServerSideEncryption types.ServerSideEncryption // Version ID of the newly created object, in case the bucket has versioning - // turned on. + // turned on. This functionality is not supported for directory buckets. VersionId *string // Metadata pertaining to the operation's result. @@ -280,6 +322,9 @@ type CompleteMultipartUploadOutput struct { } func (c *Client) addOperationCompleteMultipartUploadMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpCompleteMultipartUpload{}, middleware.After) if err != nil { return err @@ -288,6 +333,10 @@ func (c *Client) addOperationCompleteMultipartUploadMiddlewares(stack *middlewar if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "CompleteMultipartUpload"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -309,9 +358,6 @@ func (c *Client) addOperationCompleteMultipartUploadMiddlewares(stack *middlewar if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -327,10 +373,10 @@ func (c *Client) addOperationCompleteMultipartUploadMiddlewares(stack *middlewar if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addCompleteMultipartUploadResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpCompleteMultipartUploadValidationMiddleware(stack); err != nil { @@ -363,7 +409,7 @@ func (c *Client) addOperationCompleteMultipartUploadMiddlewares(stack *middlewar if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -383,7 +429,6 @@ func newServiceMetadataMiddleware_opCompleteMultipartUpload(region string) *awsm return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "CompleteMultipartUpload", } } @@ -413,139 +458,3 @@ func addCompleteMultipartUploadUpdateEndpoint(stack *middleware.Stack, options O DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opCompleteMultipartUploadResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opCompleteMultipartUploadResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opCompleteMultipartUploadResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*CompleteMultipartUploadInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addCompleteMultipartUploadResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opCompleteMultipartUploadResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CopyObject.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CopyObject.go index 97516a258..deb21cee0 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CopyObject.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CopyObject.go @@ -4,17 +4,13 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" "time" ) @@ -25,135 +21,89 @@ import ( // object greater than 5 GB, you must use the multipart upload Upload Part - Copy // (UploadPartCopy) API. For more information, see Copy Object Using the REST // Multipart Upload API (https://docs.aws.amazon.com/AmazonS3/latest/dev/CopyingObjctsUsingRESTMPUapi.html) -// . All copy requests must be authenticated. Additionally, you must have read -// access to the source object and write access to the destination bucket. For more -// information, see REST Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html) -// . Both the Region that you want to copy the object from and the Region that you -// want to copy the object to must be enabled for your account. A copy request -// might return an error when Amazon S3 receives the copy request or while Amazon -// S3 is copying the files. If the error occurs before the copy action starts, you -// receive a standard Amazon S3 error. If the error occurs during the copy -// operation, the error response is embedded in the 200 OK response. This means -// that a 200 OK response can contain either a success or an error. If you call -// the S3 API directly, make sure to design your application to parse the contents -// of the response and handle it appropriately. If you use Amazon Web Services -// SDKs, SDKs handle this condition. The SDKs detect the embedded error and apply -// error handling per your configuration settings (including automatically retrying -// the request as appropriate). If the condition persists, the SDKs throws an -// exception (or, for the SDKs that don't use exceptions, they return the error). -// If the copy is successful, you receive a response with information about the -// copied object. If the request is an HTTP 1.1 request, the response is chunk -// encoded. If it were not, it would not contain the content-length, and you would -// need to read the entire body. The copy request charge is based on the storage -// class and Region that you specify for the destination object. The request can -// also result in a data retrieval charge for the source if the source storage -// class bills for data retrieval. For pricing information, see Amazon S3 pricing (http://aws.amazon.com/s3/pricing/) -// . Amazon S3 transfer acceleration does not support cross-Region copies. If you -// request a cross-Region copy using a transfer acceleration endpoint, you get a -// 400 Bad Request error. For more information, see Transfer Acceleration (https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) -// . Metadata When copying an object, you can preserve all metadata (the default) -// or specify new metadata. However, the access control list (ACL) is not preserved -// and is set to private for the user making the request. To override the default -// ACL setting, specify a new ACL when generating a copy request. For more -// information, see Using ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html) -// . To specify whether you want the object metadata copied from the source object -// or replaced with metadata provided in the request, you can optionally add the -// x-amz-metadata-directive header. When you grant permissions, you can use the -// s3:x-amz-metadata-directive condition key to enforce certain metadata behavior -// when objects are uploaded. For more information, see Specifying Conditions in a -// Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/amazon-s3-policy-keys.html) -// in the Amazon S3 User Guide. For a complete list of Amazon S3-specific condition -// keys, see Actions, Resources, and Condition Keys for Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html) -// . x-amz-website-redirect-location is unique to each object and must be -// specified in the request headers to copy the value. x-amz-copy-source-if Headers -// To only copy an object under certain conditions, such as whether the Etag -// matches or whether the object was modified before or after a specified date, use -// the following request parameters: -// - x-amz-copy-source-if-match -// - x-amz-copy-source-if-none-match -// - x-amz-copy-source-if-unmodified-since -// - x-amz-copy-source-if-modified-since +// . You can copy individual objects between general purpose buckets, between +// directory buckets, and between general purpose buckets and directory buckets. +// Directory buckets - For directory buckets, you must make requests for this API +// operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format +// https://bucket_name.s3express-az_id.region.amazonaws.com/key-name . Path-style +// requests are not supported. For more information, see Regional and Zonal +// endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. Both the Region that you want to copy the object +// from and the Region that you want to copy the object to must be enabled for your +// account. Amazon S3 transfer acceleration does not support cross-Region copies. +// If you request a cross-Region copy using a transfer acceleration endpoint, you +// get a 400 Bad Request error. For more information, see Transfer Acceleration (https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) +// . Authentication and authorization All CopyObject requests must be +// authenticated and signed by using IAM credentials (access key ID and secret +// access key for the IAM identities). All headers with the x-amz- prefix, +// including x-amz-copy-source , must be signed. For more information, see REST +// Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html) +// . Directory buckets - You must use the IAM credentials to authenticate and +// authorize your access to the CopyObject API operation, instead of using the +// temporary security credentials through the CreateSession API operation. Amazon +// Web Services CLI or SDKs handles authentication and authorization on your +// behalf. Permissions You must have read access to the source object and write +// access to the destination bucket. +// - General purpose bucket permissions - You must have permissions in an IAM +// policy based on the source and destination bucket types in a CopyObject +// operation. +// - If the source object is in a general purpose bucket, you must have +// s3:GetObject permission to read the source object that is being copied. +// - If the destination bucket is a general purpose bucket, you must have +// s3:PubObject permission to write the object copy to the destination bucket. +// - Directory bucket permissions - You must have permissions in a bucket policy +// or an IAM identity-based policy based on the source and destination bucket types +// in a CopyObject operation. +// - If the source object that you want to copy is in a directory bucket, you +// must have the s3express:CreateSession permission in the Action element of a +// policy to read the object. By default, the session is in the ReadWrite mode. +// If you want to restrict the access, you can explicitly set the +// s3express:SessionMode condition key to ReadOnly on the copy source bucket. +// - If the copy destination is a directory bucket, you must have the +// s3express:CreateSession permission in the Action element of a policy to write +// the object to the destination. The s3express:SessionMode condition key can't +// be set to ReadOnly on the copy destination bucket. For example policies, see +// Example bucket policies for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) +// and Amazon Web Services Identity and Access Management (IAM) identity-based +// policies for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html) +// in the Amazon S3 User Guide. // -// If both the x-amz-copy-source-if-match and x-amz-copy-source-if-unmodified-since -// headers are present in the request and evaluate as follows, Amazon S3 returns -// 200 OK and copies the data: -// - x-amz-copy-source-if-match condition evaluates to true -// - x-amz-copy-source-if-unmodified-since condition evaluates to false +// Response and special errors When the request is an HTTP 1.1 request, the +// response is chunk encoded. When the request is not an HTTP 1.1 request, the +// response would not contain the Content-Length . You always need to read the +// entire response body to check if the copy succeeds. to keep the connection alive +// while we copy the data. +// - If the copy is successful, you receive a response with information about +// the copied object. +// - A copy request might return an error when Amazon S3 receives the copy +// request or while Amazon S3 is copying the files. A 200 OK response can contain +// either a success or an error. +// - If the error occurs before the copy action starts, you receive a standard +// Amazon S3 error. +// - If the error occurs during the copy operation, the error response is +// embedded in the 200 OK response. For example, in a cross-region copy, you may +// encounter throttling and receive a 200 OK response. For more information, see +// Resolve the Error 200 response when copying objects to Amazon S3 . The 200 OK +// status code means the copy was accepted, but it doesn't mean the copy is +// complete. Another example is when you disconnect from Amazon S3 before the copy +// is complete, Amazon S3 might cancel the copy and you may receive a 200 OK +// response. You must stay connected to Amazon S3 until the entire response is +// successfully received and processed. If you call this API operation directly, +// make sure to design your application to parse the content of the response and +// handle it appropriately. If you use Amazon Web Services SDKs, SDKs handle this +// condition. The SDKs detect the embedded error and apply error handling per your +// configuration settings (including automatically retrying the request as +// appropriate). If the condition persists, the SDKs throw an exception (or, for +// the SDKs that don't use exceptions, they return an error). // -// If both the x-amz-copy-source-if-none-match and -// x-amz-copy-source-if-modified-since headers are present in the request and -// evaluate as follows, Amazon S3 returns the 412 Precondition Failed response -// code: -// - x-amz-copy-source-if-none-match condition evaluates to false -// - x-amz-copy-source-if-modified-since condition evaluates to true -// -// All headers with the x-amz- prefix, including x-amz-copy-source , must be -// signed. Server-side encryption Amazon S3 automatically encrypts all new objects -// that are copied to an S3 bucket. When copying an object, if you don't specify -// encryption information in your copy request, the encryption setting of the -// target object is set to the default encryption configuration of the destination -// bucket. By default, all buckets have a base level of encryption configuration -// that uses server-side encryption with Amazon S3 managed keys (SSE-S3). If the -// destination bucket has a default encryption configuration that uses server-side -// encryption with Key Management Service (KMS) keys (SSE-KMS), dual-layer -// server-side encryption with Amazon Web Services KMS keys (DSSE-KMS), or -// server-side encryption with customer-provided encryption keys (SSE-C), Amazon S3 -// uses the corresponding KMS key, or a customer-provided key to encrypt the target -// object copy. When you perform a CopyObject operation, if you want to use a -// different type of encryption setting for the target object, you can use other -// appropriate encryption-related headers to encrypt the target object with a KMS -// key, an Amazon S3 managed key, or a customer-provided key. With server-side -// encryption, Amazon S3 encrypts your data as it writes your data to disks in its -// data centers and decrypts the data when you access it. If the encryption setting -// in your request is different from the default encryption configuration of the -// destination bucket, the encryption setting in your request takes precedence. If -// the source object for the copy is stored in Amazon S3 using SSE-C, you must -// provide the necessary encryption information in your request so that Amazon S3 -// can decrypt the object for copying. For more information about server-side -// encryption, see Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html) -// . If a target object uses SSE-KMS, you can enable an S3 Bucket Key for the -// object. For more information, see Amazon S3 Bucket Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) -// in the Amazon S3 User Guide. Access Control List (ACL)-Specific Request Headers -// When copying an object, you can optionally use headers to grant ACL-based -// permissions. By default, all objects are private. Only the owner has full access -// control. When adding a new object, you can grant permissions to individual -// Amazon Web Services accounts or to predefined groups that are defined by Amazon -// S3. These permissions are then added to the ACL on the object. For more -// information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) -// and Managing ACLs Using the REST API (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-using-rest-api.html) -// . If the bucket that you're copying objects to uses the bucket owner enforced -// setting for S3 Object Ownership, ACLs are disabled and no longer affect -// permissions. Buckets that use this setting only accept PUT requests that don't -// specify an ACL or PUT requests that specify bucket owner full control ACLs, -// such as the bucket-owner-full-control canned ACL or an equivalent form of this -// ACL expressed in the XML format. For more information, see Controlling -// ownership of objects and disabling ACLs (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) -// in the Amazon S3 User Guide. If your bucket uses the bucket owner enforced -// setting for Object Ownership, all objects written to the bucket by any account -// will be owned by the bucket owner. Checksums When copying an object, if it has a -// checksum, that checksum will be copied to the new object by default. When you -// copy the object over, you can optionally specify a different checksum algorithm -// to use with the x-amz-checksum-algorithm header. Storage Class Options You can -// use the CopyObject action to change the storage class of an object that is -// already stored in Amazon S3 by using the StorageClass parameter. For more -// information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) -// in the Amazon S3 User Guide. If the source object's storage class is GLACIER or -// DEEP_ARCHIVE, or the object's storage class is INTELLIGENT_TIERING and it's S3 -// Intelligent-Tiering access tier (https://docs.aws.amazon.com/AmazonS3/latest/userguide/intelligent-tiering-overview.html#intel-tiering-tier-definition) -// is Archive Access or Deep Archive Access, you must restore a copy of this object -// before you can use it as a source object for the copy operation. For more -// information, see RestoreObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html) -// . For more information, see Copying Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/CopyingObjectsExamples.html) -// . Versioning By default, x-amz-copy-source header identifies the current -// version of an object to copy. If the current version is a delete marker, Amazon -// S3 behaves as if the object was deleted. To copy a different version, use the -// versionId subresource. If you enable versioning on the target bucket, Amazon S3 -// generates a unique version ID for the object being copied. This version ID is -// different from the version ID of the source object. Amazon S3 returns the -// version ID of the copied object in the x-amz-version-id response header in the -// response. If you do not enable versioning or suspend it on the target bucket, -// the version ID that Amazon S3 generates is always null. The following operations -// are related to CopyObject : +// Charge The copy request charge is based on the storage class and Region that +// you specify for the destination object. The request can also result in a data +// retrieval charge for the source if the source storage class bills for data +// retrieval. For pricing information, see Amazon S3 pricing (http://aws.amazon.com/s3/pricing/) +// . HTTP Host header syntax Directory buckets - The HTTP Host header syntax is +// Bucket_name.s3express-az_id.region.amazonaws.com . The following operations are +// related to CopyObject : // - PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) // - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) func (c *Client) CopyObject(ctx context.Context, params *CopyObjectInput, optFns ...func(*Options)) (*CopyObjectOutput, error) { @@ -173,16 +123,26 @@ func (c *Client) CopyObject(ctx context.Context, params *CopyObjectInput, optFns type CopyObjectInput struct { - // The name of the destination bucket. When using this action with an access - // point, you must direct requests to the access point hostname. The access point - // hostname takes the form - // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this - // action with an access point through the Amazon Web Services SDKs, you provide - // the access point ARN in place of the bucket name. For more information about - // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form + // The name of the destination bucket. Directory buckets - When you use this + // operation with a directory bucket, you must use virtual-hosted-style requests in + // the format Bucket_name.s3express-az_id.region.amazonaws.com . Path-style + // requests are not supported. Directory bucket names must be unique in the chosen + // Availability Zone. Bucket names must follow the format + // bucket_base_name--az-id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az2--x-s3 + // ). For information about bucket naming restrictions, see Directory bucket + // naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. Access points - When you use this action with an + // access point, you must provide the alias of the access point in place of the + // bucket name or specify the access point ARN. When using the access point ARN, + // you must direct requests to the access point hostname. The access point hostname + // takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. Access points and Object Lambda access points are + // not supported by directory buckets. S3 on Outposts - When you use this action + // with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts + // hostname. The S3 on Outposts hostname takes the form // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you // use this action with S3 on Outposts through the Amazon Web Services SDKs, you // provide the Outposts access point ARN in place of the bucket name. For more @@ -192,35 +152,52 @@ type CopyObjectInput struct { // This member is required. Bucket *string - // Specifies the source object for the copy operation. You specify the value in - // one of two formats, depending on whether you want to access the source object - // through an access point (https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points.html) + // Specifies the source object for the copy operation. The source object can be up + // to 5 GB. If the source object is an object that was uploaded by using a + // multipart upload, the object copy will be a single part object after the source + // object is copied to the destination bucket. You specify the value of the copy + // source in one of two formats, depending on whether you want to access the source + // object through an access point (https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points.html) // : // - For objects not accessed through an access point, specify the name of the // source bucket and the key of the source object, separated by a slash (/). For - // example, to copy the object reports/january.pdf from the bucket - // awsexamplebucket , use awsexamplebucket/reports/january.pdf . The value must - // be URL-encoded. + // example, to copy the object reports/january.pdf from the general purpose + // bucket awsexamplebucket , use awsexamplebucket/reports/january.pdf . The value + // must be URL-encoded. To copy the object reports/january.pdf from the directory + // bucket awsexamplebucket--use1-az5--x-s3 , use + // awsexamplebucket--use1-az5--x-s3/reports/january.pdf . The value must be + // URL-encoded. // - For objects accessed through access points, specify the Amazon Resource // Name (ARN) of the object as accessed through the access point, in the format // arn:aws:s3:::accesspoint//object/ . For example, to copy the object // reports/january.pdf through access point my-access-point owned by account // 123456789012 in Region us-west-2 , use the URL encoding of // arn:aws:s3:us-west-2:123456789012:accesspoint/my-access-point/object/reports/january.pdf - // . The value must be URL encoded. Amazon S3 supports copy operations using access - // points only when the source and destination buckets are in the same Amazon Web - // Services Region. Alternatively, for objects accessed through Amazon S3 on - // Outposts, specify the ARN of the object as accessed in the format - // arn:aws:s3-outposts:::outpost//object/ . For example, to copy the object - // reports/january.pdf through outpost my-outpost owned by account 123456789012 - // in Region us-west-2 , use the URL encoding of + // . The value must be URL encoded. + // - Amazon S3 supports copy operations using Access points only when the source + // and destination buckets are in the same Amazon Web Services Region. + // - Access points are not supported by directory buckets. Alternatively, for + // objects accessed through Amazon S3 on Outposts, specify the ARN of the object as + // accessed in the format arn:aws:s3-outposts:::outpost//object/ . For example, + // to copy the object reports/january.pdf through outpost my-outpost owned by + // account 123456789012 in Region us-west-2 , use the URL encoding of // arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/object/reports/january.pdf // . The value must be URL-encoded. - // To copy a specific version of an object, append ?versionId= to the value (for - // example, + // If your source bucket versioning is enabled, the x-amz-copy-source header by + // default identifies the current version of an object to copy. If the current + // version is a delete marker, Amazon S3 behaves as if the object was deleted. To + // copy a different version, use the versionId query parameter. Specifically, + // append ?versionId= to the value (for example, // awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893 // ). If you don't specify a version ID, Amazon S3 copies the latest version of the - // source object. + // source object. If you enable versioning on the destination bucket, Amazon S3 + // generates a unique version ID for the copied object. This version ID is + // different from the version ID of the source object. Amazon S3 returns the + // version ID of the copied object in the x-amz-version-id response header in the + // response. If you do not enable versioning or suspend it on the destination + // bucket, the version ID that Amazon S3 generates in the x-amz-version-id + // response header is always null. Directory buckets - S3 Versioning isn't enabled + // and supported for directory buckets. // // This member is required. CopySource *string @@ -230,138 +207,230 @@ type CopyObjectInput struct { // This member is required. Key *string - // The canned ACL to apply to the object. This action is not supported by Amazon - // S3 on Outposts. + // The canned access control list (ACL) to apply to the object. When you copy an + // object, the ACL metadata is not preserved and is set to private by default. + // Only the owner has full access control. To override the default ACL setting, + // specify a new ACL when you generate a copy request. For more information, see + // Using ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html) + // . If the destination bucket that you're copying objects to uses the bucket owner + // enforced setting for S3 Object Ownership, ACLs are disabled and no longer affect + // permissions. Buckets that use this setting only accept PUT requests that don't + // specify an ACL or PUT requests that specify bucket owner full control ACLs, + // such as the bucket-owner-full-control canned ACL or an equivalent form of this + // ACL expressed in the XML format. For more information, see Controlling + // ownership of objects and disabling ACLs (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) + // in the Amazon S3 User Guide. + // - If your destination bucket uses the bucket owner enforced setting for + // Object Ownership, all objects written to the bucket by any account will be owned + // by the bucket owner. + // - This functionality is not supported for directory buckets. + // - This functionality is not supported for Amazon S3 on Outposts. ACL types.ObjectCannedACL // Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption // with server-side encryption using Key Management Service (KMS) keys (SSE-KMS). + // If a target object uses SSE-KMS, you can enable an S3 Bucket Key for the object. // Setting this header to true causes Amazon S3 to use an S3 Bucket Key for object // encryption with SSE-KMS. Specifying this header with a COPY action doesn’t - // affect bucket-level settings for S3 Bucket Key. - BucketKeyEnabled bool + // affect bucket-level settings for S3 Bucket Key. For more information, see + // Amazon S3 Bucket Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) + // in the Amazon S3 User Guide. This functionality is not supported when the + // destination bucket is a directory bucket. + BucketKeyEnabled *bool - // Specifies caching behavior along the request/reply chain. + // Specifies the caching behavior along the request/reply chain. CacheControl *string - // Indicates the algorithm you want Amazon S3 to use to create the checksum for - // the object. For more information, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) - // in the Amazon S3 User Guide. + // Indicates the algorithm that you want Amazon S3 to use to create the checksum + // for the object. For more information, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. When you copy an object, if the source object has a + // checksum, that checksum value will be copied to the new object by default. If + // the CopyObject request does not include this x-amz-checksum-algorithm header, + // the checksum algorithm will be copied from the source object to the destination + // object (if it's present on the source object). You can optionally specify a + // different checksum algorithm to use with the x-amz-checksum-algorithm header. + // Unrecognized or unsupported values will respond with the HTTP status code 400 + // Bad Request . For directory buckets, when you use Amazon Web Services SDKs, + // CRC32 is the default checksum algorithm that's used for performance. ChecksumAlgorithm types.ChecksumAlgorithm - // Specifies presentational information for the object. + // Specifies presentational information for the object. Indicates whether an + // object should be displayed in a web browser or downloaded as a file. It allows + // specifying the desired filename for the downloaded file. ContentDisposition *string // Specifies what content encodings have been applied to the object and thus what // decoding mechanisms must be applied to obtain the media-type referenced by the - // Content-Type header field. + // Content-Type header field. For directory buckets, only the aws-chunked value is + // supported in this header field. ContentEncoding *string // The language the content is in. ContentLanguage *string - // A standard MIME type describing the format of the object data. + // A standard MIME type that describes the format of the object data. ContentType *string - // Copies the object if its entity tag (ETag) matches the specified tag. + // Copies the object if its entity tag (ETag) matches the specified tag. If both + // the x-amz-copy-source-if-match and x-amz-copy-source-if-unmodified-since + // headers are present in the request and evaluate as follows, Amazon S3 returns + // 200 OK and copies the data: + // - x-amz-copy-source-if-match condition evaluates to true + // - x-amz-copy-source-if-unmodified-since condition evaluates to false CopySourceIfMatch *string - // Copies the object if it has been modified since the specified time. + // Copies the object if it has been modified since the specified time. If both the + // x-amz-copy-source-if-none-match and x-amz-copy-source-if-modified-since headers + // are present in the request and evaluate as follows, Amazon S3 returns the 412 + // Precondition Failed response code: + // - x-amz-copy-source-if-none-match condition evaluates to false + // - x-amz-copy-source-if-modified-since condition evaluates to true CopySourceIfModifiedSince *time.Time - // Copies the object if its entity tag (ETag) is different than the specified ETag. + // Copies the object if its entity tag (ETag) is different than the specified + // ETag. If both the x-amz-copy-source-if-none-match and + // x-amz-copy-source-if-modified-since headers are present in the request and + // evaluate as follows, Amazon S3 returns the 412 Precondition Failed response + // code: + // - x-amz-copy-source-if-none-match condition evaluates to false + // - x-amz-copy-source-if-modified-since condition evaluates to true CopySourceIfNoneMatch *string - // Copies the object if it hasn't been modified since the specified time. + // Copies the object if it hasn't been modified since the specified time. If both + // the x-amz-copy-source-if-match and x-amz-copy-source-if-unmodified-since + // headers are present in the request and evaluate as follows, Amazon S3 returns + // 200 OK and copies the data: + // - x-amz-copy-source-if-match condition evaluates to true + // - x-amz-copy-source-if-unmodified-since condition evaluates to false CopySourceIfUnmodifiedSince *time.Time // Specifies the algorithm to use when decrypting the source object (for example, - // AES256). + // AES256 ). If the source object for the copy is stored in Amazon S3 using SSE-C, + // you must provide the necessary encryption information in your request so that + // Amazon S3 can decrypt the object for copying. This functionality is not + // supported when the source object is in a directory bucket. CopySourceSSECustomerAlgorithm *string // Specifies the customer-provided encryption key for Amazon S3 to use to decrypt - // the source object. The encryption key provided in this header must be one that - // was used when the source object was created. + // the source object. The encryption key provided in this header must be the same + // one that was used when the source object was created. If the source object for + // the copy is stored in Amazon S3 using SSE-C, you must provide the necessary + // encryption information in your request so that Amazon S3 can decrypt the object + // for copying. This functionality is not supported when the source object is in a + // directory bucket. CopySourceSSECustomerKey *string // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the - // encryption key was transmitted without error. + // encryption key was transmitted without error. If the source object for the copy + // is stored in Amazon S3 using SSE-C, you must provide the necessary encryption + // information in your request so that Amazon S3 can decrypt the object for + // copying. This functionality is not supported when the source object is in a + // directory bucket. CopySourceSSECustomerKeyMD5 *string - // The account ID of the expected destination bucket owner. If the destination - // bucket is owned by a different account, the request fails with the HTTP status - // code 403 Forbidden (access denied). + // The account ID of the expected destination bucket owner. If the account ID that + // you provide does not match the actual owner of the destination bucket, the + // request fails with the HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string - // The account ID of the expected source bucket owner. If the source bucket is - // owned by a different account, the request fails with the HTTP status code 403 - // Forbidden (access denied). + // The account ID of the expected source bucket owner. If the account ID that you + // provide does not match the actual owner of the source bucket, the request fails + // with the HTTP status code 403 Forbidden (access denied). ExpectedSourceBucketOwner *string // The date and time at which the object is no longer cacheable. Expires *time.Time - // Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object. This - // action is not supported by Amazon S3 on Outposts. + // Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object. + // - This functionality is not supported for directory buckets. + // - This functionality is not supported for Amazon S3 on Outposts. GrantFullControl *string - // Allows grantee to read the object data and its metadata. This action is not - // supported by Amazon S3 on Outposts. + // Allows grantee to read the object data and its metadata. + // - This functionality is not supported for directory buckets. + // - This functionality is not supported for Amazon S3 on Outposts. GrantRead *string - // Allows grantee to read the object ACL. This action is not supported by Amazon - // S3 on Outposts. + // Allows grantee to read the object ACL. + // - This functionality is not supported for directory buckets. + // - This functionality is not supported for Amazon S3 on Outposts. GrantReadACP *string - // Allows grantee to write the ACL for the applicable object. This action is not - // supported by Amazon S3 on Outposts. + // Allows grantee to write the ACL for the applicable object. + // - This functionality is not supported for directory buckets. + // - This functionality is not supported for Amazon S3 on Outposts. GrantWriteACP *string // A map of metadata to store with the object in S3. Metadata map[string]string // Specifies whether the metadata is copied from the source object or replaced - // with metadata provided in the request. + // with metadata that's provided in the request. When copying an object, you can + // preserve all metadata (the default) or specify new metadata. If this header + // isn’t specified, COPY is the default behavior. General purpose bucket - For + // general purpose buckets, when you grant permissions, you can use the + // s3:x-amz-metadata-directive condition key to enforce certain metadata behavior + // when objects are uploaded. For more information, see Amazon S3 condition key + // examples (https://docs.aws.amazon.com/AmazonS3/latest/dev/amazon-s3-policy-keys.html) + // in the Amazon S3 User Guide. x-amz-website-redirect-location is unique to each + // object and is not copied when using the x-amz-metadata-directive header. To + // copy the value, you must specify x-amz-website-redirect-location in the request + // header. MetadataDirective types.MetadataDirective - // Specifies whether you want to apply a legal hold to the copied object. + // Specifies whether you want to apply a legal hold to the object copy. This + // functionality is not supported for directory buckets. ObjectLockLegalHoldStatus types.ObjectLockLegalHoldStatus - // The Object Lock mode that you want to apply to the copied object. + // The Object Lock mode that you want to apply to the object copy. This + // functionality is not supported for directory buckets. ObjectLockMode types.ObjectLockMode - // The date and time when you want the copied object's Object Lock to expire. + // The date and time when you want the Object Lock of the object copy to expire. + // This functionality is not supported for directory buckets. ObjectLockRetainUntilDate *time.Time // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer - // Specifies the algorithm to use to when encrypting the object (for example, - // AES256). + // Specifies the algorithm to use when encrypting the object (for example, AES256 + // ). When you perform a CopyObject operation, if you want to use a different type + // of encryption setting for the target object, you can specify appropriate + // encryption-related headers to encrypt the target object with an Amazon S3 + // managed key, a KMS key, or a customer-provided key. If the encryption setting in + // your request is different from the default encryption configuration of the + // destination bucket, the encryption setting in your request takes precedence. + // This functionality is not supported when the destination bucket is a directory + // bucket. SSECustomerAlgorithm *string // Specifies the customer-provided encryption key for Amazon S3 to use in // encrypting data. This value is used to store the object and then it is - // discarded; Amazon S3 does not store the encryption key. The key must be + // discarded. Amazon S3 does not store the encryption key. The key must be // appropriate for use with the algorithm specified in the - // x-amz-server-side-encryption-customer-algorithm header. + // x-amz-server-side-encryption-customer-algorithm header. This functionality is + // not supported when the destination bucket is a directory bucket. SSECustomerKey *string // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the - // encryption key was transmitted without error. + // encryption key was transmitted without error. This functionality is not + // supported when the destination bucket is a directory bucket. SSECustomerKeyMD5 *string // Specifies the Amazon Web Services KMS Encryption Context to use for object // encryption. The value of this header is a base64-encoded UTF-8 string holding - // JSON with the encryption context key-value pairs. + // JSON with the encryption context key-value pairs. This value must be explicitly + // added to specify encryption context for CopyObject requests. This functionality + // is not supported when the destination bucket is a directory bucket. SSEKMSEncryptionContext *string // Specifies the KMS ID (Key ID, Key ARN, or Key Alias) to use for object @@ -369,83 +438,195 @@ type CopyObjectInput struct { // they're not made via SSL or using SigV4. For information about configuring any // of the officially supported Amazon Web Services SDKs and Amazon Web Services // CLI, see Specifying the Signature Version in Request Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported when the + // destination bucket is a directory bucket. SSEKMSKeyId *string // The server-side encryption algorithm used when storing this object in Amazon S3 - // (for example, AES256 , aws:kms , aws:kms:dsse ). + // (for example, AES256 , aws:kms , aws:kms:dsse ). Unrecognized or unsupported + // values won’t write a destination object and will receive a 400 Bad Request + // response. Amazon S3 automatically encrypts all new objects that are copied to an + // S3 bucket. When copying an object, if you don't specify encryption information + // in your copy request, the encryption setting of the target object is set to the + // default encryption configuration of the destination bucket. By default, all + // buckets have a base level of encryption configuration that uses server-side + // encryption with Amazon S3 managed keys (SSE-S3). If the destination bucket has a + // default encryption configuration that uses server-side encryption with Key + // Management Service (KMS) keys (SSE-KMS), dual-layer server-side encryption with + // Amazon Web Services KMS keys (DSSE-KMS), or server-side encryption with + // customer-provided encryption keys (SSE-C), Amazon S3 uses the corresponding KMS + // key, or a customer-provided key to encrypt the target object copy. When you + // perform a CopyObject operation, if you want to use a different type of + // encryption setting for the target object, you can specify appropriate + // encryption-related headers to encrypt the target object with an Amazon S3 + // managed key, a KMS key, or a customer-provided key. If the encryption setting in + // your request is different from the default encryption configuration of the + // destination bucket, the encryption setting in your request takes precedence. + // With server-side encryption, Amazon S3 encrypts your data as it writes your data + // to disks in its data centers and decrypts the data when you access it. For more + // information about server-side encryption, see Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html) + // in the Amazon S3 User Guide. For directory buckets, only server-side encryption + // with Amazon S3 managed keys (SSE-S3) ( AES256 ) is supported. ServerSideEncryption types.ServerSideEncryption // If the x-amz-storage-class header is not used, the copied object will be stored // in the STANDARD Storage Class by default. The STANDARD storage class provides // high durability and high availability. Depending on performance needs, you can - // specify a different Storage Class. Amazon S3 on Outposts only uses the OUTPOSTS - // Storage Class. For more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) + // specify a different Storage Class. + // - Directory buckets - For directory buckets, only the S3 Express One Zone + // storage class is supported to store newly created objects. Unsupported storage + // class values won't write a destination object and will respond with the HTTP + // status code 400 Bad Request . + // - Amazon S3 on Outposts - S3 on Outposts only uses the OUTPOSTS Storage Class. + // You can use the CopyObject action to change the storage class of an object that + // is already stored in Amazon S3 by using the x-amz-storage-class header. For + // more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) + // in the Amazon S3 User Guide. Before using an object as a source object for the + // copy operation, you must restore a copy of it if it meets any of the following + // conditions: + // - The storage class of the source object is GLACIER or DEEP_ARCHIVE . + // - The storage class of the source object is INTELLIGENT_TIERING and it's S3 + // Intelligent-Tiering access tier (https://docs.aws.amazon.com/AmazonS3/latest/userguide/intelligent-tiering-overview.html#intel-tiering-tier-definition) + // is Archive Access or Deep Archive Access . + // For more information, see RestoreObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html) + // and Copying Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/CopyingObjectsExamples.html) // in the Amazon S3 User Guide. StorageClass types.StorageClass - // The tag-set for the object destination object this value must be used in - // conjunction with the TaggingDirective . The tag-set must be encoded as URL Query - // parameters. + // The tag-set for the object copy in the destination bucket. This value must be + // used in conjunction with the x-amz-tagging-directive if you choose REPLACE for + // the x-amz-tagging-directive . If you choose COPY for the x-amz-tagging-directive + // , you don't need to set the x-amz-tagging header, because the tag-set will be + // copied from the source object directly. The tag-set must be encoded as URL Query + // parameters. The default value is the empty value. Directory buckets - For + // directory buckets in a CopyObject operation, only the empty tag-set is + // supported. Any requests that attempt to write non-empty tags into directory + // buckets will receive a 501 Not Implemented status code. When the destination + // bucket is a directory bucket, you will receive a 501 Not Implemented response + // in any of the following situations: + // - When you attempt to COPY the tag-set from an S3 source object that has + // non-empty tags. + // - When you attempt to REPLACE the tag-set of a source object and set a + // non-empty value to x-amz-tagging . + // - When you don't set the x-amz-tagging-directive header and the source object + // has non-empty tags. This is because the default value of + // x-amz-tagging-directive is COPY . + // Because only the empty tag-set is supported for directory buckets in a + // CopyObject operation, the following situations are allowed: + // - When you attempt to COPY the tag-set from a directory bucket source object + // that has no tags to a general purpose bucket. It copies an empty tag-set to the + // destination object. + // - When you attempt to REPLACE the tag-set of a directory bucket source object + // and set the x-amz-tagging value of the directory bucket destination object to + // empty. + // - When you attempt to REPLACE the tag-set of a general purpose bucket source + // object that has non-empty tags and set the x-amz-tagging value of the + // directory bucket destination object to empty. + // - When you attempt to REPLACE the tag-set of a directory bucket source object + // and don't set the x-amz-tagging value of the directory bucket destination + // object. This is because the default value of x-amz-tagging is the empty value. Tagging *string - // Specifies whether the object tag-set are copied from the source object or - // replaced with tag-set provided in the request. + // Specifies whether the object tag-set is copied from the source object or + // replaced with the tag-set that's provided in the request. The default value is + // COPY . Directory buckets - For directory buckets in a CopyObject operation, + // only the empty tag-set is supported. Any requests that attempt to write + // non-empty tags into directory buckets will receive a 501 Not Implemented status + // code. When the destination bucket is a directory bucket, you will receive a 501 + // Not Implemented response in any of the following situations: + // - When you attempt to COPY the tag-set from an S3 source object that has + // non-empty tags. + // - When you attempt to REPLACE the tag-set of a source object and set a + // non-empty value to x-amz-tagging . + // - When you don't set the x-amz-tagging-directive header and the source object + // has non-empty tags. This is because the default value of + // x-amz-tagging-directive is COPY . + // Because only the empty tag-set is supported for directory buckets in a + // CopyObject operation, the following situations are allowed: + // - When you attempt to COPY the tag-set from a directory bucket source object + // that has no tags to a general purpose bucket. It copies an empty tag-set to the + // destination object. + // - When you attempt to REPLACE the tag-set of a directory bucket source object + // and set the x-amz-tagging value of the directory bucket destination object to + // empty. + // - When you attempt to REPLACE the tag-set of a general purpose bucket source + // object that has non-empty tags and set the x-amz-tagging value of the + // directory bucket destination object to empty. + // - When you attempt to REPLACE the tag-set of a directory bucket source object + // and don't set the x-amz-tagging value of the directory bucket destination + // object. This is because the default value of x-amz-tagging is the empty value. TaggingDirective types.TaggingDirective - // If the bucket is configured as a website, redirects requests for this object to - // another object in the same bucket or to an external URL. Amazon S3 stores the - // value of this header in the object metadata. This value is unique to each object - // and is not copied when using the x-amz-metadata-directive header. Instead, you - // may opt to provide this header in combination with the directive. + // If the destination bucket is configured as a website, redirects requests for + // this object copy to another object in the same bucket or to an external URL. + // Amazon S3 stores the value of this header in the object metadata. This value is + // unique to each object and is not copied when using the x-amz-metadata-directive + // header. Instead, you may opt to provide this header in combination with the + // x-amz-metadata-directive header. This functionality is not supported for + // directory buckets. WebsiteRedirectLocation *string noSmithyDocumentSerde } +func (in *CopyObjectInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.DisableS3ExpressSessionAuth = ptr.Bool(true) +} + type CopyObjectOutput struct { // Indicates whether the copied object uses an S3 Bucket Key for server-side - // encryption with Key Management Service (KMS) keys (SSE-KMS). - BucketKeyEnabled bool + // encryption with Key Management Service (KMS) keys (SSE-KMS). This functionality + // is not supported for directory buckets. + BucketKeyEnabled *bool // Container for all response elements. CopyObjectResult *types.CopyObjectResult - // Version of the copied object in the destination bucket. + // Version ID of the source object that was copied. This functionality is not + // supported when the source object is in a directory bucket. CopySourceVersionId *string - // If the object expiration is configured, the response includes this header. + // If the object expiration is configured, the response includes this header. This + // functionality is not supported for directory buckets. Expiration *string // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged // If server-side encryption with a customer-provided encryption key was - // requested, the response will include this header confirming the encryption - // algorithm used. + // requested, the response will include this header to confirm the encryption + // algorithm that's used. This functionality is not supported for directory + // buckets. SSECustomerAlgorithm *string // If server-side encryption with a customer-provided encryption key was - // requested, the response will include this header to provide round-trip message - // integrity verification of the customer-provided encryption key. + // requested, the response will include this header to provide the round-trip + // message integrity verification of the customer-provided encryption key. This + // functionality is not supported for directory buckets. SSECustomerKeyMD5 *string - // If present, specifies the Amazon Web Services KMS Encryption Context to use for + // If present, indicates the Amazon Web Services KMS Encryption Context to use for // object encryption. The value of this header is a base64-encoded UTF-8 string - // holding JSON with the encryption context key-value pairs. + // holding JSON with the encryption context key-value pairs. This functionality is + // not supported for directory buckets. SSEKMSEncryptionContext *string - // If present, specifies the ID of the Key Management Service (KMS) symmetric - // encryption customer managed key that was used for the object. + // If present, indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. This functionality + // is not supported for directory buckets. SSEKMSKeyId *string - // The server-side encryption algorithm used when storing this object in Amazon S3 - // (for example, AES256 , aws:kms , aws:kms:dsse ). + // The server-side encryption algorithm used when you store this object in Amazon + // S3 (for example, AES256 , aws:kms , aws:kms:dsse ). For directory buckets, only + // server-side encryption with Amazon S3 managed keys (SSE-S3) ( AES256 ) is + // supported. ServerSideEncryption types.ServerSideEncryption - // Version ID of the newly created copy. + // Version ID of the newly created copy. This functionality is not supported for + // directory buckets. VersionId *string // Metadata pertaining to the operation's result. @@ -455,6 +636,9 @@ type CopyObjectOutput struct { } func (c *Client) addOperationCopyObjectMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpCopyObject{}, middleware.After) if err != nil { return err @@ -463,6 +647,10 @@ func (c *Client) addOperationCopyObjectMiddlewares(stack *middleware.Stack, opti if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "CopyObject"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -484,9 +672,6 @@ func (c *Client) addOperationCopyObjectMiddlewares(stack *middleware.Stack, opti if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -502,10 +687,10 @@ func (c *Client) addOperationCopyObjectMiddlewares(stack *middleware.Stack, opti if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addCopyObjectResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpCopyObjectValidationMiddleware(stack); err != nil { @@ -538,7 +723,7 @@ func (c *Client) addOperationCopyObjectMiddlewares(stack *middleware.Stack, opti if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -558,7 +743,6 @@ func newServiceMetadataMiddleware_opCopyObject(region string) *awsmiddleware.Reg return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "CopyObject", } } @@ -588,139 +772,3 @@ func addCopyObjectUpdateEndpoint(stack *middleware.Stack, options Options) error DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opCopyObjectResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opCopyObjectResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opCopyObjectResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*CopyObjectInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addCopyObjectResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opCopyObjectResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CreateBucket.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CreateBucket.go index 9da6f8b9c..6357444ba 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CreateBucket.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CreateBucket.go @@ -4,79 +4,90 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Creates a new S3 bucket. To create a bucket, you must register with Amazon S3 -// and have a valid Amazon Web Services Access Key ID to authenticate requests. +// This action creates an Amazon S3 bucket. To create an Amazon S3 on Outposts +// bucket, see CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateBucket.html) +// . Creates a new S3 bucket. To create a bucket, you must set up Amazon S3 and +// have a valid Amazon Web Services Access Key ID to authenticate requests. // Anonymous requests are never allowed to create buckets. By creating the bucket, -// you become the bucket owner. Not every string is an acceptable bucket name. For -// information about bucket naming restrictions, see Bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) -// . If you want to create an Amazon S3 on Outposts bucket, see Create Bucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateBucket.html) -// . By default, the bucket is created in the US East (N. Virginia) Region. You can -// optionally specify a Region in the request body. To constrain the bucket -// creation to a specific Region, you can use LocationConstraint (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucketConfiguration.html) -// condition key. You might choose a Region to optimize latency, minimize costs, or -// address regulatory requirements. For example, if you reside in Europe, you will -// probably find it advantageous to create buckets in the Europe (Ireland) Region. -// For more information, see Accessing a bucket (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html#access-bucket-intro) -// . If you send your create bucket request to the s3.amazonaws.com endpoint, the -// request goes to the us-east-1 Region. Accordingly, the signature calculations -// in Signature Version 4 must use us-east-1 as the Region, even if the location -// constraint in the request specifies another Region where the bucket is to be -// created. If you create a bucket in a Region other than US East (N. Virginia), -// your application must be able to handle 307 redirect. For more information, see -// Virtual hosting of buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html) -// . Permissions In addition to s3:CreateBucket , the following permissions are -// required when your CreateBucket request includes specific headers: -// - Access control lists (ACLs) - If your CreateBucket request specifies access -// control list (ACL) permissions and the ACL is public-read, public-read-write, -// authenticated-read, or if you specify access permissions explicitly through any -// other ACL, both s3:CreateBucket and s3:PutBucketAcl permissions are needed. If -// the ACL for the CreateBucket request is private or if the request doesn't -// specify any ACLs, only s3:CreateBucket permission is needed. -// - Object Lock - If ObjectLockEnabledForBucket is set to true in your -// CreateBucket request, s3:PutBucketObjectLockConfiguration and -// s3:PutBucketVersioning permissions are required. -// - S3 Object Ownership - If your CreateBucket request includes the -// x-amz-object-ownership header, then the s3:PutBucketOwnershipControls -// permission is required. By default, ObjectOwnership is set to -// BucketOWnerEnforced and ACLs are disabled. We recommend keeping ACLs disabled, -// except in uncommon use cases where you must control access for each object -// individually. If you want to change the ObjectOwnership setting, you can use -// the x-amz-object-ownership header in your CreateBucket request to set the -// ObjectOwnership setting of your choice. For more information about S3 Object -// Ownership, see Controlling object ownership (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) +// you become the bucket owner. There are two types of buckets: general purpose +// buckets and directory buckets. For more information about these bucket types, +// see Creating, configuring, and working with Amazon S3 buckets (https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html) +// in the Amazon S3 User Guide. +// - General purpose buckets - If you send your CreateBucket request to the +// s3.amazonaws.com global endpoint, the request goes to the us-east-1 Region. So +// the signature calculations in Signature Version 4 must use us-east-1 as the +// Region, even if the location constraint in the request specifies another Region +// where the bucket is to be created. If you create a bucket in a Region other than +// US East (N. Virginia), your application must be able to handle 307 redirect. For +// more information, see Virtual hosting of buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html) // in the Amazon S3 User Guide. -// - S3 Block Public Access - If your specific use case requires granting public -// access to your S3 resources, you can disable Block Public Access. You can create -// a new bucket with Block Public Access enabled, then separately call the -// DeletePublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeletePublicAccessBlock.html) -// API. To use this operation, you must have the s3:PutBucketPublicAccessBlock -// permission. By default, all Block Public Access settings are enabled for new -// buckets. To avoid inadvertent exposure of your resources, we recommend keeping -// the S3 Block Public Access settings enabled. For more information about S3 Block -// Public Access, see Blocking public access to your Amazon S3 storage (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) +// - Directory buckets - For directory buckets, you must make requests for this +// API operation to the Regional endpoint. These endpoints support path-style +// requests in the format +// https://s3express-control.region_code.amazonaws.com/bucket-name . +// Virtual-hosted-style requests aren't supported. For more information, see +// Regional and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) // in the Amazon S3 User Guide. // -// If your CreateBucket request sets BucketOwnerEnforced for Amazon S3 Object -// Ownership and specifies a bucket ACL that provides access to an external Amazon -// Web Services account, your request fails with a 400 error and returns the -// InvalidBucketAcLWithObjectOwnership error code. For more information, see -// Setting Object Ownership on an existing bucket (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-ownership-existing-bucket.html) -// in the Amazon S3 User Guide. The following operations are related to +// Permissions +// - General purpose bucket permissions - In addition to the s3:CreateBucket +// permission, the following permissions are required in a policy when your +// CreateBucket request includes specific headers: +// - Access control lists (ACLs) - In your CreateBucket request, if you specify +// an access control list (ACL) and set it to public-read , public-read-write , +// authenticated-read , or if you explicitly specify any other custom ACLs, both +// s3:CreateBucket and s3:PutBucketAcl permissions are required. In your +// CreateBucket request, if you set the ACL to private , or if you don't specify +// any ACLs, only the s3:CreateBucket permission is required. +// - Object Lock - In your CreateBucket request, if you set +// x-amz-bucket-object-lock-enabled to true, the +// s3:PutBucketObjectLockConfiguration and s3:PutBucketVersioning permissions are +// required. +// - S3 Object Ownership - If your CreateBucket request includes the +// x-amz-object-ownership header, then the s3:PutBucketOwnershipControls +// permission is required. If your CreateBucket request sets BucketOwnerEnforced +// for Amazon S3 Object Ownership and specifies a bucket ACL that provides access +// to an external Amazon Web Services account, your request fails with a 400 +// error and returns the InvalidBucketAcLWithObjectOwnership error code. For more +// information, see Setting Object Ownership on an existing bucket (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-ownership-existing-bucket.html) +// in the Amazon S3 User Guide. +// - S3 Block Public Access - If your specific use case requires granting public +// access to your S3 resources, you can disable Block Public Access. Specifically, +// you can create a new bucket with Block Public Access enabled, then separately +// call the DeletePublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeletePublicAccessBlock.html) +// API. To use this operation, you must have the s3:PutBucketPublicAccessBlock +// permission. For more information about S3 Block Public Access, see Blocking +// public access to your Amazon S3 storage (https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-block-public-access.html) +// in the Amazon S3 User Guide. +// - Directory bucket permissions - You must have the s3express:CreateBucket +// permission in an IAM identity-based policy instead of a bucket policy. +// Cross-account access to this API operation isn't supported. This operation can +// only be performed by the Amazon Web Services account that owns the resource. For +// more information about directory bucket policies and permissions, see Amazon +// Web Services Identity and Access Management (IAM) for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) +// in the Amazon S3 User Guide. The permissions for ACLs, Object Lock, S3 Object +// Ownership, and S3 Block Public Access are not supported for directory buckets. +// For directory buckets, all Block Public Access settings are enabled at the +// bucket level and S3 Object Ownership is set to Bucket owner enforced (ACLs +// disabled). These settings can't be modified. For more information about +// permissions for creating and working with directory buckets, see Directory +// buckets (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) +// in the Amazon S3 User Guide. For more information about supported S3 features +// for directory buckets, see Features of S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-one-zone.html#s3-express-features) +// in the Amazon S3 User Guide. +// +// HTTP Host header syntax Directory buckets - The HTTP Host header syntax is +// s3express-control.region.amazonaws.com . The following operations are related to // CreateBucket : // - PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) // - DeleteBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html) @@ -97,37 +108,52 @@ func (c *Client) CreateBucket(ctx context.Context, params *CreateBucketInput, op type CreateBucketInput struct { - // The name of the bucket to create. + // The name of the bucket to create. General purpose buckets - For information + // about bucket naming restrictions, see Bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) + // in the Amazon S3 User Guide. Directory buckets - When you use this operation + // with a directory bucket, you must use path-style requests in the format + // https://s3express-control.region_code.amazonaws.com/bucket-name . + // Virtual-hosted-style requests aren't supported. Directory bucket names must be + // unique in the chosen Availability Zone. Bucket names must also follow the format + // bucket_base_name--az_id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az2--x-s3 + // ). For information about bucket naming restrictions, see Directory bucket + // naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide // // This member is required. Bucket *string - // The canned ACL to apply to the bucket. + // The canned ACL to apply to the bucket. This functionality is not supported for + // directory buckets. ACL types.BucketCannedACL // The configuration information for the bucket. CreateBucketConfiguration *types.CreateBucketConfiguration // Allows grantee the read, write, read ACP, and write ACP permissions on the - // bucket. + // bucket. This functionality is not supported for directory buckets. GrantFullControl *string - // Allows grantee to list the objects in the bucket. + // Allows grantee to list the objects in the bucket. This functionality is not + // supported for directory buckets. GrantRead *string - // Allows grantee to read the bucket ACL. + // Allows grantee to read the bucket ACL. This functionality is not supported for + // directory buckets. GrantReadACP *string // Allows grantee to create new objects in the bucket. For the bucket and object // owners of existing objects, also allows deletions and overwrites of those - // objects. + // objects. This functionality is not supported for directory buckets. GrantWrite *string - // Allows grantee to write the ACL for the applicable bucket. + // Allows grantee to write the ACL for the applicable bucket. This functionality + // is not supported for directory buckets. GrantWriteACP *string // Specifies whether you want S3 Object Lock to be enabled for the new bucket. - ObjectLockEnabledForBucket bool + // This functionality is not supported for directory buckets. + ObjectLockEnabledForBucket *bool // The container element for object ownership for a bucket's ownership controls. // BucketOwnerPreferred - Objects uploaded to the bucket change ownership to the @@ -137,14 +163,27 @@ type CreateBucketInput struct { // BucketOwnerEnforced - Access control lists (ACLs) are disabled and no longer // affect permissions. The bucket owner automatically owns and has full control // over every object in the bucket. The bucket only accepts PUT requests that don't - // specify an ACL or bucket owner full control ACLs, such as the - // bucket-owner-full-control canned ACL or an equivalent form of this ACL expressed - // in the XML format. + // specify an ACL or specify bucket owner full control ACLs (such as the predefined + // bucket-owner-full-control canned ACL or a custom ACL in XML format that grants + // the same permissions). By default, ObjectOwnership is set to BucketOwnerEnforced + // and ACLs are disabled. We recommend keeping ACLs disabled, except in uncommon + // use cases where you must control access for each object individually. For more + // information about S3 Object Ownership, see Controlling ownership of objects and + // disabling ACLs for your bucket (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. Directory buckets use the bucket owner enforced setting for S3 Object + // Ownership. ObjectOwnership types.ObjectOwnership noSmithyDocumentSerde } +func (in *CreateBucketInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) + p.DisableAccessPoints = ptr.Bool(true) +} + type CreateBucketOutput struct { // A forward slash followed by the name of the bucket. @@ -157,6 +196,9 @@ type CreateBucketOutput struct { } func (c *Client) addOperationCreateBucketMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpCreateBucket{}, middleware.After) if err != nil { return err @@ -165,6 +207,10 @@ func (c *Client) addOperationCreateBucketMiddlewares(stack *middleware.Stack, op if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "CreateBucket"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -186,9 +232,6 @@ func (c *Client) addOperationCreateBucketMiddlewares(stack *middleware.Stack, op if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -204,10 +247,10 @@ func (c *Client) addOperationCreateBucketMiddlewares(stack *middleware.Stack, op if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addCreateBucketResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpCreateBucketValidationMiddleware(stack); err != nil { @@ -237,7 +280,7 @@ func (c *Client) addOperationCreateBucketMiddlewares(stack *middleware.Stack, op if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -257,7 +300,6 @@ func newServiceMetadataMiddleware_opCreateBucket(region string) *awsmiddleware.R return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "CreateBucket", } } @@ -287,141 +329,3 @@ func addCreateBucketUpdateEndpoint(stack *middleware.Stack, options Options) err DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opCreateBucketResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opCreateBucketResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opCreateBucketResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*CreateBucketInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - params.DisableAccessPoints = ptr.Bool(true) - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addCreateBucketResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opCreateBucketResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CreateMultipartUpload.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CreateMultipartUpload.go index 2831c54c7..4f24e11c4 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CreateMultipartUpload.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CreateMultipartUpload.go @@ -4,16 +4,11 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" "time" @@ -26,97 +21,111 @@ import ( // ). You also include this upload ID in the final request to either complete or // abort the multipart upload request. For more information about multipart // uploads, see Multipart Upload Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) -// . If you have configured a lifecycle rule to abort incomplete multipart uploads, -// the upload must complete within the number of days specified in the bucket -// lifecycle configuration. Otherwise, the incomplete multipart upload becomes -// eligible for an abort action and Amazon S3 aborts the multipart upload. For more -// information, see Aborting Incomplete Multipart Uploads Using a Bucket Lifecycle -// Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) -// . For information about the permissions required to use the multipart upload -// API, see Multipart Upload and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) -// . For request signing, multipart upload is just a series of regular requests. -// You initiate a multipart upload, send one or more requests to upload parts, and -// then complete the multipart upload process. You sign each request individually. -// There is nothing special about signing multipart upload requests. For more -// information about signing, see Authenticating Requests (Amazon Web Services -// Signature Version 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html) -// . After you initiate a multipart upload and upload one or more parts, to stop -// being charged for storing the uploaded parts, you must either complete or abort -// the multipart upload. Amazon S3 frees up the space used to store the parts and -// stop charging you for storing them only after you either complete or abort a -// multipart upload. Server-side encryption is for data encryption at rest. Amazon -// S3 encrypts your data as it writes it to disks in its data centers and decrypts -// it when you access it. Amazon S3 automatically encrypts all new objects that are -// uploaded to an S3 bucket. When doing a multipart upload, if you don't specify -// encryption information in your request, the encryption setting of the uploaded -// parts is set to the default encryption configuration of the destination bucket. -// By default, all buckets have a base level of encryption configuration that uses -// server-side encryption with Amazon S3 managed keys (SSE-S3). If the destination -// bucket has a default encryption configuration that uses server-side encryption -// with an Key Management Service (KMS) key (SSE-KMS), or a customer-provided -// encryption key (SSE-C), Amazon S3 uses the corresponding KMS key, or a -// customer-provided key to encrypt the uploaded parts. When you perform a -// CreateMultipartUpload operation, if you want to use a different type of -// encryption setting for the uploaded parts, you can request that Amazon S3 -// encrypts the object with a KMS key, an Amazon S3 managed key, or a -// customer-provided key. If the encryption setting in your request is different -// from the default encryption configuration of the destination bucket, the -// encryption setting in your request takes precedence. If you choose to provide -// your own encryption key, the request headers you provide in UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) -// and UploadPartCopy (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) -// requests must match the headers you used in the request to initiate the upload -// by using CreateMultipartUpload . You can request that Amazon S3 save the -// uploaded parts encrypted with server-side encryption with an Amazon S3 managed -// key (SSE-S3), an Key Management Service (KMS) key (SSE-KMS), or a -// customer-provided encryption key (SSE-C). To perform a multipart upload with -// encryption by using an Amazon Web Services KMS key, the requester must have -// permission to the kms:Decrypt and kms:GenerateDataKey* actions on the key. -// These permissions are required because Amazon S3 must decrypt and read data from -// the encrypted file parts before it completes the multipart upload. For more -// information, see Multipart upload API and permissions (https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions) -// and Protecting data using server-side encryption with Amazon Web Services KMS (https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html) -// in the Amazon S3 User Guide. If your Identity and Access Management (IAM) user -// or role is in the same Amazon Web Services account as the KMS key, then you must -// have these permissions on the key policy. If your IAM user or role belongs to a -// different account than the key, then you must have the permissions on both the -// key policy and your IAM user or role. For more information, see Protecting Data -// Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html) -// . Access Permissions When copying an object, you can optionally specify the -// accounts or groups that should be granted specific permissions on the new -// object. There are two ways to grant the permissions using the request headers: -// - Specify a canned ACL with the x-amz-acl request header. For more -// information, see Canned ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL) -// . -// - Specify access permissions explicitly with the x-amz-grant-read , -// x-amz-grant-read-acp , x-amz-grant-write-acp , and x-amz-grant-full-control -// headers. These parameters map to the set of permissions that Amazon S3 supports -// in an ACL. For more information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) +// in the Amazon S3 User Guide. After you initiate a multipart upload and upload +// one or more parts, to stop being charged for storing the uploaded parts, you +// must either complete or abort the multipart upload. Amazon S3 frees up the space +// used to store the parts and stops charging you for storing them only after you +// either complete or abort a multipart upload. If you have configured a lifecycle +// rule to abort incomplete multipart uploads, the created multipart upload must be +// completed within the number of days specified in the bucket lifecycle +// configuration. Otherwise, the incomplete multipart upload becomes eligible for +// an abort action and Amazon S3 aborts the multipart upload. For more information, +// see Aborting Incomplete Multipart Uploads Using a Bucket Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) +// . +// - Directory buckets - S3 Lifecycle is not supported by directory buckets. +// - Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support +// virtual-hosted-style requests in the format +// https://bucket_name.s3express-az_id.region.amazonaws.com/key-name . +// Path-style requests are not supported. For more information, see Regional and +// Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// Request signing For request signing, multipart upload is just a series of +// regular requests. You initiate a multipart upload, send one or more requests to +// upload parts, and then complete the multipart upload process. You sign each +// request individually. There is nothing special about signing multipart upload +// requests. For more information about signing, see Authenticating Requests +// (Amazon Web Services Signature Version 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html) +// in the Amazon S3 User Guide. Permissions +// - General purpose bucket permissions - For information about the permissions +// required to use the multipart upload API, see Multipart upload and permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) +// in the Amazon S3 User Guide. To perform a multipart upload with encryption by +// using an Amazon Web Services KMS key, the requester must have permission to the +// kms:Decrypt and kms:GenerateDataKey* actions on the key. These permissions are +// required because Amazon S3 must decrypt and read data from the encrypted file +// parts before it completes the multipart upload. For more information, see +// Multipart upload API and permissions (https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions) +// and Protecting data using server-side encryption with Amazon Web Services KMS (https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html) +// in the Amazon S3 User Guide. +// - Directory bucket permissions - To grant access to this API operation on a +// directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant the +// s3express:CreateSession permission to the directory bucket in a bucket policy +// or an IAM identity-based policy. Then, you make the CreateSession API call on +// the bucket to obtain a session token. With the session token in your request +// header, you can make API requests to this operation. After the session token +// expires, you make another CreateSession API call to generate a new session +// token for use. Amazon Web Services CLI or SDKs create session and refresh the +// session token automatically to avoid service interruptions when a session +// expires. For more information about authorization, see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) // . // -// You can use either a canned ACL or specify access permissions explicitly. You -// cannot do both. Server-Side- Encryption-Specific Request Headers Amazon S3 -// encrypts data by using server-side encryption with an Amazon S3 managed key -// (SSE-S3) by default. Server-side encryption is for data encryption at rest. -// Amazon S3 encrypts your data as it writes it to disks in its data centers and -// decrypts it when you access it. You can request that Amazon S3 encrypts data at -// rest by using server-side encryption with other key options. The option you use -// depends on whether you want to use KMS keys (SSE-KMS) or provide your own -// encryption keys (SSE-C). +// Encryption +// - General purpose buckets - Server-side encryption is for data encryption at +// rest. Amazon S3 encrypts your data as it writes it to disks in its data centers +// and decrypts it when you access it. Amazon S3 automatically encrypts all new +// objects that are uploaded to an S3 bucket. When doing a multipart upload, if you +// don't specify encryption information in your request, the encryption setting of +// the uploaded parts is set to the default encryption configuration of the +// destination bucket. By default, all buckets have a base level of encryption +// configuration that uses server-side encryption with Amazon S3 managed keys +// (SSE-S3). If the destination bucket has a default encryption configuration that +// uses server-side encryption with an Key Management Service (KMS) key (SSE-KMS), +// or a customer-provided encryption key (SSE-C), Amazon S3 uses the corresponding +// KMS key, or a customer-provided key to encrypt the uploaded parts. When you +// perform a CreateMultipartUpload operation, if you want to use a different type +// of encryption setting for the uploaded parts, you can request that Amazon S3 +// encrypts the object with a different encryption key (such as an Amazon S3 +// managed key, a KMS key, or a customer-provided key). When the encryption setting +// in your request is different from the default encryption configuration of the +// destination bucket, the encryption setting in your request takes precedence. If +// you choose to provide your own encryption key, the request headers you provide +// in UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) +// and UploadPartCopy (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) +// requests must match the headers you used in the CreateMultipartUpload request. // - Use KMS keys (SSE-KMS) that include the Amazon Web Services managed key ( // aws/s3 ) and KMS customer managed keys stored in Key Management Service (KMS) // – If you want Amazon Web Services to manage the keys used to encrypt data, // specify the following headers in the request. // - x-amz-server-side-encryption // - x-amz-server-side-encryption-aws-kms-key-id -// - x-amz-server-side-encryption-context If you specify -// x-amz-server-side-encryption:aws:kms , but don't provide +// - x-amz-server-side-encryption-context +// - If you specify x-amz-server-side-encryption:aws:kms , but don't provide // x-amz-server-side-encryption-aws-kms-key-id , Amazon S3 uses the Amazon Web -// Services managed key ( aws/s3 key) in KMS to protect the data. All GET and PUT -// requests for an object protected by KMS fail if you don't make them by using -// Secure Sockets Layer (SSL), Transport Layer Security (TLS), or Signature Version -// 4. For more information about server-side encryption with KMS keys (SSE-KMS), -// see Protecting Data Using Server-Side Encryption with KMS keys (https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html) -// . +// Services managed key ( aws/s3 key) in KMS to protect the data. +// - To perform a multipart upload with encryption by using an Amazon Web +// Services KMS key, the requester must have permission to the kms:Decrypt and +// kms:GenerateDataKey* actions on the key. These permissions are required +// because Amazon S3 must decrypt and read data from the encrypted file parts +// before it completes the multipart upload. For more information, see Multipart +// upload API and permissions (https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions) +// and Protecting data using server-side encryption with Amazon Web Services KMS (https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html) +// in the Amazon S3 User Guide. +// - If your Identity and Access Management (IAM) user or role is in the same +// Amazon Web Services account as the KMS key, then you must have these permissions +// on the key policy. If your IAM user or role is in a different account from the +// key, then you must have the permissions on both the key policy and your IAM user +// or role. +// - All GET and PUT requests for an object protected by KMS fail if you don't +// make them by using Secure Sockets Layer (SSL), Transport Layer Security (TLS), +// or Signature Version 4. For information about configuring any of the officially +// supported Amazon Web Services SDKs and Amazon Web Services CLI, see +// Specifying the Signature Version in Request Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version) +// in the Amazon S3 User Guide. For more information about server-side +// encryption with KMS keys (SSE-KMS), see Protecting Data Using Server-Side +// Encryption with KMS keys (https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html) +// in the Amazon S3 User Guide. // - Use customer-provided encryption keys (SSE-C) – If you want to manage your // own encryption keys, provide all the following headers in the request. // - x-amz-server-side-encryption-customer-algorithm @@ -125,55 +134,13 @@ import ( // server-side encryption with customer-provided encryption keys (SSE-C), see // Protecting data using server-side encryption with customer-provided encryption // keys (SSE-C) (https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html) -// . +// in the Amazon S3 User Guide. +// - Directory buckets -For directory buckets, only server-side encryption with +// Amazon S3 managed keys (SSE-S3) ( AES256 ) is supported. // -// Access-Control-List (ACL)-Specific Request Headers You also can use the -// following access control–related headers with this operation. By default, all -// objects are private. Only the owner has full access control. When adding a new -// object, you can grant permissions to individual Amazon Web Services accounts or -// to predefined groups defined by Amazon S3. These permissions are then added to -// the access control list (ACL) on the object. For more information, see Using -// ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html) . -// With this operation, you can grant access permissions using one of the following -// two methods: -// - Specify a canned ACL ( x-amz-acl ) — Amazon S3 supports a set of predefined -// ACLs, known as canned ACLs. Each canned ACL has a predefined set of grantees and -// permissions. For more information, see Canned ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL) -// . -// - Specify access permissions explicitly — To explicitly grant access -// permissions to specific Amazon Web Services accounts or groups, use the -// following headers. Each header maps to specific permissions that Amazon S3 -// supports in an ACL. For more information, see Access Control List (ACL) -// Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) . -// In the header, you specify a list of grantees who get the specific permission. -// To grant permissions explicitly, use: -// - x-amz-grant-read -// - x-amz-grant-write -// - x-amz-grant-read-acp -// - x-amz-grant-write-acp -// - x-amz-grant-full-control You specify each grantee as a type=value pair, -// where the type is one of the following: -// - id – if the value specified is the canonical user ID of an Amazon Web -// Services account -// - uri – if you are granting permissions to a predefined group -// - emailAddress – if the value specified is the email address of an Amazon Web -// Services account Using email addresses to specify a grantee is only supported in -// the following Amazon Web Services Regions: -// - US East (N. Virginia) -// - US West (N. California) -// - US West (Oregon) -// - Asia Pacific (Singapore) -// - Asia Pacific (Sydney) -// - Asia Pacific (Tokyo) -// - Europe (Ireland) -// - South America (São Paulo) For a list of all the Amazon S3 supported Regions -// and endpoints, see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) -// in the Amazon Web Services General Reference. For example, the following -// x-amz-grant-read header grants the Amazon Web Services accounts identified by -// account IDs permissions to read object data and its metadata: -// x-amz-grant-read: id="11112222333", id="444455556666" -// -// The following operations are related to CreateMultipartUpload : +// HTTP Host header syntax Directory buckets - The HTTP Host header syntax is +// Bucket_name.s3express-az_id.region.amazonaws.com . The following operations are +// related to CreateMultipartUpload : // - UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) // - CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) // - AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) @@ -196,16 +163,26 @@ func (c *Client) CreateMultipartUpload(ctx context.Context, params *CreateMultip type CreateMultipartUploadInput struct { - // The name of the bucket to which to initiate the upload When using this action - // with an access point, you must direct requests to the access point hostname. The - // access point hostname takes the form - // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this - // action with an access point through the Amazon Web Services SDKs, you provide - // the access point ARN in place of the bucket name. For more information about - // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form + // The name of the bucket where the multipart upload is initiated and where the + // object is uploaded. Directory buckets - When you use this operation with a + // directory bucket, you must use virtual-hosted-style requests in the format + // Bucket_name.s3express-az_id.region.amazonaws.com . Path-style requests are not + // supported. Directory bucket names must be unique in the chosen Availability + // Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 (for + // example, DOC-EXAMPLE-BUCKET--usw2-az2--x-s3 ). For information about bucket + // naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. Access points - When you use this action with an + // access point, you must provide the alias of the access point in place of the + // bucket name or specify the access point ARN. When using the access point ARN, + // you must direct requests to the access point hostname. The access point hostname + // takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. Access points and Object Lambda access points are + // not supported by directory buckets. S3 on Outposts - When you use this action + // with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts + // hostname. The S3 on Outposts hostname takes the form // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you // use this action with S3 on Outposts through the Amazon Web Services SDKs, you // provide the Outposts access point ARN in place of the bucket name. For more @@ -220,22 +197,33 @@ type CreateMultipartUploadInput struct { // This member is required. Key *string - // The canned ACL to apply to the object. This action is not supported by Amazon - // S3 on Outposts. + // The canned ACL to apply to the object. Amazon S3 supports a set of predefined + // ACLs, known as canned ACLs. Each canned ACL has a predefined set of grantees and + // permissions. For more information, see Canned ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL) + // in the Amazon S3 User Guide. By default, all objects are private. Only the owner + // has full access control. When uploading an object, you can grant access + // permissions to individual Amazon Web Services accounts or to predefined groups + // defined by Amazon S3. These permissions are then added to the access control + // list (ACL) on the new object. For more information, see Using ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html) + // . One way to grant the permissions using the request headers is to specify a + // canned ACL with the x-amz-acl request header. + // - This functionality is not supported for directory buckets. + // - This functionality is not supported for Amazon S3 on Outposts. ACL types.ObjectCannedACL // Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption // with server-side encryption using Key Management Service (KMS) keys (SSE-KMS). // Setting this header to true causes Amazon S3 to use an S3 Bucket Key for object // encryption with SSE-KMS. Specifying this header with an object action doesn’t - // affect bucket-level settings for S3 Bucket Key. - BucketKeyEnabled bool + // affect bucket-level settings for S3 Bucket Key. This functionality is not + // supported for directory buckets. + BucketKeyEnabled *bool // Specifies caching behavior along the request/reply chain. CacheControl *string - // Indicates the algorithm you want Amazon S3 to use to create the checksum for - // the object. For more information, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm that you want Amazon S3 to use to create the checksum + // for the object. For more information, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. ChecksumAlgorithm types.ChecksumAlgorithm @@ -244,113 +232,237 @@ type CreateMultipartUploadInput struct { // Specifies what content encodings have been applied to the object and thus what // decoding mechanisms must be applied to obtain the media-type referenced by the - // Content-Type header field. + // Content-Type header field. For directory buckets, only the aws-chunked value is + // supported in this header field. ContentEncoding *string - // The language the content is in. + // The language that the content is in. ContentLanguage *string // A standard MIME type describing the format of the object data. ContentType *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // The date and time at which the object is no longer cacheable. Expires *time.Time - // Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object. This - // action is not supported by Amazon S3 on Outposts. + // Specify access permissions explicitly to give the grantee READ, READ_ACP, and + // WRITE_ACP permissions on the object. By default, all objects are private. Only + // the owner has full access control. When uploading an object, you can use this + // header to explicitly grant access permissions to specific Amazon Web Services + // accounts or groups. This header maps to specific permissions that Amazon S3 + // supports in an ACL. For more information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) + // in the Amazon S3 User Guide. You specify each grantee as a type=value pair, + // where the type is one of the following: + // - id – if the value specified is the canonical user ID of an Amazon Web + // Services account + // - uri – if you are granting permissions to a predefined group + // - emailAddress – if the value specified is the email address of an Amazon Web + // Services account Using email addresses to specify a grantee is only supported in + // the following Amazon Web Services Regions: + // - US East (N. Virginia) + // - US West (N. California) + // - US West (Oregon) + // - Asia Pacific (Singapore) + // - Asia Pacific (Sydney) + // - Asia Pacific (Tokyo) + // - Europe (Ireland) + // - South America (São Paulo) For a list of all the Amazon S3 supported Regions + // and endpoints, see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) + // in the Amazon Web Services General Reference. + // For example, the following x-amz-grant-read header grants the Amazon Web + // Services accounts identified by account IDs permissions to read object data and + // its metadata: x-amz-grant-read: id="11112222333", id="444455556666" + // - This functionality is not supported for directory buckets. + // - This functionality is not supported for Amazon S3 on Outposts. GrantFullControl *string - // Allows grantee to read the object data and its metadata. This action is not - // supported by Amazon S3 on Outposts. + // Specify access permissions explicitly to allow grantee to read the object data + // and its metadata. By default, all objects are private. Only the owner has full + // access control. When uploading an object, you can use this header to explicitly + // grant access permissions to specific Amazon Web Services accounts or groups. + // This header maps to specific permissions that Amazon S3 supports in an ACL. For + // more information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) + // in the Amazon S3 User Guide. You specify each grantee as a type=value pair, + // where the type is one of the following: + // - id – if the value specified is the canonical user ID of an Amazon Web + // Services account + // - uri – if you are granting permissions to a predefined group + // - emailAddress – if the value specified is the email address of an Amazon Web + // Services account Using email addresses to specify a grantee is only supported in + // the following Amazon Web Services Regions: + // - US East (N. Virginia) + // - US West (N. California) + // - US West (Oregon) + // - Asia Pacific (Singapore) + // - Asia Pacific (Sydney) + // - Asia Pacific (Tokyo) + // - Europe (Ireland) + // - South America (São Paulo) For a list of all the Amazon S3 supported Regions + // and endpoints, see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) + // in the Amazon Web Services General Reference. + // For example, the following x-amz-grant-read header grants the Amazon Web + // Services accounts identified by account IDs permissions to read object data and + // its metadata: x-amz-grant-read: id="11112222333", id="444455556666" + // - This functionality is not supported for directory buckets. + // - This functionality is not supported for Amazon S3 on Outposts. GrantRead *string - // Allows grantee to read the object ACL. This action is not supported by Amazon - // S3 on Outposts. + // Specify access permissions explicitly to allows grantee to read the object ACL. + // By default, all objects are private. Only the owner has full access control. + // When uploading an object, you can use this header to explicitly grant access + // permissions to specific Amazon Web Services accounts or groups. This header maps + // to specific permissions that Amazon S3 supports in an ACL. For more information, + // see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) + // in the Amazon S3 User Guide. You specify each grantee as a type=value pair, + // where the type is one of the following: + // - id – if the value specified is the canonical user ID of an Amazon Web + // Services account + // - uri – if you are granting permissions to a predefined group + // - emailAddress – if the value specified is the email address of an Amazon Web + // Services account Using email addresses to specify a grantee is only supported in + // the following Amazon Web Services Regions: + // - US East (N. Virginia) + // - US West (N. California) + // - US West (Oregon) + // - Asia Pacific (Singapore) + // - Asia Pacific (Sydney) + // - Asia Pacific (Tokyo) + // - Europe (Ireland) + // - South America (São Paulo) For a list of all the Amazon S3 supported Regions + // and endpoints, see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) + // in the Amazon Web Services General Reference. + // For example, the following x-amz-grant-read header grants the Amazon Web + // Services accounts identified by account IDs permissions to read object data and + // its metadata: x-amz-grant-read: id="11112222333", id="444455556666" + // - This functionality is not supported for directory buckets. + // - This functionality is not supported for Amazon S3 on Outposts. GrantReadACP *string - // Allows grantee to write the ACL for the applicable object. This action is not - // supported by Amazon S3 on Outposts. + // Specify access permissions explicitly to allows grantee to allow grantee to + // write the ACL for the applicable object. By default, all objects are private. + // Only the owner has full access control. When uploading an object, you can use + // this header to explicitly grant access permissions to specific Amazon Web + // Services accounts or groups. This header maps to specific permissions that + // Amazon S3 supports in an ACL. For more information, see Access Control List + // (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) + // in the Amazon S3 User Guide. You specify each grantee as a type=value pair, + // where the type is one of the following: + // - id – if the value specified is the canonical user ID of an Amazon Web + // Services account + // - uri – if you are granting permissions to a predefined group + // - emailAddress – if the value specified is the email address of an Amazon Web + // Services account Using email addresses to specify a grantee is only supported in + // the following Amazon Web Services Regions: + // - US East (N. Virginia) + // - US West (N. California) + // - US West (Oregon) + // - Asia Pacific (Singapore) + // - Asia Pacific (Sydney) + // - Asia Pacific (Tokyo) + // - Europe (Ireland) + // - South America (São Paulo) For a list of all the Amazon S3 supported Regions + // and endpoints, see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) + // in the Amazon Web Services General Reference. + // For example, the following x-amz-grant-read header grants the Amazon Web + // Services accounts identified by account IDs permissions to read object data and + // its metadata: x-amz-grant-read: id="11112222333", id="444455556666" + // - This functionality is not supported for directory buckets. + // - This functionality is not supported for Amazon S3 on Outposts. GrantWriteACP *string // A map of metadata to store with the object in S3. Metadata map[string]string - // Specifies whether you want to apply a legal hold to the uploaded object. + // Specifies whether you want to apply a legal hold to the uploaded object. This + // functionality is not supported for directory buckets. ObjectLockLegalHoldStatus types.ObjectLockLegalHoldStatus // Specifies the Object Lock mode that you want to apply to the uploaded object. + // This functionality is not supported for directory buckets. ObjectLockMode types.ObjectLockMode - // Specifies the date and time when you want the Object Lock to expire. + // Specifies the date and time when you want the Object Lock to expire. This + // functionality is not supported for directory buckets. ObjectLockRetainUntilDate *time.Time // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer - // Specifies the algorithm to use to when encrypting the object (for example, - // AES256). + // Specifies the algorithm to use when encrypting the object (for example, + // AES256). This functionality is not supported for directory buckets. SSECustomerAlgorithm *string // Specifies the customer-provided encryption key for Amazon S3 to use in // encrypting data. This value is used to store the object and then it is // discarded; Amazon S3 does not store the encryption key. The key must be // appropriate for use with the algorithm specified in the - // x-amz-server-side-encryption-customer-algorithm header. + // x-amz-server-side-encryption-customer-algorithm header. This functionality is + // not supported for directory buckets. SSECustomerKey *string - // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. - // Amazon S3 uses this header for a message integrity check to ensure that the - // encryption key was transmitted without error. + // Specifies the 128-bit MD5 digest of the customer-provided encryption key + // according to RFC 1321. Amazon S3 uses this header for a message integrity check + // to ensure that the encryption key was transmitted without error. This + // functionality is not supported for directory buckets. SSECustomerKeyMD5 *string // Specifies the Amazon Web Services KMS Encryption Context to use for object // encryption. The value of this header is a base64-encoded UTF-8 string holding - // JSON with the encryption context key-value pairs. + // JSON with the encryption context key-value pairs. This functionality is not + // supported for directory buckets. SSEKMSEncryptionContext *string // Specifies the ID (Key ID, Key ARN, or Key Alias) of the symmetric encryption - // customer managed key to use for object encryption. All GET and PUT requests for - // an object protected by KMS will fail if they're not made via SSL or using SigV4. - // For information about configuring any of the officially supported Amazon Web - // Services SDKs and Amazon Web Services CLI, see Specifying the Signature Version - // in Request Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version) - // in the Amazon S3 User Guide. + // customer managed key to use for object encryption. This functionality is not + // supported for directory buckets. SSEKMSKeyId *string - // The server-side encryption algorithm used when storing this object in Amazon S3 - // (for example, AES256 , aws:kms ). + // The server-side encryption algorithm used when you store this object in Amazon + // S3 (for example, AES256 , aws:kms ). For directory buckets, only server-side + // encryption with Amazon S3 managed keys (SSE-S3) ( AES256 ) is supported. ServerSideEncryption types.ServerSideEncryption // By default, Amazon S3 uses the STANDARD Storage Class to store newly created // objects. The STANDARD storage class provides high durability and high // availability. Depending on performance needs, you can specify a different - // Storage Class. Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. For - // more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) + // Storage Class. For more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) // in the Amazon S3 User Guide. + // - For directory buckets, only the S3 Express One Zone storage class is + // supported to store newly created objects. + // - Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. StorageClass types.StorageClass - // The tag-set for the object. The tag-set must be encoded as URL Query parameters. + // The tag-set for the object. The tag-set must be encoded as URL Query + // parameters. This functionality is not supported for directory buckets. Tagging *string // If the bucket is configured as a website, redirects requests for this object to // another object in the same bucket or to an external URL. Amazon S3 stores the - // value of this header in the object metadata. + // value of this header in the object metadata. This functionality is not supported + // for directory buckets. WebsiteRedirectLocation *string noSmithyDocumentSerde } +func (in *CreateMultipartUploadInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.Key = in.Key + +} + type CreateMultipartUploadOutput struct { // If the bucket has a lifecycle rule configured with an action to abort @@ -359,36 +471,26 @@ type CreateMultipartUploadOutput struct { // indicates when the initiated multipart upload becomes eligible for an abort // operation. For more information, see Aborting Incomplete Multipart Uploads // Using a Bucket Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) - // . The response also includes the x-amz-abort-rule-id header that provides the - // ID of the lifecycle configuration rule that defines this action. + // in the Amazon S3 User Guide. The response also includes the x-amz-abort-rule-id + // header that provides the ID of the lifecycle configuration rule that defines the + // abort action. This functionality is not supported for directory buckets. AbortDate *time.Time // This header is returned along with the x-amz-abort-date header. It identifies // the applicable lifecycle configuration rule that defines the action to abort - // incomplete multipart uploads. + // incomplete multipart uploads. This functionality is not supported for directory + // buckets. AbortRuleId *string // The name of the bucket to which the multipart upload was initiated. Does not - // return the access point ARN or access point alias if used. When using this - // action with an access point, you must direct requests to the access point - // hostname. The access point hostname takes the form - // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this - // action with an access point through the Amazon Web Services SDKs, you provide - // the access point ARN in place of the bucket name. For more information about - // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you - // use this action with S3 on Outposts through the Amazon Web Services SDKs, you - // provide the Outposts access point ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see What is S3 on Outposts? (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) - // in the Amazon S3 User Guide. + // return the access point ARN or access point alias if used. Access points are not + // supported by directory buckets. Bucket *string // Indicates whether the multipart upload uses an S3 Bucket Key for server-side - // encryption with Key Management Service (KMS) keys (SSE-KMS). - BucketKeyEnabled bool + // encryption with Key Management Service (KMS) keys (SSE-KMS). This functionality + // is not supported for directory buckets. + BucketKeyEnabled *bool // The algorithm that was used to create a checksum of the object. ChecksumAlgorithm types.ChecksumAlgorithm @@ -397,30 +499,35 @@ type CreateMultipartUploadOutput struct { Key *string // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged // If server-side encryption with a customer-provided encryption key was - // requested, the response will include this header confirming the encryption - // algorithm used. + // requested, the response will include this header to confirm the encryption + // algorithm that's used. This functionality is not supported for directory + // buckets. SSECustomerAlgorithm *string // If server-side encryption with a customer-provided encryption key was - // requested, the response will include this header to provide round-trip message - // integrity verification of the customer-provided encryption key. + // requested, the response will include this header to provide the round-trip + // message integrity verification of the customer-provided encryption key. This + // functionality is not supported for directory buckets. SSECustomerKeyMD5 *string - // If present, specifies the Amazon Web Services KMS Encryption Context to use for + // If present, indicates the Amazon Web Services KMS Encryption Context to use for // object encryption. The value of this header is a base64-encoded UTF-8 string - // holding JSON with the encryption context key-value pairs. + // holding JSON with the encryption context key-value pairs. This functionality is + // not supported for directory buckets. SSEKMSEncryptionContext *string - // If present, specifies the ID of the Key Management Service (KMS) symmetric - // encryption customer managed key that was used for the object. + // If present, indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. This functionality + // is not supported for directory buckets. SSEKMSKeyId *string - // The server-side encryption algorithm used when storing this object in Amazon S3 - // (for example, AES256 , aws:kms ). + // The server-side encryption algorithm used when you store this object in Amazon + // S3 (for example, AES256 , aws:kms ). For directory buckets, only server-side + // encryption with Amazon S3 managed keys (SSE-S3) ( AES256 ) is supported. ServerSideEncryption types.ServerSideEncryption // ID for the initiated multipart upload. @@ -433,6 +540,9 @@ type CreateMultipartUploadOutput struct { } func (c *Client) addOperationCreateMultipartUploadMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpCreateMultipartUpload{}, middleware.After) if err != nil { return err @@ -441,6 +551,10 @@ func (c *Client) addOperationCreateMultipartUploadMiddlewares(stack *middleware. if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "CreateMultipartUpload"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -462,9 +576,6 @@ func (c *Client) addOperationCreateMultipartUploadMiddlewares(stack *middleware. if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -480,10 +591,10 @@ func (c *Client) addOperationCreateMultipartUploadMiddlewares(stack *middleware. if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addCreateMultipartUploadResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpCreateMultipartUploadValidationMiddleware(stack); err != nil { @@ -513,12 +624,15 @@ func (c *Client) addOperationCreateMultipartUploadMiddlewares(stack *middleware. if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { return err } + if err = addSetCreateMPUChecksumAlgorithm(stack); err != nil { + return err + } return nil } @@ -533,7 +647,6 @@ func newServiceMetadataMiddleware_opCreateMultipartUpload(region string) *awsmid return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "CreateMultipartUpload", } } @@ -563,139 +676,3 @@ func addCreateMultipartUploadUpdateEndpoint(stack *middleware.Stack, options Opt DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opCreateMultipartUploadResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opCreateMultipartUploadResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opCreateMultipartUploadResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*CreateMultipartUploadInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addCreateMultipartUploadResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opCreateMultipartUploadResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CreateSession.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CreateSession.go new file mode 100644 index 000000000..1cb1f1512 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_CreateSession.go @@ -0,0 +1,260 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package s3 + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/aws/signer/v4" + s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" + "github.com/aws/aws-sdk-go-v2/service/s3/types" + "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Creates a session that establishes temporary security credentials to support +// fast authentication and authorization for the Zonal endpoint APIs on directory +// buckets. For more information about Zonal endpoint APIs that include the +// Availability Zone in the request endpoint, see S3 Express One Zone APIs (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-APIs.html) +// in the Amazon S3 User Guide. To make Zonal endpoint API requests on a directory +// bucket, use the CreateSession API operation. Specifically, you grant +// s3express:CreateSession permission to a bucket in a bucket policy or an IAM +// identity-based policy. Then, you use IAM credentials to make the CreateSession +// API request on the bucket, which returns temporary security credentials that +// include the access key ID, secret access key, session token, and expiration. +// These credentials have associated permissions to access the Zonal endpoint APIs. +// After the session is created, you don’t need to use other policies to grant +// permissions to each Zonal endpoint API individually. Instead, in your Zonal +// endpoint API requests, you sign your requests by applying the temporary security +// credentials of the session to the request headers and following the SigV4 +// protocol for authentication. You also apply the session token to the +// x-amz-s3session-token request header for authorization. Temporary security +// credentials are scoped to the bucket and expire after 5 minutes. After the +// expiration time, any calls that you make with those credentials will fail. You +// must use IAM credentials again to make a CreateSession API request that +// generates a new set of temporary credentials for use. Temporary credentials +// cannot be extended or refreshed beyond the original specified interval. If you +// use Amazon Web Services SDKs, SDKs handle the session token refreshes +// automatically to avoid service interruptions when a session expires. We +// recommend that you use the Amazon Web Services SDKs to initiate and manage +// requests to the CreateSession API. For more information, see Performance +// guidelines and design patterns (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-optimizing-performance-guidelines-design-patterns.html#s3-express-optimizing-performance-session-authentication) +// in the Amazon S3 User Guide. +// - You must make requests for this API operation to the Zonal endpoint. These +// endpoints support virtual-hosted-style requests in the format +// https://bucket_name.s3express-az_id.region.amazonaws.com . Path-style requests +// are not supported. For more information, see Regional and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// - CopyObject API operation - Unlike other Zonal endpoint APIs, the CopyObject +// API operation doesn't use the temporary security credentials returned from the +// CreateSession API operation for authentication and authorization. For +// information about authentication and authorization of the CopyObject API +// operation on directory buckets, see CopyObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) +// . +// - HeadBucket API operation - Unlike other Zonal endpoint APIs, the HeadBucket +// API operation doesn't use the temporary security credentials returned from the +// CreateSession API operation for authentication and authorization. For +// information about authentication and authorization of the HeadBucket API +// operation on directory buckets, see HeadBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_HeadBucket.html) +// . +// +// Permissions To obtain temporary security credentials, you must create a bucket +// policy or an IAM identity-based policy that grants s3express:CreateSession +// permission to the bucket. In a policy, you can have the s3express:SessionMode +// condition key to control who can create a ReadWrite or ReadOnly session. For +// more information about ReadWrite or ReadOnly sessions, see +// x-amz-create-session-mode (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html#API_CreateSession_RequestParameters) +// . For example policies, see Example bucket policies for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) +// and Amazon Web Services Identity and Access Management (IAM) identity-based +// policies for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html) +// in the Amazon S3 User Guide. To grant cross-account access to Zonal endpoint +// APIs, the bucket policy should also grant both accounts the +// s3express:CreateSession permission. HTTP Host header syntax Directory buckets - +// The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com . +func (c *Client) CreateSession(ctx context.Context, params *CreateSessionInput, optFns ...func(*Options)) (*CreateSessionOutput, error) { + if params == nil { + params = &CreateSessionInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "CreateSession", params, optFns, c.addOperationCreateSessionMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*CreateSessionOutput) + out.ResultMetadata = metadata + return out, nil +} + +type CreateSessionInput struct { + + // The name of the bucket that you create a session for. + // + // This member is required. + Bucket *string + + // Specifies the mode of the session that will be created, either ReadWrite or + // ReadOnly . By default, a ReadWrite session is created. A ReadWrite session is + // capable of executing all the Zonal endpoint APIs on a directory bucket. A + // ReadOnly session is constrained to execute the following Zonal endpoint APIs: + // GetObject , HeadObject , ListObjectsV2 , GetObjectAttributes , ListParts , and + // ListMultipartUploads . + SessionMode types.SessionMode + + noSmithyDocumentSerde +} + +func (in *CreateSessionInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.DisableS3ExpressSessionAuth = ptr.Bool(true) +} + +type CreateSessionOutput struct { + + // The established temporary security credentials for the created session.. + // + // This member is required. + Credentials *types.SessionCredentials + + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationCreateSessionMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsRestxml_serializeOpCreateSession{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsRestxml_deserializeOpCreateSession{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "CreateSession"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + return err + } + if err = addRetryMiddlewares(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + return err + } + if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addPutBucketContextMiddleware(stack); err != nil { + return err + } + if err = addOpCreateSessionValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateSession(options.Region), middleware.Before); err != nil { + return err + } + if err = addMetadataRetrieverMiddleware(stack); err != nil { + return err + } + if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + return err + } + if err = addCreateSessionUpdateEndpoint(stack, options); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = v4.AddContentSHA256HeaderMiddleware(stack); err != nil { + return err + } + if err = disableAcceptEncodingGzip(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { + return err + } + return nil +} + +func (v *CreateSessionInput) bucket() (string, bool) { + if v.Bucket == nil { + return "", false + } + return *v.Bucket, true +} + +func newServiceMetadataMiddleware_opCreateSession(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "CreateSession", + } +} + +// getCreateSessionBucketMember returns a pointer to string denoting a provided +// bucket member valueand a boolean indicating if the input has a modeled bucket +// name, +func getCreateSessionBucketMember(input interface{}) (*string, bool) { + in := input.(*CreateSessionInput) + if in.Bucket == nil { + return nil, false + } + return in.Bucket, true +} +func addCreateSessionUpdateEndpoint(stack *middleware.Stack, options Options) error { + return s3cust.UpdateEndpoint(stack, s3cust.UpdateEndpointOptions{ + Accessor: s3cust.UpdateEndpointParameterAccessor{ + GetBucketFromInput: getCreateSessionBucketMember, + }, + UsePathStyle: options.UsePathStyle, + UseAccelerate: options.UseAccelerate, + SupportsAccelerate: true, + TargetS3ObjectLambda: false, + EndpointResolver: options.EndpointResolver, + EndpointResolverOptions: options.EndpointOptions, + UseARNRegion: options.UseARNRegion, + DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, + }) +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucket.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucket.go index ba163363b..34645bb9a 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucket.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucket.go @@ -4,22 +4,42 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) // Deletes the S3 bucket. All objects (including all object versions and delete // markers) in the bucket must be deleted before the bucket itself can be deleted. -// The following operations are related to DeleteBucket : +// - Directory buckets - If multipart uploads in a directory bucket are in +// progress, you can't delete the bucket until all the in-progress multipart +// uploads are aborted or completed. +// - Directory buckets - For directory buckets, you must make requests for this +// API operation to the Regional endpoint. These endpoints support path-style +// requests in the format +// https://s3express-control.region_code.amazonaws.com/bucket-name . +// Virtual-hosted-style requests aren't supported. For more information, see +// Regional and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// Permissions +// - General purpose bucket permissions - You must have the s3:DeleteBucket +// permission on the specified bucket in a policy. +// - Directory bucket permissions - You must have the s3express:DeleteBucket +// permission in an IAM identity-based policy instead of a bucket policy. +// Cross-account access to this API operation isn't supported. This operation can +// only be performed by the Amazon Web Services account that owns the resource. For +// more information about directory bucket policies and permissions, see Amazon +// Web Services Identity and Access Management (IAM) for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) +// in the Amazon S3 User Guide. +// +// HTTP Host header syntax Directory buckets - The HTTP Host header syntax is +// s3express-control.region.amazonaws.com . The following operations are related to +// DeleteBucket : // - CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) // - DeleteObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) func (c *Client) DeleteBucket(ctx context.Context, params *DeleteBucketInput, optFns ...func(*Options)) (*DeleteBucketOutput, error) { @@ -39,19 +59,34 @@ func (c *Client) DeleteBucket(ctx context.Context, params *DeleteBucketInput, op type DeleteBucketInput struct { - // Specifies the bucket being deleted. + // Specifies the bucket being deleted. Directory buckets - When you use this + // operation with a directory bucket, you must use path-style requests in the + // format https://s3express-control.region_code.amazonaws.com/bucket-name . + // Virtual-hosted-style requests aren't supported. Directory bucket names must be + // unique in the chosen Availability Zone. Bucket names must also follow the format + // bucket_base_name--az_id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az2--x-s3 + // ). For information about bucket naming restrictions, see Directory bucket + // naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide // // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). For directory buckets, this header + // is not supported in this API operation. If you specify this header, the request + // fails with the HTTP status code 501 Not Implemented . ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *DeleteBucketInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type DeleteBucketOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -60,6 +95,9 @@ type DeleteBucketOutput struct { } func (c *Client) addOperationDeleteBucketMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpDeleteBucket{}, middleware.After) if err != nil { return err @@ -68,6 +106,10 @@ func (c *Client) addOperationDeleteBucketMiddlewares(stack *middleware.Stack, op if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteBucket"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -89,9 +131,6 @@ func (c *Client) addOperationDeleteBucketMiddlewares(stack *middleware.Stack, op if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -107,10 +146,10 @@ func (c *Client) addOperationDeleteBucketMiddlewares(stack *middleware.Stack, op if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addDeleteBucketResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpDeleteBucketValidationMiddleware(stack); err != nil { @@ -140,7 +179,7 @@ func (c *Client) addOperationDeleteBucketMiddlewares(stack *middleware.Stack, op if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -160,7 +199,6 @@ func newServiceMetadataMiddleware_opDeleteBucket(region string) *awsmiddleware.R return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "DeleteBucket", } } @@ -221,139 +259,3 @@ func addDeleteBucketPayloadAsUnsigned(stack *middleware.Stack, options Options) v4.RemoveComputePayloadSHA256Middleware(stack) return v4.AddUnsignedPayloadMiddleware(stack) } - -type opDeleteBucketResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opDeleteBucketResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opDeleteBucketResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*DeleteBucketInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addDeleteBucketResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opDeleteBucketResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketAnalyticsConfiguration.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketAnalyticsConfiguration.go index 12d12e6cd..55d8fc1c9 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketAnalyticsConfiguration.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketAnalyticsConfiguration.go @@ -4,23 +4,20 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Deletes an analytics configuration for the bucket (specified by the analytics -// configuration ID). To use this operation, you must have permissions to perform -// the s3:PutAnalyticsConfiguration action. The bucket owner has this permission -// by default. The bucket owner can grant this permission to others. For more +// This operation is not supported by directory buckets. Deletes an analytics +// configuration for the bucket (specified by the analytics configuration ID). To +// use this operation, you must have permissions to perform the +// s3:PutAnalyticsConfiguration action. The bucket owner has this permission by +// default. The bucket owner can grant this permission to others. For more // information about permissions, see Permissions Related to Bucket Subresource // Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) // and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) @@ -57,14 +54,19 @@ type DeleteBucketAnalyticsConfigurationInput struct { // This member is required. Id *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *DeleteBucketAnalyticsConfigurationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type DeleteBucketAnalyticsConfigurationOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -73,6 +75,9 @@ type DeleteBucketAnalyticsConfigurationOutput struct { } func (c *Client) addOperationDeleteBucketAnalyticsConfigurationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpDeleteBucketAnalyticsConfiguration{}, middleware.After) if err != nil { return err @@ -81,6 +86,10 @@ func (c *Client) addOperationDeleteBucketAnalyticsConfigurationMiddlewares(stack if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteBucketAnalyticsConfiguration"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -102,9 +111,6 @@ func (c *Client) addOperationDeleteBucketAnalyticsConfigurationMiddlewares(stack if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -120,10 +126,10 @@ func (c *Client) addOperationDeleteBucketAnalyticsConfigurationMiddlewares(stack if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addDeleteBucketAnalyticsConfigurationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpDeleteBucketAnalyticsConfigurationValidationMiddleware(stack); err != nil { @@ -153,7 +159,7 @@ func (c *Client) addOperationDeleteBucketAnalyticsConfigurationMiddlewares(stack if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -173,7 +179,6 @@ func newServiceMetadataMiddleware_opDeleteBucketAnalyticsConfiguration(region st return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "DeleteBucketAnalyticsConfiguration", } } @@ -203,139 +208,3 @@ func addDeleteBucketAnalyticsConfigurationUpdateEndpoint(stack *middleware.Stack DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opDeleteBucketAnalyticsConfigurationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opDeleteBucketAnalyticsConfigurationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opDeleteBucketAnalyticsConfigurationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*DeleteBucketAnalyticsConfigurationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addDeleteBucketAnalyticsConfigurationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opDeleteBucketAnalyticsConfigurationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketCors.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketCors.go index ae90a9067..9a544922e 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketCors.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketCors.go @@ -4,23 +4,20 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Deletes the cors configuration information set for the bucket. To use this -// operation, you must have permission to perform the s3:PutBucketCORS action. The -// bucket owner has this permission by default and can grant this permission to -// others. For information about cors , see Enabling Cross-Origin Resource Sharing (https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) +// This operation is not supported by directory buckets. Deletes the cors +// configuration information set for the bucket. To use this operation, you must +// have permission to perform the s3:PutBucketCORS action. The bucket owner has +// this permission by default and can grant this permission to others. For +// information about cors , see Enabling Cross-Origin Resource Sharing (https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) // in the Amazon S3 User Guide. Related Resources // - PutBucketCors (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketCors.html) // - RESTOPTIONSobject (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTOPTIONSobject.html) @@ -46,14 +43,19 @@ type DeleteBucketCorsInput struct { // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *DeleteBucketCorsInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type DeleteBucketCorsOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -62,6 +64,9 @@ type DeleteBucketCorsOutput struct { } func (c *Client) addOperationDeleteBucketCorsMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpDeleteBucketCors{}, middleware.After) if err != nil { return err @@ -70,6 +75,10 @@ func (c *Client) addOperationDeleteBucketCorsMiddlewares(stack *middleware.Stack if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteBucketCors"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -91,9 +100,6 @@ func (c *Client) addOperationDeleteBucketCorsMiddlewares(stack *middleware.Stack if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -109,10 +115,10 @@ func (c *Client) addOperationDeleteBucketCorsMiddlewares(stack *middleware.Stack if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addDeleteBucketCorsResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpDeleteBucketCorsValidationMiddleware(stack); err != nil { @@ -142,7 +148,7 @@ func (c *Client) addOperationDeleteBucketCorsMiddlewares(stack *middleware.Stack if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -162,7 +168,6 @@ func newServiceMetadataMiddleware_opDeleteBucketCors(region string) *awsmiddlewa return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "DeleteBucketCors", } } @@ -192,139 +197,3 @@ func addDeleteBucketCorsUpdateEndpoint(stack *middleware.Stack, options Options) DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opDeleteBucketCorsResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opDeleteBucketCorsResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opDeleteBucketCorsResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*DeleteBucketCorsInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addDeleteBucketCorsResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opDeleteBucketCorsResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketEncryption.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketEncryption.go index 754ae6a59..0ef6f93ec 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketEncryption.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketEncryption.go @@ -4,23 +4,19 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// This implementation of the DELETE action resets the default encryption for the -// bucket as server-side encryption with Amazon S3 managed keys (SSE-S3). For -// information about the bucket default encryption feature, see Amazon S3 Bucket -// Default Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) +// This operation is not supported by directory buckets. This implementation of +// the DELETE action resets the default encryption for the bucket as server-side +// encryption with Amazon S3 managed keys (SSE-S3). For information about the +// bucket default encryption feature, see Amazon S3 Bucket Default Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) // in the Amazon S3 User Guide. To use this operation, you must have permissions to // perform the s3:PutEncryptionConfiguration action. The bucket owner has this // permission by default. The bucket owner can grant this permission to others. For @@ -54,14 +50,19 @@ type DeleteBucketEncryptionInput struct { // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *DeleteBucketEncryptionInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type DeleteBucketEncryptionOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -70,6 +71,9 @@ type DeleteBucketEncryptionOutput struct { } func (c *Client) addOperationDeleteBucketEncryptionMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpDeleteBucketEncryption{}, middleware.After) if err != nil { return err @@ -78,6 +82,10 @@ func (c *Client) addOperationDeleteBucketEncryptionMiddlewares(stack *middleware if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteBucketEncryption"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -99,9 +107,6 @@ func (c *Client) addOperationDeleteBucketEncryptionMiddlewares(stack *middleware if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -117,10 +122,10 @@ func (c *Client) addOperationDeleteBucketEncryptionMiddlewares(stack *middleware if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addDeleteBucketEncryptionResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpDeleteBucketEncryptionValidationMiddleware(stack); err != nil { @@ -150,7 +155,7 @@ func (c *Client) addOperationDeleteBucketEncryptionMiddlewares(stack *middleware if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -170,7 +175,6 @@ func newServiceMetadataMiddleware_opDeleteBucketEncryption(region string) *awsmi return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "DeleteBucketEncryption", } } @@ -200,139 +204,3 @@ func addDeleteBucketEncryptionUpdateEndpoint(stack *middleware.Stack, options Op DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opDeleteBucketEncryptionResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opDeleteBucketEncryptionResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opDeleteBucketEncryptionResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*DeleteBucketEncryptionInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addDeleteBucketEncryptionResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opDeleteBucketEncryptionResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketIntelligentTieringConfiguration.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketIntelligentTieringConfiguration.go index e71e5fb8c..eeaefc5f2 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketIntelligentTieringConfiguration.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketIntelligentTieringConfiguration.go @@ -4,21 +4,18 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Deletes the S3 Intelligent-Tiering configuration from the specified bucket. The -// S3 Intelligent-Tiering storage class is designed to optimize storage costs by +// This operation is not supported by directory buckets. Deletes the S3 +// Intelligent-Tiering configuration from the specified bucket. The S3 +// Intelligent-Tiering storage class is designed to optimize storage costs by // automatically moving data to the most cost-effective storage access tier, // without performance impact or operational overhead. S3 Intelligent-Tiering // delivers automatic cost savings in three low latency and high throughput access @@ -66,6 +63,11 @@ type DeleteBucketIntelligentTieringConfigurationInput struct { noSmithyDocumentSerde } +func (in *DeleteBucketIntelligentTieringConfigurationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type DeleteBucketIntelligentTieringConfigurationOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -74,6 +76,9 @@ type DeleteBucketIntelligentTieringConfigurationOutput struct { } func (c *Client) addOperationDeleteBucketIntelligentTieringConfigurationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpDeleteBucketIntelligentTieringConfiguration{}, middleware.After) if err != nil { return err @@ -82,6 +87,10 @@ func (c *Client) addOperationDeleteBucketIntelligentTieringConfigurationMiddlewa if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteBucketIntelligentTieringConfiguration"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -103,9 +112,6 @@ func (c *Client) addOperationDeleteBucketIntelligentTieringConfigurationMiddlewa if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -121,10 +127,10 @@ func (c *Client) addOperationDeleteBucketIntelligentTieringConfigurationMiddlewa if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addDeleteBucketIntelligentTieringConfigurationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpDeleteBucketIntelligentTieringConfigurationValidationMiddleware(stack); err != nil { @@ -154,7 +160,7 @@ func (c *Client) addOperationDeleteBucketIntelligentTieringConfigurationMiddlewa if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -174,7 +180,6 @@ func newServiceMetadataMiddleware_opDeleteBucketIntelligentTieringConfiguration( return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "DeleteBucketIntelligentTieringConfiguration", } } @@ -204,139 +209,3 @@ func addDeleteBucketIntelligentTieringConfigurationUpdateEndpoint(stack *middlew DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opDeleteBucketIntelligentTieringConfigurationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opDeleteBucketIntelligentTieringConfigurationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opDeleteBucketIntelligentTieringConfigurationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*DeleteBucketIntelligentTieringConfigurationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addDeleteBucketIntelligentTieringConfigurationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opDeleteBucketIntelligentTieringConfigurationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketInventoryConfiguration.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketInventoryConfiguration.go index 4788ce85c..28a93e0dc 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketInventoryConfiguration.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketInventoryConfiguration.go @@ -4,25 +4,21 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Deletes an inventory configuration (identified by the inventory ID) from the -// bucket. To use this operation, you must have permissions to perform the -// s3:PutInventoryConfiguration action. The bucket owner has this permission by -// default. The bucket owner can grant this permission to others. For more -// information about permissions, see Permissions Related to Bucket Subresource -// Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// This operation is not supported by directory buckets. Deletes an inventory +// configuration (identified by the inventory ID) from the bucket. To use this +// operation, you must have permissions to perform the s3:PutInventoryConfiguration +// action. The bucket owner has this permission by default. The bucket owner can +// grant this permission to others. For more information about permissions, see +// Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) // and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) // . For information about the Amazon S3 inventory feature, see Amazon S3 Inventory (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-inventory.html) // . Operations related to DeleteBucketInventoryConfiguration include: @@ -56,14 +52,19 @@ type DeleteBucketInventoryConfigurationInput struct { // This member is required. Id *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *DeleteBucketInventoryConfigurationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type DeleteBucketInventoryConfigurationOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -72,6 +73,9 @@ type DeleteBucketInventoryConfigurationOutput struct { } func (c *Client) addOperationDeleteBucketInventoryConfigurationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpDeleteBucketInventoryConfiguration{}, middleware.After) if err != nil { return err @@ -80,6 +84,10 @@ func (c *Client) addOperationDeleteBucketInventoryConfigurationMiddlewares(stack if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteBucketInventoryConfiguration"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -101,9 +109,6 @@ func (c *Client) addOperationDeleteBucketInventoryConfigurationMiddlewares(stack if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -119,10 +124,10 @@ func (c *Client) addOperationDeleteBucketInventoryConfigurationMiddlewares(stack if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addDeleteBucketInventoryConfigurationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpDeleteBucketInventoryConfigurationValidationMiddleware(stack); err != nil { @@ -152,7 +157,7 @@ func (c *Client) addOperationDeleteBucketInventoryConfigurationMiddlewares(stack if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -172,7 +177,6 @@ func newServiceMetadataMiddleware_opDeleteBucketInventoryConfiguration(region st return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "DeleteBucketInventoryConfiguration", } } @@ -202,139 +206,3 @@ func addDeleteBucketInventoryConfigurationUpdateEndpoint(stack *middleware.Stack DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opDeleteBucketInventoryConfigurationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opDeleteBucketInventoryConfigurationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opDeleteBucketInventoryConfigurationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*DeleteBucketInventoryConfigurationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addDeleteBucketInventoryConfigurationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opDeleteBucketInventoryConfigurationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketLifecycle.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketLifecycle.go index f265ec365..d7b8eb581 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketLifecycle.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketLifecycle.go @@ -4,27 +4,24 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Deletes the lifecycle configuration from the specified bucket. Amazon S3 -// removes all the lifecycle configuration rules in the lifecycle subresource -// associated with the bucket. Your objects never expire, and Amazon S3 no longer -// automatically deletes any objects on the basis of rules contained in the deleted -// lifecycle configuration. To use this operation, you must have permission to -// perform the s3:PutLifecycleConfiguration action. By default, the bucket owner -// has this permission and the bucket owner can grant this permission to others. -// There is usually some time lag before lifecycle configuration deletion is fully +// This operation is not supported by directory buckets. Deletes the lifecycle +// configuration from the specified bucket. Amazon S3 removes all the lifecycle +// configuration rules in the lifecycle subresource associated with the bucket. +// Your objects never expire, and Amazon S3 no longer automatically deletes any +// objects on the basis of rules contained in the deleted lifecycle configuration. +// To use this operation, you must have permission to perform the +// s3:PutLifecycleConfiguration action. By default, the bucket owner has this +// permission and the bucket owner can grant this permission to others. There is +// usually some time lag before lifecycle configuration deletion is fully // propagated to all the Amazon S3 systems. For more information about the object // expiration, see Elements to Describe Lifecycle Actions (https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#intro-lifecycle-rules-actions) // . Related actions include: @@ -52,14 +49,19 @@ type DeleteBucketLifecycleInput struct { // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *DeleteBucketLifecycleInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type DeleteBucketLifecycleOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -68,6 +70,9 @@ type DeleteBucketLifecycleOutput struct { } func (c *Client) addOperationDeleteBucketLifecycleMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpDeleteBucketLifecycle{}, middleware.After) if err != nil { return err @@ -76,6 +81,10 @@ func (c *Client) addOperationDeleteBucketLifecycleMiddlewares(stack *middleware. if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteBucketLifecycle"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -97,9 +106,6 @@ func (c *Client) addOperationDeleteBucketLifecycleMiddlewares(stack *middleware. if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -115,10 +121,10 @@ func (c *Client) addOperationDeleteBucketLifecycleMiddlewares(stack *middleware. if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addDeleteBucketLifecycleResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpDeleteBucketLifecycleValidationMiddleware(stack); err != nil { @@ -148,7 +154,7 @@ func (c *Client) addOperationDeleteBucketLifecycleMiddlewares(stack *middleware. if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -168,7 +174,6 @@ func newServiceMetadataMiddleware_opDeleteBucketLifecycle(region string) *awsmid return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "DeleteBucketLifecycle", } } @@ -198,139 +203,3 @@ func addDeleteBucketLifecycleUpdateEndpoint(stack *middleware.Stack, options Opt DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opDeleteBucketLifecycleResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opDeleteBucketLifecycleResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opDeleteBucketLifecycleResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*DeleteBucketLifecycleInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addDeleteBucketLifecycleResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opDeleteBucketLifecycleResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketMetricsConfiguration.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketMetricsConfiguration.go index 51e57ca70..a6675a880 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketMetricsConfiguration.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketMetricsConfiguration.go @@ -4,26 +4,23 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Deletes a metrics configuration for the Amazon CloudWatch request metrics -// (specified by the metrics configuration ID) from the bucket. Note that this -// doesn't include the daily storage metrics. To use this operation, you must have -// permissions to perform the s3:PutMetricsConfiguration action. The bucket owner -// has this permission by default. The bucket owner can grant this permission to -// others. For more information about permissions, see Permissions Related to -// Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// This operation is not supported by directory buckets. Deletes a metrics +// configuration for the Amazon CloudWatch request metrics (specified by the +// metrics configuration ID) from the bucket. Note that this doesn't include the +// daily storage metrics. To use this operation, you must have permissions to +// perform the s3:PutMetricsConfiguration action. The bucket owner has this +// permission by default. The bucket owner can grant this permission to others. For +// more information about permissions, see Permissions Related to Bucket +// Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) // and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) // . For information about CloudWatch request metrics for Amazon S3, see // Monitoring Metrics with Amazon CloudWatch (https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html) @@ -60,14 +57,19 @@ type DeleteBucketMetricsConfigurationInput struct { // This member is required. Id *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *DeleteBucketMetricsConfigurationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type DeleteBucketMetricsConfigurationOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -76,6 +78,9 @@ type DeleteBucketMetricsConfigurationOutput struct { } func (c *Client) addOperationDeleteBucketMetricsConfigurationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpDeleteBucketMetricsConfiguration{}, middleware.After) if err != nil { return err @@ -84,6 +89,10 @@ func (c *Client) addOperationDeleteBucketMetricsConfigurationMiddlewares(stack * if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteBucketMetricsConfiguration"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -105,9 +114,6 @@ func (c *Client) addOperationDeleteBucketMetricsConfigurationMiddlewares(stack * if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -123,10 +129,10 @@ func (c *Client) addOperationDeleteBucketMetricsConfigurationMiddlewares(stack * if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addDeleteBucketMetricsConfigurationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpDeleteBucketMetricsConfigurationValidationMiddleware(stack); err != nil { @@ -156,7 +162,7 @@ func (c *Client) addOperationDeleteBucketMetricsConfigurationMiddlewares(stack * if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -176,7 +182,6 @@ func newServiceMetadataMiddleware_opDeleteBucketMetricsConfiguration(region stri return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "DeleteBucketMetricsConfiguration", } } @@ -206,139 +211,3 @@ func addDeleteBucketMetricsConfigurationUpdateEndpoint(stack *middleware.Stack, DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opDeleteBucketMetricsConfigurationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opDeleteBucketMetricsConfigurationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opDeleteBucketMetricsConfigurationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*DeleteBucketMetricsConfigurationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addDeleteBucketMetricsConfigurationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opDeleteBucketMetricsConfigurationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketOwnershipControls.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketOwnershipControls.go index ad99b6610..1b53e08e9 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketOwnershipControls.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketOwnershipControls.go @@ -4,22 +4,19 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Removes OwnershipControls for an Amazon S3 bucket. To use this operation, you -// must have the s3:PutBucketOwnershipControls permission. For more information -// about Amazon S3 permissions, see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) +// This operation is not supported by directory buckets. Removes OwnershipControls +// for an Amazon S3 bucket. To use this operation, you must have the +// s3:PutBucketOwnershipControls permission. For more information about Amazon S3 +// permissions, see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) // . For information about Amazon S3 Object Ownership, see Using Object Ownership (https://docs.aws.amazon.com/AmazonS3/latest/dev/about-object-ownership.html) // . The following operations are related to DeleteBucketOwnershipControls : // - GetBucketOwnershipControls @@ -46,14 +43,19 @@ type DeleteBucketOwnershipControlsInput struct { // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *DeleteBucketOwnershipControlsInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type DeleteBucketOwnershipControlsOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -62,6 +64,9 @@ type DeleteBucketOwnershipControlsOutput struct { } func (c *Client) addOperationDeleteBucketOwnershipControlsMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpDeleteBucketOwnershipControls{}, middleware.After) if err != nil { return err @@ -70,6 +75,10 @@ func (c *Client) addOperationDeleteBucketOwnershipControlsMiddlewares(stack *mid if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteBucketOwnershipControls"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -91,9 +100,6 @@ func (c *Client) addOperationDeleteBucketOwnershipControlsMiddlewares(stack *mid if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -109,10 +115,10 @@ func (c *Client) addOperationDeleteBucketOwnershipControlsMiddlewares(stack *mid if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addDeleteBucketOwnershipControlsResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpDeleteBucketOwnershipControlsValidationMiddleware(stack); err != nil { @@ -142,7 +148,7 @@ func (c *Client) addOperationDeleteBucketOwnershipControlsMiddlewares(stack *mid if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -162,7 +168,6 @@ func newServiceMetadataMiddleware_opDeleteBucketOwnershipControls(region string) return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "DeleteBucketOwnershipControls", } } @@ -192,139 +197,3 @@ func addDeleteBucketOwnershipControlsUpdateEndpoint(stack *middleware.Stack, opt DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opDeleteBucketOwnershipControlsResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opDeleteBucketOwnershipControlsResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opDeleteBucketOwnershipControlsResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*DeleteBucketOwnershipControlsInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addDeleteBucketOwnershipControlsResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opDeleteBucketOwnershipControlsResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketPolicy.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketPolicy.go index 1718b471a..0d8e77ff7 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketPolicy.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketPolicy.go @@ -4,36 +4,51 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// This implementation of the DELETE action uses the policy subresource to delete -// the policy of a specified bucket. If you are using an identity other than the -// root user of the Amazon Web Services account that owns the bucket, the calling -// identity must have the DeleteBucketPolicy permissions on the specified bucket -// and belong to the bucket owner's account to use this operation. If you don't -// have DeleteBucketPolicy permissions, Amazon S3 returns a 403 Access Denied -// error. If you have the correct permissions, but you're not using an identity -// that belongs to the bucket owner's account, Amazon S3 returns a 405 Method Not -// Allowed error. To ensure that bucket owners don't inadvertently lock themselves -// out of their own buckets, the root principal in a bucket owner's Amazon Web -// Services account can perform the GetBucketPolicy , PutBucketPolicy , and -// DeleteBucketPolicy API actions, even if their bucket policy explicitly denies -// the root principal's access. Bucket owner root principals can only be blocked -// from performing these API actions by VPC endpoint policies and Amazon Web -// Services Organizations policies. For more information about bucket policies, see -// Using Bucket Policies and UserPolicies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html) -// . The following operations are related to DeleteBucketPolicy +// Deletes the policy of a specified bucket. Directory buckets - For directory +// buckets, you must make requests for this API operation to the Regional endpoint. +// These endpoints support path-style requests in the format +// https://s3express-control.region_code.amazonaws.com/bucket-name . +// Virtual-hosted-style requests aren't supported. For more information, see +// Regional and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. Permissions If you are using an identity other than +// the root user of the Amazon Web Services account that owns the bucket, the +// calling identity must both have the DeleteBucketPolicy permissions on the +// specified bucket and belong to the bucket owner's account in order to use this +// operation. If you don't have DeleteBucketPolicy permissions, Amazon S3 returns +// a 403 Access Denied error. If you have the correct permissions, but you're not +// using an identity that belongs to the bucket owner's account, Amazon S3 returns +// a 405 Method Not Allowed error. To ensure that bucket owners don't +// inadvertently lock themselves out of their own buckets, the root principal in a +// bucket owner's Amazon Web Services account can perform the GetBucketPolicy , +// PutBucketPolicy , and DeleteBucketPolicy API actions, even if their bucket +// policy explicitly denies the root principal's access. Bucket owner root +// principals can only be blocked from performing these API actions by VPC endpoint +// policies and Amazon Web Services Organizations policies. +// - General purpose bucket permissions - The s3:DeleteBucketPolicy permission is +// required in a policy. For more information about general purpose buckets bucket +// policies, see Using Bucket Policies and User Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html) +// in the Amazon S3 User Guide. +// - Directory bucket permissions - To grant access to this API operation, you +// must have the s3express:DeleteBucketPolicy permission in an IAM identity-based +// policy instead of a bucket policy. Cross-account access to this API operation +// isn't supported. This operation can only be performed by the Amazon Web Services +// account that owns the resource. For more information about directory bucket +// policies and permissions, see Amazon Web Services Identity and Access +// Management (IAM) for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) +// in the Amazon S3 User Guide. +// +// HTTP Host header syntax Directory buckets - The HTTP Host header syntax is +// s3express-control.region.amazonaws.com . The following operations are related to +// DeleteBucketPolicy // - CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) // - DeleteObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) func (c *Client) DeleteBucketPolicy(ctx context.Context, params *DeleteBucketPolicyInput, optFns ...func(*Options)) (*DeleteBucketPolicyOutput, error) { @@ -53,19 +68,34 @@ func (c *Client) DeleteBucketPolicy(ctx context.Context, params *DeleteBucketPol type DeleteBucketPolicyInput struct { - // The bucket name. + // The bucket name. Directory buckets - When you use this operation with a + // directory bucket, you must use path-style requests in the format + // https://s3express-control.region_code.amazonaws.com/bucket-name . + // Virtual-hosted-style requests aren't supported. Directory bucket names must be + // unique in the chosen Availability Zone. Bucket names must also follow the format + // bucket_base_name--az_id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az2--x-s3 + // ). For information about bucket naming restrictions, see Directory bucket + // naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide // // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). For directory buckets, this header + // is not supported in this API operation. If you specify this header, the request + // fails with the HTTP status code 501 Not Implemented . ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *DeleteBucketPolicyInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type DeleteBucketPolicyOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -74,6 +104,9 @@ type DeleteBucketPolicyOutput struct { } func (c *Client) addOperationDeleteBucketPolicyMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpDeleteBucketPolicy{}, middleware.After) if err != nil { return err @@ -82,6 +115,10 @@ func (c *Client) addOperationDeleteBucketPolicyMiddlewares(stack *middleware.Sta if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteBucketPolicy"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -103,9 +140,6 @@ func (c *Client) addOperationDeleteBucketPolicyMiddlewares(stack *middleware.Sta if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -121,10 +155,10 @@ func (c *Client) addOperationDeleteBucketPolicyMiddlewares(stack *middleware.Sta if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addDeleteBucketPolicyResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpDeleteBucketPolicyValidationMiddleware(stack); err != nil { @@ -154,7 +188,7 @@ func (c *Client) addOperationDeleteBucketPolicyMiddlewares(stack *middleware.Sta if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -174,7 +208,6 @@ func newServiceMetadataMiddleware_opDeleteBucketPolicy(region string) *awsmiddle return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "DeleteBucketPolicy", } } @@ -204,139 +237,3 @@ func addDeleteBucketPolicyUpdateEndpoint(stack *middleware.Stack, options Option DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opDeleteBucketPolicyResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opDeleteBucketPolicyResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opDeleteBucketPolicyResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*DeleteBucketPolicyInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addDeleteBucketPolicyResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opDeleteBucketPolicyResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketReplication.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketReplication.go index 441adceac..7ac11a7ba 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketReplication.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketReplication.go @@ -4,24 +4,20 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Deletes the replication configuration from the bucket. To use this operation, -// you must have permissions to perform the s3:PutReplicationConfiguration action. -// The bucket owner has these permissions by default and can grant it to others. -// For more information about permissions, see Permissions Related to Bucket -// Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// This operation is not supported by directory buckets. Deletes the replication +// configuration from the bucket. To use this operation, you must have permissions +// to perform the s3:PutReplicationConfiguration action. The bucket owner has +// these permissions by default and can grant it to others. For more information +// about permissions, see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) // and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) // . It can take a while for the deletion of a replication configuration to fully // propagate. For information about replication configuration, see Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) @@ -51,14 +47,19 @@ type DeleteBucketReplicationInput struct { // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *DeleteBucketReplicationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type DeleteBucketReplicationOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -67,6 +68,9 @@ type DeleteBucketReplicationOutput struct { } func (c *Client) addOperationDeleteBucketReplicationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpDeleteBucketReplication{}, middleware.After) if err != nil { return err @@ -75,6 +79,10 @@ func (c *Client) addOperationDeleteBucketReplicationMiddlewares(stack *middlewar if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteBucketReplication"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -96,9 +104,6 @@ func (c *Client) addOperationDeleteBucketReplicationMiddlewares(stack *middlewar if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -114,10 +119,10 @@ func (c *Client) addOperationDeleteBucketReplicationMiddlewares(stack *middlewar if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addDeleteBucketReplicationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpDeleteBucketReplicationValidationMiddleware(stack); err != nil { @@ -147,7 +152,7 @@ func (c *Client) addOperationDeleteBucketReplicationMiddlewares(stack *middlewar if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -167,7 +172,6 @@ func newServiceMetadataMiddleware_opDeleteBucketReplication(region string) *awsm return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "DeleteBucketReplication", } } @@ -197,139 +201,3 @@ func addDeleteBucketReplicationUpdateEndpoint(stack *middleware.Stack, options O DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opDeleteBucketReplicationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opDeleteBucketReplicationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opDeleteBucketReplicationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*DeleteBucketReplicationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addDeleteBucketReplicationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opDeleteBucketReplicationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketTagging.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketTagging.go index 1aeef1dee..5a75a1f4a 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketTagging.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketTagging.go @@ -4,23 +4,20 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Deletes the tags from the bucket. To use this operation, you must have -// permission to perform the s3:PutBucketTagging action. By default, the bucket -// owner has this permission and can grant this permission to others. The following -// operations are related to DeleteBucketTagging : +// This operation is not supported by directory buckets. Deletes the tags from the +// bucket. To use this operation, you must have permission to perform the +// s3:PutBucketTagging action. By default, the bucket owner has this permission and +// can grant this permission to others. The following operations are related to +// DeleteBucketTagging : // - GetBucketTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketTagging.html) // - PutBucketTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketTagging.html) func (c *Client) DeleteBucketTagging(ctx context.Context, params *DeleteBucketTaggingInput, optFns ...func(*Options)) (*DeleteBucketTaggingOutput, error) { @@ -45,14 +42,19 @@ type DeleteBucketTaggingInput struct { // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *DeleteBucketTaggingInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type DeleteBucketTaggingOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -61,6 +63,9 @@ type DeleteBucketTaggingOutput struct { } func (c *Client) addOperationDeleteBucketTaggingMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpDeleteBucketTagging{}, middleware.After) if err != nil { return err @@ -69,6 +74,10 @@ func (c *Client) addOperationDeleteBucketTaggingMiddlewares(stack *middleware.St if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteBucketTagging"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -90,9 +99,6 @@ func (c *Client) addOperationDeleteBucketTaggingMiddlewares(stack *middleware.St if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -108,10 +114,10 @@ func (c *Client) addOperationDeleteBucketTaggingMiddlewares(stack *middleware.St if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addDeleteBucketTaggingResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpDeleteBucketTaggingValidationMiddleware(stack); err != nil { @@ -141,7 +147,7 @@ func (c *Client) addOperationDeleteBucketTaggingMiddlewares(stack *middleware.St if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -161,7 +167,6 @@ func newServiceMetadataMiddleware_opDeleteBucketTagging(region string) *awsmiddl return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "DeleteBucketTagging", } } @@ -191,139 +196,3 @@ func addDeleteBucketTaggingUpdateEndpoint(stack *middleware.Stack, options Optio DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opDeleteBucketTaggingResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opDeleteBucketTaggingResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opDeleteBucketTaggingResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*DeleteBucketTaggingInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addDeleteBucketTaggingResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opDeleteBucketTaggingResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketWebsite.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketWebsite.go index e7fc64b5b..dbe84fbb9 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketWebsite.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteBucketWebsite.go @@ -4,30 +4,26 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// This action removes the website configuration for a bucket. Amazon S3 returns a -// 200 OK response upon successfully deleting a website configuration on the -// specified bucket. You will get a 200 OK response if the website configuration -// you are trying to delete does not exist on the bucket. Amazon S3 returns a 404 -// response if the bucket specified in the request does not exist. This DELETE -// action requires the S3:DeleteBucketWebsite permission. By default, only the -// bucket owner can delete the website configuration attached to a bucket. However, -// bucket owners can grant other users permission to delete the website -// configuration by writing a bucket policy granting them the -// S3:DeleteBucketWebsite permission. For more information about hosting websites, -// see Hosting Websites on Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) +// This operation is not supported by directory buckets. This action removes the +// website configuration for a bucket. Amazon S3 returns a 200 OK response upon +// successfully deleting a website configuration on the specified bucket. You will +// get a 200 OK response if the website configuration you are trying to delete +// does not exist on the bucket. Amazon S3 returns a 404 response if the bucket +// specified in the request does not exist. This DELETE action requires the +// S3:DeleteBucketWebsite permission. By default, only the bucket owner can delete +// the website configuration attached to a bucket. However, bucket owners can grant +// other users permission to delete the website configuration by writing a bucket +// policy granting them the S3:DeleteBucketWebsite permission. For more +// information about hosting websites, see Hosting Websites on Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) // . The following operations are related to DeleteBucketWebsite : // - GetBucketWebsite (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketWebsite.html) // - PutBucketWebsite (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketWebsite.html) @@ -53,14 +49,19 @@ type DeleteBucketWebsiteInput struct { // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *DeleteBucketWebsiteInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type DeleteBucketWebsiteOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -69,6 +70,9 @@ type DeleteBucketWebsiteOutput struct { } func (c *Client) addOperationDeleteBucketWebsiteMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpDeleteBucketWebsite{}, middleware.After) if err != nil { return err @@ -77,6 +81,10 @@ func (c *Client) addOperationDeleteBucketWebsiteMiddlewares(stack *middleware.St if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteBucketWebsite"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -98,9 +106,6 @@ func (c *Client) addOperationDeleteBucketWebsiteMiddlewares(stack *middleware.St if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -116,10 +121,10 @@ func (c *Client) addOperationDeleteBucketWebsiteMiddlewares(stack *middleware.St if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addDeleteBucketWebsiteResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpDeleteBucketWebsiteValidationMiddleware(stack); err != nil { @@ -149,7 +154,7 @@ func (c *Client) addOperationDeleteBucketWebsiteMiddlewares(stack *middleware.St if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -169,7 +174,6 @@ func newServiceMetadataMiddleware_opDeleteBucketWebsite(region string) *awsmiddl return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "DeleteBucketWebsite", } } @@ -199,139 +203,3 @@ func addDeleteBucketWebsiteUpdateEndpoint(stack *middleware.Stack, options Optio DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opDeleteBucketWebsiteResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opDeleteBucketWebsiteResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opDeleteBucketWebsiteResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*DeleteBucketWebsiteInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addDeleteBucketWebsiteResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opDeleteBucketWebsiteResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteObject.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteObject.go index 5b5cbf187..cd00e5998 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteObject.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteObject.go @@ -4,38 +4,78 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Removes the null version (if there is one) of an object and inserts a delete -// marker, which becomes the latest version of the object. If there isn't a null -// version, Amazon S3 does not remove any objects but will still respond that the -// command was successful. To remove a specific version, you must use the version -// Id subresource. Using this subresource permanently deletes the version. If the -// object deleted is a delete marker, Amazon S3 sets the response header, -// x-amz-delete-marker , to true. If the object you want to delete is in a bucket -// where the bucket versioning configuration is MFA Delete enabled, you must -// include the x-amz-mfa request header in the DELETE versionId request. Requests -// that include x-amz-mfa must use HTTPS. For more information about MFA Delete, -// see Using MFA Delete (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMFADelete.html) -// . To see sample requests that use versioning, see Sample Request (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectDELETE.html#ExampleVersionObjectDelete) -// . You can delete objects by explicitly calling DELETE Object or configure its -// lifecycle ( PutBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycle.html) +// Removes an object from a bucket. The behavior depends on the bucket's +// versioning state: +// +// - If versioning is enabled, the operation removes the null version (if there +// is one) of an object and inserts a delete marker, which becomes the latest +// version of the object. If there isn't a null version, Amazon S3 does not remove +// any objects but will still respond that the command was successful. +// +// - If versioning is suspended or not enabled, the operation permanently +// deletes the object. +// +// - Directory buckets - S3 Versioning isn't enabled and supported for directory +// buckets. For this API operation, only the null value of the version ID is +// supported by directory buckets. You can only specify null to the versionId +// query parameter in the request. +// +// - Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support +// virtual-hosted-style requests in the format +// https://bucket_name.s3express-az_id.region.amazonaws.com/key-name . +// Path-style requests are not supported. For more information, see Regional and +// Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// To remove a specific version, you must use the versionId query parameter. Using +// this query parameter permanently deletes the version. If the object deleted is a +// delete marker, Amazon S3 sets the response header x-amz-delete-marker to true. +// If the object you want to delete is in a bucket where the bucket versioning +// configuration is MFA Delete enabled, you must include the x-amz-mfa request +// header in the DELETE versionId request. Requests that include x-amz-mfa must +// use HTTPS. For more information about MFA Delete, see Using MFA Delete (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMFADelete.html) +// in the Amazon S3 User Guide. To see sample requests that use versioning, see +// Sample Request (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectDELETE.html#ExampleVersionObjectDelete) +// . Directory buckets - MFA delete is not supported by directory buckets. You can +// delete objects by explicitly calling DELETE Object or calling ( +// PutBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycle.html) // ) to enable Amazon S3 to remove them for you. If you want to block users or // accounts from removing or deleting objects from your bucket, you must deny them // the s3:DeleteObject , s3:DeleteObjectVersion , and s3:PutLifeCycleConfiguration -// actions. The following action is related to DeleteObject : +// actions. Directory buckets - S3 Lifecycle is not supported by directory buckets. +// Permissions +// - General purpose bucket permissions - The following permissions are required +// in your policies when your DeleteObjects request includes specific headers. +// - s3:DeleteObject - To delete an object from a bucket, you must always have +// the s3:DeleteObject permission. +// - s3:DeleteObjectVersion - To delete a specific version of an object from a +// versiong-enabled bucket, you must have the s3:DeleteObjectVersion permission. +// - Directory bucket permissions - To grant access to this API operation on a +// directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant the +// s3express:CreateSession permission to the directory bucket in a bucket policy +// or an IAM identity-based policy. Then, you make the CreateSession API call on +// the bucket to obtain a session token. With the session token in your request +// header, you can make API requests to this operation. After the session token +// expires, you make another CreateSession API call to generate a new session +// token for use. Amazon Web Services CLI or SDKs create session and refresh the +// session token automatically to avoid service interruptions when a session +// expires. For more information about authorization, see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// . +// +// HTTP Host header syntax Directory buckets - The HTTP Host header syntax is +// Bucket_name.s3express-az_id.region.amazonaws.com . The following action is +// related to DeleteObject : // - PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) func (c *Client) DeleteObject(ctx context.Context, params *DeleteObjectInput, optFns ...func(*Options)) (*DeleteObjectOutput, error) { if params == nil { @@ -54,16 +94,26 @@ func (c *Client) DeleteObject(ctx context.Context, params *DeleteObjectInput, op type DeleteObjectInput struct { - // The bucket name of the bucket containing the object. When using this action - // with an access point, you must direct requests to the access point hostname. The - // access point hostname takes the form - // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this - // action with an access point through the Amazon Web Services SDKs, you provide - // the access point ARN in place of the bucket name. For more information about - // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form + // The bucket name of the bucket containing the object. Directory buckets - When + // you use this operation with a directory bucket, you must use + // virtual-hosted-style requests in the format + // Bucket_name.s3express-az_id.region.amazonaws.com . Path-style requests are not + // supported. Directory bucket names must be unique in the chosen Availability + // Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 (for + // example, DOC-EXAMPLE-BUCKET--usw2-az2--x-s3 ). For information about bucket + // naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. Access points - When you use this action with an + // access point, you must provide the alias of the access point in place of the + // bucket name or specify the access point ARN. When using the access point ARN, + // you must direct requests to the access point hostname. The access point hostname + // takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. Access points and Object Lambda access points are + // not supported by directory buckets. S3 on Outposts - When you use this action + // with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts + // hostname. The S3 on Outposts hostname takes the form // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you // use this action with S3 on Outposts through the Amazon Web Services SDKs, you // provide the Outposts access point ARN in place of the bucket name. For more @@ -80,49 +130,60 @@ type DeleteObjectInput struct { // Indicates whether S3 Object Lock should bypass Governance-mode restrictions to // process this operation. To use this header, you must have the - // s3:BypassGovernanceRetention permission. - BypassGovernanceRetention bool + // s3:BypassGovernanceRetention permission. This functionality is not supported for + // directory buckets. + BypassGovernanceRetention *bool - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // The concatenation of the authentication device's serial number, a space, and // the value that is displayed on your authentication device. Required to // permanently delete a versioned object if versioning is configured with MFA - // delete enabled. + // delete enabled. This functionality is not supported for directory buckets. MFA *string // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer - // VersionId used to reference a specific version of the object. + // Version ID used to reference a specific version of the object. For directory + // buckets in this API operation, only the null value of the version ID is + // supported. VersionId *string noSmithyDocumentSerde } +func (in *DeleteObjectInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.Key = in.Key + +} + type DeleteObjectOutput struct { // Indicates whether the specified object version that was permanently deleted was // (true) or was not (false) a delete marker before deletion. In a simple DELETE, // this header indicates whether (true) or not (false) the current version of the - // object is a delete marker. - DeleteMarker bool + // object is a delete marker. This functionality is not supported for directory + // buckets. + DeleteMarker *bool // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged // Returns the version ID of the delete marker created as a result of the DELETE - // operation. + // operation. This functionality is not supported for directory buckets. VersionId *string // Metadata pertaining to the operation's result. @@ -132,6 +193,9 @@ type DeleteObjectOutput struct { } func (c *Client) addOperationDeleteObjectMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpDeleteObject{}, middleware.After) if err != nil { return err @@ -140,6 +204,10 @@ func (c *Client) addOperationDeleteObjectMiddlewares(stack *middleware.Stack, op if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteObject"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -161,9 +229,6 @@ func (c *Client) addOperationDeleteObjectMiddlewares(stack *middleware.Stack, op if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -179,10 +244,10 @@ func (c *Client) addOperationDeleteObjectMiddlewares(stack *middleware.Stack, op if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addDeleteObjectResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpDeleteObjectValidationMiddleware(stack); err != nil { @@ -212,7 +277,7 @@ func (c *Client) addOperationDeleteObjectMiddlewares(stack *middleware.Stack, op if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -232,7 +297,6 @@ func newServiceMetadataMiddleware_opDeleteObject(region string) *awsmiddleware.R return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "DeleteObject", } } @@ -293,139 +357,3 @@ func addDeleteObjectPayloadAsUnsigned(stack *middleware.Stack, options Options) v4.RemoveComputePayloadSHA256Middleware(stack) return v4.AddUnsignedPayloadMiddleware(stack) } - -type opDeleteObjectResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opDeleteObjectResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opDeleteObjectResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*DeleteObjectInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addDeleteObjectResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opDeleteObjectResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteObjectTagging.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteObjectTagging.go index 41d46e48f..961b9459a 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteObjectTagging.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteObjectTagging.go @@ -4,21 +4,17 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Removes the entire tag set from the specified object. For more information -// about managing object tags, see Object Tagging (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-tagging.html) +// This operation is not supported by directory buckets. Removes the entire tag +// set from the specified object. For more information about managing object tags, +// see Object Tagging (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-tagging.html) // . To use this operation, you must have permission to perform the // s3:DeleteObjectTagging action. To delete tags of a specific object version, add // the versionId query parameter in the request. You will need permission for the @@ -43,16 +39,18 @@ func (c *Client) DeleteObjectTagging(ctx context.Context, params *DeleteObjectTa type DeleteObjectTaggingInput struct { - // The bucket name containing the objects from which to remove the tags. When - // using this action with an access point, you must direct requests to the access - // point hostname. The access point hostname takes the form + // The bucket name containing the objects from which to remove the tags. Access + // points - When you use this action with an access point, you must provide the + // alias of the access point in place of the bucket name or specify the access + // point ARN. When using the access point ARN, you must direct requests to the + // access point hostname. The access point hostname takes the form // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this // action with an access point through the Amazon Web Services SDKs, you provide // the access point ARN in place of the bucket name. For more information about // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form + // in the Amazon S3 User Guide. S3 on Outposts - When you use this action with + // Amazon S3 on Outposts, you must direct requests to the S3 on Outposts hostname. + // The S3 on Outposts hostname takes the form // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you // use this action with S3 on Outposts through the Amazon Web Services SDKs, you // provide the Outposts access point ARN in place of the bucket name. For more @@ -67,9 +65,9 @@ type DeleteObjectTaggingInput struct { // This member is required. Key *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // The versionId of the object that the tag-set will be removed from. @@ -78,6 +76,11 @@ type DeleteObjectTaggingInput struct { noSmithyDocumentSerde } +func (in *DeleteObjectTaggingInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + +} + type DeleteObjectTaggingOutput struct { // The versionId of the object the tag-set was removed from. @@ -90,6 +93,9 @@ type DeleteObjectTaggingOutput struct { } func (c *Client) addOperationDeleteObjectTaggingMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpDeleteObjectTagging{}, middleware.After) if err != nil { return err @@ -98,6 +104,10 @@ func (c *Client) addOperationDeleteObjectTaggingMiddlewares(stack *middleware.St if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteObjectTagging"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -119,9 +129,6 @@ func (c *Client) addOperationDeleteObjectTaggingMiddlewares(stack *middleware.St if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -137,10 +144,10 @@ func (c *Client) addOperationDeleteObjectTaggingMiddlewares(stack *middleware.St if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addDeleteObjectTaggingResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpDeleteObjectTaggingValidationMiddleware(stack); err != nil { @@ -170,7 +177,7 @@ func (c *Client) addOperationDeleteObjectTaggingMiddlewares(stack *middleware.St if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -190,7 +197,6 @@ func newServiceMetadataMiddleware_opDeleteObjectTagging(region string) *awsmiddl return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "DeleteObjectTagging", } } @@ -220,139 +226,3 @@ func addDeleteObjectTaggingUpdateEndpoint(stack *middleware.Stack, options Optio DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opDeleteObjectTaggingResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opDeleteObjectTaggingResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opDeleteObjectTaggingResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*DeleteObjectTaggingInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addDeleteObjectTaggingResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opDeleteObjectTaggingResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteObjects.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteObjects.go index b494c18ae..1d1fa4327 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteObjects.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeleteObjects.go @@ -4,46 +4,82 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// This action enables you to delete multiple objects from a bucket using a single -// HTTP request. If you know the object keys that you want to delete, then this -// action provides a suitable alternative to sending individual delete requests, -// reducing per-request overhead. The request contains a list of up to 1000 keys -// that you want to delete. In the XML, you provide the object key names, and -// optionally, version IDs if you want to delete a specific version of the object -// from a versioning-enabled bucket. For each key, Amazon S3 performs a delete -// action and returns the result of that delete, success, or failure, in the -// response. Note that if the object specified in the request is not found, Amazon -// S3 returns the result as deleted. The action supports two modes for the -// response: verbose and quiet. By default, the action uses verbose mode in which -// the response includes the result of deletion of each key in your request. In -// quiet mode the response includes only keys where the delete action encountered -// an error. For a successful deletion, the action does not return any information -// about the delete in the response body. When performing this action on an MFA -// Delete enabled bucket, that attempts to delete any versioned objects, you must -// include an MFA token. If you do not provide one, the entire request will fail, -// even if there are non-versioned objects you are trying to delete. If you provide -// an invalid token, whether there are versioned keys in the request or not, the -// entire Multi-Object Delete request will fail. For information about MFA Delete, -// see MFA Delete (https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html#MultiFactorAuthenticationDelete) -// . Finally, the Content-MD5 header is required for all Multi-Object Delete -// requests. Amazon S3 uses the header value to ensure that your request body has -// not been altered in transit. The following operations are related to -// DeleteObjects : +// This operation enables you to delete multiple objects from a bucket using a +// single HTTP request. If you know the object keys that you want to delete, then +// this operation provides a suitable alternative to sending individual delete +// requests, reducing per-request overhead. The request can contain a list of up to +// 1000 keys that you want to delete. In the XML, you provide the object key names, +// and optionally, version IDs if you want to delete a specific version of the +// object from a versioning-enabled bucket. For each key, Amazon S3 performs a +// delete operation and returns the result of that delete, success or failure, in +// the response. Note that if the object specified in the request is not found, +// Amazon S3 returns the result as deleted. +// - Directory buckets - S3 Versioning isn't enabled and supported for directory +// buckets. +// - Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support +// virtual-hosted-style requests in the format +// https://bucket_name.s3express-az_id.region.amazonaws.com/key-name . +// Path-style requests are not supported. For more information, see Regional and +// Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// The operation supports two modes for the response: verbose and quiet. By +// default, the operation uses verbose mode in which the response includes the +// result of deletion of each key in your request. In quiet mode the response +// includes only keys where the delete operation encountered an error. For a +// successful deletion in a quiet mode, the operation does not return any +// information about the delete in the response body. When performing this action +// on an MFA Delete enabled bucket, that attempts to delete any versioned objects, +// you must include an MFA token. If you do not provide one, the entire request +// will fail, even if there are non-versioned objects you are trying to delete. If +// you provide an invalid token, whether there are versioned keys in the request or +// not, the entire Multi-Object Delete request will fail. For information about MFA +// Delete, see MFA Delete (https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html#MultiFactorAuthenticationDelete) +// in the Amazon S3 User Guide. Directory buckets - MFA delete is not supported by +// directory buckets. Permissions +// - General purpose bucket permissions - The following permissions are required +// in your policies when your DeleteObjects request includes specific headers. +// - s3:DeleteObject - To delete an object from a bucket, you must always specify +// the s3:DeleteObject permission. +// - s3:DeleteObjectVersion - To delete a specific version of an object from a +// versiong-enabled bucket, you must specify the s3:DeleteObjectVersion +// permission. +// - Directory bucket permissions - To grant access to this API operation on a +// directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant the +// s3express:CreateSession permission to the directory bucket in a bucket policy +// or an IAM identity-based policy. Then, you make the CreateSession API call on +// the bucket to obtain a session token. With the session token in your request +// header, you can make API requests to this operation. After the session token +// expires, you make another CreateSession API call to generate a new session +// token for use. Amazon Web Services CLI or SDKs create session and refresh the +// session token automatically to avoid service interruptions when a session +// expires. For more information about authorization, see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// . +// +// Content-MD5 request header +// - General purpose bucket - The Content-MD5 request header is required for all +// Multi-Object Delete requests. Amazon S3 uses the header value to ensure that +// your request body has not been altered in transit. +// - Directory bucket - The Content-MD5 request header or a additional checksum +// request header (including x-amz-checksum-crc32 , x-amz-checksum-crc32c , +// x-amz-checksum-sha1 , or x-amz-checksum-sha256 ) is required for all +// Multi-Object Delete requests. +// +// HTTP Host header syntax Directory buckets - The HTTP Host header syntax is +// Bucket_name.s3express-az_id.region.amazonaws.com . The following operations are +// related to DeleteObjects : // - CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) // - UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) // - CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) @@ -66,16 +102,26 @@ func (c *Client) DeleteObjects(ctx context.Context, params *DeleteObjectsInput, type DeleteObjectsInput struct { - // The bucket name containing the objects to delete. When using this action with - // an access point, you must direct requests to the access point hostname. The - // access point hostname takes the form - // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this - // action with an access point through the Amazon Web Services SDKs, you provide - // the access point ARN in place of the bucket name. For more information about - // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form + // The bucket name containing the objects to delete. Directory buckets - When you + // use this operation with a directory bucket, you must use virtual-hosted-style + // requests in the format Bucket_name.s3express-az_id.region.amazonaws.com . + // Path-style requests are not supported. Directory bucket names must be unique in + // the chosen Availability Zone. Bucket names must follow the format + // bucket_base_name--az-id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az2--x-s3 + // ). For information about bucket naming restrictions, see Directory bucket + // naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. Access points - When you use this action with an + // access point, you must provide the alias of the access point in place of the + // bucket name or specify the access point ARN. When using the access point ARN, + // you must direct requests to the access point hostname. The access point hostname + // takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. Access points and Object Lambda access points are + // not supported by directory buckets. S3 on Outposts - When you use this action + // with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts + // hostname. The S3 on Outposts hostname takes the form // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you // use this action with S3 on Outposts through the Amazon Web Services SDKs, you // provide the Outposts access point ARN in place of the bucket name. For more @@ -92,44 +138,67 @@ type DeleteObjectsInput struct { // Specifies whether you want to delete this object even if it has a // Governance-type Object Lock in place. To use this header, you must have the - // s3:BypassGovernanceRetention permission. - BypassGovernanceRetention bool + // s3:BypassGovernanceRetention permission. This functionality is not supported for + // directory buckets. + BypassGovernanceRetention *bool - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not using - // the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the - // HTTP status code 400 Bad Request . For more information, see Checking object - // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) - // in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3 - // ignores any provided ChecksumAlgorithm parameter. This checksum algorithm must - // be the same for all parts and it match the checksum value supplied in the - // CreateMultipartUpload request. + // Indicates the algorithm used to create the checksum for the object when you use + // the SDK. This header will not provide any additional functionality if you don't + // use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum-algorithm or x-amz-trailer header sent. Otherwise, Amazon S3 + // fails the request with the HTTP status code 400 Bad Request . For the + // x-amz-checksum-algorithm header, replace algorithm with the supported + // algorithm from the following list: + // - CRC32 + // - CRC32C + // - SHA1 + // - SHA256 + // For more information, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. If the individual checksum value you provide + // through x-amz-checksum-algorithm doesn't match the checksum algorithm you set + // through x-amz-sdk-checksum-algorithm , Amazon S3 ignores any provided + // ChecksumAlgorithm parameter and uses the checksum algorithm that matches the + // provided value in x-amz-checksum-algorithm . If you provide an individual + // checksum, Amazon S3 ignores any provided ChecksumAlgorithm parameter. ChecksumAlgorithm types.ChecksumAlgorithm - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // The concatenation of the authentication device's serial number, a space, and // the value that is displayed on your authentication device. Required to // permanently delete a versioned object if versioning is configured with MFA - // delete enabled. + // delete enabled. When performing the DeleteObjects operation on an MFA delete + // enabled bucket, which attempts to delete the specified versioned objects, you + // must include an MFA token. If you don't provide an MFA token, the entire request + // will fail, even if there are non-versioned objects that you are trying to + // delete. If you provide an invalid token, whether there are versioned object keys + // in the request or not, the entire Multi-Object Delete request will fail. For + // information about MFA Delete, see MFA Delete (https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html#MultiFactorAuthenticationDelete) + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. MFA *string // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer noSmithyDocumentSerde } +func (in *DeleteObjectsInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + +} + type DeleteObjectsOutput struct { // Container element for a successful delete. It identifies the object that was @@ -141,7 +210,7 @@ type DeleteObjectsOutput struct { Errors []types.Error // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged // Metadata pertaining to the operation's result. @@ -151,6 +220,9 @@ type DeleteObjectsOutput struct { } func (c *Client) addOperationDeleteObjectsMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpDeleteObjects{}, middleware.After) if err != nil { return err @@ -159,6 +231,10 @@ func (c *Client) addOperationDeleteObjectsMiddlewares(stack *middleware.Stack, o if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteObjects"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -180,9 +256,6 @@ func (c *Client) addOperationDeleteObjectsMiddlewares(stack *middleware.Stack, o if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -198,10 +271,10 @@ func (c *Client) addOperationDeleteObjectsMiddlewares(stack *middleware.Stack, o if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addDeleteObjectsResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpDeleteObjectsValidationMiddleware(stack); err != nil { @@ -234,12 +307,15 @@ func (c *Client) addOperationDeleteObjectsMiddlewares(stack *middleware.Stack, o if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { return err } + if err = s3cust.AddExpressDefaultChecksumMiddleware(stack); err != nil { + return err + } return nil } @@ -254,7 +330,6 @@ func newServiceMetadataMiddleware_opDeleteObjects(region string) *awsmiddleware. return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "DeleteObjects", } } @@ -304,139 +379,3 @@ func addDeleteObjectsUpdateEndpoint(stack *middleware.Stack, options Options) er DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opDeleteObjectsResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opDeleteObjectsResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opDeleteObjectsResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*DeleteObjectsInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addDeleteObjectsResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opDeleteObjectsResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeletePublicAccessBlock.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeletePublicAccessBlock.go index 2bdbe4217..488d2a797 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeletePublicAccessBlock.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_DeletePublicAccessBlock.go @@ -4,23 +4,20 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Removes the PublicAccessBlock configuration for an Amazon S3 bucket. To use -// this operation, you must have the s3:PutBucketPublicAccessBlock permission. For -// more information about permissions, see Permissions Related to Bucket -// Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// This operation is not supported by directory buckets. Removes the +// PublicAccessBlock configuration for an Amazon S3 bucket. To use this operation, +// you must have the s3:PutBucketPublicAccessBlock permission. For more +// information about permissions, see Permissions Related to Bucket Subresource +// Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) // and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) // . The following operations are related to DeletePublicAccessBlock : // - Using Amazon S3 Block Public Access (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html) @@ -49,14 +46,19 @@ type DeletePublicAccessBlockInput struct { // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *DeletePublicAccessBlockInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type DeletePublicAccessBlockOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -65,6 +67,9 @@ type DeletePublicAccessBlockOutput struct { } func (c *Client) addOperationDeletePublicAccessBlockMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpDeletePublicAccessBlock{}, middleware.After) if err != nil { return err @@ -73,6 +78,10 @@ func (c *Client) addOperationDeletePublicAccessBlockMiddlewares(stack *middlewar if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "DeletePublicAccessBlock"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -94,9 +103,6 @@ func (c *Client) addOperationDeletePublicAccessBlockMiddlewares(stack *middlewar if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -112,10 +118,10 @@ func (c *Client) addOperationDeletePublicAccessBlockMiddlewares(stack *middlewar if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addDeletePublicAccessBlockResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpDeletePublicAccessBlockValidationMiddleware(stack); err != nil { @@ -145,7 +151,7 @@ func (c *Client) addOperationDeletePublicAccessBlockMiddlewares(stack *middlewar if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -165,7 +171,6 @@ func newServiceMetadataMiddleware_opDeletePublicAccessBlock(region string) *awsm return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "DeletePublicAccessBlock", } } @@ -195,139 +200,3 @@ func addDeletePublicAccessBlockUpdateEndpoint(stack *middleware.Stack, options O DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opDeletePublicAccessBlockResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opDeletePublicAccessBlockResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opDeletePublicAccessBlockResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*DeletePublicAccessBlockInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addDeletePublicAccessBlockResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opDeletePublicAccessBlockResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketAccelerateConfiguration.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketAccelerateConfiguration.go index f11b25aa3..9a90a88a0 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketAccelerateConfiguration.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketAccelerateConfiguration.go @@ -4,28 +4,25 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// This implementation of the GET action uses the accelerate subresource to return -// the Transfer Acceleration state of a bucket, which is either Enabled or -// Suspended . Amazon S3 Transfer Acceleration is a bucket-level feature that -// enables you to perform faster data transfers to and from Amazon S3. To use this -// operation, you must have permission to perform the s3:GetAccelerateConfiguration -// action. The bucket owner has this permission by default. The bucket owner can -// grant this permission to others. For more information about permissions, see -// Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// This operation is not supported by directory buckets. This implementation of +// the GET action uses the accelerate subresource to return the Transfer +// Acceleration state of a bucket, which is either Enabled or Suspended . Amazon S3 +// Transfer Acceleration is a bucket-level feature that enables you to perform +// faster data transfers to and from Amazon S3. To use this operation, you must +// have permission to perform the s3:GetAccelerateConfiguration action. The bucket +// owner has this permission by default. The bucket owner can grant this permission +// to others. For more information about permissions, see Permissions Related to +// Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) // and Managing Access Permissions to your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) // in the Amazon S3 User Guide. You set the Transfer Acceleration state of an // existing bucket to Enabled or Suspended by using the @@ -59,27 +56,33 @@ type GetBucketAccelerateConfigurationInput struct { // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer noSmithyDocumentSerde } +func (in *GetBucketAccelerateConfigurationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type GetBucketAccelerateConfigurationOutput struct { // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged // The accelerate configuration of the bucket. @@ -92,6 +95,9 @@ type GetBucketAccelerateConfigurationOutput struct { } func (c *Client) addOperationGetBucketAccelerateConfigurationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetBucketAccelerateConfiguration{}, middleware.After) if err != nil { return err @@ -100,6 +106,10 @@ func (c *Client) addOperationGetBucketAccelerateConfigurationMiddlewares(stack * if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetBucketAccelerateConfiguration"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -121,9 +131,6 @@ func (c *Client) addOperationGetBucketAccelerateConfigurationMiddlewares(stack * if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -139,10 +146,10 @@ func (c *Client) addOperationGetBucketAccelerateConfigurationMiddlewares(stack * if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetBucketAccelerateConfigurationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetBucketAccelerateConfigurationValidationMiddleware(stack); err != nil { @@ -172,7 +179,7 @@ func (c *Client) addOperationGetBucketAccelerateConfigurationMiddlewares(stack * if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -192,7 +199,6 @@ func newServiceMetadataMiddleware_opGetBucketAccelerateConfiguration(region stri return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetBucketAccelerateConfiguration", } } @@ -222,139 +228,3 @@ func addGetBucketAccelerateConfigurationUpdateEndpoint(stack *middleware.Stack, DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetBucketAccelerateConfigurationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetBucketAccelerateConfigurationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetBucketAccelerateConfigurationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetBucketAccelerateConfigurationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetBucketAccelerateConfigurationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetBucketAccelerateConfigurationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketAcl.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketAcl.go index 623349519..36747fc9c 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketAcl.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketAcl.go @@ -4,28 +4,25 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// This implementation of the GET action uses the acl subresource to return the -// access control list (ACL) of a bucket. To use GET to return the ACL of the -// bucket, you must have READ_ACP access to the bucket. If READ_ACP permission is -// granted to the anonymous user, you can return the ACL of the bucket without -// using an authorization header. To use this API operation against an access -// point, provide the alias of the access point in place of the bucket name. To use -// this API operation against an Object Lambda access point, provide the alias of -// the Object Lambda access point in place of the bucket name. If the Object Lambda +// This operation is not supported by directory buckets. This implementation of +// the GET action uses the acl subresource to return the access control list (ACL) +// of a bucket. To use GET to return the ACL of the bucket, you must have the +// READ_ACP access to the bucket. If READ_ACP permission is granted to the +// anonymous user, you can return the ACL of the bucket without using an +// authorization header. When you use this API operation with an access point, +// provide the alias of the access point in place of the bucket name. When you use +// this API operation with an Object Lambda access point, provide the alias of the +// Object Lambda access point in place of the bucket name. If the Object Lambda // access point alias in a request is not valid, the error code // InvalidAccessPointAliasError is returned. For more information about // InvalidAccessPointAliasError , see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList) @@ -54,26 +51,31 @@ func (c *Client) GetBucketAcl(ctx context.Context, params *GetBucketAclInput, op type GetBucketAclInput struct { - // Specifies the S3 bucket whose ACL is being requested. To use this API operation - // against an access point, provide the alias of the access point in place of the - // bucket name. To use this API operation against an Object Lambda access point, - // provide the alias of the Object Lambda access point in place of the bucket name. - // If the Object Lambda access point alias in a request is not valid, the error - // code InvalidAccessPointAliasError is returned. For more information about - // InvalidAccessPointAliasError , see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList) + // Specifies the S3 bucket whose ACL is being requested. When you use this API + // operation with an access point, provide the alias of the access point in place + // of the bucket name. When you use this API operation with an Object Lambda access + // point, provide the alias of the Object Lambda access point in place of the + // bucket name. If the Object Lambda access point alias in a request is not valid, + // the error code InvalidAccessPointAliasError is returned. For more information + // about InvalidAccessPointAliasError , see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList) // . // // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *GetBucketAclInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type GetBucketAclOutput struct { // A list of grants. @@ -89,6 +91,9 @@ type GetBucketAclOutput struct { } func (c *Client) addOperationGetBucketAclMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetBucketAcl{}, middleware.After) if err != nil { return err @@ -97,6 +102,10 @@ func (c *Client) addOperationGetBucketAclMiddlewares(stack *middleware.Stack, op if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetBucketAcl"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -118,9 +127,6 @@ func (c *Client) addOperationGetBucketAclMiddlewares(stack *middleware.Stack, op if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -136,10 +142,10 @@ func (c *Client) addOperationGetBucketAclMiddlewares(stack *middleware.Stack, op if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetBucketAclResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetBucketAclValidationMiddleware(stack); err != nil { @@ -169,7 +175,7 @@ func (c *Client) addOperationGetBucketAclMiddlewares(stack *middleware.Stack, op if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -189,7 +195,6 @@ func newServiceMetadataMiddleware_opGetBucketAcl(region string) *awsmiddleware.R return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetBucketAcl", } } @@ -219,139 +224,3 @@ func addGetBucketAclUpdateEndpoint(stack *middleware.Stack, options Options) err DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetBucketAclResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetBucketAclResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetBucketAclResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetBucketAclInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetBucketAclResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetBucketAclResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketAnalyticsConfiguration.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketAnalyticsConfiguration.go index bc8b5c31d..0f7922ae9 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketAnalyticsConfiguration.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketAnalyticsConfiguration.go @@ -4,26 +4,23 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// This implementation of the GET action returns an analytics configuration -// (identified by the analytics configuration ID) from the bucket. To use this -// operation, you must have permissions to perform the s3:GetAnalyticsConfiguration -// action. The bucket owner has this permission by default. The bucket owner can -// grant this permission to others. For more information about permissions, see -// Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// This operation is not supported by directory buckets. This implementation of +// the GET action returns an analytics configuration (identified by the analytics +// configuration ID) from the bucket. To use this operation, you must have +// permissions to perform the s3:GetAnalyticsConfiguration action. The bucket +// owner has this permission by default. The bucket owner can grant this permission +// to others. For more information about permissions, see Permissions Related to +// Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) // and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) // in the Amazon S3 User Guide. For information about Amazon S3 analytics feature, // see Amazon S3 Analytics – Storage Class Analysis (https://docs.aws.amazon.com/AmazonS3/latest/dev/analytics-storage-class.html) @@ -59,14 +56,19 @@ type GetBucketAnalyticsConfigurationInput struct { // This member is required. Id *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *GetBucketAnalyticsConfigurationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type GetBucketAnalyticsConfigurationOutput struct { // The configuration and any analyses for the analytics filter. @@ -79,6 +81,9 @@ type GetBucketAnalyticsConfigurationOutput struct { } func (c *Client) addOperationGetBucketAnalyticsConfigurationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetBucketAnalyticsConfiguration{}, middleware.After) if err != nil { return err @@ -87,6 +92,10 @@ func (c *Client) addOperationGetBucketAnalyticsConfigurationMiddlewares(stack *m if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetBucketAnalyticsConfiguration"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -108,9 +117,6 @@ func (c *Client) addOperationGetBucketAnalyticsConfigurationMiddlewares(stack *m if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -126,10 +132,10 @@ func (c *Client) addOperationGetBucketAnalyticsConfigurationMiddlewares(stack *m if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetBucketAnalyticsConfigurationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetBucketAnalyticsConfigurationValidationMiddleware(stack); err != nil { @@ -159,7 +165,7 @@ func (c *Client) addOperationGetBucketAnalyticsConfigurationMiddlewares(stack *m if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -179,7 +185,6 @@ func newServiceMetadataMiddleware_opGetBucketAnalyticsConfiguration(region strin return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetBucketAnalyticsConfiguration", } } @@ -209,139 +214,3 @@ func addGetBucketAnalyticsConfigurationUpdateEndpoint(stack *middleware.Stack, o DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetBucketAnalyticsConfigurationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetBucketAnalyticsConfigurationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetBucketAnalyticsConfigurationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetBucketAnalyticsConfigurationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetBucketAnalyticsConfigurationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetBucketAnalyticsConfigurationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketCors.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketCors.go index 09437e26a..33c25aa13 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketCors.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketCors.go @@ -4,30 +4,27 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Returns the Cross-Origin Resource Sharing (CORS) configuration information set -// for the bucket. To use this operation, you must have permission to perform the -// s3:GetBucketCORS action. By default, the bucket owner has this permission and -// can grant it to others. To use this API operation against an access point, -// provide the alias of the access point in place of the bucket name. To use this -// API operation against an Object Lambda access point, provide the alias of the -// Object Lambda access point in place of the bucket name. If the Object Lambda -// access point alias in a request is not valid, the error code -// InvalidAccessPointAliasError is returned. For more information about -// InvalidAccessPointAliasError , see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList) +// This operation is not supported by directory buckets. Returns the Cross-Origin +// Resource Sharing (CORS) configuration information set for the bucket. To use +// this operation, you must have permission to perform the s3:GetBucketCORS +// action. By default, the bucket owner has this permission and can grant it to +// others. When you use this API operation with an access point, provide the alias +// of the access point in place of the bucket name. When you use this API operation +// with an Object Lambda access point, provide the alias of the Object Lambda +// access point in place of the bucket name. If the Object Lambda access point +// alias in a request is not valid, the error code InvalidAccessPointAliasError is +// returned. For more information about InvalidAccessPointAliasError , see List of +// Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList) // . For more information about CORS, see Enabling Cross-Origin Resource Sharing (https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) // . The following operations are related to GetBucketCors : // - PutBucketCors (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketCors.html) @@ -49,26 +46,31 @@ func (c *Client) GetBucketCors(ctx context.Context, params *GetBucketCorsInput, type GetBucketCorsInput struct { - // The bucket name for which to get the cors configuration. To use this API - // operation against an access point, provide the alias of the access point in - // place of the bucket name. To use this API operation against an Object Lambda - // access point, provide the alias of the Object Lambda access point in place of - // the bucket name. If the Object Lambda access point alias in a request is not - // valid, the error code InvalidAccessPointAliasError is returned. For more - // information about InvalidAccessPointAliasError , see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList) + // The bucket name for which to get the cors configuration. When you use this API + // operation with an access point, provide the alias of the access point in place + // of the bucket name. When you use this API operation with an Object Lambda access + // point, provide the alias of the Object Lambda access point in place of the + // bucket name. If the Object Lambda access point alias in a request is not valid, + // the error code InvalidAccessPointAliasError is returned. For more information + // about InvalidAccessPointAliasError , see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList) // . // // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *GetBucketCorsInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type GetBucketCorsOutput struct { // A set of origins and methods (cross-origin access that you want to allow). You @@ -82,6 +84,9 @@ type GetBucketCorsOutput struct { } func (c *Client) addOperationGetBucketCorsMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetBucketCors{}, middleware.After) if err != nil { return err @@ -90,6 +95,10 @@ func (c *Client) addOperationGetBucketCorsMiddlewares(stack *middleware.Stack, o if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetBucketCors"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -111,9 +120,6 @@ func (c *Client) addOperationGetBucketCorsMiddlewares(stack *middleware.Stack, o if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -129,10 +135,10 @@ func (c *Client) addOperationGetBucketCorsMiddlewares(stack *middleware.Stack, o if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetBucketCorsResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetBucketCorsValidationMiddleware(stack); err != nil { @@ -162,7 +168,7 @@ func (c *Client) addOperationGetBucketCorsMiddlewares(stack *middleware.Stack, o if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -182,7 +188,6 @@ func newServiceMetadataMiddleware_opGetBucketCors(region string) *awsmiddleware. return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetBucketCors", } } @@ -212,139 +217,3 @@ func addGetBucketCorsUpdateEndpoint(stack *middleware.Stack, options Options) er DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetBucketCorsResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetBucketCorsResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetBucketCorsResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetBucketCorsInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetBucketCorsResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetBucketCorsResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketEncryption.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketEncryption.go index b60c5f46a..c8be5dd00 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketEncryption.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketEncryption.go @@ -4,25 +4,21 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Returns the default encryption configuration for an Amazon S3 bucket. By -// default, all buckets have a default encryption configuration that uses -// server-side encryption with Amazon S3 managed keys (SSE-S3). For information -// about the bucket default encryption feature, see Amazon S3 Bucket Default -// Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) +// This operation is not supported by directory buckets. Returns the default +// encryption configuration for an Amazon S3 bucket. By default, all buckets have a +// default encryption configuration that uses server-side encryption with Amazon S3 +// managed keys (SSE-S3). For information about the bucket default encryption +// feature, see Amazon S3 Bucket Default Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) // in the Amazon S3 User Guide. To use this operation, you must have permission to // perform the s3:GetEncryptionConfiguration action. The bucket owner has this // permission by default. The bucket owner can grant this permission to others. For @@ -55,14 +51,19 @@ type GetBucketEncryptionInput struct { // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *GetBucketEncryptionInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type GetBucketEncryptionOutput struct { // Specifies the default server-side-encryption configuration. @@ -75,6 +76,9 @@ type GetBucketEncryptionOutput struct { } func (c *Client) addOperationGetBucketEncryptionMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetBucketEncryption{}, middleware.After) if err != nil { return err @@ -83,6 +87,10 @@ func (c *Client) addOperationGetBucketEncryptionMiddlewares(stack *middleware.St if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetBucketEncryption"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -104,9 +112,6 @@ func (c *Client) addOperationGetBucketEncryptionMiddlewares(stack *middleware.St if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -122,10 +127,10 @@ func (c *Client) addOperationGetBucketEncryptionMiddlewares(stack *middleware.St if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetBucketEncryptionResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetBucketEncryptionValidationMiddleware(stack); err != nil { @@ -155,7 +160,7 @@ func (c *Client) addOperationGetBucketEncryptionMiddlewares(stack *middleware.St if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -175,7 +180,6 @@ func newServiceMetadataMiddleware_opGetBucketEncryption(region string) *awsmiddl return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetBucketEncryption", } } @@ -205,139 +209,3 @@ func addGetBucketEncryptionUpdateEndpoint(stack *middleware.Stack, options Optio DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetBucketEncryptionResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetBucketEncryptionResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetBucketEncryptionResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetBucketEncryptionInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetBucketEncryptionResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetBucketEncryptionResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketIntelligentTieringConfiguration.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketIntelligentTieringConfiguration.go index 259b265bd..a3531f983 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketIntelligentTieringConfiguration.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketIntelligentTieringConfiguration.go @@ -4,21 +4,18 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Gets the S3 Intelligent-Tiering configuration from the specified bucket. The S3 +// This operation is not supported by directory buckets. Gets the S3 +// Intelligent-Tiering configuration from the specified bucket. The S3 // Intelligent-Tiering storage class is designed to optimize storage costs by // automatically moving data to the most cost-effective storage access tier, // without performance impact or operational overhead. S3 Intelligent-Tiering @@ -67,6 +64,11 @@ type GetBucketIntelligentTieringConfigurationInput struct { noSmithyDocumentSerde } +func (in *GetBucketIntelligentTieringConfigurationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type GetBucketIntelligentTieringConfigurationOutput struct { // Container for S3 Intelligent-Tiering configuration. @@ -79,6 +81,9 @@ type GetBucketIntelligentTieringConfigurationOutput struct { } func (c *Client) addOperationGetBucketIntelligentTieringConfigurationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetBucketIntelligentTieringConfiguration{}, middleware.After) if err != nil { return err @@ -87,6 +92,10 @@ func (c *Client) addOperationGetBucketIntelligentTieringConfigurationMiddlewares if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetBucketIntelligentTieringConfiguration"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -108,9 +117,6 @@ func (c *Client) addOperationGetBucketIntelligentTieringConfigurationMiddlewares if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -126,10 +132,10 @@ func (c *Client) addOperationGetBucketIntelligentTieringConfigurationMiddlewares if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetBucketIntelligentTieringConfigurationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetBucketIntelligentTieringConfigurationValidationMiddleware(stack); err != nil { @@ -159,7 +165,7 @@ func (c *Client) addOperationGetBucketIntelligentTieringConfigurationMiddlewares if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -179,7 +185,6 @@ func newServiceMetadataMiddleware_opGetBucketIntelligentTieringConfiguration(reg return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetBucketIntelligentTieringConfiguration", } } @@ -209,139 +214,3 @@ func addGetBucketIntelligentTieringConfigurationUpdateEndpoint(stack *middleware DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetBucketIntelligentTieringConfigurationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetBucketIntelligentTieringConfigurationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetBucketIntelligentTieringConfigurationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetBucketIntelligentTieringConfigurationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetBucketIntelligentTieringConfigurationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetBucketIntelligentTieringConfigurationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketInventoryConfiguration.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketInventoryConfiguration.go index 4863f979c..3fe6f9868 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketInventoryConfiguration.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketInventoryConfiguration.go @@ -4,24 +4,21 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Returns an inventory configuration (identified by the inventory configuration -// ID) from the bucket. To use this operation, you must have permissions to perform -// the s3:GetInventoryConfiguration action. The bucket owner has this permission -// by default and can grant this permission to others. For more information about +// This operation is not supported by directory buckets. Returns an inventory +// configuration (identified by the inventory configuration ID) from the bucket. To +// use this operation, you must have permissions to perform the +// s3:GetInventoryConfiguration action. The bucket owner has this permission by +// default and can grant this permission to others. For more information about // permissions, see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) // and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) // . For information about the Amazon S3 inventory feature, see Amazon S3 Inventory (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-inventory.html) @@ -56,14 +53,19 @@ type GetBucketInventoryConfigurationInput struct { // This member is required. Id *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *GetBucketInventoryConfigurationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type GetBucketInventoryConfigurationOutput struct { // Specifies the inventory configuration. @@ -76,6 +78,9 @@ type GetBucketInventoryConfigurationOutput struct { } func (c *Client) addOperationGetBucketInventoryConfigurationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetBucketInventoryConfiguration{}, middleware.After) if err != nil { return err @@ -84,6 +89,10 @@ func (c *Client) addOperationGetBucketInventoryConfigurationMiddlewares(stack *m if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetBucketInventoryConfiguration"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -105,9 +114,6 @@ func (c *Client) addOperationGetBucketInventoryConfigurationMiddlewares(stack *m if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -123,10 +129,10 @@ func (c *Client) addOperationGetBucketInventoryConfigurationMiddlewares(stack *m if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetBucketInventoryConfigurationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetBucketInventoryConfigurationValidationMiddleware(stack); err != nil { @@ -156,7 +162,7 @@ func (c *Client) addOperationGetBucketInventoryConfigurationMiddlewares(stack *m if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -176,7 +182,6 @@ func newServiceMetadataMiddleware_opGetBucketInventoryConfiguration(region strin return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetBucketInventoryConfiguration", } } @@ -206,139 +211,3 @@ func addGetBucketInventoryConfigurationUpdateEndpoint(stack *middleware.Stack, o DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetBucketInventoryConfigurationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetBucketInventoryConfigurationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetBucketInventoryConfigurationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetBucketInventoryConfigurationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetBucketInventoryConfigurationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetBucketInventoryConfigurationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketLifecycleConfiguration.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketLifecycleConfiguration.go index da3e47d4b..4cc9eff88 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketLifecycleConfiguration.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketLifecycleConfiguration.go @@ -4,27 +4,23 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Bucket lifecycle configuration now supports specifying a lifecycle rule using -// an object key name prefix, one or more object tags, or a combination of both. -// Accordingly, this section describes the latest API. The response describes the -// new filter element that you can use to specify a filter to select a subset of -// objects to which the rule applies. If you are using a previous version of the -// lifecycle configuration, it still works. For the earlier action, see -// GetBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycle.html) +// This operation is not supported by directory buckets. Bucket lifecycle +// configuration now supports specifying a lifecycle rule using an object key name +// prefix, one or more object tags, or a combination of both. Accordingly, this +// section describes the latest API. The response describes the new filter element +// that you can use to specify a filter to select a subset of objects to which the +// rule applies. If you are using a previous version of the lifecycle +// configuration, it still works. For the earlier action, see GetBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycle.html) // . Returns the lifecycle configuration information set on the bucket. For // information about lifecycle configuration, see Object Lifecycle Management (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) // . To use this operation, you must have permission to perform the @@ -65,14 +61,19 @@ type GetBucketLifecycleConfigurationInput struct { // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *GetBucketLifecycleConfigurationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type GetBucketLifecycleConfigurationOutput struct { // Container for a lifecycle rule. @@ -85,6 +86,9 @@ type GetBucketLifecycleConfigurationOutput struct { } func (c *Client) addOperationGetBucketLifecycleConfigurationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetBucketLifecycleConfiguration{}, middleware.After) if err != nil { return err @@ -93,6 +97,10 @@ func (c *Client) addOperationGetBucketLifecycleConfigurationMiddlewares(stack *m if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetBucketLifecycleConfiguration"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -114,9 +122,6 @@ func (c *Client) addOperationGetBucketLifecycleConfigurationMiddlewares(stack *m if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -132,10 +137,10 @@ func (c *Client) addOperationGetBucketLifecycleConfigurationMiddlewares(stack *m if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetBucketLifecycleConfigurationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetBucketLifecycleConfigurationValidationMiddleware(stack); err != nil { @@ -165,7 +170,7 @@ func (c *Client) addOperationGetBucketLifecycleConfigurationMiddlewares(stack *m if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -185,7 +190,6 @@ func newServiceMetadataMiddleware_opGetBucketLifecycleConfiguration(region strin return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetBucketLifecycleConfiguration", } } @@ -215,139 +219,3 @@ func addGetBucketLifecycleConfigurationUpdateEndpoint(stack *middleware.Stack, o DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetBucketLifecycleConfigurationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetBucketLifecycleConfigurationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetBucketLifecycleConfigurationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetBucketLifecycleConfigurationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetBucketLifecycleConfigurationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetBucketLifecycleConfigurationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketLocation.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketLocation.go index 9404b4576..e94875fe5 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketLocation.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketLocation.go @@ -6,31 +6,28 @@ import ( "bytes" "context" "encoding/xml" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" smithy "github.com/aws/smithy-go" smithyxml "github.com/aws/smithy-go/encoding/xml" - smithyendpoints "github.com/aws/smithy-go/endpoints" smithyio "github.com/aws/smithy-go/io" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" "io" ) -// Returns the Region the bucket resides in. You set the bucket's Region using the -// LocationConstraint request parameter in a CreateBucket request. For more -// information, see CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) -// . To use this API operation against an access point, provide the alias of the -// access point in place of the bucket name. To use this API operation against an -// Object Lambda access point, provide the alias of the Object Lambda access point -// in place of the bucket name. If the Object Lambda access point alias in a +// This operation is not supported by directory buckets. Returns the Region the +// bucket resides in. You set the bucket's Region using the LocationConstraint +// request parameter in a CreateBucket request. For more information, see +// CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) +// . When you use this API operation with an access point, provide the alias of the +// access point in place of the bucket name. When you use this API operation with +// an Object Lambda access point, provide the alias of the Object Lambda access +// point in place of the bucket name. If the Object Lambda access point alias in a // request is not valid, the error code InvalidAccessPointAliasError is returned. // For more information about InvalidAccessPointAliasError , see List of Error // Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList) @@ -57,26 +54,31 @@ func (c *Client) GetBucketLocation(ctx context.Context, params *GetBucketLocatio type GetBucketLocationInput struct { - // The name of the bucket for which to get the location. To use this API operation - // against an access point, provide the alias of the access point in place of the - // bucket name. To use this API operation against an Object Lambda access point, - // provide the alias of the Object Lambda access point in place of the bucket name. - // If the Object Lambda access point alias in a request is not valid, the error - // code InvalidAccessPointAliasError is returned. For more information about - // InvalidAccessPointAliasError , see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList) + // The name of the bucket for which to get the location. When you use this API + // operation with an access point, provide the alias of the access point in place + // of the bucket name. When you use this API operation with an Object Lambda access + // point, provide the alias of the Object Lambda access point in place of the + // bucket name. If the Object Lambda access point alias in a request is not valid, + // the error code InvalidAccessPointAliasError is returned. For more information + // about InvalidAccessPointAliasError , see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList) // . // // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *GetBucketLocationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type GetBucketLocationOutput struct { // Specifies the Region where the bucket resides. For a list of all the Amazon S3 @@ -91,6 +93,9 @@ type GetBucketLocationOutput struct { } func (c *Client) addOperationGetBucketLocationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetBucketLocation{}, middleware.After) if err != nil { return err @@ -99,6 +104,10 @@ func (c *Client) addOperationGetBucketLocationMiddlewares(stack *middleware.Stac if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetBucketLocation"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -120,9 +129,6 @@ func (c *Client) addOperationGetBucketLocationMiddlewares(stack *middleware.Stac if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -141,10 +147,10 @@ func (c *Client) addOperationGetBucketLocationMiddlewares(stack *middleware.Stac if err = swapDeserializerHelper(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetBucketLocationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetBucketLocationValidationMiddleware(stack); err != nil { @@ -174,7 +180,7 @@ func (c *Client) addOperationGetBucketLocationMiddlewares(stack *middleware.Stac if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -250,7 +256,6 @@ func newServiceMetadataMiddleware_opGetBucketLocation(region string) *awsmiddlew return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetBucketLocation", } } @@ -280,139 +285,3 @@ func addGetBucketLocationUpdateEndpoint(stack *middleware.Stack, options Options DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetBucketLocationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetBucketLocationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetBucketLocationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetBucketLocationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetBucketLocationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetBucketLocationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketLogging.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketLogging.go index 13c01889c..5bbca7e4c 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketLogging.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketLogging.go @@ -4,23 +4,19 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Returns the logging status of a bucket and the permissions users have to view -// and modify that status. The following operations are related to GetBucketLogging -// : +// This operation is not supported by directory buckets. Returns the logging +// status of a bucket and the permissions users have to view and modify that +// status. The following operations are related to GetBucketLogging : // - CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) // - PutBucketLogging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLogging.html) func (c *Client) GetBucketLogging(ctx context.Context, params *GetBucketLoggingInput, optFns ...func(*Options)) (*GetBucketLoggingOutput, error) { @@ -45,14 +41,19 @@ type GetBucketLoggingInput struct { // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *GetBucketLoggingInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type GetBucketLoggingOutput struct { // Describes where logs are stored and the prefix that Amazon S3 assigns to all @@ -67,6 +68,9 @@ type GetBucketLoggingOutput struct { } func (c *Client) addOperationGetBucketLoggingMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetBucketLogging{}, middleware.After) if err != nil { return err @@ -75,6 +79,10 @@ func (c *Client) addOperationGetBucketLoggingMiddlewares(stack *middleware.Stack if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetBucketLogging"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -96,9 +104,6 @@ func (c *Client) addOperationGetBucketLoggingMiddlewares(stack *middleware.Stack if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -114,10 +119,10 @@ func (c *Client) addOperationGetBucketLoggingMiddlewares(stack *middleware.Stack if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetBucketLoggingResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetBucketLoggingValidationMiddleware(stack); err != nil { @@ -147,7 +152,7 @@ func (c *Client) addOperationGetBucketLoggingMiddlewares(stack *middleware.Stack if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -167,7 +172,6 @@ func newServiceMetadataMiddleware_opGetBucketLogging(region string) *awsmiddlewa return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetBucketLogging", } } @@ -197,139 +201,3 @@ func addGetBucketLoggingUpdateEndpoint(stack *middleware.Stack, options Options) DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetBucketLoggingResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetBucketLoggingResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetBucketLoggingResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetBucketLoggingInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetBucketLoggingResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetBucketLoggingResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketMetricsConfiguration.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketMetricsConfiguration.go index 7755975da..913b9a04d 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketMetricsConfiguration.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketMetricsConfiguration.go @@ -4,27 +4,23 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Gets a metrics configuration (specified by the metrics configuration ID) from -// the bucket. Note that this doesn't include the daily storage metrics. To use -// this operation, you must have permissions to perform the -// s3:GetMetricsConfiguration action. The bucket owner has this permission by -// default. The bucket owner can grant this permission to others. For more -// information about permissions, see Permissions Related to Bucket Subresource -// Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// This operation is not supported by directory buckets. Gets a metrics +// configuration (specified by the metrics configuration ID) from the bucket. Note +// that this doesn't include the daily storage metrics. To use this operation, you +// must have permissions to perform the s3:GetMetricsConfiguration action. The +// bucket owner has this permission by default. The bucket owner can grant this +// permission to others. For more information about permissions, see Permissions +// Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) // and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) // . For information about CloudWatch request metrics for Amazon S3, see // Monitoring Metrics with Amazon CloudWatch (https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html) @@ -61,14 +57,19 @@ type GetBucketMetricsConfigurationInput struct { // This member is required. Id *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *GetBucketMetricsConfigurationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type GetBucketMetricsConfigurationOutput struct { // Specifies the metrics configuration. @@ -81,6 +82,9 @@ type GetBucketMetricsConfigurationOutput struct { } func (c *Client) addOperationGetBucketMetricsConfigurationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetBucketMetricsConfiguration{}, middleware.After) if err != nil { return err @@ -89,6 +93,10 @@ func (c *Client) addOperationGetBucketMetricsConfigurationMiddlewares(stack *mid if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetBucketMetricsConfiguration"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -110,9 +118,6 @@ func (c *Client) addOperationGetBucketMetricsConfigurationMiddlewares(stack *mid if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -128,10 +133,10 @@ func (c *Client) addOperationGetBucketMetricsConfigurationMiddlewares(stack *mid if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetBucketMetricsConfigurationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetBucketMetricsConfigurationValidationMiddleware(stack); err != nil { @@ -161,7 +166,7 @@ func (c *Client) addOperationGetBucketMetricsConfigurationMiddlewares(stack *mid if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -181,7 +186,6 @@ func newServiceMetadataMiddleware_opGetBucketMetricsConfiguration(region string) return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetBucketMetricsConfiguration", } } @@ -211,139 +215,3 @@ func addGetBucketMetricsConfigurationUpdateEndpoint(stack *middleware.Stack, opt DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetBucketMetricsConfigurationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetBucketMetricsConfigurationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetBucketMetricsConfigurationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetBucketMetricsConfigurationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetBucketMetricsConfigurationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetBucketMetricsConfigurationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketNotificationConfiguration.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketNotificationConfiguration.go index 8d5eeb008..67a35d973 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketNotificationConfiguration.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketNotificationConfiguration.go @@ -4,32 +4,29 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Returns the notification configuration of a bucket. If notifications are not -// enabled on the bucket, the action returns an empty NotificationConfiguration -// element. By default, you must be the bucket owner to read the notification -// configuration of a bucket. However, the bucket owner can use a bucket policy to -// grant permission to other users to read this configuration with the -// s3:GetBucketNotification permission. To use this API operation against an access -// point, provide the alias of the access point in place of the bucket name. To use -// this API operation against an Object Lambda access point, provide the alias of -// the Object Lambda access point in place of the bucket name. If the Object Lambda -// access point alias in a request is not valid, the error code -// InvalidAccessPointAliasError is returned. For more information about -// InvalidAccessPointAliasError , see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList) +// This operation is not supported by directory buckets. Returns the notification +// configuration of a bucket. If notifications are not enabled on the bucket, the +// action returns an empty NotificationConfiguration element. By default, you must +// be the bucket owner to read the notification configuration of a bucket. However, +// the bucket owner can use a bucket policy to grant permission to other users to +// read this configuration with the s3:GetBucketNotification permission. When you +// use this API operation with an access point, provide the alias of the access +// point in place of the bucket name. When you use this API operation with an +// Object Lambda access point, provide the alias of the Object Lambda access point +// in place of the bucket name. If the Object Lambda access point alias in a +// request is not valid, the error code InvalidAccessPointAliasError is returned. +// For more information about InvalidAccessPointAliasError , see List of Error +// Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList) // . For more information about setting and reading the notification configuration // on a bucket, see Setting Up Notification of Bucket Events (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) // . For more information about bucket policies, see Using Bucket Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html) @@ -52,26 +49,32 @@ func (c *Client) GetBucketNotificationConfiguration(ctx context.Context, params type GetBucketNotificationConfigurationInput struct { - // The name of the bucket for which to get the notification configuration. To use - // this API operation against an access point, provide the alias of the access - // point in place of the bucket name. To use this API operation against an Object - // Lambda access point, provide the alias of the Object Lambda access point in - // place of the bucket name. If the Object Lambda access point alias in a request - // is not valid, the error code InvalidAccessPointAliasError is returned. For more - // information about InvalidAccessPointAliasError , see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList) + // The name of the bucket for which to get the notification configuration. When + // you use this API operation with an access point, provide the alias of the access + // point in place of the bucket name. When you use this API operation with an + // Object Lambda access point, provide the alias of the Object Lambda access point + // in place of the bucket name. If the Object Lambda access point alias in a + // request is not valid, the error code InvalidAccessPointAliasError is returned. + // For more information about InvalidAccessPointAliasError , see List of Error + // Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList) // . // // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *GetBucketNotificationConfigurationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + // A container for specifying the notification configuration of the bucket. If // this element is empty, notifications are turned off for the bucket. type GetBucketNotificationConfigurationOutput struct { @@ -98,6 +101,9 @@ type GetBucketNotificationConfigurationOutput struct { } func (c *Client) addOperationGetBucketNotificationConfigurationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetBucketNotificationConfiguration{}, middleware.After) if err != nil { return err @@ -106,6 +112,10 @@ func (c *Client) addOperationGetBucketNotificationConfigurationMiddlewares(stack if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetBucketNotificationConfiguration"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -127,9 +137,6 @@ func (c *Client) addOperationGetBucketNotificationConfigurationMiddlewares(stack if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -145,10 +152,10 @@ func (c *Client) addOperationGetBucketNotificationConfigurationMiddlewares(stack if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetBucketNotificationConfigurationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetBucketNotificationConfigurationValidationMiddleware(stack); err != nil { @@ -178,7 +185,7 @@ func (c *Client) addOperationGetBucketNotificationConfigurationMiddlewares(stack if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -198,7 +205,6 @@ func newServiceMetadataMiddleware_opGetBucketNotificationConfiguration(region st return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetBucketNotificationConfiguration", } } @@ -228,139 +234,3 @@ func addGetBucketNotificationConfigurationUpdateEndpoint(stack *middleware.Stack DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetBucketNotificationConfigurationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetBucketNotificationConfigurationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetBucketNotificationConfigurationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetBucketNotificationConfigurationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetBucketNotificationConfigurationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetBucketNotificationConfigurationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketOwnershipControls.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketOwnershipControls.go index 125c3e14f..dca55854e 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketOwnershipControls.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketOwnershipControls.go @@ -4,23 +4,20 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Retrieves OwnershipControls for an Amazon S3 bucket. To use this operation, you -// must have the s3:GetBucketOwnershipControls permission. For more information -// about Amazon S3 permissions, see Specifying permissions in a policy (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html) +// This operation is not supported by directory buckets. Retrieves +// OwnershipControls for an Amazon S3 bucket. To use this operation, you must have +// the s3:GetBucketOwnershipControls permission. For more information about Amazon +// S3 permissions, see Specifying permissions in a policy (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html) // . For information about Amazon S3 Object Ownership, see Using Object Ownership (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) // . The following operations are related to GetBucketOwnershipControls : // - PutBucketOwnershipControls @@ -47,14 +44,19 @@ type GetBucketOwnershipControlsInput struct { // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *GetBucketOwnershipControlsInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type GetBucketOwnershipControlsOutput struct { // The OwnershipControls (BucketOwnerEnforced, BucketOwnerPreferred, or @@ -68,6 +70,9 @@ type GetBucketOwnershipControlsOutput struct { } func (c *Client) addOperationGetBucketOwnershipControlsMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetBucketOwnershipControls{}, middleware.After) if err != nil { return err @@ -76,6 +81,10 @@ func (c *Client) addOperationGetBucketOwnershipControlsMiddlewares(stack *middle if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetBucketOwnershipControls"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -97,9 +106,6 @@ func (c *Client) addOperationGetBucketOwnershipControlsMiddlewares(stack *middle if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -115,10 +121,10 @@ func (c *Client) addOperationGetBucketOwnershipControlsMiddlewares(stack *middle if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetBucketOwnershipControlsResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetBucketOwnershipControlsValidationMiddleware(stack); err != nil { @@ -148,7 +154,7 @@ func (c *Client) addOperationGetBucketOwnershipControlsMiddlewares(stack *middle if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -168,7 +174,6 @@ func newServiceMetadataMiddleware_opGetBucketOwnershipControls(region string) *a return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetBucketOwnershipControls", } } @@ -198,139 +203,3 @@ func addGetBucketOwnershipControlsUpdateEndpoint(stack *middleware.Stack, option DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetBucketOwnershipControlsResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetBucketOwnershipControlsResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetBucketOwnershipControlsResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetBucketOwnershipControlsInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetBucketOwnershipControlsResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetBucketOwnershipControlsResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketPolicy.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketPolicy.go index d167fc45b..ff42b705b 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketPolicy.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketPolicy.go @@ -4,42 +4,55 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Returns the policy of a specified bucket. If you are using an identity other -// than the root user of the Amazon Web Services account that owns the bucket, the -// calling identity must have the GetBucketPolicy permissions on the specified -// bucket and belong to the bucket owner's account in order to use this operation. -// If you don't have GetBucketPolicy permissions, Amazon S3 returns a 403 Access -// Denied error. If you have the correct permissions, but you're not using an -// identity that belongs to the bucket owner's account, Amazon S3 returns a 405 -// Method Not Allowed error. To ensure that bucket owners don't inadvertently lock -// themselves out of their own buckets, the root principal in a bucket owner's -// Amazon Web Services account can perform the GetBucketPolicy , PutBucketPolicy , -// and DeleteBucketPolicy API actions, even if their bucket policy explicitly -// denies the root principal's access. Bucket owner root principals can only be -// blocked from performing these API actions by VPC endpoint policies and Amazon -// Web Services Organizations policies. To use this API operation against an access -// point, provide the alias of the access point in place of the bucket name. To use -// this API operation against an Object Lambda access point, provide the alias of -// the Object Lambda access point in place of the bucket name. If the Object Lambda -// access point alias in a request is not valid, the error code -// InvalidAccessPointAliasError is returned. For more information about -// InvalidAccessPointAliasError , see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList) -// . For more information about bucket policies, see Using Bucket Policies and -// User Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html) -// . The following action is related to GetBucketPolicy : +// Returns the policy of a specified bucket. Directory buckets - For directory +// buckets, you must make requests for this API operation to the Regional endpoint. +// These endpoints support path-style requests in the format +// https://s3express-control.region_code.amazonaws.com/bucket-name . +// Virtual-hosted-style requests aren't supported. For more information, see +// Regional and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. Permissions If you are using an identity other than +// the root user of the Amazon Web Services account that owns the bucket, the +// calling identity must both have the GetBucketPolicy permissions on the +// specified bucket and belong to the bucket owner's account in order to use this +// operation. If you don't have GetBucketPolicy permissions, Amazon S3 returns a +// 403 Access Denied error. If you have the correct permissions, but you're not +// using an identity that belongs to the bucket owner's account, Amazon S3 returns +// a 405 Method Not Allowed error. To ensure that bucket owners don't +// inadvertently lock themselves out of their own buckets, the root principal in a +// bucket owner's Amazon Web Services account can perform the GetBucketPolicy , +// PutBucketPolicy , and DeleteBucketPolicy API actions, even if their bucket +// policy explicitly denies the root principal's access. Bucket owner root +// principals can only be blocked from performing these API actions by VPC endpoint +// policies and Amazon Web Services Organizations policies. +// - General purpose bucket permissions - The s3:GetBucketPolicy permission is +// required in a policy. For more information about general purpose buckets bucket +// policies, see Using Bucket Policies and User Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html) +// in the Amazon S3 User Guide. +// - Directory bucket permissions - To grant access to this API operation, you +// must have the s3express:GetBucketPolicy permission in an IAM identity-based +// policy instead of a bucket policy. Cross-account access to this API operation +// isn't supported. This operation can only be performed by the Amazon Web Services +// account that owns the resource. For more information about directory bucket +// policies and permissions, see Amazon Web Services Identity and Access +// Management (IAM) for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) +// in the Amazon S3 User Guide. +// +// Example bucket policies General purpose buckets example bucket policies - See +// Bucket policy examples (https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) +// in the Amazon S3 User Guide. Directory bucket example bucket policies - See +// Example bucket policies for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) +// in the Amazon S3 User Guide. HTTP Host header syntax Directory buckets - The +// HTTP Host header syntax is s3express-control.region.amazonaws.com . The +// following action is related to GetBucketPolicy : // - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) func (c *Client) GetBucketPolicy(ctx context.Context, params *GetBucketPolicyInput, optFns ...func(*Options)) (*GetBucketPolicyOutput, error) { if params == nil { @@ -58,26 +71,43 @@ func (c *Client) GetBucketPolicy(ctx context.Context, params *GetBucketPolicyInp type GetBucketPolicyInput struct { - // The bucket name for which to get the bucket policy. To use this API operation - // against an access point, provide the alias of the access point in place of the - // bucket name. To use this API operation against an Object Lambda access point, - // provide the alias of the Object Lambda access point in place of the bucket name. - // If the Object Lambda access point alias in a request is not valid, the error - // code InvalidAccessPointAliasError is returned. For more information about - // InvalidAccessPointAliasError , see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList) - // . + // The bucket name to get the bucket policy for. Directory buckets - When you use + // this operation with a directory bucket, you must use path-style requests in the + // format https://s3express-control.region_code.amazonaws.com/bucket-name . + // Virtual-hosted-style requests aren't supported. Directory bucket names must be + // unique in the chosen Availability Zone. Bucket names must also follow the format + // bucket_base_name--az_id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az2--x-s3 + // ). For information about bucket naming restrictions, see Directory bucket + // naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide Access points - When you use this API operation with + // an access point, provide the alias of the access point in place of the bucket + // name. Object Lambda access points - When you use this API operation with an + // Object Lambda access point, provide the alias of the Object Lambda access point + // in place of the bucket name. If the Object Lambda access point alias in a + // request is not valid, the error code InvalidAccessPointAliasError is returned. + // For more information about InvalidAccessPointAliasError , see List of Error + // Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList) + // . Access points and Object Lambda access points are not supported by directory + // buckets. // // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). For directory buckets, this header + // is not supported in this API operation. If you specify this header, the request + // fails with the HTTP status code 501 Not Implemented . ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *GetBucketPolicyInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type GetBucketPolicyOutput struct { // The bucket policy as a JSON document. @@ -90,6 +120,9 @@ type GetBucketPolicyOutput struct { } func (c *Client) addOperationGetBucketPolicyMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetBucketPolicy{}, middleware.After) if err != nil { return err @@ -98,6 +131,10 @@ func (c *Client) addOperationGetBucketPolicyMiddlewares(stack *middleware.Stack, if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetBucketPolicy"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -119,9 +156,6 @@ func (c *Client) addOperationGetBucketPolicyMiddlewares(stack *middleware.Stack, if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -137,10 +171,10 @@ func (c *Client) addOperationGetBucketPolicyMiddlewares(stack *middleware.Stack, if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetBucketPolicyResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetBucketPolicyValidationMiddleware(stack); err != nil { @@ -170,7 +204,7 @@ func (c *Client) addOperationGetBucketPolicyMiddlewares(stack *middleware.Stack, if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -190,7 +224,6 @@ func newServiceMetadataMiddleware_opGetBucketPolicy(region string) *awsmiddlewar return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetBucketPolicy", } } @@ -220,139 +253,3 @@ func addGetBucketPolicyUpdateEndpoint(stack *middleware.Stack, options Options) DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetBucketPolicyResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetBucketPolicyResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetBucketPolicyResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetBucketPolicyInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetBucketPolicyResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetBucketPolicyResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketPolicyStatus.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketPolicyStatus.go index 8229d4f48..6acf706fc 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketPolicyStatus.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketPolicyStatus.go @@ -4,24 +4,21 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Retrieves the policy status for an Amazon S3 bucket, indicating whether the -// bucket is public. In order to use this operation, you must have the -// s3:GetBucketPolicyStatus permission. For more information about Amazon S3 -// permissions, see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) +// This operation is not supported by directory buckets. Retrieves the policy +// status for an Amazon S3 bucket, indicating whether the bucket is public. In +// order to use this operation, you must have the s3:GetBucketPolicyStatus +// permission. For more information about Amazon S3 permissions, see Specifying +// Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) // . For more information about when Amazon S3 considers a bucket public, see The // Meaning of "Public" (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) // . The following operations are related to GetBucketPolicyStatus : @@ -51,14 +48,19 @@ type GetBucketPolicyStatusInput struct { // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *GetBucketPolicyStatusInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type GetBucketPolicyStatusOutput struct { // The policy status for the specified bucket. @@ -71,6 +73,9 @@ type GetBucketPolicyStatusOutput struct { } func (c *Client) addOperationGetBucketPolicyStatusMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetBucketPolicyStatus{}, middleware.After) if err != nil { return err @@ -79,6 +84,10 @@ func (c *Client) addOperationGetBucketPolicyStatusMiddlewares(stack *middleware. if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetBucketPolicyStatus"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -100,9 +109,6 @@ func (c *Client) addOperationGetBucketPolicyStatusMiddlewares(stack *middleware. if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -118,10 +124,10 @@ func (c *Client) addOperationGetBucketPolicyStatusMiddlewares(stack *middleware. if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetBucketPolicyStatusResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetBucketPolicyStatusValidationMiddleware(stack); err != nil { @@ -151,7 +157,7 @@ func (c *Client) addOperationGetBucketPolicyStatusMiddlewares(stack *middleware. if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -171,7 +177,6 @@ func newServiceMetadataMiddleware_opGetBucketPolicyStatus(region string) *awsmid return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetBucketPolicyStatus", } } @@ -201,139 +206,3 @@ func addGetBucketPolicyStatusUpdateEndpoint(stack *middleware.Stack, options Opt DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetBucketPolicyStatusResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetBucketPolicyStatusResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetBucketPolicyStatusResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetBucketPolicyStatusInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetBucketPolicyStatusResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetBucketPolicyStatusResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketReplication.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketReplication.go index 5cf7567ac..8db927c13 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketReplication.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketReplication.go @@ -4,24 +4,21 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Returns the replication configuration of a bucket. It can take a while to -// propagate the put or delete a replication configuration to all Amazon S3 -// systems. Therefore, a get request soon after put or delete can return a wrong -// result. For information about replication configuration, see Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) +// This operation is not supported by directory buckets. Returns the replication +// configuration of a bucket. It can take a while to propagate the put or delete a +// replication configuration to all Amazon S3 systems. Therefore, a get request +// soon after put or delete can return a wrong result. For information about +// replication configuration, see Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) // in the Amazon S3 User Guide. This action requires permissions for the // s3:GetReplicationConfiguration action. For more information about permissions, // see Using Bucket Policies and User Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html) @@ -54,14 +51,19 @@ type GetBucketReplicationInput struct { // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *GetBucketReplicationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type GetBucketReplicationOutput struct { // A container for replication rules. You can add up to 1,000 rules. The maximum @@ -75,6 +77,9 @@ type GetBucketReplicationOutput struct { } func (c *Client) addOperationGetBucketReplicationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetBucketReplication{}, middleware.After) if err != nil { return err @@ -83,6 +88,10 @@ func (c *Client) addOperationGetBucketReplicationMiddlewares(stack *middleware.S if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetBucketReplication"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -104,9 +113,6 @@ func (c *Client) addOperationGetBucketReplicationMiddlewares(stack *middleware.S if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -122,10 +128,10 @@ func (c *Client) addOperationGetBucketReplicationMiddlewares(stack *middleware.S if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetBucketReplicationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetBucketReplicationValidationMiddleware(stack); err != nil { @@ -155,7 +161,7 @@ func (c *Client) addOperationGetBucketReplicationMiddlewares(stack *middleware.S if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -175,7 +181,6 @@ func newServiceMetadataMiddleware_opGetBucketReplication(region string) *awsmidd return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetBucketReplication", } } @@ -205,139 +210,3 @@ func addGetBucketReplicationUpdateEndpoint(stack *middleware.Stack, options Opti DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetBucketReplicationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetBucketReplicationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetBucketReplicationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetBucketReplicationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetBucketReplicationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetBucketReplicationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketRequestPayment.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketRequestPayment.go index 14a9883cc..37c964509 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketRequestPayment.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketRequestPayment.go @@ -4,23 +4,19 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Returns the request payment configuration of a bucket. To use this version of -// the operation, you must be the bucket owner. For more information, see -// Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html) +// This operation is not supported by directory buckets. Returns the request +// payment configuration of a bucket. To use this version of the operation, you +// must be the bucket owner. For more information, see Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html) // . The following operations are related to GetBucketRequestPayment : // - ListObjects (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjects.html) func (c *Client) GetBucketRequestPayment(ctx context.Context, params *GetBucketRequestPaymentInput, optFns ...func(*Options)) (*GetBucketRequestPaymentOutput, error) { @@ -45,14 +41,19 @@ type GetBucketRequestPaymentInput struct { // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *GetBucketRequestPaymentInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type GetBucketRequestPaymentOutput struct { // Specifies who pays for the download and request fees. @@ -65,6 +66,9 @@ type GetBucketRequestPaymentOutput struct { } func (c *Client) addOperationGetBucketRequestPaymentMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetBucketRequestPayment{}, middleware.After) if err != nil { return err @@ -73,6 +77,10 @@ func (c *Client) addOperationGetBucketRequestPaymentMiddlewares(stack *middlewar if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetBucketRequestPayment"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -94,9 +102,6 @@ func (c *Client) addOperationGetBucketRequestPaymentMiddlewares(stack *middlewar if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -112,10 +117,10 @@ func (c *Client) addOperationGetBucketRequestPaymentMiddlewares(stack *middlewar if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetBucketRequestPaymentResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetBucketRequestPaymentValidationMiddleware(stack); err != nil { @@ -145,7 +150,7 @@ func (c *Client) addOperationGetBucketRequestPaymentMiddlewares(stack *middlewar if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -165,7 +170,6 @@ func newServiceMetadataMiddleware_opGetBucketRequestPayment(region string) *awsm return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetBucketRequestPayment", } } @@ -195,139 +199,3 @@ func addGetBucketRequestPaymentUpdateEndpoint(stack *middleware.Stack, options O DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetBucketRequestPaymentResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetBucketRequestPaymentResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetBucketRequestPaymentResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetBucketRequestPaymentInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetBucketRequestPaymentResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetBucketRequestPaymentResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketTagging.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketTagging.go index a2cd2bb66..4c2761be8 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketTagging.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketTagging.go @@ -4,24 +4,21 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Returns the tag set associated with the bucket. To use this operation, you must -// have permission to perform the s3:GetBucketTagging action. By default, the -// bucket owner has this permission and can grant this permission to others. -// GetBucketTagging has the following special error: +// This operation is not supported by directory buckets. Returns the tag set +// associated with the bucket. To use this operation, you must have permission to +// perform the s3:GetBucketTagging action. By default, the bucket owner has this +// permission and can grant this permission to others. GetBucketTagging has the +// following special error: // - Error code: NoSuchTagSet // - Description: There is no tag set associated with the bucket. // @@ -50,14 +47,19 @@ type GetBucketTaggingInput struct { // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *GetBucketTaggingInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type GetBucketTaggingOutput struct { // Contains the tag set. @@ -72,6 +74,9 @@ type GetBucketTaggingOutput struct { } func (c *Client) addOperationGetBucketTaggingMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetBucketTagging{}, middleware.After) if err != nil { return err @@ -80,6 +85,10 @@ func (c *Client) addOperationGetBucketTaggingMiddlewares(stack *middleware.Stack if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetBucketTagging"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -101,9 +110,6 @@ func (c *Client) addOperationGetBucketTaggingMiddlewares(stack *middleware.Stack if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -119,10 +125,10 @@ func (c *Client) addOperationGetBucketTaggingMiddlewares(stack *middleware.Stack if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetBucketTaggingResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetBucketTaggingValidationMiddleware(stack); err != nil { @@ -152,7 +158,7 @@ func (c *Client) addOperationGetBucketTaggingMiddlewares(stack *middleware.Stack if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -172,7 +178,6 @@ func newServiceMetadataMiddleware_opGetBucketTagging(region string) *awsmiddlewa return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetBucketTagging", } } @@ -202,139 +207,3 @@ func addGetBucketTaggingUpdateEndpoint(stack *middleware.Stack, options Options) DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetBucketTaggingResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetBucketTaggingResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetBucketTaggingResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetBucketTaggingInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetBucketTaggingResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetBucketTaggingResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketVersioning.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketVersioning.go index 3153eaa76..55cad6297 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketVersioning.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketVersioning.go @@ -4,25 +4,22 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Returns the versioning state of a bucket. To retrieve the versioning state of a -// bucket, you must be the bucket owner. This implementation also returns the MFA -// Delete status of the versioning state. If the MFA Delete status is enabled , the -// bucket owner must use an authentication device to change the versioning state of -// the bucket. The following operations are related to GetBucketVersioning : +// This operation is not supported by directory buckets. Returns the versioning +// state of a bucket. To retrieve the versioning state of a bucket, you must be the +// bucket owner. This implementation also returns the MFA Delete status of the +// versioning state. If the MFA Delete status is enabled , the bucket owner must +// use an authentication device to change the versioning state of the bucket. The +// following operations are related to GetBucketVersioning : // - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) // - PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) // - DeleteObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) @@ -48,14 +45,19 @@ type GetBucketVersioningInput struct { // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *GetBucketVersioningInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type GetBucketVersioningOutput struct { // Specifies whether MFA delete is enabled in the bucket versioning configuration. @@ -73,6 +75,9 @@ type GetBucketVersioningOutput struct { } func (c *Client) addOperationGetBucketVersioningMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetBucketVersioning{}, middleware.After) if err != nil { return err @@ -81,6 +86,10 @@ func (c *Client) addOperationGetBucketVersioningMiddlewares(stack *middleware.St if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetBucketVersioning"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -102,9 +111,6 @@ func (c *Client) addOperationGetBucketVersioningMiddlewares(stack *middleware.St if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -120,10 +126,10 @@ func (c *Client) addOperationGetBucketVersioningMiddlewares(stack *middleware.St if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetBucketVersioningResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetBucketVersioningValidationMiddleware(stack); err != nil { @@ -153,7 +159,7 @@ func (c *Client) addOperationGetBucketVersioningMiddlewares(stack *middleware.St if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -173,7 +179,6 @@ func newServiceMetadataMiddleware_opGetBucketVersioning(region string) *awsmiddl return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetBucketVersioning", } } @@ -203,139 +208,3 @@ func addGetBucketVersioningUpdateEndpoint(stack *middleware.Stack, options Optio DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetBucketVersioningResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetBucketVersioningResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetBucketVersioningResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetBucketVersioningInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetBucketVersioningResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetBucketVersioningResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketWebsite.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketWebsite.go index c28296a6c..f0ebf2b0d 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketWebsite.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetBucketWebsite.go @@ -4,23 +4,20 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Returns the website configuration for a bucket. To host website on Amazon S3, -// you can configure a bucket as website by adding a website configuration. For -// more information about hosting websites, see Hosting Websites on Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) +// This operation is not supported by directory buckets. Returns the website +// configuration for a bucket. To host website on Amazon S3, you can configure a +// bucket as website by adding a website configuration. For more information about +// hosting websites, see Hosting Websites on Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) // . This GET action requires the S3:GetBucketWebsite permission. By default, only // the bucket owner can read the bucket website configuration. However, bucket // owners can allow other users to read the website configuration by writing a @@ -50,14 +47,19 @@ type GetBucketWebsiteInput struct { // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *GetBucketWebsiteInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type GetBucketWebsiteOutput struct { // The object key name of the website error document to use for 4XX class errors. @@ -80,6 +82,9 @@ type GetBucketWebsiteOutput struct { } func (c *Client) addOperationGetBucketWebsiteMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetBucketWebsite{}, middleware.After) if err != nil { return err @@ -88,6 +93,10 @@ func (c *Client) addOperationGetBucketWebsiteMiddlewares(stack *middleware.Stack if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetBucketWebsite"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -109,9 +118,6 @@ func (c *Client) addOperationGetBucketWebsiteMiddlewares(stack *middleware.Stack if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -127,10 +133,10 @@ func (c *Client) addOperationGetBucketWebsiteMiddlewares(stack *middleware.Stack if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetBucketWebsiteResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetBucketWebsiteValidationMiddleware(stack); err != nil { @@ -160,7 +166,7 @@ func (c *Client) addOperationGetBucketWebsiteMiddlewares(stack *middleware.Stack if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -180,7 +186,6 @@ func newServiceMetadataMiddleware_opGetBucketWebsite(region string) *awsmiddlewa return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetBucketWebsite", } } @@ -210,139 +215,3 @@ func addGetBucketWebsiteUpdateEndpoint(stack *middleware.Stack, options Options) DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetBucketWebsiteResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetBucketWebsiteResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetBucketWebsiteResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetBucketWebsiteInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetBucketWebsiteResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetBucketWebsiteResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObject.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObject.go index e84be49a9..d2dc15c7c 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObject.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObject.go @@ -4,112 +4,110 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" "io" "time" ) -// Retrieves objects from Amazon S3. To use GET , you must have READ access to the -// object. If you grant READ access to the anonymous user, you can return the -// object without using an authorization header. An Amazon S3 bucket has no -// directory hierarchy such as you would find in a typical computer file system. -// You can, however, create a logical hierarchy by using object key names that -// imply a folder structure. For example, instead of naming an object sample.jpg , -// you can name it photos/2006/February/sample.jpg . To get an object from such a -// logical hierarchy, specify the full key name for the object in the GET -// operation. For a virtual hosted-style request example, if you have the object -// photos/2006/February/sample.jpg , specify the resource as -// /photos/2006/February/sample.jpg . For a path-style request example, if you have -// the object photos/2006/February/sample.jpg in the bucket named examplebucket , -// specify the resource as /examplebucket/photos/2006/February/sample.jpg . For -// more information about request types, see HTTP Host Header Bucket Specification (https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html#VirtualHostingSpecifyBucket) -// . For more information about returning the ACL of an object, see GetObjectAcl (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html) -// . If the object you are retrieving is stored in the S3 Glacier Flexible -// Retrieval or S3 Glacier Deep Archive storage class, or S3 Intelligent-Tiering -// Archive or S3 Intelligent-Tiering Deep Archive tiers, before you can retrieve -// the object you must first restore a copy using RestoreObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html) -// . Otherwise, this action returns an InvalidObjectState error. For information -// about restoring archived objects, see Restoring Archived Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html) -// . Encryption request headers, like x-amz-server-side-encryption , should not be -// sent for GET requests if your object uses server-side encryption with Key -// Management Service (KMS) keys (SSE-KMS), dual-layer server-side encryption with -// Amazon Web Services KMS keys (DSSE-KMS), or server-side encryption with Amazon -// S3 managed encryption keys (SSE-S3). If your object does use these types of -// keys, you’ll get an HTTP 400 Bad Request error. If you encrypt an object by -// using server-side encryption with customer-provided encryption keys (SSE-C) when -// you store the object in Amazon S3, then when you GET the object, you must use -// the following headers: -// - x-amz-server-side-encryption-customer-algorithm -// - x-amz-server-side-encryption-customer-key -// - x-amz-server-side-encryption-customer-key-MD5 +// Retrieves an object from Amazon S3. In the GetObject request, specify the full +// key name for the object. General purpose buckets - Both the virtual-hosted-style +// requests and the path-style requests are supported. For a virtual hosted-style +// request example, if you have the object photos/2006/February/sample.jpg , +// specify the object key name as /photos/2006/February/sample.jpg . For a +// path-style request example, if you have the object +// photos/2006/February/sample.jpg in the bucket named examplebucket , specify the +// object key name as /examplebucket/photos/2006/February/sample.jpg . For more +// information about request types, see HTTP Host Header Bucket Specification (https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html#VirtualHostingSpecifyBucket) +// in the Amazon S3 User Guide. Directory buckets - Only virtual-hosted-style +// requests are supported. For a virtual hosted-style request example, if you have +// the object photos/2006/February/sample.jpg in the bucket named +// examplebucket--use1-az5--x-s3 , specify the object key name as +// /photos/2006/February/sample.jpg . Also, when you make requests to this API +// operation, your requests are sent to the Zonal endpoint. These endpoints support +// virtual-hosted-style requests in the format +// https://bucket_name.s3express-az_id.region.amazonaws.com/key-name . Path-style +// requests are not supported. For more information, see Regional and Zonal +// endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. Permissions +// - General purpose bucket permissions - You must have the required permissions +// in a policy. To use GetObject , you must have the READ access to the object +// (or version). If you grant READ access to the anonymous user, the GetObject +// operation returns the object without using an authorization header. For more +// information, see Specifying permissions in a policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) +// in the Amazon S3 User Guide. If you include a versionId in your request +// header, you must have the s3:GetObjectVersion permission to access a specific +// version of an object. The s3:GetObject permission is not required in this +// scenario. If you request the current version of an object without a specific +// versionId in the request header, only the s3:GetObject permission is required. +// The s3:GetObjectVersion permission is not required in this scenario. If the +// object that you request doesn’t exist, the error that Amazon S3 returns depends +// on whether you also have the s3:ListBucket permission. +// - If you have the s3:ListBucket permission on the bucket, Amazon S3 returns an +// HTTP status code 404 Not Found error. +// - If you don’t have the s3:ListBucket permission, Amazon S3 returns an HTTP +// status code 403 Access Denied error. +// - Directory bucket permissions - To grant access to this API operation on a +// directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant the +// s3express:CreateSession permission to the directory bucket in a bucket policy +// or an IAM identity-based policy. Then, you make the CreateSession API call on +// the bucket to obtain a session token. With the session token in your request +// header, you can make API requests to this operation. After the session token +// expires, you make another CreateSession API call to generate a new session +// token for use. Amazon Web Services CLI or SDKs create session and refresh the +// session token automatically to avoid service interruptions when a session +// expires. For more information about authorization, see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// . // -// For more information about SSE-C, see Server-Side Encryption (Using -// Customer-Provided Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) -// . Assuming you have the relevant permission to read object tags, the response -// also returns the x-amz-tagging-count header that provides the count of number -// of tags associated with the object. You can use GetObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html) -// to retrieve the tag set associated with an object. Permissions You need the -// relevant read object (or version) permission for this operation. For more -// information, see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) -// . If the object that you request doesn’t exist, the error that Amazon S3 returns -// depends on whether you also have the s3:ListBucket permission. If you have the -// s3:ListBucket permission on the bucket, Amazon S3 returns an HTTP status code -// 404 (Not Found) error. If you don’t have the s3:ListBucket permission, Amazon -// S3 returns an HTTP status code 403 ("access denied") error. Versioning By -// default, the GET action returns the current version of an object. To return a -// different version, use the versionId subresource. -// - If you supply a versionId , you need the s3:GetObjectVersion permission to -// access a specific version of an object. If you request a specific version, you -// do not need to have the s3:GetObject permission. If you request the current -// version without a specific version ID, only s3:GetObject permission is -// required. s3:GetObjectVersion permission won't be required. -// - If the current version of the object is a delete marker, Amazon S3 behaves -// as if the object was deleted and includes x-amz-delete-marker: true in the -// response. -// -// For more information about versioning, see PutBucketVersioning (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketVersioning.html) -// . Overriding Response Header Values There are times when you want to override -// certain response header values in a GET response. For example, you might -// override the Content-Disposition response header value in your GET request. You -// can override values for a set of response headers using the following query -// parameters. These response header values are sent only on a successful request, -// that is, when status code 200 OK is returned. The set of headers you can -// override using these parameters is a subset of the headers that Amazon S3 -// accepts when you create an object. The response headers that you can override -// for the GET response are Content-Type , Content-Language , Expires , -// Cache-Control , Content-Disposition , and Content-Encoding . To override these -// header values in the GET response, you use the following request parameters. -// You must sign the request, either using an Authorization header or a presigned -// URL, when using these parameters. They cannot be used with an unsigned -// (anonymous) request. -// - response-content-type -// - response-content-language -// - response-expires +// Storage classes If the object you are retrieving is stored in the S3 Glacier +// Flexible Retrieval storage class, the S3 Glacier Deep Archive storage class, the +// S3 Intelligent-Tiering Archive Access tier, or the S3 Intelligent-Tiering Deep +// Archive Access tier, before you can retrieve the object you must first restore a +// copy using RestoreObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html) +// . Otherwise, this operation returns an InvalidObjectState error. For +// information about restoring archived objects, see Restoring Archived Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html) +// in the Amazon S3 User Guide. Directory buckets - For directory buckets, only the +// S3 Express One Zone storage class is supported to store newly created objects. +// Unsupported storage class values won't write a destination object and will +// respond with the HTTP status code 400 Bad Request . Encryption Encryption +// request headers, like x-amz-server-side-encryption , should not be sent for the +// GetObject requests, if your object uses server-side encryption with Amazon S3 +// managed encryption keys (SSE-S3), server-side encryption with Key Management +// Service (KMS) keys (SSE-KMS), or dual-layer server-side encryption with Amazon +// Web Services KMS keys (DSSE-KMS). If you include the header in your GetObject +// requests for the object that uses these types of keys, you’ll get an HTTP 400 +// Bad Request error. Overriding response header values through the request There +// are times when you want to override certain response header values of a +// GetObject response. For example, you might override the Content-Disposition +// response header value through your GetObject request. You can override values +// for a set of response headers. These modified response header values are +// included only in a successful response, that is, when the HTTP status code 200 +// OK is returned. The headers you can override using the following query +// parameters in the request are a subset of the headers that Amazon S3 accepts +// when you create an object. The response headers that you can override for the +// GetObject response are Cache-Control , Content-Disposition , Content-Encoding , +// Content-Language , Content-Type , and Expires . To override values for a set of +// response headers in the GetObject response, you can use the following query +// parameters in the request. // - response-cache-control // - response-content-disposition // - response-content-encoding +// - response-content-language +// - response-content-type +// - response-expires // -// Overriding Response Header Values If both of the If-Match and -// If-Unmodified-Since headers are present in the request as follows: If-Match -// condition evaluates to true , and; If-Unmodified-Since condition evaluates to -// false ; then, S3 returns 200 OK and the data requested. If both of the -// If-None-Match and If-Modified-Since headers are present in the request as -// follows: If-None-Match condition evaluates to false , and; If-Modified-Since -// condition evaluates to true ; then, S3 returns 304 Not Modified response code. -// For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232) -// . The following operations are related to GetObject : +// When you use these parameters, you must sign the request by using either an +// Authorization header or a presigned URL. These parameters cannot be used with an +// unsigned (anonymous) request. HTTP Host header syntax Directory buckets - The +// HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com . +// The following operations are related to GetObject : // - ListBuckets (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html) // - GetObjectAcl (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html) func (c *Client) GetObject(ctx context.Context, params *GetObjectInput, optFns ...func(*Options)) (*GetObjectOutput, error) { @@ -129,18 +127,30 @@ func (c *Client) GetObject(ctx context.Context, params *GetObjectInput, optFns . type GetObjectInput struct { - // The bucket name containing the object. When using this action with an access - // point, you must direct requests to the access point hostname. The access point + // The bucket name containing the object. Directory buckets - When you use this + // operation with a directory bucket, you must use virtual-hosted-style requests in + // the format Bucket_name.s3express-az_id.region.amazonaws.com . Path-style + // requests are not supported. Directory bucket names must be unique in the chosen + // Availability Zone. Bucket names must follow the format + // bucket_base_name--az-id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az2--x-s3 + // ). For information about bucket naming restrictions, see Directory bucket + // naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. Access points - When you use this action with an + // access point, you must provide the alias of the access point in place of the + // bucket name or specify the access point ARN. When using the access point ARN, + // you must direct requests to the access point hostname. The access point hostname + // takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. Object Lambda access points - When you use this + // action with an Object Lambda access point, you must direct requests to the + // Object Lambda access point hostname. The Object Lambda access point hostname + // takes the form AccessPointName-AccountId.s3-object-lambda.Region.amazonaws.com. + // Access points and Object Lambda access points are not supported by directory + // buckets. S3 on Outposts - When you use this action with Amazon S3 on Outposts, + // you must direct requests to the S3 on Outposts hostname. The S3 on Outposts // hostname takes the form - // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this - // action with an access point through the Amazon Web Services SDKs, you provide - // the access point ARN in place of the bucket name. For more information about - // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When using an Object Lambda access point the - // hostname takes the form - // AccessPointName-AccountId.s3-object-lambda.Region.amazonaws.com. When you use - // this action with Amazon S3 on Outposts, you must direct requests to the S3 on - // Outposts hostname. The S3 on Outposts hostname takes the form // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you // use this action with S3 on Outposts through the Amazon Web Services SDKs, you // provide the Outposts access point ARN in place of the bucket name. For more @@ -158,51 +168,69 @@ type GetObjectInput struct { // To retrieve the checksum, this mode must be enabled. ChecksumMode types.ChecksumMode - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Return the object only if its entity tag (ETag) is the same as the one - // specified; otherwise, return a 412 (precondition failed) error. + // specified in this header; otherwise, return a 412 Precondition Failed error. If + // both of the If-Match and If-Unmodified-Since headers are present in the request + // as follows: If-Match condition evaluates to true , and; If-Unmodified-Since + // condition evaluates to false ; then, S3 returns 200 OK and the data requested. + // For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232) + // . IfMatch *string // Return the object only if it has been modified since the specified time; - // otherwise, return a 304 (not modified) error. + // otherwise, return a 304 Not Modified error. If both of the If-None-Match and + // If-Modified-Since headers are present in the request as follows: If-None-Match + // condition evaluates to false , and; If-Modified-Since condition evaluates to + // true ; then, S3 returns 304 Not Modified status code. For more information + // about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232) . IfModifiedSince *time.Time // Return the object only if its entity tag (ETag) is different from the one - // specified; otherwise, return a 304 (not modified) error. + // specified in this header; otherwise, return a 304 Not Modified error. If both + // of the If-None-Match and If-Modified-Since headers are present in the request + // as follows: If-None-Match condition evaluates to false , and; If-Modified-Since + // condition evaluates to true ; then, S3 returns 304 Not Modified HTTP status + // code. For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232) + // . IfNoneMatch *string // Return the object only if it has not been modified since the specified time; - // otherwise, return a 412 (precondition failed) error. + // otherwise, return a 412 Precondition Failed error. If both of the If-Match and + // If-Unmodified-Since headers are present in the request as follows: If-Match + // condition evaluates to true , and; If-Unmodified-Since condition evaluates to + // false ; then, S3 returns 200 OK and the data requested. For more information + // about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232) . IfUnmodifiedSince *time.Time // Part number of the object being read. This is a positive integer between 1 and // 10,000. Effectively performs a 'ranged' GET request for the part specified. // Useful for downloading just a part of an object. - PartNumber int32 + PartNumber *int32 - // Downloads the specified range bytes of an object. For more information about - // the HTTP Range header, see - // https://www.rfc-editor.org/rfc/rfc9110.html#name-range (https://www.rfc-editor.org/rfc/rfc9110.html#name-range) + // Downloads the specified byte range of an object. For more information about the + // HTTP Range header, see https://www.rfc-editor.org/rfc/rfc9110.html#name-range (https://www.rfc-editor.org/rfc/rfc9110.html#name-range) // . Amazon S3 doesn't support retrieving multiple ranges of data per GET request. Range *string // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer // Sets the Cache-Control header of the response. ResponseCacheControl *string - // Sets the Content-Disposition header of the response + // Sets the Content-Disposition header of the response. ResponseContentDisposition *string // Sets the Content-Encoding header of the response. @@ -217,75 +245,121 @@ type GetObjectInput struct { // Sets the Expires header of the response. ResponseExpires *time.Time - // Specifies the algorithm to use to when decrypting the object (for example, - // AES256). + // Specifies the algorithm to use when decrypting the object (for example, AES256 + // ). If you encrypt an object by using server-side encryption with + // customer-provided encryption keys (SSE-C) when you store the object in Amazon + // S3, then when you GET the object, you must use the following headers: + // - x-amz-server-side-encryption-customer-algorithm + // - x-amz-server-side-encryption-customer-key + // - x-amz-server-side-encryption-customer-key-MD5 + // For more information about SSE-C, see Server-Side Encryption (Using + // Customer-Provided Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. SSECustomerAlgorithm *string - // Specifies the customer-provided encryption key for Amazon S3 used to encrypt - // the data. This value is used to decrypt the object when recovering it and must - // match the one used when storing the data. The key must be appropriate for use - // with the algorithm specified in the - // x-amz-server-side-encryption-customer-algorithm header. + // Specifies the customer-provided encryption key that you originally provided for + // Amazon S3 to encrypt the data before storing it. This value is used to decrypt + // the object when recovering it and must match the one used when storing the data. + // The key must be appropriate for use with the algorithm specified in the + // x-amz-server-side-encryption-customer-algorithm header. If you encrypt an object + // by using server-side encryption with customer-provided encryption keys (SSE-C) + // when you store the object in Amazon S3, then when you GET the object, you must + // use the following headers: + // - x-amz-server-side-encryption-customer-algorithm + // - x-amz-server-side-encryption-customer-key + // - x-amz-server-side-encryption-customer-key-MD5 + // For more information about SSE-C, see Server-Side Encryption (Using + // Customer-Provided Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. SSECustomerKey *string - // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. - // Amazon S3 uses this header for a message integrity check to ensure that the - // encryption key was transmitted without error. + // Specifies the 128-bit MD5 digest of the customer-provided encryption key + // according to RFC 1321. Amazon S3 uses this header for a message integrity check + // to ensure that the encryption key was transmitted without error. If you encrypt + // an object by using server-side encryption with customer-provided encryption keys + // (SSE-C) when you store the object in Amazon S3, then when you GET the object, + // you must use the following headers: + // - x-amz-server-side-encryption-customer-algorithm + // - x-amz-server-side-encryption-customer-key + // - x-amz-server-side-encryption-customer-key-MD5 + // For more information about SSE-C, see Server-Side Encryption (Using + // Customer-Provided Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. SSECustomerKeyMD5 *string - // VersionId used to reference a specific version of the object. + // Version ID used to reference a specific version of the object. By default, the + // GetObject operation returns the current version of an object. To return a + // different version, use the versionId subresource. + // - If you include a versionId in your request header, you must have the + // s3:GetObjectVersion permission to access a specific version of an object. The + // s3:GetObject permission is not required in this scenario. + // - If you request the current version of an object without a specific versionId + // in the request header, only the s3:GetObject permission is required. The + // s3:GetObjectVersion permission is not required in this scenario. + // - Directory buckets - S3 Versioning isn't enabled and supported for directory + // buckets. For this API operation, only the null value of the version ID is + // supported by directory buckets. You can only specify null to the versionId + // query parameter in the request. + // For more information about versioning, see PutBucketVersioning (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketVersioning.html) + // . VersionId *string noSmithyDocumentSerde } +func (in *GetObjectInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.Key = in.Key + +} + type GetObjectOutput struct { - // Indicates that a range of bytes was specified. + // Indicates that a range of bytes was specified in the request. AcceptRanges *string // Object data. Body io.ReadCloser // Indicates whether the object uses an S3 Bucket Key for server-side encryption - // with Key Management Service (KMS) keys (SSE-KMS). - BucketKeyEnabled bool + // with Key Management Service (KMS) keys (SSE-KMS). This functionality is not + // supported for directory buckets. + BucketKeyEnabled *bool // Specifies caching behavior along the request/reply chain. CacheControl *string // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. For more information, see Checking + // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. ChecksumCRC32 *string // The base64-encoded, 32-bit CRC32C checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. For more information, see Checking + // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. ChecksumCRC32C *string // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. For more information, see Checking + // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. ChecksumSHA1 *string // The base64-encoded, 256-bit SHA-256 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. For more information, see Checking + // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. ChecksumSHA256 *string // Specifies presentational information for the object. ContentDisposition *string - // Specifies what content encodings have been applied to the object and thus what + // Indicates what content encodings have been applied to the object and thus what // decoding mechanisms must be applied to obtain the media-type referenced by the // Content-Type header field. ContentEncoding *string @@ -294,7 +368,7 @@ type GetObjectOutput struct { ContentLanguage *string // Size of the body in bytes. - ContentLength int64 + ContentLength *int64 // The portion of the object returned in the response. ContentRange *string @@ -302,24 +376,34 @@ type GetObjectOutput struct { // A standard MIME type describing the format of the object data. ContentType *string - // Specifies whether the object retrieved was (true) or was not (false) a Delete + // Indicates whether the object retrieved was (true) or was not (false) a Delete // Marker. If false, this response header does not appear in the response. - DeleteMarker bool + // - If the current version of the object is a delete marker, Amazon S3 behaves + // as if the object was deleted and includes x-amz-delete-marker: true in the + // response. + // - If the specified version in the request is a delete marker, the response + // returns a 405 Method Not Allowed error and the Last-Modified: timestamp + // response header. + DeleteMarker *bool // An entity tag (ETag) is an opaque identifier assigned by a web server to a // specific version of a resource found at a URL. ETag *string - // If the object expiration is configured (see PUT Bucket lifecycle), the response - // includes this header. It includes the expiry-date and rule-id key-value pairs - // providing object expiration information. The value of the rule-id is - // URL-encoded. + // If the object expiration is configured (see PutBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html) + // ), the response includes this header. It includes the expiry-date and rule-id + // key-value pairs providing object expiration information. The value of the + // rule-id is URL-encoded. This functionality is not supported for directory + // buckets. Expiration *string // The date and time at which the object is no longer cacheable. Expires *time.Time - // Creation date of the object. + // Date and time when the object was last modified. General purpose buckets - When + // you specify a versionId of the object in your request, if the specified version + // in the request is a delete marker, the response returns a 405 Method Not Allowed + // error and the Last-Modified: timestamp response header. LastModified *time.Time // A map of metadata to store with the object in S3. @@ -327,69 +411,88 @@ type GetObjectOutput struct { // Map keys will be normalized to lower-case. Metadata map[string]string - // This is set to the number of metadata entries not returned in x-amz-meta - // headers. This can happen if you create metadata using an API like SOAP that - // supports more flexible metadata than the REST API. For example, using SOAP, you - // can create metadata whose values are not legal HTTP headers. - MissingMeta int32 + // This is set to the number of metadata entries not returned in the headers that + // are prefixed with x-amz-meta- . This can happen if you create metadata using an + // API like SOAP that supports more flexible metadata than the REST API. For + // example, using SOAP, you can create metadata whose values are not legal HTTP + // headers. This functionality is not supported for directory buckets. + MissingMeta *int32 // Indicates whether this object has an active legal hold. This field is only - // returned if you have permission to view an object's legal hold status. + // returned if you have permission to view an object's legal hold status. This + // functionality is not supported for directory buckets. ObjectLockLegalHoldStatus types.ObjectLockLegalHoldStatus - // The Object Lock mode currently in place for this object. + // The Object Lock mode that's currently in place for this object. This + // functionality is not supported for directory buckets. ObjectLockMode types.ObjectLockMode - // The date and time when this object's Object Lock will expire. + // The date and time when this object's Object Lock will expire. This + // functionality is not supported for directory buckets. ObjectLockRetainUntilDate *time.Time // The count of parts this object has. This value is only returned if you specify // partNumber in your request and the object was uploaded as a multipart upload. - PartsCount int32 + PartsCount *int32 // Amazon S3 can return this if your request involves a bucket that is either a - // source or destination in a replication rule. + // source or destination in a replication rule. This functionality is not supported + // for directory buckets. ReplicationStatus types.ReplicationStatus // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged // Provides information about object restoration action and expiration time of the - // restored object copy. + // restored object copy. This functionality is not supported for directory buckets. + // Only the S3 Express One Zone storage class is supported by directory buckets to + // store objects. Restore *string // If server-side encryption with a customer-provided encryption key was - // requested, the response will include this header confirming the encryption - // algorithm used. + // requested, the response will include this header to confirm the encryption + // algorithm that's used. This functionality is not supported for directory + // buckets. SSECustomerAlgorithm *string // If server-side encryption with a customer-provided encryption key was - // requested, the response will include this header to provide round-trip message - // integrity verification of the customer-provided encryption key. + // requested, the response will include this header to provide the round-trip + // message integrity verification of the customer-provided encryption key. This + // functionality is not supported for directory buckets. SSECustomerKeyMD5 *string - // If present, specifies the ID of the Key Management Service (KMS) symmetric - // encryption customer managed key that was used for the object. + // If present, indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. This functionality + // is not supported for directory buckets. SSEKMSKeyId *string - // The server-side encryption algorithm used when storing this object in Amazon S3 - // (for example, AES256 , aws:kms , aws:kms:dsse ). + // The server-side encryption algorithm used when you store this object in Amazon + // S3 (for example, AES256 , aws:kms , aws:kms:dsse ). For directory buckets, only + // server-side encryption with Amazon S3 managed keys (SSE-S3) ( AES256 ) is + // supported. ServerSideEncryption types.ServerSideEncryption // Provides storage class information of the object. Amazon S3 returns this header - // for all objects except for S3 Standard storage class objects. + // for all objects except for S3 Standard storage class objects. Directory buckets + // - Only the S3 Express One Zone storage class is supported by directory buckets + // to store objects. StorageClass types.StorageClass - // The number of tags, if any, on the object. - TagCount int32 + // The number of tags, if any, on the object, when you have the relevant + // permission to read object tags. You can use GetObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html) + // to retrieve the tag set associated with an object. This functionality is not + // supported for directory buckets. + TagCount *int32 - // Version of the object. + // Version ID of the object. This functionality is not supported for directory + // buckets. VersionId *string // If the bucket is configured as a website, redirects requests for this object to // another object in the same bucket or to an external URL. Amazon S3 stores the - // value of this header in the object metadata. + // value of this header in the object metadata. This functionality is not supported + // for directory buckets. WebsiteRedirectLocation *string // Metadata pertaining to the operation's result. @@ -399,6 +502,9 @@ type GetObjectOutput struct { } func (c *Client) addOperationGetObjectMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetObject{}, middleware.After) if err != nil { return err @@ -407,6 +513,10 @@ func (c *Client) addOperationGetObjectMiddlewares(stack *middleware.Stack, optio if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetObject"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -428,9 +538,6 @@ func (c *Client) addOperationGetObjectMiddlewares(stack *middleware.Stack, optio if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -443,10 +550,10 @@ func (c *Client) addOperationGetObjectMiddlewares(stack *middleware.Stack, optio if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetObjectResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetObjectValidationMiddleware(stack); err != nil { @@ -479,7 +586,7 @@ func (c *Client) addOperationGetObjectMiddlewares(stack *middleware.Stack, optio if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -499,7 +606,6 @@ func newServiceMetadataMiddleware_opGetObject(region string) *awsmiddleware.Regi return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetObject", } } @@ -579,139 +685,3 @@ func addGetObjectPayloadAsUnsigned(stack *middleware.Stack, options Options) err v4.RemoveComputePayloadSHA256Middleware(stack) return v4.AddUnsignedPayloadMiddleware(stack) } - -type opGetObjectResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetObjectResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetObjectResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetObjectInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetObjectResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetObjectResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectAcl.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectAcl.go index b6ea63ea0..3b2a16872 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectAcl.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectAcl.go @@ -4,24 +4,20 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Returns the access control list (ACL) of an object. To use this operation, you -// must have s3:GetObjectAcl permissions or READ_ACP access to the object. For -// more information, see Mapping of ACL permissions and access policy permissions (https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#acl-access-policy-permission-mapping) -// in the Amazon S3 User Guide This action is not supported by Amazon S3 on +// This operation is not supported by directory buckets. Returns the access +// control list (ACL) of an object. To use this operation, you must have +// s3:GetObjectAcl permissions or READ_ACP access to the object. For more +// information, see Mapping of ACL permissions and access policy permissions (https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#acl-access-policy-permission-mapping) +// in the Amazon S3 User Guide This functionality is not supported for Amazon S3 on // Outposts. By default, GET returns ACL information about the current version of // an object. To return ACL information about a different version, use the // versionId subresource. If your bucket uses the bucket owner enforced setting for @@ -53,7 +49,9 @@ func (c *Client) GetObjectAcl(ctx context.Context, params *GetObjectAclInput, op type GetObjectAclInput struct { // The bucket name that contains the object for which to get the ACL information. - // When using this action with an access point, you must direct requests to the + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the access + // point ARN. When using the access point ARN, you must direct requests to the // access point hostname. The access point hostname takes the form // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this // action with an access point through the Amazon Web Services SDKs, you provide @@ -69,26 +67,34 @@ type GetObjectAclInput struct { // This member is required. Key *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer - // VersionId used to reference a specific version of the object. + // Version ID used to reference a specific version of the object. This + // functionality is not supported for directory buckets. VersionId *string noSmithyDocumentSerde } +func (in *GetObjectAclInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.Key = in.Key + +} + type GetObjectAclOutput struct { // A list of grants. @@ -98,7 +104,7 @@ type GetObjectAclOutput struct { Owner *types.Owner // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged // Metadata pertaining to the operation's result. @@ -108,6 +114,9 @@ type GetObjectAclOutput struct { } func (c *Client) addOperationGetObjectAclMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetObjectAcl{}, middleware.After) if err != nil { return err @@ -116,6 +125,10 @@ func (c *Client) addOperationGetObjectAclMiddlewares(stack *middleware.Stack, op if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetObjectAcl"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -137,9 +150,6 @@ func (c *Client) addOperationGetObjectAclMiddlewares(stack *middleware.Stack, op if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -155,10 +165,10 @@ func (c *Client) addOperationGetObjectAclMiddlewares(stack *middleware.Stack, op if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetObjectAclResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetObjectAclValidationMiddleware(stack); err != nil { @@ -188,7 +198,7 @@ func (c *Client) addOperationGetObjectAclMiddlewares(stack *middleware.Stack, op if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -208,7 +218,6 @@ func newServiceMetadataMiddleware_opGetObjectAcl(region string) *awsmiddleware.R return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetObjectAcl", } } @@ -238,139 +247,3 @@ func addGetObjectAclUpdateEndpoint(stack *middleware.Stack, options Options) err DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetObjectAclResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetObjectAclResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetObjectAclResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetObjectAclInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetObjectAclResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetObjectAclResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectAttributes.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectAttributes.go index 06b1ac2df..ed53ae7b3 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectAttributes.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectAttributes.go @@ -4,73 +4,98 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" "time" ) // Retrieves all the metadata from an object without returning the object itself. -// This action is useful if you're interested only in an object's metadata. To use -// GetObjectAttributes , you must have READ access to the object. +// This operation is useful if you're interested only in an object's metadata. // GetObjectAttributes combines the functionality of HeadObject and ListParts . All // of the data returned with each of those individual calls can be returned with a -// single call to GetObjectAttributes . If you encrypt an object by using -// server-side encryption with customer-provided encryption keys (SSE-C) when you -// store the object in Amazon S3, then when you retrieve the metadata from the -// object, you must use the following headers: +// single call to GetObjectAttributes . Directory buckets - For directory buckets, +// you must make requests for this API operation to the Zonal endpoint. These +// endpoints support virtual-hosted-style requests in the format +// https://bucket_name.s3express-az_id.region.amazonaws.com/key-name . Path-style +// requests are not supported. For more information, see Regional and Zonal +// endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. Permissions +// - General purpose bucket permissions - To use GetObjectAttributes , you must +// have READ access to the object. The permissions that you need to use this +// operation with depend on whether the bucket is versioned. If the bucket is +// versioned, you need both the s3:GetObjectVersion and +// s3:GetObjectVersionAttributes permissions for this operation. If the bucket is +// not versioned, you need the s3:GetObject and s3:GetObjectAttributes +// permissions. For more information, see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) +// in the Amazon S3 User Guide. If the object that you request does not exist, the +// error Amazon S3 returns depends on whether you also have the s3:ListBucket +// permission. +// - If you have the s3:ListBucket permission on the bucket, Amazon S3 returns an +// HTTP status code 404 Not Found ("no such key") error. +// - If you don't have the s3:ListBucket permission, Amazon S3 returns an HTTP +// status code 403 Forbidden ("access denied") error. +// - Directory bucket permissions - To grant access to this API operation on a +// directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant the +// s3express:CreateSession permission to the directory bucket in a bucket policy +// or an IAM identity-based policy. Then, you make the CreateSession API call on +// the bucket to obtain a session token. With the session token in your request +// header, you can make API requests to this operation. After the session token +// expires, you make another CreateSession API call to generate a new session +// token for use. Amazon Web Services CLI or SDKs create session and refresh the +// session token automatically to avoid service interruptions when a session +// expires. For more information about authorization, see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// . +// +// Encryption Encryption request headers, like x-amz-server-side-encryption , +// should not be sent for HEAD requests if your object uses server-side encryption +// with Key Management Service (KMS) keys (SSE-KMS), dual-layer server-side +// encryption with Amazon Web Services KMS keys (DSSE-KMS), or server-side +// encryption with Amazon S3 managed encryption keys (SSE-S3). The +// x-amz-server-side-encryption header is used when you PUT an object to S3 and +// want to specify the encryption method. If you include this header in a GET +// request for an object that uses these types of keys, you’ll get an HTTP 400 Bad +// Request error. It's because the encryption method can't be changed when you +// retrieve the object. If you encrypt an object by using server-side encryption +// with customer-provided encryption keys (SSE-C) when you store the object in +// Amazon S3, then when you retrieve the metadata from the object, you must use the +// following headers to provide the encryption key for the server to be able to +// retrieve the object's metadata. The headers are: // - x-amz-server-side-encryption-customer-algorithm // - x-amz-server-side-encryption-customer-key // - x-amz-server-side-encryption-customer-key-MD5 // // For more information about SSE-C, see Server-Side Encryption (Using // Customer-Provided Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) -// in the Amazon S3 User Guide. -// - Encryption request headers, such as x-amz-server-side-encryption , should -// not be sent for GET requests if your object uses server-side encryption with -// Amazon Web Services KMS keys stored in Amazon Web Services Key Management -// Service (SSE-KMS) or server-side encryption with Amazon S3 managed keys -// (SSE-S3). If your object does use these types of keys, you'll get an HTTP 400 -// Bad Request error. -// - The last modified property in this case is the creation date of the object. -// -// Consider the following when using request headers: +// in the Amazon S3 User Guide. Directory bucket permissions - For directory +// buckets, only server-side encryption with Amazon S3 managed keys (SSE-S3) ( +// AES256 ) is supported. Versioning Directory buckets - S3 Versioning isn't +// enabled and supported for directory buckets. For this API operation, only the +// null value of the version ID is supported by directory buckets. You can only +// specify null to the versionId query parameter in the request. Conditional +// request headers Consider the following when using request headers: // - If both of the If-Match and If-Unmodified-Since headers are present in the // request as follows, then Amazon S3 returns the HTTP status code 200 OK and the // data requested: // - If-Match condition evaluates to true . -// - If-Unmodified-Since condition evaluates to false . +// - If-Unmodified-Since condition evaluates to false . For more information +// about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232) +// . // - If both of the If-None-Match and If-Modified-Since headers are present in // the request as follows, then Amazon S3 returns the HTTP status code 304 Not // Modified : // - If-None-Match condition evaluates to false . -// - If-Modified-Since condition evaluates to true . +// - If-Modified-Since condition evaluates to true . For more information about +// conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232) . // -// For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232) -// . Permissions The permissions that you need to use this operation depend on -// whether the bucket is versioned. If the bucket is versioned, you need both the -// s3:GetObjectVersion and s3:GetObjectVersionAttributes permissions for this -// operation. If the bucket is not versioned, you need the s3:GetObject and -// s3:GetObjectAttributes permissions. For more information, see Specifying -// Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) -// in the Amazon S3 User Guide. If the object that you request does not exist, the -// error Amazon S3 returns depends on whether you also have the s3:ListBucket -// permission. -// - If you have the s3:ListBucket permission on the bucket, Amazon S3 returns an -// HTTP status code 404 Not Found ("no such key") error. -// - If you don't have the s3:ListBucket permission, Amazon S3 returns an HTTP -// status code 403 Forbidden ("access denied") error. -// -// The following actions are related to GetObjectAttributes : +// HTTP Host header syntax Directory buckets - The HTTP Host header syntax is +// Bucket_name.s3express-az_id.region.amazonaws.com . The following actions are +// related to GetObjectAttributes : // - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) // - GetObjectAcl (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html) // - GetObjectLegalHold (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectLegalHold.html) @@ -96,16 +121,26 @@ func (c *Client) GetObjectAttributes(ctx context.Context, params *GetObjectAttri type GetObjectAttributesInput struct { - // The name of the bucket that contains the object. When using this action with an - // access point, you must direct requests to the access point hostname. The access - // point hostname takes the form - // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this - // action with an access point through the Amazon Web Services SDKs, you provide - // the access point ARN in place of the bucket name. For more information about - // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form + // The name of the bucket that contains the object. Directory buckets - When you + // use this operation with a directory bucket, you must use virtual-hosted-style + // requests in the format Bucket_name.s3express-az_id.region.amazonaws.com . + // Path-style requests are not supported. Directory bucket names must be unique in + // the chosen Availability Zone. Bucket names must follow the format + // bucket_base_name--az-id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az2--x-s3 + // ). For information about bucket naming restrictions, see Directory bucket + // naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. Access points - When you use this action with an + // access point, you must provide the alias of the access point in place of the + // bucket name or specify the access point ARN. When using the access point ARN, + // you must direct requests to the access point hostname. The access point hostname + // takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. Access points and Object Lambda access points are + // not supported by directory buckets. S3 on Outposts - When you use this action + // with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts + // hostname. The S3 on Outposts hostname takes the form // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you // use this action with S3 on Outposts through the Amazon Web Services SDKs, you // provide the Outposts access point ARN in place of the bucket name. For more @@ -126,13 +161,13 @@ type GetObjectAttributesInput struct { // This member is required. ObjectAttributes []types.ObjectAttributes - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Sets the maximum number of parts to return. - MaxParts int32 + MaxParts *int32 // Specifies the part after which listing should begin. Only parts with higher // part numbers will be listed. @@ -140,34 +175,47 @@ type GetObjectAttributesInput struct { // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer - // Specifies the algorithm to use when encrypting the object (for example, AES256). + // Specifies the algorithm to use when encrypting the object (for example, + // AES256). This functionality is not supported for directory buckets. SSECustomerAlgorithm *string // Specifies the customer-provided encryption key for Amazon S3 to use in // encrypting data. This value is used to store the object and then it is // discarded; Amazon S3 does not store the encryption key. The key must be // appropriate for use with the algorithm specified in the - // x-amz-server-side-encryption-customer-algorithm header. + // x-amz-server-side-encryption-customer-algorithm header. This functionality is + // not supported for directory buckets. SSECustomerKey *string // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the - // encryption key was transmitted without error. + // encryption key was transmitted without error. This functionality is not + // supported for directory buckets. SSECustomerKeyMD5 *string - // The version ID used to reference a specific version of the object. + // The version ID used to reference a specific version of the object. S3 + // Versioning isn't enabled and supported for directory buckets. For this API + // operation, only the null value of the version ID is supported by directory + // buckets. You can only specify null to the versionId query parameter in the + // request. VersionId *string noSmithyDocumentSerde } +func (in *GetObjectAttributesInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + +} + type GetObjectAttributesOutput struct { // The checksum or digest of the object. @@ -175,7 +223,8 @@ type GetObjectAttributesOutput struct { // Specifies whether the object retrieved was ( true ) or was not ( false ) a // delete marker. If false , this response header does not appear in the response. - DeleteMarker bool + // This functionality is not supported for directory buckets. + DeleteMarker *bool // An ETag is an opaque identifier assigned by a web server to a specific version // of a resource found at a URL. @@ -188,19 +237,21 @@ type GetObjectAttributesOutput struct { ObjectParts *types.GetObjectAttributesParts // The size of the object in bytes. - ObjectSize int64 + ObjectSize *int64 // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged // Provides the storage class information of the object. Amazon S3 returns this // header for all objects except for S3 Standard storage class objects. For more // information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) - // . + // . Directory buckets - Only the S3 Express One Zone storage class is supported by + // directory buckets to store objects. StorageClass types.StorageClass - // The version ID of the object. + // The version ID of the object. This functionality is not supported for directory + // buckets. VersionId *string // Metadata pertaining to the operation's result. @@ -210,6 +261,9 @@ type GetObjectAttributesOutput struct { } func (c *Client) addOperationGetObjectAttributesMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetObjectAttributes{}, middleware.After) if err != nil { return err @@ -218,6 +272,10 @@ func (c *Client) addOperationGetObjectAttributesMiddlewares(stack *middleware.St if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetObjectAttributes"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -239,9 +297,6 @@ func (c *Client) addOperationGetObjectAttributesMiddlewares(stack *middleware.St if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -257,10 +312,10 @@ func (c *Client) addOperationGetObjectAttributesMiddlewares(stack *middleware.St if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetObjectAttributesResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetObjectAttributesValidationMiddleware(stack); err != nil { @@ -290,7 +345,7 @@ func (c *Client) addOperationGetObjectAttributesMiddlewares(stack *middleware.St if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -310,7 +365,6 @@ func newServiceMetadataMiddleware_opGetObjectAttributes(region string) *awsmiddl return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetObjectAttributes", } } @@ -340,139 +394,3 @@ func addGetObjectAttributesUpdateEndpoint(stack *middleware.Stack, options Optio DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetObjectAttributesResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetObjectAttributesResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetObjectAttributesResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetObjectAttributesInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetObjectAttributesResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetObjectAttributesResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectLegalHold.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectLegalHold.go index c43441697..3f7af2202 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectLegalHold.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectLegalHold.go @@ -4,24 +4,19 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Gets an object's current legal hold status. For more information, see Locking -// Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) . -// This action is not supported by Amazon S3 on Outposts. The following action is -// related to GetObjectLegalHold : +// This operation is not supported by directory buckets. Gets an object's current +// legal hold status. For more information, see Locking Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) +// . This functionality is not supported for Amazon S3 on Outposts. The following +// action is related to GetObjectLegalHold : // - GetObjectAttributes (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html) func (c *Client) GetObjectLegalHold(ctx context.Context, params *GetObjectLegalHoldInput, optFns ...func(*Options)) (*GetObjectLegalHoldOutput, error) { if params == nil { @@ -41,8 +36,10 @@ func (c *Client) GetObjectLegalHold(ctx context.Context, params *GetObjectLegalH type GetObjectLegalHoldInput struct { // The bucket name containing the object whose legal hold status you want to - // retrieve. When using this action with an access point, you must direct requests - // to the access point hostname. The access point hostname takes the form + // retrieve. Access points - When you use this action with an access point, you + // must provide the alias of the access point in place of the bucket name or + // specify the access point ARN. When using the access point ARN, you must direct + // requests to the access point hostname. The access point hostname takes the form // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this // action with an access point through the Amazon Web Services SDKs, you provide // the access point ARN in place of the bucket name. For more information about @@ -57,18 +54,19 @@ type GetObjectLegalHoldInput struct { // This member is required. Key *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer // The version ID of the object whose legal hold status you want to retrieve. @@ -77,6 +75,11 @@ type GetObjectLegalHoldInput struct { noSmithyDocumentSerde } +func (in *GetObjectLegalHoldInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + +} + type GetObjectLegalHoldOutput struct { // The current legal hold status for the specified object. @@ -89,6 +92,9 @@ type GetObjectLegalHoldOutput struct { } func (c *Client) addOperationGetObjectLegalHoldMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetObjectLegalHold{}, middleware.After) if err != nil { return err @@ -97,6 +103,10 @@ func (c *Client) addOperationGetObjectLegalHoldMiddlewares(stack *middleware.Sta if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetObjectLegalHold"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -118,9 +128,6 @@ func (c *Client) addOperationGetObjectLegalHoldMiddlewares(stack *middleware.Sta if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -136,10 +143,10 @@ func (c *Client) addOperationGetObjectLegalHoldMiddlewares(stack *middleware.Sta if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetObjectLegalHoldResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetObjectLegalHoldValidationMiddleware(stack); err != nil { @@ -169,7 +176,7 @@ func (c *Client) addOperationGetObjectLegalHoldMiddlewares(stack *middleware.Sta if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -189,7 +196,6 @@ func newServiceMetadataMiddleware_opGetObjectLegalHold(region string) *awsmiddle return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetObjectLegalHold", } } @@ -219,139 +225,3 @@ func addGetObjectLegalHoldUpdateEndpoint(stack *middleware.Stack, options Option DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetObjectLegalHoldResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetObjectLegalHoldResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetObjectLegalHoldResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetObjectLegalHoldInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetObjectLegalHoldResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetObjectLegalHoldResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectLockConfiguration.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectLockConfiguration.go index eb142dada..1ba436d53 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectLockConfiguration.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectLockConfiguration.go @@ -4,23 +4,19 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Gets the Object Lock configuration for a bucket. The rule specified in the -// Object Lock configuration will be applied by default to every new object placed -// in the specified bucket. For more information, see Locking Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) +// This operation is not supported by directory buckets. Gets the Object Lock +// configuration for a bucket. The rule specified in the Object Lock configuration +// will be applied by default to every new object placed in the specified bucket. +// For more information, see Locking Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) // . The following action is related to GetObjectLockConfiguration : // - GetObjectAttributes (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html) func (c *Client) GetObjectLockConfiguration(ctx context.Context, params *GetObjectLockConfigurationInput, optFns ...func(*Options)) (*GetObjectLockConfigurationOutput, error) { @@ -40,8 +36,10 @@ func (c *Client) GetObjectLockConfiguration(ctx context.Context, params *GetObje type GetObjectLockConfigurationInput struct { - // The bucket whose Object Lock configuration you want to retrieve. When using - // this action with an access point, you must direct requests to the access point + // The bucket whose Object Lock configuration you want to retrieve. Access points + // - When you use this action with an access point, you must provide the alias of + // the access point in place of the bucket name or specify the access point ARN. + // When using the access point ARN, you must direct requests to the access point // hostname. The access point hostname takes the form // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this // action with an access point through the Amazon Web Services SDKs, you provide @@ -52,14 +50,19 @@ type GetObjectLockConfigurationInput struct { // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *GetObjectLockConfigurationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + +} + type GetObjectLockConfigurationOutput struct { // The specified bucket's Object Lock configuration. @@ -72,6 +75,9 @@ type GetObjectLockConfigurationOutput struct { } func (c *Client) addOperationGetObjectLockConfigurationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetObjectLockConfiguration{}, middleware.After) if err != nil { return err @@ -80,6 +86,10 @@ func (c *Client) addOperationGetObjectLockConfigurationMiddlewares(stack *middle if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetObjectLockConfiguration"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -101,9 +111,6 @@ func (c *Client) addOperationGetObjectLockConfigurationMiddlewares(stack *middle if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -119,10 +126,10 @@ func (c *Client) addOperationGetObjectLockConfigurationMiddlewares(stack *middle if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetObjectLockConfigurationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetObjectLockConfigurationValidationMiddleware(stack); err != nil { @@ -152,7 +159,7 @@ func (c *Client) addOperationGetObjectLockConfigurationMiddlewares(stack *middle if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -172,7 +179,6 @@ func newServiceMetadataMiddleware_opGetObjectLockConfiguration(region string) *a return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetObjectLockConfiguration", } } @@ -202,139 +208,3 @@ func addGetObjectLockConfigurationUpdateEndpoint(stack *middleware.Stack, option DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetObjectLockConfigurationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetObjectLockConfigurationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetObjectLockConfigurationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetObjectLockConfigurationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetObjectLockConfigurationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetObjectLockConfigurationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectRetention.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectRetention.go index 278d13522..1dea7d8ab 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectRetention.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectRetention.go @@ -4,24 +4,19 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Retrieves an object's retention settings. For more information, see Locking -// Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) . -// This action is not supported by Amazon S3 on Outposts. The following action is -// related to GetObjectRetention : +// This operation is not supported by directory buckets. Retrieves an object's +// retention settings. For more information, see Locking Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) +// . This functionality is not supported for Amazon S3 on Outposts. The following +// action is related to GetObjectRetention : // - GetObjectAttributes (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html) func (c *Client) GetObjectRetention(ctx context.Context, params *GetObjectRetentionInput, optFns ...func(*Options)) (*GetObjectRetentionOutput, error) { if params == nil { @@ -41,8 +36,10 @@ func (c *Client) GetObjectRetention(ctx context.Context, params *GetObjectRetent type GetObjectRetentionInput struct { // The bucket name containing the object whose retention settings you want to - // retrieve. When using this action with an access point, you must direct requests - // to the access point hostname. The access point hostname takes the form + // retrieve. Access points - When you use this action with an access point, you + // must provide the alias of the access point in place of the bucket name or + // specify the access point ARN. When using the access point ARN, you must direct + // requests to the access point hostname. The access point hostname takes the form // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this // action with an access point through the Amazon Web Services SDKs, you provide // the access point ARN in place of the bucket name. For more information about @@ -57,18 +54,19 @@ type GetObjectRetentionInput struct { // This member is required. Key *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer // The version ID for the object whose retention settings you want to retrieve. @@ -77,6 +75,11 @@ type GetObjectRetentionInput struct { noSmithyDocumentSerde } +func (in *GetObjectRetentionInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + +} + type GetObjectRetentionOutput struct { // The container element for an object's retention settings. @@ -89,6 +92,9 @@ type GetObjectRetentionOutput struct { } func (c *Client) addOperationGetObjectRetentionMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetObjectRetention{}, middleware.After) if err != nil { return err @@ -97,6 +103,10 @@ func (c *Client) addOperationGetObjectRetentionMiddlewares(stack *middleware.Sta if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetObjectRetention"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -118,9 +128,6 @@ func (c *Client) addOperationGetObjectRetentionMiddlewares(stack *middleware.Sta if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -136,10 +143,10 @@ func (c *Client) addOperationGetObjectRetentionMiddlewares(stack *middleware.Sta if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetObjectRetentionResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetObjectRetentionValidationMiddleware(stack); err != nil { @@ -169,7 +176,7 @@ func (c *Client) addOperationGetObjectRetentionMiddlewares(stack *middleware.Sta if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -189,7 +196,6 @@ func newServiceMetadataMiddleware_opGetObjectRetention(region string) *awsmiddle return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetObjectRetention", } } @@ -219,139 +225,3 @@ func addGetObjectRetentionUpdateEndpoint(stack *middleware.Stack, options Option DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetObjectRetentionResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetObjectRetentionResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetObjectRetentionResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetObjectRetentionInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetObjectRetentionResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetObjectRetentionResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectTagging.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectTagging.go index 14ebf1c4e..c020e9bd7 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectTagging.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectTagging.go @@ -4,29 +4,25 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Returns the tag-set of an object. You send the GET request against the tagging -// subresource associated with the object. To use this operation, you must have -// permission to perform the s3:GetObjectTagging action. By default, the GET -// action returns information about current version of an object. For a versioned -// bucket, you can have multiple versions of an object in your bucket. To retrieve -// tags of any other version, use the versionId query parameter. You also need -// permission for the s3:GetObjectVersionTagging action. By default, the bucket -// owner has this permission and can grant this permission to others. For -// information about the Amazon S3 object tagging feature, see Object Tagging (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-tagging.html) +// This operation is not supported by directory buckets. Returns the tag-set of an +// object. You send the GET request against the tagging subresource associated with +// the object. To use this operation, you must have permission to perform the +// s3:GetObjectTagging action. By default, the GET action returns information about +// current version of an object. For a versioned bucket, you can have multiple +// versions of an object in your bucket. To retrieve tags of any other version, use +// the versionId query parameter. You also need permission for the +// s3:GetObjectVersionTagging action. By default, the bucket owner has this +// permission and can grant this permission to others. For information about the +// Amazon S3 object tagging feature, see Object Tagging (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-tagging.html) // . The following actions are related to GetObjectTagging : // - DeleteObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjectTagging.html) // - GetObjectAttributes (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html) @@ -49,15 +45,17 @@ func (c *Client) GetObjectTagging(ctx context.Context, params *GetObjectTaggingI type GetObjectTaggingInput struct { // The bucket name containing the object for which to get the tagging information. - // When using this action with an access point, you must direct requests to the + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the access + // point ARN. When using the access point ARN, you must direct requests to the // access point hostname. The access point hostname takes the form // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this // action with an access point through the Amazon Web Services SDKs, you provide // the access point ARN in place of the bucket name. For more information about // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form + // in the Amazon S3 User Guide. S3 on Outposts - When you use this action with + // Amazon S3 on Outposts, you must direct requests to the S3 on Outposts hostname. + // The S3 on Outposts hostname takes the form // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you // use this action with S3 on Outposts through the Amazon Web Services SDKs, you // provide the Outposts access point ARN in place of the bucket name. For more @@ -72,18 +70,19 @@ type GetObjectTaggingInput struct { // This member is required. Key *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer // The versionId of the object for which to get the tagging information. @@ -92,6 +91,11 @@ type GetObjectTaggingInput struct { noSmithyDocumentSerde } +func (in *GetObjectTaggingInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + +} + type GetObjectTaggingOutput struct { // Contains the tag set. @@ -109,6 +113,9 @@ type GetObjectTaggingOutput struct { } func (c *Client) addOperationGetObjectTaggingMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetObjectTagging{}, middleware.After) if err != nil { return err @@ -117,6 +124,10 @@ func (c *Client) addOperationGetObjectTaggingMiddlewares(stack *middleware.Stack if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetObjectTagging"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -138,9 +149,6 @@ func (c *Client) addOperationGetObjectTaggingMiddlewares(stack *middleware.Stack if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -156,10 +164,10 @@ func (c *Client) addOperationGetObjectTaggingMiddlewares(stack *middleware.Stack if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetObjectTaggingResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetObjectTaggingValidationMiddleware(stack); err != nil { @@ -189,7 +197,7 @@ func (c *Client) addOperationGetObjectTaggingMiddlewares(stack *middleware.Stack if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -209,7 +217,6 @@ func newServiceMetadataMiddleware_opGetObjectTagging(region string) *awsmiddlewa return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetObjectTagging", } } @@ -239,139 +246,3 @@ func addGetObjectTaggingUpdateEndpoint(stack *middleware.Stack, options Options) DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetObjectTaggingResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetObjectTaggingResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetObjectTaggingResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetObjectTaggingInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetObjectTaggingResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetObjectTaggingResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectTorrent.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectTorrent.go index dd06c1bde..6689ef976 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectTorrent.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetObjectTorrent.go @@ -4,27 +4,23 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" "io" ) -// Returns torrent files from a bucket. BitTorrent can save you bandwidth when -// you're distributing large files. You can get torrent only for objects that are -// less than 5 GB in size, and that are not encrypted using server-side encryption -// with a customer-provided encryption key. To use GET, you must have READ access -// to the object. This action is not supported by Amazon S3 on Outposts. The -// following action is related to GetObjectTorrent : +// This operation is not supported by directory buckets. Returns torrent files +// from a bucket. BitTorrent can save you bandwidth when you're distributing large +// files. You can get torrent only for objects that are less than 5 GB in size, and +// that are not encrypted using server-side encryption with a customer-provided +// encryption key. To use GET, you must have READ access to the object. This +// functionality is not supported for Amazon S3 on Outposts. The following action +// is related to GetObjectTorrent : // - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) func (c *Client) GetObjectTorrent(ctx context.Context, params *GetObjectTorrentInput, optFns ...func(*Options)) (*GetObjectTorrentOutput, error) { if params == nil { @@ -53,30 +49,36 @@ type GetObjectTorrentInput struct { // This member is required. Key *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer noSmithyDocumentSerde } +func (in *GetObjectTorrentInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + +} + type GetObjectTorrentOutput struct { // A Bencoded dictionary as defined by the BitTorrent specification Body io.ReadCloser // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged // Metadata pertaining to the operation's result. @@ -86,6 +88,9 @@ type GetObjectTorrentOutput struct { } func (c *Client) addOperationGetObjectTorrentMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetObjectTorrent{}, middleware.After) if err != nil { return err @@ -94,6 +99,10 @@ func (c *Client) addOperationGetObjectTorrentMiddlewares(stack *middleware.Stack if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetObjectTorrent"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -115,9 +124,6 @@ func (c *Client) addOperationGetObjectTorrentMiddlewares(stack *middleware.Stack if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -130,10 +136,10 @@ func (c *Client) addOperationGetObjectTorrentMiddlewares(stack *middleware.Stack if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetObjectTorrentResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetObjectTorrentValidationMiddleware(stack); err != nil { @@ -163,7 +169,7 @@ func (c *Client) addOperationGetObjectTorrentMiddlewares(stack *middleware.Stack if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -183,7 +189,6 @@ func newServiceMetadataMiddleware_opGetObjectTorrent(region string) *awsmiddlewa return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetObjectTorrent", } } @@ -213,139 +218,3 @@ func addGetObjectTorrentUpdateEndpoint(stack *middleware.Stack, options Options) DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetObjectTorrentResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetObjectTorrentResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetObjectTorrentResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetObjectTorrentInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetObjectTorrentResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetObjectTorrentResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetPublicAccessBlock.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetPublicAccessBlock.go index cd09834c0..0ae12e397 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetPublicAccessBlock.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_GetPublicAccessBlock.go @@ -4,24 +4,20 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Retrieves the PublicAccessBlock configuration for an Amazon S3 bucket. To use -// this operation, you must have the s3:GetBucketPublicAccessBlock permission. For -// more information about Amazon S3 permissions, see Specifying Permissions in a -// Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) +// This operation is not supported by directory buckets. Retrieves the +// PublicAccessBlock configuration for an Amazon S3 bucket. To use this operation, +// you must have the s3:GetBucketPublicAccessBlock permission. For more +// information about Amazon S3 permissions, see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) // . When Amazon S3 evaluates the PublicAccessBlock configuration for a bucket or // an object, it checks the PublicAccessBlock configuration for both the bucket // (or the bucket that contains the object) and the bucket owner's account. If the @@ -57,14 +53,19 @@ type GetPublicAccessBlockInput struct { // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *GetPublicAccessBlockInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type GetPublicAccessBlockOutput struct { // The PublicAccessBlock configuration currently in effect for this Amazon S3 @@ -78,6 +79,9 @@ type GetPublicAccessBlockOutput struct { } func (c *Client) addOperationGetPublicAccessBlockMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpGetPublicAccessBlock{}, middleware.After) if err != nil { return err @@ -86,6 +90,10 @@ func (c *Client) addOperationGetPublicAccessBlockMiddlewares(stack *middleware.S if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetPublicAccessBlock"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -107,9 +115,6 @@ func (c *Client) addOperationGetPublicAccessBlockMiddlewares(stack *middleware.S if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -125,10 +130,10 @@ func (c *Client) addOperationGetPublicAccessBlockMiddlewares(stack *middleware.S if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addGetPublicAccessBlockResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpGetPublicAccessBlockValidationMiddleware(stack); err != nil { @@ -158,7 +163,7 @@ func (c *Client) addOperationGetPublicAccessBlockMiddlewares(stack *middleware.S if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -178,7 +183,6 @@ func newServiceMetadataMiddleware_opGetPublicAccessBlock(region string) *awsmidd return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "GetPublicAccessBlock", } } @@ -208,139 +212,3 @@ func addGetPublicAccessBlockUpdateEndpoint(stack *middleware.Stack, options Opti DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opGetPublicAccessBlockResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetPublicAccessBlockResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetPublicAccessBlockResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*GetPublicAccessBlockInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetPublicAccessBlockResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetPublicAccessBlockResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_HeadBucket.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_HeadBucket.go index a65218224..8a18ff851 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_HeadBucket.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_HeadBucket.go @@ -6,14 +6,10 @@ import ( "context" "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithytime "github.com/aws/smithy-go/time" smithyhttp "github.com/aws/smithy-go/transport/http" @@ -21,30 +17,44 @@ import ( "time" ) -// This action is useful to determine if a bucket exists and you have permission -// to access it. The action returns a 200 OK if the bucket exists and you have -// permission to access it. If the bucket does not exist or you do not have -// permission to access it, the HEAD request returns a generic 400 Bad Request , -// 403 Forbidden or 404 Not Found code. A message body is not included, so you -// cannot determine the exception beyond these error codes. To use this operation, -// you must have permissions to perform the s3:ListBucket action. The bucket owner -// has this permission by default and can grant this permission to others. For more -// information about permissions, see Permissions Related to Bucket Subresource -// Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) -// . To use this API operation against an access point, you must provide the alias -// of the access point in place of the bucket name or specify the access point ARN. -// When using the access point ARN, you must direct requests to the access point -// hostname. The access point hostname takes the form -// AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using the -// Amazon Web Services SDKs, you provide the ARN in place of the bucket name. For -// more information, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) -// . To use this API operation against an Object Lambda access point, provide the -// alias of the Object Lambda access point in place of the bucket name. If the -// Object Lambda access point alias in a request is not valid, the error code -// InvalidAccessPointAliasError is returned. For more information about -// InvalidAccessPointAliasError , see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList) -// . +// You can use this operation to determine if a bucket exists and if you have +// permission to access it. The action returns a 200 OK if the bucket exists and +// you have permission to access it. If the bucket does not exist or you do not +// have permission to access it, the HEAD request returns a generic 400 Bad Request +// , 403 Forbidden or 404 Not Found code. A message body is not included, so you +// cannot determine the exception beyond these error codes. Directory buckets - You +// must make requests for this API operation to the Zonal endpoint. These endpoints +// support virtual-hosted-style requests in the format +// https://bucket_name.s3express-az_id.region.amazonaws.com . Path-style requests +// are not supported. For more information, see Regional and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. Authentication and authorization All HeadBucket +// requests must be authenticated and signed by using IAM credentials (access key +// ID and secret access key for the IAM identities). All headers with the x-amz- +// prefix, including x-amz-copy-source , must be signed. For more information, see +// REST Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html) +// . Directory bucket - You must use IAM credentials to authenticate and authorize +// your access to the HeadBucket API operation, instead of using the temporary +// security credentials through the CreateSession API operation. Amazon Web +// Services CLI or SDKs handles authentication and authorization on your behalf. +// Permissions +// - General purpose bucket permissions - To use this operation, you must have +// permissions to perform the s3:ListBucket action. The bucket owner has this +// permission by default and can grant this permission to others. For more +// information about permissions, see Managing access permissions to your Amazon +// S3 resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) +// in the Amazon S3 User Guide. +// - Directory bucket permissions - You must have the s3express:CreateSession +// permission in the Action element of a policy. By default, the session is in +// the ReadWrite mode. If you want to restrict the access, you can explicitly set +// the s3express:SessionMode condition key to ReadOnly on the bucket. For more +// information about example bucket policies, see Example bucket policies for S3 +// Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) +// and Amazon Web Services Identity and Access Management (IAM) identity-based +// policies for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html) +// in the Amazon S3 User Guide. +// +// HTTP Host header syntax Directory buckets - The HTTP Host header syntax is +// Bucket_name.s3express-az_id.region.amazonaws.com . func (c *Client) HeadBucket(ctx context.Context, params *HeadBucketInput, optFns ...func(*Options)) (*HeadBucketOutput, error) { if params == nil { params = &HeadBucketInput{} @@ -62,19 +72,31 @@ func (c *Client) HeadBucket(ctx context.Context, params *HeadBucketInput, optFns type HeadBucketInput struct { - // The bucket name. When using this action with an access point, you must direct - // requests to the access point hostname. The access point hostname takes the form - // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this - // action with an access point through the Amazon Web Services SDKs, you provide - // the access point ARN in place of the bucket name. For more information about - // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with an Object Lambda - // access point, provide the alias of the Object Lambda access point in place of - // the bucket name. If the Object Lambda access point alias in a request is not - // valid, the error code InvalidAccessPointAliasError is returned. For more - // information about InvalidAccessPointAliasError , see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList) - // . When you use this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form + // The bucket name. Directory buckets - When you use this operation with a + // directory bucket, you must use virtual-hosted-style requests in the format + // Bucket_name.s3express-az_id.region.amazonaws.com . Path-style requests are not + // supported. Directory bucket names must be unique in the chosen Availability + // Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 (for + // example, DOC-EXAMPLE-BUCKET--usw2-az2--x-s3 ). For information about bucket + // naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. Access points - When you use this action with an + // access point, you must provide the alias of the access point in place of the + // bucket name or specify the access point ARN. When using the access point ARN, + // you must direct requests to the access point hostname. The access point hostname + // takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. Object Lambda access points - When you use this API + // operation with an Object Lambda access point, provide the alias of the Object + // Lambda access point in place of the bucket name. If the Object Lambda access + // point alias in a request is not valid, the error code + // InvalidAccessPointAliasError is returned. For more information about + // InvalidAccessPointAliasError , see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList) + // . Access points and Object Lambda access points are not supported by directory + // buckets. S3 on Outposts - When you use this action with Amazon S3 on Outposts, + // you must direct requests to the S3 on Outposts hostname. The S3 on Outposts + // hostname takes the form // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you // use this action with S3 on Outposts through the Amazon Web Services SDKs, you // provide the Outposts access point ARN in place of the bucket name. For more @@ -84,15 +106,39 @@ type HeadBucketInput struct { // This member is required. Bucket *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *HeadBucketInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + +} + type HeadBucketOutput struct { + + // Indicates whether the bucket name used in the request is an access point alias. + // This functionality is not supported for directory buckets. + AccessPointAlias *bool + + // The name of the location where the bucket will be created. For directory + // buckets, the AZ ID of the Availability Zone where the bucket is created. An + // example AZ ID value is usw2-az2 . This functionality is only supported by + // directory buckets. + BucketLocationName *string + + // The type of location where the bucket is created. This functionality is only + // supported by directory buckets. + BucketLocationType types.LocationType + + // The Region that the bucket is located. This functionality is not supported for + // directory buckets. + BucketRegion *string + // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -100,6 +146,9 @@ type HeadBucketOutput struct { } func (c *Client) addOperationHeadBucketMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpHeadBucket{}, middleware.After) if err != nil { return err @@ -108,6 +157,10 @@ func (c *Client) addOperationHeadBucketMiddlewares(stack *middleware.Stack, opti if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "HeadBucket"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -129,9 +182,6 @@ func (c *Client) addOperationHeadBucketMiddlewares(stack *middleware.Stack, opti if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -147,10 +197,10 @@ func (c *Client) addOperationHeadBucketMiddlewares(stack *middleware.Stack, opti if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addHeadBucketResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpHeadBucketValidationMiddleware(stack); err != nil { @@ -180,7 +230,7 @@ func (c *Client) addOperationHeadBucketMiddlewares(stack *middleware.Stack, opti if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -510,7 +560,6 @@ func newServiceMetadataMiddleware_opHeadBucket(region string) *awsmiddleware.Reg return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "HeadBucket", } } @@ -571,139 +620,3 @@ func addHeadBucketPayloadAsUnsigned(stack *middleware.Stack, options Options) er v4.RemoveComputePayloadSHA256Middleware(stack) return v4.AddUnsignedPayloadMiddleware(stack) } - -type opHeadBucketResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opHeadBucketResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opHeadBucketResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*HeadBucketInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addHeadBucketResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opHeadBucketResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_HeadObject.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_HeadObject.go index a121acb16..5f7b55e56 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_HeadObject.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_HeadObject.go @@ -6,14 +6,10 @@ import ( "context" "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithytime "github.com/aws/smithy-go/time" smithyhttp "github.com/aws/smithy-go/transport/http" @@ -21,58 +17,87 @@ import ( "time" ) -// The HEAD action retrieves metadata from an object without returning the object -// itself. This action is useful if you're only interested in an object's metadata. -// To use HEAD , you must have READ access to the object. A HEAD request has the -// same options as a GET action on an object. The response is identical to the GET -// response except that there is no response body. Because of this, if the HEAD -// request generates an error, it returns a generic 400 Bad Request , 403 Forbidden -// or 404 Not Found code. It is not possible to retrieve the exact exception -// beyond these error codes. If you encrypt an object by using server-side -// encryption with customer-provided encryption keys (SSE-C) when you store the -// object in Amazon S3, then when you retrieve the metadata from the object, you -// must use the following headers: +// The HEAD operation retrieves metadata from an object without returning the +// object itself. This operation is useful if you're interested only in an object's +// metadata. A HEAD request has the same options as a GET operation on an object. +// The response is identical to the GET response except that there is no response +// body. Because of this, if the HEAD request generates an error, it returns a +// generic code, such as 400 Bad Request , 403 Forbidden , 404 Not Found , 405 +// Method Not Allowed , 412 Precondition Failed , or 304 Not Modified . It's not +// possible to retrieve the exact exception of these error codes. Request headers +// are limited to 8 KB in size. For more information, see Common Request Headers (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTCommonRequestHeaders.html) +// . Directory buckets - For directory buckets, you must make requests for this API +// operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format +// https://bucket_name.s3express-az_id.region.amazonaws.com/key-name . Path-style +// requests are not supported. For more information, see Regional and Zonal +// endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. Permissions +// - General purpose bucket permissions - To use HEAD , you must have the +// s3:GetObject permission. You need the relevant read object (or version) +// permission for this operation. For more information, see Actions, resources, +// and condition keys for Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html) +// in the Amazon S3 User Guide. If the object you request doesn't exist, the error +// that Amazon S3 returns depends on whether you also have the s3:ListBucket +// permission. +// - If you have the s3:ListBucket permission on the bucket, Amazon S3 returns an +// HTTP status code 404 Not Found error. +// - If you don’t have the s3:ListBucket permission, Amazon S3 returns an HTTP +// status code 403 Forbidden error. +// - Directory bucket permissions - To grant access to this API operation on a +// directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant the +// s3express:CreateSession permission to the directory bucket in a bucket policy +// or an IAM identity-based policy. Then, you make the CreateSession API call on +// the bucket to obtain a session token. With the session token in your request +// header, you can make API requests to this operation. After the session token +// expires, you make another CreateSession API call to generate a new session +// token for use. Amazon Web Services CLI or SDKs create session and refresh the +// session token automatically to avoid service interruptions when a session +// expires. For more information about authorization, see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// . +// +// Encryption Encryption request headers, like x-amz-server-side-encryption , +// should not be sent for HEAD requests if your object uses server-side encryption +// with Key Management Service (KMS) keys (SSE-KMS), dual-layer server-side +// encryption with Amazon Web Services KMS keys (DSSE-KMS), or server-side +// encryption with Amazon S3 managed encryption keys (SSE-S3). The +// x-amz-server-side-encryption header is used when you PUT an object to S3 and +// want to specify the encryption method. If you include this header in a HEAD +// request for an object that uses these types of keys, you’ll get an HTTP 400 Bad +// Request error. It's because the encryption method can't be changed when you +// retrieve the object. If you encrypt an object by using server-side encryption +// with customer-provided encryption keys (SSE-C) when you store the object in +// Amazon S3, then when you retrieve the metadata from the object, you must use the +// following headers to provide the encryption key for the server to be able to +// retrieve the object's metadata. The headers are: // - x-amz-server-side-encryption-customer-algorithm // - x-amz-server-side-encryption-customer-key // - x-amz-server-side-encryption-customer-key-MD5 // // For more information about SSE-C, see Server-Side Encryption (Using // Customer-Provided Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) -// . -// - Encryption request headers, like x-amz-server-side-encryption , should not -// be sent for GET requests if your object uses server-side encryption with Key -// Management Service (KMS) keys (SSE-KMS), dual-layer server-side encryption with -// Amazon Web Services KMS keys (DSSE-KMS), or server-side encryption with Amazon -// S3 managed encryption keys (SSE-S3). If your object does use these types of -// keys, you’ll get an HTTP 400 Bad Request error. -// - The last modified property in this case is the creation date of the object. +// in the Amazon S3 User Guide. Directory bucket permissions - For directory +// buckets, only server-side encryption with Amazon S3 managed keys (SSE-S3) ( +// AES256 ) is supported. Versioning // -// Request headers are limited to 8 KB in size. For more information, see Common -// Request Headers (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTCommonRequestHeaders.html) -// . Consider the following when using request headers: -// - Consideration 1 – If both of the If-Match and If-Unmodified-Since headers -// are present in the request as follows: -// - If-Match condition evaluates to true , and; -// - If-Unmodified-Since condition evaluates to false ; Then Amazon S3 returns -// 200 OK and the data requested. -// - Consideration 2 – If both of the If-None-Match and If-Modified-Since headers -// are present in the request as follows: -// - If-None-Match condition evaluates to false , and; -// - If-Modified-Since condition evaluates to true ; Then Amazon S3 returns the -// 304 Not Modified response code. +// - If the current version of the object is a delete marker, Amazon S3 behaves +// as if the object was deleted and includes x-amz-delete-marker: true in the +// response. // -// For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232) -// . Permissions You need the relevant read object (or version) permission for this -// operation. For more information, see Actions, resources, and condition keys for -// Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html) . -// If the object you request doesn't exist, the error that Amazon S3 returns -// depends on whether you also have the s3:ListBucket permission. -// - If you have the s3:ListBucket permission on the bucket, Amazon S3 returns an -// HTTP status code 404 error. -// - If you don’t have the s3:ListBucket permission, Amazon S3 returns an HTTP -// status code 403 error. +// - If the specified version is a delete marker, the response returns a 405 +// Method Not Allowed error and the Last-Modified: timestamp response header. // -// The following actions are related to HeadObject : +// - Directory buckets - Delete marker is not supported by directory buckets. +// +// - Directory buckets - S3 Versioning isn't enabled and supported for directory +// buckets. For this API operation, only the null value of the version ID is +// supported by directory buckets. You can only specify null to the versionId +// query parameter in the request. +// +// HTTP Host header syntax Directory buckets - The HTTP Host header syntax is +// Bucket_name.s3express-az_id.region.amazonaws.com . The following actions are +// related to HeadObject : // - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) // - GetObjectAttributes (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html) func (c *Client) HeadObject(ctx context.Context, params *HeadObjectInput, optFns ...func(*Options)) (*HeadObjectOutput, error) { @@ -92,16 +117,26 @@ func (c *Client) HeadObject(ctx context.Context, params *HeadObjectInput, optFns type HeadObjectInput struct { - // The name of the bucket containing the object. When using this action with an - // access point, you must direct requests to the access point hostname. The access - // point hostname takes the form - // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this - // action with an access point through the Amazon Web Services SDKs, you provide - // the access point ARN in place of the bucket name. For more information about - // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form + // The name of the bucket that contains the object. Directory buckets - When you + // use this operation with a directory bucket, you must use virtual-hosted-style + // requests in the format Bucket_name.s3express-az_id.region.amazonaws.com . + // Path-style requests are not supported. Directory bucket names must be unique in + // the chosen Availability Zone. Bucket names must follow the format + // bucket_base_name--az-id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az2--x-s3 + // ). For information about bucket naming restrictions, see Directory bucket + // naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. Access points - When you use this action with an + // access point, you must provide the alias of the access point in place of the + // bucket name or specify the access point ARN. When using the access point ARN, + // you must direct requests to the access point hostname. The access point hostname + // takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. Access points and Object Lambda access points are + // not supported by directory buckets. S3 on Outposts - When you use this action + // with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts + // hostname. The S3 on Outposts hostname takes the form // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you // use this action with S3 on Outposts through the Amazon Web Services SDKs, you // provide the Outposts access point ARN in place of the bucket name. For more @@ -122,32 +157,53 @@ type HeadObjectInput struct { // the kms:Decrypt action for the request to succeed. ChecksumMode types.ChecksumMode - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Return the object only if its entity tag (ETag) is the same as the one - // specified; otherwise, return a 412 (precondition failed) error. + // specified; otherwise, return a 412 (precondition failed) error. If both of the + // If-Match and If-Unmodified-Since headers are present in the request as follows: + // - If-Match condition evaluates to true , and; + // - If-Unmodified-Since condition evaluates to false ; + // Then Amazon S3 returns 200 OK and the data requested. For more information + // about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232) . IfMatch *string // Return the object only if it has been modified since the specified time; - // otherwise, return a 304 (not modified) error. + // otherwise, return a 304 (not modified) error. If both of the If-None-Match and + // If-Modified-Since headers are present in the request as follows: + // - If-None-Match condition evaluates to false , and; + // - If-Modified-Since condition evaluates to true ; + // Then Amazon S3 returns the 304 Not Modified response code. For more information + // about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232) . IfModifiedSince *time.Time // Return the object only if its entity tag (ETag) is different from the one - // specified; otherwise, return a 304 (not modified) error. + // specified; otherwise, return a 304 (not modified) error. If both of the + // If-None-Match and If-Modified-Since headers are present in the request as + // follows: + // - If-None-Match condition evaluates to false , and; + // - If-Modified-Since condition evaluates to true ; + // Then Amazon S3 returns the 304 Not Modified response code. For more information + // about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232) . IfNoneMatch *string // Return the object only if it has not been modified since the specified time; - // otherwise, return a 412 (precondition failed) error. + // otherwise, return a 412 (precondition failed) error. If both of the If-Match + // and If-Unmodified-Since headers are present in the request as follows: + // - If-Match condition evaluates to true , and; + // - If-Unmodified-Since condition evaluates to false ; + // Then Amazon S3 returns 200 OK and the data requested. For more information + // about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232) . IfUnmodifiedSince *time.Time // Part number of the object being read. This is a positive integer between 1 and // 10,000. Effectively performs a 'ranged' HEAD request for the part specified. // Useful querying about the size of the part and the number of parts in this // object. - PartNumber int32 + PartNumber *int32 // HeadObject returns only the metadata for an object. If the Range is // satisfiable, only the ContentLength is affected in the response. If the Range @@ -156,82 +212,103 @@ type HeadObjectInput struct { // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer - // Specifies the algorithm to use to when encrypting the object (for example, - // AES256). + // Specifies the algorithm to use when encrypting the object (for example, + // AES256). This functionality is not supported for directory buckets. SSECustomerAlgorithm *string // Specifies the customer-provided encryption key for Amazon S3 to use in // encrypting data. This value is used to store the object and then it is // discarded; Amazon S3 does not store the encryption key. The key must be // appropriate for use with the algorithm specified in the - // x-amz-server-side-encryption-customer-algorithm header. + // x-amz-server-side-encryption-customer-algorithm header. This functionality is + // not supported for directory buckets. SSECustomerKey *string // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the - // encryption key was transmitted without error. + // encryption key was transmitted without error. This functionality is not + // supported for directory buckets. SSECustomerKeyMD5 *string - // VersionId used to reference a specific version of the object. + // Version ID used to reference a specific version of the object. For directory + // buckets in this API operation, only the null value of the version ID is + // supported. VersionId *string noSmithyDocumentSerde } +func (in *HeadObjectInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.Key = in.Key + +} + type HeadObjectOutput struct { // Indicates that a range of bytes was specified. AcceptRanges *string - // The archive state of the head object. + // The archive state of the head object. This functionality is not supported for + // directory buckets. ArchiveStatus types.ArchiveStatus // Indicates whether the object uses an S3 Bucket Key for server-side encryption - // with Key Management Service (KMS) keys (SSE-KMS). - BucketKeyEnabled bool + // with Key Management Service (KMS) keys (SSE-KMS). This functionality is not + // supported for directory buckets. + BucketKeyEnabled *bool // Specifies caching behavior along the request/reply chain. CacheControl *string // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32 *string // The base64-encoded, 32-bit CRC32C checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32C *string // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use the API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA1 *string // The base64-encoded, 256-bit SHA-256 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA256 *string // Specifies presentational information for the object. ContentDisposition *string - // Specifies what content encodings have been applied to the object and thus what + // Indicates what content encodings have been applied to the object and thus what // decoding mechanisms must be applied to obtain the media-type referenced by the // Content-Type header field. ContentEncoding *string @@ -240,29 +317,31 @@ type HeadObjectOutput struct { ContentLanguage *string // Size of the body in bytes. - ContentLength int64 + ContentLength *int64 // A standard MIME type describing the format of the object data. ContentType *string // Specifies whether the object retrieved was (true) or was not (false) a Delete - // Marker. If false, this response header does not appear in the response. - DeleteMarker bool + // Marker. If false, this response header does not appear in the response. This + // functionality is not supported for directory buckets. + DeleteMarker *bool // An entity tag (ETag) is an opaque identifier assigned by a web server to a // specific version of a resource found at a URL. ETag *string - // If the object expiration is configured (see PUT Bucket lifecycle), the response - // includes this header. It includes the expiry-date and rule-id key-value pairs - // providing object expiration information. The value of the rule-id is - // URL-encoded. + // If the object expiration is configured (see PutBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html) + // ), the response includes this header. It includes the expiry-date and rule-id + // key-value pairs providing object expiration information. The value of the + // rule-id is URL-encoded. This functionality is not supported for directory + // buckets. Expiration *string // The date and time at which the object is no longer cacheable. Expires *time.Time - // Creation date of the object. + // Date and time when the object was last modified. LastModified *time.Time // A map of metadata to store with the object in S3. @@ -273,29 +352,31 @@ type HeadObjectOutput struct { // This is set to the number of metadata entries not returned in x-amz-meta // headers. This can happen if you create metadata using an API like SOAP that // supports more flexible metadata than the REST API. For example, using SOAP, you - // can create metadata whose values are not legal HTTP headers. - MissingMeta int32 + // can create metadata whose values are not legal HTTP headers. This functionality + // is not supported for directory buckets. + MissingMeta *int32 // Specifies whether a legal hold is in effect for this object. This header is // only returned if the requester has the s3:GetObjectLegalHold permission. This // header is not returned if the specified version of this object has never had a // legal hold applied. For more information about S3 Object Lock, see Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) - // . + // . This functionality is not supported for directory buckets. ObjectLockLegalHoldStatus types.ObjectLockLegalHoldStatus // The Object Lock mode, if any, that's in effect for this object. This header is // only returned if the requester has the s3:GetObjectRetention permission. For // more information about S3 Object Lock, see Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) - // . + // . This functionality is not supported for directory buckets. ObjectLockMode types.ObjectLockMode // The date and time when the Object Lock retention period expires. This header is - // only returned if the requester has the s3:GetObjectRetention permission. + // only returned if the requester has the s3:GetObjectRetention permission. This + // functionality is not supported for directory buckets. ObjectLockRetainUntilDate *time.Time // The count of parts this object has. This value is only returned if you specify // partNumber in your request and the object was uploaded as a multipart upload. - PartsCount int32 + PartsCount *int32 // Amazon S3 can return this header if your request involves a bucket that is // either a source or a destination in a replication rule. In replication, you have @@ -323,11 +404,11 @@ type HeadObjectOutput struct { // completed for all destinations. If one or more destinations fails replication // the header will return FAILED. // For more information, see Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) - // . + // . This functionality is not supported for directory buckets. ReplicationStatus types.ReplicationStatus // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged // If the object is an archived object (an object whose storage class is GLACIER), @@ -339,39 +420,48 @@ type HeadObjectOutput struct { // Dec 2012 00:00:00 GMT" If the object restoration is in progress, the header // returns the value ongoing-request="true" . For more information about archiving // objects, see Transitioning Objects: General Considerations (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html#lifecycle-transition-general-considerations) - // . + // . This functionality is not supported for directory buckets. Only the S3 Express + // One Zone storage class is supported by directory buckets to store objects. Restore *string // If server-side encryption with a customer-provided encryption key was - // requested, the response will include this header confirming the encryption - // algorithm used. + // requested, the response will include this header to confirm the encryption + // algorithm that's used. This functionality is not supported for directory + // buckets. SSECustomerAlgorithm *string // If server-side encryption with a customer-provided encryption key was - // requested, the response will include this header to provide round-trip message - // integrity verification of the customer-provided encryption key. + // requested, the response will include this header to provide the round-trip + // message integrity verification of the customer-provided encryption key. This + // functionality is not supported for directory buckets. SSECustomerKeyMD5 *string - // If present, specifies the ID of the Key Management Service (KMS) symmetric - // encryption customer managed key that was used for the object. + // If present, indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. This functionality + // is not supported for directory buckets. SSEKMSKeyId *string - // The server-side encryption algorithm used when storing this object in Amazon S3 - // (for example, AES256 , aws:kms , aws:kms:dsse ). + // The server-side encryption algorithm used when you store this object in Amazon + // S3 (for example, AES256 , aws:kms , aws:kms:dsse ). For directory buckets, only + // server-side encryption with Amazon S3 managed keys (SSE-S3) ( AES256 ) is + // supported. ServerSideEncryption types.ServerSideEncryption // Provides storage class information of the object. Amazon S3 returns this header // for all objects except for S3 Standard storage class objects. For more // information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) - // . + // . Directory buckets - Only the S3 Express One Zone storage class is supported by + // directory buckets to store objects. StorageClass types.StorageClass - // Version of the object. + // Version ID of the object. This functionality is not supported for directory + // buckets. VersionId *string // If the bucket is configured as a website, redirects requests for this object to // another object in the same bucket or to an external URL. Amazon S3 stores the - // value of this header in the object metadata. + // value of this header in the object metadata. This functionality is not supported + // for directory buckets. WebsiteRedirectLocation *string // Metadata pertaining to the operation's result. @@ -381,6 +471,9 @@ type HeadObjectOutput struct { } func (c *Client) addOperationHeadObjectMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpHeadObject{}, middleware.After) if err != nil { return err @@ -389,6 +482,10 @@ func (c *Client) addOperationHeadObjectMiddlewares(stack *middleware.Stack, opti if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "HeadObject"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -410,9 +507,6 @@ func (c *Client) addOperationHeadObjectMiddlewares(stack *middleware.Stack, opti if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -428,10 +522,10 @@ func (c *Client) addOperationHeadObjectMiddlewares(stack *middleware.Stack, opti if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addHeadObjectResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpHeadObjectValidationMiddleware(stack); err != nil { @@ -461,7 +555,7 @@ func (c *Client) addOperationHeadObjectMiddlewares(stack *middleware.Stack, opti if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -791,7 +885,6 @@ func newServiceMetadataMiddleware_opHeadObject(region string) *awsmiddleware.Reg return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "HeadObject", } } @@ -852,139 +945,3 @@ func addHeadObjectPayloadAsUnsigned(stack *middleware.Stack, options Options) er v4.RemoveComputePayloadSHA256Middleware(stack) return v4.AddUnsignedPayloadMiddleware(stack) } - -type opHeadObjectResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opHeadObjectResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opHeadObjectResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*HeadObjectInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addHeadObjectResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opHeadObjectResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBucketAnalyticsConfigurations.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBucketAnalyticsConfigurations.go index 99ad3827c..6ecf8458b 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBucketAnalyticsConfigurations.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBucketAnalyticsConfigurations.go @@ -4,29 +4,26 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Lists the analytics configurations for the bucket. You can have up to 1,000 -// analytics configurations per bucket. This action supports list pagination and -// does not return more than 100 configurations at a time. You should always check -// the IsTruncated element in the response. If there are no more configurations to -// list, IsTruncated is set to false. If there are more configurations to list, -// IsTruncated is set to true, and there will be a value in NextContinuationToken . -// You use the NextContinuationToken value to continue the pagination of the list -// by passing the value in continuation-token in the request to GET the next page. -// To use this operation, you must have permissions to perform the +// This operation is not supported by directory buckets. Lists the analytics +// configurations for the bucket. You can have up to 1,000 analytics configurations +// per bucket. This action supports list pagination and does not return more than +// 100 configurations at a time. You should always check the IsTruncated element +// in the response. If there are no more configurations to list, IsTruncated is +// set to false. If there are more configurations to list, IsTruncated is set to +// true, and there will be a value in NextContinuationToken . You use the +// NextContinuationToken value to continue the pagination of the list by passing +// the value in continuation-token in the request to GET the next page. To use +// this operation, you must have permissions to perform the // s3:GetAnalyticsConfiguration action. The bucket owner has this permission by // default. The bucket owner can grant this permission to others. For more // information about permissions, see Permissions Related to Bucket Subresource @@ -64,14 +61,19 @@ type ListBucketAnalyticsConfigurationsInput struct { // should begin. ContinuationToken *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *ListBucketAnalyticsConfigurationsInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type ListBucketAnalyticsConfigurationsOutput struct { // The list of analytics configurations for a bucket. @@ -84,7 +86,7 @@ type ListBucketAnalyticsConfigurationsOutput struct { // Indicates whether the returned list of analytics configurations is complete. A // value of true indicates that the list is not complete and the // NextContinuationToken will be provided for a subsequent request. - IsTruncated bool + IsTruncated *bool // NextContinuationToken is sent when isTruncated is true, which indicates that // there are more analytics configurations to list. The next request must include @@ -98,6 +100,9 @@ type ListBucketAnalyticsConfigurationsOutput struct { } func (c *Client) addOperationListBucketAnalyticsConfigurationsMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpListBucketAnalyticsConfigurations{}, middleware.After) if err != nil { return err @@ -106,6 +111,10 @@ func (c *Client) addOperationListBucketAnalyticsConfigurationsMiddlewares(stack if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "ListBucketAnalyticsConfigurations"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -127,9 +136,6 @@ func (c *Client) addOperationListBucketAnalyticsConfigurationsMiddlewares(stack if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -145,10 +151,10 @@ func (c *Client) addOperationListBucketAnalyticsConfigurationsMiddlewares(stack if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addListBucketAnalyticsConfigurationsResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpListBucketAnalyticsConfigurationsValidationMiddleware(stack); err != nil { @@ -178,7 +184,7 @@ func (c *Client) addOperationListBucketAnalyticsConfigurationsMiddlewares(stack if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -198,7 +204,6 @@ func newServiceMetadataMiddleware_opListBucketAnalyticsConfigurations(region str return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "ListBucketAnalyticsConfigurations", } } @@ -228,139 +233,3 @@ func addListBucketAnalyticsConfigurationsUpdateEndpoint(stack *middleware.Stack, DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opListBucketAnalyticsConfigurationsResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opListBucketAnalyticsConfigurationsResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opListBucketAnalyticsConfigurationsResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*ListBucketAnalyticsConfigurationsInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addListBucketAnalyticsConfigurationsResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opListBucketAnalyticsConfigurationsResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBucketIntelligentTieringConfigurations.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBucketIntelligentTieringConfigurations.go index 74eff1968..de4a2079a 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBucketIntelligentTieringConfigurations.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBucketIntelligentTieringConfigurations.go @@ -4,22 +4,19 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Lists the S3 Intelligent-Tiering configuration from the specified bucket. The -// S3 Intelligent-Tiering storage class is designed to optimize storage costs by +// This operation is not supported by directory buckets. Lists the S3 +// Intelligent-Tiering configuration from the specified bucket. The S3 +// Intelligent-Tiering storage class is designed to optimize storage costs by // automatically moving data to the most cost-effective storage access tier, // without performance impact or operational overhead. S3 Intelligent-Tiering // delivers automatic cost savings in three low latency and high throughput access @@ -66,6 +63,11 @@ type ListBucketIntelligentTieringConfigurationsInput struct { noSmithyDocumentSerde } +func (in *ListBucketIntelligentTieringConfigurationsInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type ListBucketIntelligentTieringConfigurationsOutput struct { // The ContinuationToken that represents a placeholder from where this request @@ -78,7 +80,7 @@ type ListBucketIntelligentTieringConfigurationsOutput struct { // Indicates whether the returned list of analytics configurations is complete. A // value of true indicates that the list is not complete and the // NextContinuationToken will be provided for a subsequent request. - IsTruncated bool + IsTruncated *bool // The marker used to continue this inventory configuration listing. Use the // NextContinuationToken from this response to continue the listing in a subsequent @@ -92,6 +94,9 @@ type ListBucketIntelligentTieringConfigurationsOutput struct { } func (c *Client) addOperationListBucketIntelligentTieringConfigurationsMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpListBucketIntelligentTieringConfigurations{}, middleware.After) if err != nil { return err @@ -100,6 +105,10 @@ func (c *Client) addOperationListBucketIntelligentTieringConfigurationsMiddlewar if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "ListBucketIntelligentTieringConfigurations"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -121,9 +130,6 @@ func (c *Client) addOperationListBucketIntelligentTieringConfigurationsMiddlewar if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -139,10 +145,10 @@ func (c *Client) addOperationListBucketIntelligentTieringConfigurationsMiddlewar if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addListBucketIntelligentTieringConfigurationsResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpListBucketIntelligentTieringConfigurationsValidationMiddleware(stack); err != nil { @@ -172,7 +178,7 @@ func (c *Client) addOperationListBucketIntelligentTieringConfigurationsMiddlewar if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -192,7 +198,6 @@ func newServiceMetadataMiddleware_opListBucketIntelligentTieringConfigurations(r return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "ListBucketIntelligentTieringConfigurations", } } @@ -222,139 +227,3 @@ func addListBucketIntelligentTieringConfigurationsUpdateEndpoint(stack *middlewa DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opListBucketIntelligentTieringConfigurationsResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opListBucketIntelligentTieringConfigurationsResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opListBucketIntelligentTieringConfigurationsResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*ListBucketIntelligentTieringConfigurationsInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addListBucketIntelligentTieringConfigurationsResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opListBucketIntelligentTieringConfigurationsResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBucketInventoryConfigurations.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBucketInventoryConfigurations.go index fd2cf048a..881f7d925 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBucketInventoryConfigurations.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBucketInventoryConfigurations.go @@ -4,25 +4,22 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Returns a list of inventory configurations for the bucket. You can have up to -// 1,000 analytics configurations per bucket. This action supports list pagination -// and does not return more than 100 configurations at a time. Always check the -// IsTruncated element in the response. If there are no more configurations to -// list, IsTruncated is set to false. If there are more configurations to list, +// This operation is not supported by directory buckets. Returns a list of +// inventory configurations for the bucket. You can have up to 1,000 analytics +// configurations per bucket. This action supports list pagination and does not +// return more than 100 configurations at a time. Always check the IsTruncated +// element in the response. If there are no more configurations to list, +// IsTruncated is set to false. If there are more configurations to list, // IsTruncated is set to true, and there is a value in NextContinuationToken . You // use the NextContinuationToken value to continue the pagination of the list by // passing the value in continuation-token in the request to GET the next page. To @@ -65,14 +62,19 @@ type ListBucketInventoryConfigurationsInput struct { // Amazon S3 understands. ContinuationToken *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *ListBucketInventoryConfigurationsInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type ListBucketInventoryConfigurationsOutput struct { // If sent in the request, the marker that is used as a starting point for this @@ -85,7 +87,7 @@ type ListBucketInventoryConfigurationsOutput struct { // Tells whether the returned list of inventory configurations is complete. A // value of true indicates that the list is not complete and the // NextContinuationToken is provided for a subsequent request. - IsTruncated bool + IsTruncated *bool // The marker used to continue this inventory configuration listing. Use the // NextContinuationToken from this response to continue the listing in a subsequent @@ -99,6 +101,9 @@ type ListBucketInventoryConfigurationsOutput struct { } func (c *Client) addOperationListBucketInventoryConfigurationsMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpListBucketInventoryConfigurations{}, middleware.After) if err != nil { return err @@ -107,6 +112,10 @@ func (c *Client) addOperationListBucketInventoryConfigurationsMiddlewares(stack if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "ListBucketInventoryConfigurations"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -128,9 +137,6 @@ func (c *Client) addOperationListBucketInventoryConfigurationsMiddlewares(stack if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -146,10 +152,10 @@ func (c *Client) addOperationListBucketInventoryConfigurationsMiddlewares(stack if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addListBucketInventoryConfigurationsResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpListBucketInventoryConfigurationsValidationMiddleware(stack); err != nil { @@ -179,7 +185,7 @@ func (c *Client) addOperationListBucketInventoryConfigurationsMiddlewares(stack if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -199,7 +205,6 @@ func newServiceMetadataMiddleware_opListBucketInventoryConfigurations(region str return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "ListBucketInventoryConfigurations", } } @@ -229,139 +234,3 @@ func addListBucketInventoryConfigurationsUpdateEndpoint(stack *middleware.Stack, DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opListBucketInventoryConfigurationsResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opListBucketInventoryConfigurationsResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opListBucketInventoryConfigurationsResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*ListBucketInventoryConfigurationsInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addListBucketInventoryConfigurationsResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opListBucketInventoryConfigurationsResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBucketMetricsConfigurations.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBucketMetricsConfigurations.go index 45e145e84..fc2cf7287 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBucketMetricsConfigurations.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBucketMetricsConfigurations.go @@ -4,26 +4,22 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Lists the metrics configurations for the bucket. The metrics configurations are -// only for the request metrics of the bucket and do not provide information on -// daily storage metrics. You can have up to 1,000 configurations per bucket. This -// action supports list pagination and does not return more than 100 configurations -// at a time. Always check the IsTruncated element in the response. If there are -// no more configurations to list, IsTruncated is set to false. If there are more +// This operation is not supported by directory buckets. Lists the metrics +// configurations for the bucket. The metrics configurations are only for the +// request metrics of the bucket and do not provide information on daily storage +// metrics. You can have up to 1,000 configurations per bucket. This action +// supports list pagination and does not return more than 100 configurations at a +// time. Always check the IsTruncated element in the response. If there are no +// more configurations to list, IsTruncated is set to false. If there are more // configurations to list, IsTruncated is set to true, and there is a value in // NextContinuationToken . You use the NextContinuationToken value to continue the // pagination of the list by passing the value in continuation-token in the @@ -67,14 +63,19 @@ type ListBucketMetricsConfigurationsInput struct { // Amazon S3 understands. ContinuationToken *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *ListBucketMetricsConfigurationsInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + +} + type ListBucketMetricsConfigurationsOutput struct { // The marker that is used as a starting point for this metrics configuration list @@ -84,7 +85,7 @@ type ListBucketMetricsConfigurationsOutput struct { // Indicates whether the returned list of metrics configurations is complete. A // value of true indicates that the list is not complete and the // NextContinuationToken will be provided for a subsequent request. - IsTruncated bool + IsTruncated *bool // The list of metrics configurations for a bucket. MetricsConfigurationList []types.MetricsConfiguration @@ -102,6 +103,9 @@ type ListBucketMetricsConfigurationsOutput struct { } func (c *Client) addOperationListBucketMetricsConfigurationsMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpListBucketMetricsConfigurations{}, middleware.After) if err != nil { return err @@ -110,6 +114,10 @@ func (c *Client) addOperationListBucketMetricsConfigurationsMiddlewares(stack *m if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "ListBucketMetricsConfigurations"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -131,9 +139,6 @@ func (c *Client) addOperationListBucketMetricsConfigurationsMiddlewares(stack *m if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -149,10 +154,10 @@ func (c *Client) addOperationListBucketMetricsConfigurationsMiddlewares(stack *m if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addListBucketMetricsConfigurationsResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpListBucketMetricsConfigurationsValidationMiddleware(stack); err != nil { @@ -182,7 +187,7 @@ func (c *Client) addOperationListBucketMetricsConfigurationsMiddlewares(stack *m if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -202,7 +207,6 @@ func newServiceMetadataMiddleware_opListBucketMetricsConfigurations(region strin return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "ListBucketMetricsConfigurations", } } @@ -232,139 +236,3 @@ func addListBucketMetricsConfigurationsUpdateEndpoint(stack *middleware.Stack, o DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opListBucketMetricsConfigurationsResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opListBucketMetricsConfigurationsResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opListBucketMetricsConfigurationsResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*ListBucketMetricsConfigurationsInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addListBucketMetricsConfigurationsResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opListBucketMetricsConfigurationsResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBuckets.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBuckets.go index 372402269..a61892887 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBuckets.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListBuckets.go @@ -4,24 +4,19 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Returns a list of all buckets owned by the authenticated sender of the request. -// To use this operation, you must have the s3:ListAllMyBuckets permission. For -// information about Amazon S3 buckets, see Creating, configuring, and working -// with Amazon S3 buckets (https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html) +// This operation is not supported by directory buckets. Returns a list of all +// buckets owned by the authenticated sender of the request. To use this operation, +// you must have the s3:ListAllMyBuckets permission. For information about Amazon +// S3 buckets, see Creating, configuring, and working with Amazon S3 buckets (https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html) // . func (c *Client) ListBuckets(ctx context.Context, params *ListBucketsInput, optFns ...func(*Options)) (*ListBucketsOutput, error) { if params == nil { @@ -57,6 +52,9 @@ type ListBucketsOutput struct { } func (c *Client) addOperationListBucketsMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpListBuckets{}, middleware.After) if err != nil { return err @@ -65,6 +63,10 @@ func (c *Client) addOperationListBucketsMiddlewares(stack *middleware.Stack, opt if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "ListBuckets"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -86,9 +88,6 @@ func (c *Client) addOperationListBucketsMiddlewares(stack *middleware.Stack, opt if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -104,10 +103,10 @@ func (c *Client) addOperationListBucketsMiddlewares(stack *middleware.Stack, opt if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addListBucketsResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = stack.Initialize.Add(newServiceMetadataMiddleware_opListBuckets(options.Region), middleware.Before); err != nil { @@ -134,7 +133,7 @@ func (c *Client) addOperationListBucketsMiddlewares(stack *middleware.Stack, opt if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -147,7 +146,6 @@ func newServiceMetadataMiddleware_opListBuckets(region string) *awsmiddleware.Re return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "ListBuckets", } } @@ -167,132 +165,3 @@ func addListBucketsUpdateEndpoint(stack *middleware.Stack, options Options) erro DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opListBucketsResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opListBucketsResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opListBucketsResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addListBucketsResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opListBucketsResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListDirectoryBuckets.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListDirectoryBuckets.go new file mode 100644 index 000000000..373531ab2 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListDirectoryBuckets.go @@ -0,0 +1,291 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package s3 + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/aws/signer/v4" + s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" + "github.com/aws/aws-sdk-go-v2/service/s3/types" + "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Returns a list of all Amazon S3 directory buckets owned by the authenticated +// sender of the request. For more information about directory buckets, see +// Directory buckets (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) +// in the Amazon S3 User Guide. Directory buckets - For directory buckets, you must +// make requests for this API operation to the Regional endpoint. These endpoints +// support path-style requests in the format +// https://s3express-control.region_code.amazonaws.com/bucket-name . +// Virtual-hosted-style requests aren't supported. For more information, see +// Regional and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. Permissions You must have the +// s3express:ListAllMyDirectoryBuckets permission in an IAM identity-based policy +// instead of a bucket policy. Cross-account access to this API operation isn't +// supported. This operation can only be performed by the Amazon Web Services +// account that owns the resource. For more information about directory bucket +// policies and permissions, see Amazon Web Services Identity and Access +// Management (IAM) for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) +// in the Amazon S3 User Guide. HTTP Host header syntax Directory buckets - The +// HTTP Host header syntax is s3express-control.region.amazonaws.com . +func (c *Client) ListDirectoryBuckets(ctx context.Context, params *ListDirectoryBucketsInput, optFns ...func(*Options)) (*ListDirectoryBucketsOutput, error) { + if params == nil { + params = &ListDirectoryBucketsInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "ListDirectoryBuckets", params, optFns, c.addOperationListDirectoryBucketsMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*ListDirectoryBucketsOutput) + out.ResultMetadata = metadata + return out, nil +} + +type ListDirectoryBucketsInput struct { + + // ContinuationToken indicates to Amazon S3 that the list is being continued on + // this bucket with a token. ContinuationToken is obfuscated and is not a real + // key. You can use this ContinuationToken for pagination of the list results. + ContinuationToken *string + + // Maximum number of buckets to be returned in response. When the number is more + // than the count of buckets that are owned by an Amazon Web Services account, + // return all the buckets in response. + MaxDirectoryBuckets *int32 + + noSmithyDocumentSerde +} + +func (in *ListDirectoryBucketsInput) bindEndpointParams(p *EndpointParameters) { + + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + +type ListDirectoryBucketsOutput struct { + + // The list of buckets owned by the requester. + Buckets []types.Bucket + + // If ContinuationToken was sent with the request, it is included in the response. + // You can use the returned ContinuationToken for pagination of the list response. + ContinuationToken *string + + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationListDirectoryBucketsMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsRestxml_serializeOpListDirectoryBuckets{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsRestxml_deserializeOpListDirectoryBuckets{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "ListDirectoryBuckets"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + return err + } + if err = addRetryMiddlewares(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + return err + } + if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addPutBucketContextMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opListDirectoryBuckets(options.Region), middleware.Before); err != nil { + return err + } + if err = addMetadataRetrieverMiddleware(stack); err != nil { + return err + } + if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + return err + } + if err = addListDirectoryBucketsUpdateEndpoint(stack, options); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = v4.AddContentSHA256HeaderMiddleware(stack); err != nil { + return err + } + if err = disableAcceptEncodingGzip(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { + return err + } + return nil +} + +// ListDirectoryBucketsAPIClient is a client that implements the +// ListDirectoryBuckets operation. +type ListDirectoryBucketsAPIClient interface { + ListDirectoryBuckets(context.Context, *ListDirectoryBucketsInput, ...func(*Options)) (*ListDirectoryBucketsOutput, error) +} + +var _ ListDirectoryBucketsAPIClient = (*Client)(nil) + +// ListDirectoryBucketsPaginatorOptions is the paginator options for +// ListDirectoryBuckets +type ListDirectoryBucketsPaginatorOptions struct { + // Maximum number of buckets to be returned in response. When the number is more + // than the count of buckets that are owned by an Amazon Web Services account, + // return all the buckets in response. + Limit int32 + + // Set to true if pagination should stop if the service returns a pagination token + // that matches the most recent token provided to the service. + StopOnDuplicateToken bool +} + +// ListDirectoryBucketsPaginator is a paginator for ListDirectoryBuckets +type ListDirectoryBucketsPaginator struct { + options ListDirectoryBucketsPaginatorOptions + client ListDirectoryBucketsAPIClient + params *ListDirectoryBucketsInput + nextToken *string + firstPage bool +} + +// NewListDirectoryBucketsPaginator returns a new ListDirectoryBucketsPaginator +func NewListDirectoryBucketsPaginator(client ListDirectoryBucketsAPIClient, params *ListDirectoryBucketsInput, optFns ...func(*ListDirectoryBucketsPaginatorOptions)) *ListDirectoryBucketsPaginator { + if params == nil { + params = &ListDirectoryBucketsInput{} + } + + options := ListDirectoryBucketsPaginatorOptions{} + if params.MaxDirectoryBuckets != nil { + options.Limit = *params.MaxDirectoryBuckets + } + + for _, fn := range optFns { + fn(&options) + } + + return &ListDirectoryBucketsPaginator{ + options: options, + client: client, + params: params, + firstPage: true, + nextToken: params.ContinuationToken, + } +} + +// HasMorePages returns a boolean indicating whether more pages are available +func (p *ListDirectoryBucketsPaginator) HasMorePages() bool { + return p.firstPage || (p.nextToken != nil && len(*p.nextToken) != 0) +} + +// NextPage retrieves the next ListDirectoryBuckets page. +func (p *ListDirectoryBucketsPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListDirectoryBucketsOutput, error) { + if !p.HasMorePages() { + return nil, fmt.Errorf("no more pages available") + } + + params := *p.params + params.ContinuationToken = p.nextToken + + var limit *int32 + if p.options.Limit > 0 { + limit = &p.options.Limit + } + params.MaxDirectoryBuckets = limit + + result, err := p.client.ListDirectoryBuckets(ctx, ¶ms, optFns...) + if err != nil { + return nil, err + } + p.firstPage = false + + prevToken := p.nextToken + p.nextToken = result.ContinuationToken + + if p.options.StopOnDuplicateToken && + prevToken != nil && + p.nextToken != nil && + *prevToken == *p.nextToken { + p.nextToken = nil + } + + return result, nil +} + +func newServiceMetadataMiddleware_opListDirectoryBuckets(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "ListDirectoryBuckets", + } +} + +func addListDirectoryBucketsUpdateEndpoint(stack *middleware.Stack, options Options) error { + return s3cust.UpdateEndpoint(stack, s3cust.UpdateEndpointOptions{ + Accessor: s3cust.UpdateEndpointParameterAccessor{ + GetBucketFromInput: nopGetBucketAccessor, + }, + UsePathStyle: options.UsePathStyle, + UseAccelerate: options.UseAccelerate, + SupportsAccelerate: true, + TargetS3ObjectLambda: false, + EndpointResolver: options.EndpointResolver, + EndpointResolverOptions: options.EndpointOptions, + UseARNRegion: options.UseARNRegion, + DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, + }) +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListMultipartUploads.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListMultipartUploads.go index 4749ad10b..3e6853e68 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListMultipartUploads.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListMultipartUploads.go @@ -4,38 +4,75 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// This action lists in-progress multipart uploads. An in-progress multipart -// upload is a multipart upload that has been initiated using the Initiate -// Multipart Upload request, but has not yet been completed or aborted. This action -// returns at most 1,000 multipart uploads in the response. 1,000 multipart uploads -// is the maximum number of uploads a response can include, which is also the -// default value. You can further limit the number of uploads in a response by -// specifying the max-uploads parameter in the response. If additional multipart -// uploads satisfy the list criteria, the response will contain an IsTruncated -// element with the value true. To list the additional multipart uploads, use the -// key-marker and upload-id-marker request parameters. In the response, the -// uploads are sorted by key. If your application has initiated more than one -// multipart upload using the same object key, then uploads in the response are -// first sorted by key. Additionally, uploads are sorted in ascending order within -// each key by the upload initiation time. For more information on multipart -// uploads, see Uploading Objects Using Multipart Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html) -// . For information on permissions required to use the multipart upload API, see -// Multipart Upload and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) -// . The following operations are related to ListMultipartUploads : +// This operation lists in-progress multipart uploads in a bucket. An in-progress +// multipart upload is a multipart upload that has been initiated by the +// CreateMultipartUpload request, but has not yet been completed or aborted. +// Directory buckets - If multipart uploads in a directory bucket are in progress, +// you can't delete the bucket until all the in-progress multipart uploads are +// aborted or completed. The ListMultipartUploads operation returns a maximum of +// 1,000 multipart uploads in the response. The limit of 1,000 multipart uploads is +// also the default value. You can further limit the number of uploads in a +// response by specifying the max-uploads request parameter. If there are more +// than 1,000 multipart uploads that satisfy your ListMultipartUploads request, +// the response returns an IsTruncated element with the value of true , a +// NextKeyMarker element, and a NextUploadIdMarker element. To list the remaining +// multipart uploads, you need to make subsequent ListMultipartUploads requests. +// In these requests, include two query parameters: key-marker and upload-id-marker +// . Set the value of key-marker to the NextKeyMarker value from the previous +// response. Similarly, set the value of upload-id-marker to the NextUploadIdMarker +// value from the previous response. Directory buckets - The upload-id-marker +// element and the NextUploadIdMarker element aren't supported by directory +// buckets. To list the additional multipart uploads, you only need to set the +// value of key-marker to the NextKeyMarker value from the previous response. For +// more information about multipart uploads, see Uploading Objects Using Multipart +// Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html) +// in the Amazon S3 User Guide. Directory buckets - For directory buckets, you must +// make requests for this API operation to the Zonal endpoint. These endpoints +// support virtual-hosted-style requests in the format +// https://bucket_name.s3express-az_id.region.amazonaws.com/key-name . Path-style +// requests are not supported. For more information, see Regional and Zonal +// endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. Permissions +// - General purpose bucket permissions - For information about permissions +// required to use the multipart upload API, see Multipart Upload and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) +// in the Amazon S3 User Guide. +// - Directory bucket permissions - To grant access to this API operation on a +// directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant the +// s3express:CreateSession permission to the directory bucket in a bucket policy +// or an IAM identity-based policy. Then, you make the CreateSession API call on +// the bucket to obtain a session token. With the session token in your request +// header, you can make API requests to this operation. After the session token +// expires, you make another CreateSession API call to generate a new session +// token for use. Amazon Web Services CLI or SDKs create session and refresh the +// session token automatically to avoid service interruptions when a session +// expires. For more information about authorization, see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// . +// +// Sorting of multipart uploads in response +// - General purpose bucket - In the ListMultipartUploads response, the multipart +// uploads are sorted based on two criteria: +// - Key-based sorting - Multipart uploads are initially sorted in ascending +// order based on their object keys. +// - Time-based sorting - For uploads that share the same object key, they are +// further sorted in ascending order based on the upload initiation time. Among +// uploads with the same key, the one that was initiated first will appear before +// the ones that were initiated later. +// - Directory bucket - In the ListMultipartUploads response, the multipart +// uploads aren't sorted lexicographically based on the object keys. +// +// HTTP Host header syntax Directory buckets - The HTTP Host header syntax is +// Bucket_name.s3express-az_id.region.amazonaws.com . The following operations are +// related to ListMultipartUploads : // - CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) // - UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) // - CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) @@ -58,16 +95,26 @@ func (c *Client) ListMultipartUploads(ctx context.Context, params *ListMultipart type ListMultipartUploadsInput struct { - // The name of the bucket to which the multipart upload was initiated. When using - // this action with an access point, you must direct requests to the access point - // hostname. The access point hostname takes the form - // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this - // action with an access point through the Amazon Web Services SDKs, you provide - // the access point ARN in place of the bucket name. For more information about - // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form + // The name of the bucket to which the multipart upload was initiated. Directory + // buckets - When you use this operation with a directory bucket, you must use + // virtual-hosted-style requests in the format + // Bucket_name.s3express-az_id.region.amazonaws.com . Path-style requests are not + // supported. Directory bucket names must be unique in the chosen Availability + // Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 (for + // example, DOC-EXAMPLE-BUCKET--usw2-az2--x-s3 ). For information about bucket + // naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. Access points - When you use this action with an + // access point, you must provide the alias of the access point in place of the + // bucket name or specify the access point ARN. When using the access point ARN, + // you must direct requests to the access point hostname. The access point hostname + // takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. Access points and Object Lambda access points are + // not supported by directory buckets. S3 on Outposts - When you use this action + // with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts + // hostname. The S3 on Outposts hostname takes the form // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you // use this action with S3 on Outposts through the Amazon Web Services SDKs, you // provide the Outposts access point ARN in place of the bucket name. For more @@ -82,7 +129,8 @@ type ListMultipartUploadsInput struct { // prefix are grouped under a single result element, CommonPrefixes . If you don't // specify the prefix parameter, then the substring starts at the beginning of the // key. The keys that are grouped under CommonPrefixes result element are not - // returned elsewhere in the response. + // returned elsewhere in the response. Directory buckets - For directory buckets, / + // is the only supported delimiter. Delimiter *string // Requests Amazon S3 to encode the object keys in the response and specifies the @@ -93,50 +141,67 @@ type ListMultipartUploadsInput struct { // response. EncodingType types.EncodingType - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string - // Together with upload-id-marker , this parameter specifies the multipart upload - // after which listing should begin. If upload-id-marker is not specified, only - // the keys lexicographically greater than the specified key-marker will be - // included in the list. If upload-id-marker is specified, any multipart uploads - // for a key equal to the key-marker might also be included, provided those - // multipart uploads have upload IDs lexicographically greater than the specified - // upload-id-marker . + // Specifies the multipart upload after which listing should begin. + // - General purpose buckets - For general purpose buckets, key-marker is an + // object key. Together with upload-id-marker , this parameter specifies the + // multipart upload after which listing should begin. If upload-id-marker is not + // specified, only the keys lexicographically greater than the specified + // key-marker will be included in the list. If upload-id-marker is specified, any + // multipart uploads for a key equal to the key-marker might also be included, + // provided those multipart uploads have upload IDs lexicographically greater than + // the specified upload-id-marker . + // - Directory buckets - For directory buckets, key-marker is obfuscated and + // isn't a real object key. The upload-id-marker parameter isn't supported by + // directory buckets. To list the additional multipart uploads, you only need to + // set the value of key-marker to the NextKeyMarker value from the previous + // response. In the ListMultipartUploads response, the multipart uploads aren't + // sorted lexicographically based on the object keys. KeyMarker *string // Sets the maximum number of multipart uploads, from 1 to 1,000, to return in the // response body. 1,000 is the maximum number of uploads that can be returned in a // response. - MaxUploads int32 + MaxUploads *int32 // Lists in-progress uploads only for those keys that begin with the specified // prefix. You can use prefixes to separate a bucket into different grouping of // keys. (You can think of using prefix to make groups in the same way that you'd - // use a folder in a file system.) + // use a folder in a file system.) Directory buckets - For directory buckets, only + // prefixes that end in a delimiter ( / ) are supported. Prefix *string // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer // Together with key-marker, specifies the multipart upload after which listing // should begin. If key-marker is not specified, the upload-id-marker parameter is // ignored. Otherwise, any multipart uploads for a key equal to the key-marker // might be included in the list only if they have an upload ID lexicographically - // greater than the specified upload-id-marker . + // greater than the specified upload-id-marker . This functionality is not + // supported for directory buckets. UploadIdMarker *string noSmithyDocumentSerde } +func (in *ListMultipartUploadsInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.Prefix = in.Prefix + +} + type ListMultipartUploadsOutput struct { // The name of the bucket to which the multipart upload was initiated. Does not @@ -145,11 +210,14 @@ type ListMultipartUploadsOutput struct { // If you specify a delimiter in the request, then the result returns each // distinct key prefix containing the delimiter in a CommonPrefixes element. The - // distinct key prefixes are returned in the Prefix child element. + // distinct key prefixes are returned in the Prefix child element. Directory + // buckets - For directory buckets, only prefixes that end in a delimiter ( / ) are + // supported. CommonPrefixes []types.CommonPrefix // Contains the delimiter you specified in the request. If you don't specify a - // delimiter in your request, this element is absent from the response. + // delimiter in your request, this element is absent from the response. Directory + // buckets - For directory buckets, / is the only supported delimiter. Delimiter *string // Encoding type used by Amazon S3 to encode object keys in the response. If you @@ -162,32 +230,36 @@ type ListMultipartUploadsOutput struct { // of true indicates that the list was truncated. The list can be truncated if the // number of multipart uploads exceeds the limit allowed or specified by max // uploads. - IsTruncated bool + IsTruncated *bool // The key at or after which the listing began. KeyMarker *string // Maximum number of multipart uploads that could have been included in the // response. - MaxUploads int32 + MaxUploads *int32 // When a list is truncated, this element specifies the value that should be used // for the key-marker request parameter in a subsequent request. NextKeyMarker *string // When a list is truncated, this element specifies the value that should be used - // for the upload-id-marker request parameter in a subsequent request. + // for the upload-id-marker request parameter in a subsequent request. This + // functionality is not supported for directory buckets. NextUploadIdMarker *string // When a prefix is provided in the request, this field contains the specified // prefix. The result contains only keys starting with the specified prefix. + // Directory buckets - For directory buckets, only prefixes that end in a delimiter + // ( / ) are supported. Prefix *string // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged - // Upload ID after which listing began. + // Upload ID after which listing began. This functionality is not supported for + // directory buckets. UploadIdMarker *string // Container for elements related to a particular multipart upload. A response can @@ -201,6 +273,9 @@ type ListMultipartUploadsOutput struct { } func (c *Client) addOperationListMultipartUploadsMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpListMultipartUploads{}, middleware.After) if err != nil { return err @@ -209,6 +284,10 @@ func (c *Client) addOperationListMultipartUploadsMiddlewares(stack *middleware.S if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "ListMultipartUploads"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -230,9 +309,6 @@ func (c *Client) addOperationListMultipartUploadsMiddlewares(stack *middleware.S if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -248,10 +324,10 @@ func (c *Client) addOperationListMultipartUploadsMiddlewares(stack *middleware.S if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addListMultipartUploadsResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpListMultipartUploadsValidationMiddleware(stack); err != nil { @@ -281,7 +357,7 @@ func (c *Client) addOperationListMultipartUploadsMiddlewares(stack *middleware.S if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -301,7 +377,6 @@ func newServiceMetadataMiddleware_opListMultipartUploads(region string) *awsmidd return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "ListMultipartUploads", } } @@ -331,139 +406,3 @@ func addListMultipartUploadsUpdateEndpoint(stack *middleware.Stack, options Opti DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opListMultipartUploadsResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opListMultipartUploadsResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opListMultipartUploadsResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*ListMultipartUploadsInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addListMultipartUploadsResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opListMultipartUploadsResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListObjectVersions.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListObjectVersions.go index 00ef2e9ee..2a0cd10fa 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListObjectVersions.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListObjectVersions.go @@ -4,29 +4,24 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Returns metadata about all versions of the objects in a bucket. You can also -// use request parameters as selection criteria to return metadata about a subset -// of all the object versions. To use this operation, you must have permission to -// perform the s3:ListBucketVersions action. Be aware of the name difference. A -// 200 OK response can contain valid or invalid XML. Make sure to design your -// application to parse the contents of the response and handle it appropriately. -// To use this operation, you must have READ access to the bucket. This action is -// not supported by Amazon S3 on Outposts. The following operations are related to -// ListObjectVersions : +// This operation is not supported by directory buckets. Returns metadata about +// all versions of the objects in a bucket. You can also use request parameters as +// selection criteria to return metadata about a subset of all the object versions. +// To use this operation, you must have permission to perform the +// s3:ListBucketVersions action. Be aware of the name difference. A 200 OK +// response can contain valid or invalid XML. Make sure to design your application +// to parse the contents of the response and handle it appropriately. To use this +// operation, you must have READ access to the bucket. The following operations are +// related to ListObjectVersions : // - ListObjectsV2 (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html) // - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) // - PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) @@ -68,9 +63,9 @@ type ListObjectVersionsInput struct { // response. EncodingType types.EncodingType - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Specifies the key to start with when listing objects in a bucket. @@ -81,7 +76,7 @@ type ListObjectVersionsInput struct { // will never contain more. If additional keys satisfy the search criteria, but // were not returned because max-keys was exceeded, the response contains true . To // return the additional keys, see key-marker and version-id-marker . - MaxKeys int32 + MaxKeys *int32 // Specifies the optional fields that you want returned in the response. Fields // that you do not specify are not returned. @@ -96,11 +91,12 @@ type ListObjectVersionsInput struct { // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer // Specifies the object version you want to start listing from. @@ -109,6 +105,12 @@ type ListObjectVersionsInput struct { noSmithyDocumentSerde } +func (in *ListObjectVersionsInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.Prefix = in.Prefix + +} + type ListObjectVersionsOutput struct { // All of the keys rolled up into a common prefix count as a single return when @@ -136,13 +138,13 @@ type ListObjectVersionsOutput struct { // follow-up paginated request by using the NextKeyMarker and NextVersionIdMarker // response parameters as a starting place in another request to return the rest of // the results. - IsTruncated bool + IsTruncated *bool // Marks the last key returned in a truncated response. KeyMarker *string // Specifies the maximum number of objects to return. - MaxKeys int32 + MaxKeys *int32 // The bucket name. Name *string @@ -162,7 +164,7 @@ type ListObjectVersionsOutput struct { Prefix *string // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged // Marks the last version of the key returned in a truncated response. @@ -178,6 +180,9 @@ type ListObjectVersionsOutput struct { } func (c *Client) addOperationListObjectVersionsMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpListObjectVersions{}, middleware.After) if err != nil { return err @@ -186,6 +191,10 @@ func (c *Client) addOperationListObjectVersionsMiddlewares(stack *middleware.Sta if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "ListObjectVersions"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -207,9 +216,6 @@ func (c *Client) addOperationListObjectVersionsMiddlewares(stack *middleware.Sta if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -225,10 +231,10 @@ func (c *Client) addOperationListObjectVersionsMiddlewares(stack *middleware.Sta if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addListObjectVersionsResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpListObjectVersionsValidationMiddleware(stack); err != nil { @@ -258,7 +264,7 @@ func (c *Client) addOperationListObjectVersionsMiddlewares(stack *middleware.Sta if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -278,7 +284,6 @@ func newServiceMetadataMiddleware_opListObjectVersions(region string) *awsmiddle return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "ListObjectVersions", } } @@ -308,139 +313,3 @@ func addListObjectVersionsUpdateEndpoint(stack *middleware.Stack, options Option DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opListObjectVersionsResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opListObjectVersionsResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opListObjectVersionsResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*ListObjectVersionsInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addListObjectVersionsResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opListObjectVersionsResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListObjects.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListObjects.go index 19821bba2..f0732edc7 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListObjects.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListObjects.go @@ -4,26 +4,21 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Returns some or all (up to 1,000) of the objects in a bucket. You can use the -// request parameters as selection criteria to return a subset of the objects in a -// bucket. A 200 OK response can contain valid or invalid XML. Be sure to design -// your application to parse the contents of the response and handle it -// appropriately. This action has been revised. We recommend that you use the newer -// version, ListObjectsV2 (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html) +// This operation is not supported by directory buckets. Returns some or all (up +// to 1,000) of the objects in a bucket. You can use the request parameters as +// selection criteria to return a subset of the objects in a bucket. A 200 OK +// response can contain valid or invalid XML. Be sure to design your application to +// parse the contents of the response and handle it appropriately. This action has +// been revised. We recommend that you use the newer version, ListObjectsV2 (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html) // , when developing applications. For backward compatibility, Amazon S3 continues // to support ListObjects . The following operations are related to ListObjects : // - ListObjectsV2 (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html) @@ -48,16 +43,26 @@ func (c *Client) ListObjects(ctx context.Context, params *ListObjectsInput, optF type ListObjectsInput struct { - // The name of the bucket containing the objects. When using this action with an - // access point, you must direct requests to the access point hostname. The access - // point hostname takes the form - // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this - // action with an access point through the Amazon Web Services SDKs, you provide - // the access point ARN in place of the bucket name. For more information about - // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form + // The name of the bucket containing the objects. Directory buckets - When you use + // this operation with a directory bucket, you must use virtual-hosted-style + // requests in the format Bucket_name.s3express-az_id.region.amazonaws.com . + // Path-style requests are not supported. Directory bucket names must be unique in + // the chosen Availability Zone. Bucket names must follow the format + // bucket_base_name--az-id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az2--x-s3 + // ). For information about bucket naming restrictions, see Directory bucket + // naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. Access points - When you use this action with an + // access point, you must provide the alias of the access point in place of the + // bucket name or specify the access point ARN. When using the access point ARN, + // you must direct requests to the access point hostname. The access point hostname + // takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. Access points and Object Lambda access points are + // not supported by directory buckets. S3 on Outposts - When you use this action + // with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts + // hostname. The S3 on Outposts hostname takes the form // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you // use this action with S3 on Outposts through the Amazon Web Services SDKs, you // provide the Outposts access point ARN in place of the bucket name. For more @@ -78,9 +83,9 @@ type ListObjectsInput struct { // response. EncodingType types.EncodingType - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Marker is where you want Amazon S3 to start listing from. Amazon S3 starts @@ -90,7 +95,7 @@ type ListObjectsInput struct { // Sets the maximum number of keys returned in the response. By default, the // action returns up to 1,000 key names. The response might contain fewer keys but // will never contain more. - MaxKeys int32 + MaxKeys *int32 // Specifies the optional fields that you want returned in the response. Fields // that you do not specify are not returned. @@ -107,6 +112,12 @@ type ListObjectsInput struct { noSmithyDocumentSerde } +func (in *ListObjectsInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.Prefix = in.Prefix + +} + type ListObjectsOutput struct { // All of the keys (up to 1,000) rolled up in a common prefix count as a single @@ -135,14 +146,14 @@ type ListObjectsOutput struct { // A flag that indicates whether Amazon S3 returned all of the results that // satisfied the search criteria. - IsTruncated bool + IsTruncated *bool // Indicates where in the bucket listing begins. Marker is included in the // response if it was sent with the request. Marker *string // The maximum number of keys returned in the response body. - MaxKeys int32 + MaxKeys *int32 // The bucket name. Name *string @@ -161,7 +172,7 @@ type ListObjectsOutput struct { Prefix *string // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged // Metadata pertaining to the operation's result. @@ -171,6 +182,9 @@ type ListObjectsOutput struct { } func (c *Client) addOperationListObjectsMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpListObjects{}, middleware.After) if err != nil { return err @@ -179,6 +193,10 @@ func (c *Client) addOperationListObjectsMiddlewares(stack *middleware.Stack, opt if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "ListObjects"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -200,9 +218,6 @@ func (c *Client) addOperationListObjectsMiddlewares(stack *middleware.Stack, opt if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -218,10 +233,10 @@ func (c *Client) addOperationListObjectsMiddlewares(stack *middleware.Stack, opt if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addListObjectsResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpListObjectsValidationMiddleware(stack); err != nil { @@ -251,7 +266,7 @@ func (c *Client) addOperationListObjectsMiddlewares(stack *middleware.Stack, opt if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -271,7 +286,6 @@ func newServiceMetadataMiddleware_opListObjects(region string) *awsmiddleware.Re return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "ListObjects", } } @@ -301,139 +315,3 @@ func addListObjectsUpdateEndpoint(stack *middleware.Stack, options Options) erro DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opListObjectsResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opListObjectsResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opListObjectsResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*ListObjectsInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addListObjectsResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opListObjectsResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListObjectsV2.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListObjectsV2.go index db25aadf5..b2f182dfb 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListObjectsV2.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListObjectsV2.go @@ -4,16 +4,11 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) @@ -22,21 +17,47 @@ import ( // You can use the request parameters as selection criteria to return a subset of // the objects in a bucket. A 200 OK response can contain valid or invalid XML. // Make sure to design your application to parse the contents of the response and -// handle it appropriately. Objects are returned sorted in an ascending order of -// the respective key names in the list. For more information about listing -// objects, see Listing object keys programmatically (https://docs.aws.amazon.com/AmazonS3/latest/userguide/ListingKeysUsingAPIs.html) -// in the Amazon S3 User Guide. To use this operation, you must have READ access to -// the bucket. To use this action in an Identity and Access Management (IAM) -// policy, you must have permission to perform the s3:ListBucket action. The -// bucket owner has this permission by default and can grant this permission to -// others. For more information about permissions, see Permissions Related to -// Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) -// in the Amazon S3 User Guide. This section describes the latest revision of this -// action. We recommend that you use this revised API operation for application -// development. For backward compatibility, Amazon S3 continues to support the -// prior version of this API operation, ListObjects (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjects.html) -// . To get a list of your buckets, see ListBuckets (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html) +// handle it appropriately. For more information about listing objects, see +// Listing object keys programmatically (https://docs.aws.amazon.com/AmazonS3/latest/userguide/ListingKeysUsingAPIs.html) +// in the Amazon S3 User Guide. To get a list of your buckets, see ListBuckets (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html) +// . Directory buckets - For directory buckets, you must make requests for this API +// operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format +// https://bucket_name.s3express-az_id.region.amazonaws.com/key-name . Path-style +// requests are not supported. For more information, see Regional and Zonal +// endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. Permissions +// - General purpose bucket permissions - To use this operation, you must have +// READ access to the bucket. You must have permission to perform the +// s3:ListBucket action. The bucket owner has this permission by default and can +// grant this permission to others. For more information about permissions, see +// Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) +// in the Amazon S3 User Guide. +// - Directory bucket permissions - To grant access to this API operation on a +// directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant the +// s3express:CreateSession permission to the directory bucket in a bucket policy +// or an IAM identity-based policy. Then, you make the CreateSession API call on +// the bucket to obtain a session token. With the session token in your request +// header, you can make API requests to this operation. After the session token +// expires, you make another CreateSession API call to generate a new session +// token for use. Amazon Web Services CLI or SDKs create session and refresh the +// session token automatically to avoid service interruptions when a session +// expires. For more information about authorization, see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// . +// +// Sorting order of returned objects +// - General purpose bucket - For general purpose buckets, ListObjectsV2 returns +// objects in lexicographical order based on their key names. +// - Directory bucket - For directory buckets, ListObjectsV2 does not return +// objects in lexicographical order. +// +// HTTP Host header syntax Directory buckets - The HTTP Host header syntax is +// Bucket_name.s3express-az_id.region.amazonaws.com . This section describes the +// latest revision of this action. We recommend that you use this revised API +// operation for application development. For backward compatibility, Amazon S3 +// continues to support the prior version of this API operation, ListObjects (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjects.html) // . The following operations are related to ListObjectsV2 : // - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) // - PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) @@ -58,15 +79,25 @@ func (c *Client) ListObjectsV2(ctx context.Context, params *ListObjectsV2Input, type ListObjectsV2Input struct { - // Bucket name to list. When using this action with an access point, you must - // direct requests to the access point hostname. The access point hostname takes - // the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When - // using this action with an access point through the Amazon Web Services SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form + // Directory buckets - When you use this operation with a directory bucket, you + // must use virtual-hosted-style requests in the format + // Bucket_name.s3express-az_id.region.amazonaws.com . Path-style requests are not + // supported. Directory bucket names must be unique in the chosen Availability + // Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 (for + // example, DOC-EXAMPLE-BUCKET--usw2-az2--x-s3 ). For information about bucket + // naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. Access points - When you use this action with an + // access point, you must provide the alias of the access point in place of the + // bucket name or specify the access point ARN. When using the access point ARN, + // you must direct requests to the access point hostname. The access point hostname + // takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. Access points and Object Lambda access points are + // not supported by directory buckets. S3 on Outposts - When you use this action + // with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts + // hostname. The S3 on Outposts hostname takes the form // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you // use this action with S3 on Outposts through the Amazon Web Services SDKs, you // provide the Outposts access point ARN in place of the bucket name. For more @@ -77,73 +108,103 @@ type ListObjectsV2Input struct { Bucket *string // ContinuationToken indicates to Amazon S3 that the list is being continued on - // this bucket with a token. ContinuationToken is obfuscated and is not a real key. + // this bucket with a token. ContinuationToken is obfuscated and is not a real + // key. You can use this ContinuationToken for pagination of the list results. ContinuationToken *string // A delimiter is a character that you use to group keys. + // - Directory buckets - For directory buckets, / is the only supported + // delimiter. + // - Directory buckets - When you query ListObjectsV2 with a delimiter during + // in-progress multipart uploads, the CommonPrefixes response parameter contains + // the prefixes that are associated with the in-progress multipart uploads. For + // more information about multipart uploads, see Multipart Upload Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) + // in the Amazon S3 User Guide. Delimiter *string // Encoding type used by Amazon S3 to encode object keys in the response. EncodingType types.EncodingType - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // The owner field is not present in ListObjectsV2 by default. If you want to // return the owner field with each key in the result, then set the FetchOwner - // field to true . - FetchOwner bool + // field to true . Directory buckets - For directory buckets, the bucket owner is + // returned as the object owner for all objects. + FetchOwner *bool // Sets the maximum number of keys returned in the response. By default, the // action returns up to 1,000 key names. The response might contain fewer keys but // will never contain more. - MaxKeys int32 + MaxKeys *int32 // Specifies the optional fields that you want returned in the response. Fields - // that you do not specify are not returned. + // that you do not specify are not returned. This functionality is not supported + // for directory buckets. OptionalObjectAttributes []types.OptionalObjectAttributes - // Limits the response to keys that begin with the specified prefix. + // Limits the response to keys that begin with the specified prefix. Directory + // buckets - For directory buckets, only prefixes that end in a delimiter ( / ) are + // supported. Prefix *string // Confirms that the requester knows that she or he will be charged for the list // objects request in V2 style. Bucket owners need not specify this parameter in - // their requests. + // their requests. This functionality is not supported for directory buckets. RequestPayer types.RequestPayer // StartAfter is where you want Amazon S3 to start listing from. Amazon S3 starts - // listing after this specified key. StartAfter can be any key in the bucket. + // listing after this specified key. StartAfter can be any key in the bucket. This + // functionality is not supported for directory buckets. StartAfter *string noSmithyDocumentSerde } +func (in *ListObjectsV2Input) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.Prefix = in.Prefix + +} + type ListObjectsV2Output struct { - // All of the keys (up to 1,000) rolled up into a common prefix count as a single - // return when calculating the number of returns. A response can contain - // CommonPrefixes only if you specify a delimiter. CommonPrefixes contains all (if - // there are any) keys between Prefix and the next occurrence of the string - // specified by a delimiter. CommonPrefixes lists keys that act like - // subdirectories in the directory specified by Prefix . For example, if the prefix - // is notes/ and the delimiter is a slash ( / ) as in notes/summer/july , the - // common prefix is notes/summer/ . All of the keys that roll up into a common - // prefix count as a single return when calculating the number of returns. + // All of the keys (up to 1,000) that share the same prefix are grouped together. + // When counting the total numbers of returns by this API operation, this group of + // keys is considered as one item. A response can contain CommonPrefixes only if + // you specify a delimiter. CommonPrefixes contains all (if there are any) keys + // between Prefix and the next occurrence of the string specified by a delimiter. + // CommonPrefixes lists keys that act like subdirectories in the directory + // specified by Prefix . For example, if the prefix is notes/ and the delimiter is + // a slash ( / ) as in notes/summer/july , the common prefix is notes/summer/ . All + // of the keys that roll up into a common prefix count as a single return when + // calculating the number of returns. + // - Directory buckets - For directory buckets, only prefixes that end in a + // delimiter ( / ) are supported. + // - Directory buckets - When you query ListObjectsV2 with a delimiter during + // in-progress multipart uploads, the CommonPrefixes response parameter contains + // the prefixes that are associated with the in-progress multipart uploads. For + // more information about multipart uploads, see Multipart Upload Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) + // in the Amazon S3 User Guide. CommonPrefixes []types.CommonPrefix // Metadata about each object returned. Contents []types.Object // If ContinuationToken was sent with the request, it is included in the response. + // You can use the returned ContinuationToken for pagination of the list response. + // You can use this ContinuationToken for pagination of the list results. ContinuationToken *string // Causes keys that contain the same string between the prefix and the first // occurrence of the delimiter to be rolled up into a single result element in the // CommonPrefixes collection. These rolled-up keys are not returned elsewhere in // the response. Each rolled-up result counts as only one return against the - // MaxKeys value. + // MaxKeys value. Directory buckets - For directory buckets, / is the only + // supported delimiter. Delimiter *string // Encoding type used by Amazon S3 to encode object key names in the XML response. @@ -155,32 +216,19 @@ type ListObjectsV2Output struct { // Set to false if all of the results were returned. Set to true if more keys are // available to return. If the number of results exceeds that specified by MaxKeys // , all of the results might not be returned. - IsTruncated bool + IsTruncated *bool // KeyCount is the number of keys returned with this request. KeyCount will always // be less than or equal to the MaxKeys field. For example, if you ask for 50 // keys, your result will include 50 keys or fewer. - KeyCount int32 + KeyCount *int32 // Sets the maximum number of keys returned in the response. By default, the // action returns up to 1,000 key names. The response might contain fewer keys but // will never contain more. - MaxKeys int32 + MaxKeys *int32 - // The bucket name. When using this action with an access point, you must direct - // requests to the access point hostname. The access point hostname takes the form - // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this - // action with an access point through the Amazon Web Services SDKs, you provide - // the access point ARN in place of the bucket name. For more information about - // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you - // use this action with S3 on Outposts through the Amazon Web Services SDKs, you - // provide the Outposts access point ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see What is S3 on Outposts? (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) - // in the Amazon S3 User Guide. + // The bucket name. Name *string // NextContinuationToken is sent when isTruncated is true, which means there are @@ -189,14 +237,16 @@ type ListObjectsV2Output struct { // obfuscated and is not a real key NextContinuationToken *string - // Keys that begin with the indicated prefix. + // Keys that begin with the indicated prefix. Directory buckets - For directory + // buckets, only prefixes that end in a delimiter ( / ) are supported. Prefix *string // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged - // If StartAfter was sent with the request, it is included in the response. + // If StartAfter was sent with the request, it is included in the response. This + // functionality is not supported for directory buckets. StartAfter *string // Metadata pertaining to the operation's result. @@ -206,6 +256,9 @@ type ListObjectsV2Output struct { } func (c *Client) addOperationListObjectsV2Middlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpListObjectsV2{}, middleware.After) if err != nil { return err @@ -214,6 +267,10 @@ func (c *Client) addOperationListObjectsV2Middlewares(stack *middleware.Stack, o if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "ListObjectsV2"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -235,9 +292,6 @@ func (c *Client) addOperationListObjectsV2Middlewares(stack *middleware.Stack, o if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -253,10 +307,10 @@ func (c *Client) addOperationListObjectsV2Middlewares(stack *middleware.Stack, o if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addListObjectsV2ResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpListObjectsV2ValidationMiddleware(stack); err != nil { @@ -286,7 +340,7 @@ func (c *Client) addOperationListObjectsV2Middlewares(stack *middleware.Stack, o if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -337,8 +391,8 @@ func NewListObjectsV2Paginator(client ListObjectsV2APIClient, params *ListObject } options := ListObjectsV2PaginatorOptions{} - if params.MaxKeys != 0 { - options.Limit = params.MaxKeys + if params.MaxKeys != nil { + options.Limit = *params.MaxKeys } for _, fn := range optFns { @@ -368,7 +422,11 @@ func (p *ListObjectsV2Paginator) NextPage(ctx context.Context, optFns ...func(*O params := *p.params params.ContinuationToken = p.nextToken - params.MaxKeys = p.options.Limit + var limit *int32 + if p.options.Limit > 0 { + limit = &p.options.Limit + } + params.MaxKeys = limit result, err := p.client.ListObjectsV2(ctx, ¶ms, optFns...) if err != nil { @@ -378,7 +436,7 @@ func (p *ListObjectsV2Paginator) NextPage(ctx context.Context, optFns ...func(*O prevToken := p.nextToken p.nextToken = nil - if result.IsTruncated { + if result.IsTruncated != nil && *result.IsTruncated { p.nextToken = result.NextContinuationToken } @@ -396,7 +454,6 @@ func newServiceMetadataMiddleware_opListObjectsV2(region string) *awsmiddleware. return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "ListObjectsV2", } } @@ -426,139 +483,3 @@ func addListObjectsV2UpdateEndpoint(stack *middleware.Stack, options Options) er DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opListObjectsV2ResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opListObjectsV2ResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opListObjectsV2ResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*ListObjectsV2Input) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addListObjectsV2ResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opListObjectsV2ResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListParts.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListParts.go index 14ef6f91f..11b0d59b6 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListParts.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_ListParts.go @@ -4,37 +4,59 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" "time" ) -// Lists the parts that have been uploaded for a specific multipart upload. This -// operation must include the upload ID, which you obtain by sending the initiate -// multipart upload request (see CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) -// ). This request returns a maximum of 1,000 uploaded parts. The default number of -// parts returned is 1,000 parts. You can restrict the number of parts returned by -// specifying the max-parts request parameter. If your multipart upload consists -// of more than 1,000 parts, the response returns an IsTruncated field with the -// value of true, and a NextPartNumberMarker element. In subsequent ListParts -// requests you can include the part-number-marker query string parameter and set -// its value to the NextPartNumberMarker field value from the previous response. -// If the upload was created using a checksum algorithm, you will need to have -// permission to the kms:Decrypt action for the request to succeed. For more +// Lists the parts that have been uploaded for a specific multipart upload. To use +// this operation, you must provide the upload ID in the request. You obtain this +// uploadID by sending the initiate multipart upload request through +// CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) +// . The ListParts request returns a maximum of 1,000 uploaded parts. The limit of +// 1,000 parts is also the default value. You can restrict the number of parts in a +// response by specifying the max-parts request parameter. If your multipart +// upload consists of more than 1,000 parts, the response returns an IsTruncated +// field with the value of true , and a NextPartNumberMarker element. To list +// remaining uploaded parts, in subsequent ListParts requests, include the +// part-number-marker query string parameter and set its value to the +// NextPartNumberMarker field value from the previous response. For more // information on multipart uploads, see Uploading Objects Using Multipart Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html) -// . For information on permissions required to use the multipart upload API, see -// Multipart Upload and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) -// . The following operations are related to ListParts : +// in the Amazon S3 User Guide. Directory buckets - For directory buckets, you must +// make requests for this API operation to the Zonal endpoint. These endpoints +// support virtual-hosted-style requests in the format +// https://bucket_name.s3express-az_id.region.amazonaws.com/key-name . Path-style +// requests are not supported. For more information, see Regional and Zonal +// endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. Permissions +// - General purpose bucket permissions - For information about permissions +// required to use the multipart upload API, see Multipart Upload and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) +// in the Amazon S3 User Guide. If the upload was created using server-side +// encryption with Key Management Service (KMS) keys (SSE-KMS) or dual-layer +// server-side encryption with Amazon Web Services KMS keys (DSSE-KMS), you must +// have permission to the kms:Decrypt action for the ListParts request to +// succeed. +// - Directory bucket permissions - To grant access to this API operation on a +// directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant the +// s3express:CreateSession permission to the directory bucket in a bucket policy +// or an IAM identity-based policy. Then, you make the CreateSession API call on +// the bucket to obtain a session token. With the session token in your request +// header, you can make API requests to this operation. After the session token +// expires, you make another CreateSession API call to generate a new session +// token for use. Amazon Web Services CLI or SDKs create session and refresh the +// session token automatically to avoid service interruptions when a session +// expires. For more information about authorization, see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// . +// +// HTTP Host header syntax Directory buckets - The HTTP Host header syntax is +// Bucket_name.s3express-az_id.region.amazonaws.com . The following operations are +// related to ListParts : // - CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) // - UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) // - CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) @@ -58,16 +80,26 @@ func (c *Client) ListParts(ctx context.Context, params *ListPartsInput, optFns . type ListPartsInput struct { - // The name of the bucket to which the parts are being uploaded. When using this - // action with an access point, you must direct requests to the access point - // hostname. The access point hostname takes the form - // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this - // action with an access point through the Amazon Web Services SDKs, you provide - // the access point ARN in place of the bucket name. For more information about - // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form + // The name of the bucket to which the parts are being uploaded. Directory buckets + // - When you use this operation with a directory bucket, you must use + // virtual-hosted-style requests in the format + // Bucket_name.s3express-az_id.region.amazonaws.com . Path-style requests are not + // supported. Directory bucket names must be unique in the chosen Availability + // Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 (for + // example, DOC-EXAMPLE-BUCKET--usw2-az2--x-s3 ). For information about bucket + // naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. Access points - When you use this action with an + // access point, you must provide the alias of the access point in place of the + // bucket name or specify the access point ARN. When using the access point ARN, + // you must direct requests to the access point hostname. The access point hostname + // takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. Access points and Object Lambda access points are + // not supported by directory buckets. S3 on Outposts - When you use this action + // with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts + // hostname. The S3 on Outposts hostname takes the form // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you // use this action with S3 on Outposts through the Amazon Web Services SDKs, you // provide the Outposts access point ARN in place of the bucket name. For more @@ -87,13 +119,13 @@ type ListPartsInput struct { // This member is required. UploadId *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Sets the maximum number of parts to return. - MaxParts int32 + MaxParts *int32 // Specifies the part after which listing should begin. Only parts with higher // part numbers will be listed. @@ -101,34 +133,44 @@ type ListPartsInput struct { // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer // The server-side encryption (SSE) algorithm used to encrypt the object. This // parameter is needed only when the object was created using a checksum algorithm. // For more information, see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. SSECustomerAlgorithm *string // The server-side encryption (SSE) customer managed key. This parameter is needed // only when the object was created using a checksum algorithm. For more // information, see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. SSECustomerKey *string // The MD5 server-side encryption (SSE) customer managed key. This parameter is // needed only when the object was created using a checksum algorithm. For more // information, see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. SSECustomerKeyMD5 *string noSmithyDocumentSerde } +func (in *ListPartsInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.Key = in.Key + +} + type ListPartsOutput struct { // If the bucket has a lifecycle rule configured with an action to abort @@ -139,11 +181,13 @@ type ListPartsOutput struct { // Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) // . The response will also include the x-amz-abort-rule-id header that will // provide the ID of the lifecycle configuration rule that defines this action. + // This functionality is not supported for directory buckets. AbortDate *time.Time // This header is returned along with the x-amz-abort-date header. It identifies // applicable lifecycle configuration rule that defines the action to abort - // incomplete multipart uploads. + // incomplete multipart uploads. This functionality is not supported for directory + // buckets. AbortRuleId *string // The name of the bucket to which the multipart upload was initiated. Does not @@ -162,13 +206,13 @@ type ListPartsOutput struct { // Indicates whether the returned list of parts is truncated. A true value // indicates that the list was truncated. A list can be truncated if the number of // parts exceeds the limit returned in the MaxParts element. - IsTruncated bool + IsTruncated *bool // Object key for which the multipart upload was initiated. Key *string // Maximum number of parts that were allowed in the response. - MaxParts int32 + MaxParts *int32 // When a list is truncated, this element specifies the last part in the list, as // well as the value to use for the part-number-marker request parameter in a @@ -177,7 +221,8 @@ type ListPartsOutput struct { // Container element that identifies the object owner, after the object is // created. If multipart upload is initiated by an IAM user, this element provides - // the parent account ID and display name. + // the parent account ID and display name. Directory buckets - The bucket owner is + // returned as the object owner for all the parts. Owner *types.Owner // When a list is truncated, this element specifies the last part in the list, as @@ -190,11 +235,12 @@ type ListPartsOutput struct { Parts []types.Part // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged - // Class of storage (STANDARD or REDUCED_REDUNDANCY) used to store the uploaded - // object. + // The class of storage used to store the uploaded object. Directory buckets - + // Only the S3 Express One Zone storage class is supported by directory buckets to + // store objects. StorageClass types.StorageClass // Upload ID identifying the multipart upload whose parts are being listed. @@ -207,6 +253,9 @@ type ListPartsOutput struct { } func (c *Client) addOperationListPartsMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpListParts{}, middleware.After) if err != nil { return err @@ -215,6 +264,10 @@ func (c *Client) addOperationListPartsMiddlewares(stack *middleware.Stack, optio if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "ListParts"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -236,9 +289,6 @@ func (c *Client) addOperationListPartsMiddlewares(stack *middleware.Stack, optio if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -254,10 +304,10 @@ func (c *Client) addOperationListPartsMiddlewares(stack *middleware.Stack, optio if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addListPartsResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpListPartsValidationMiddleware(stack); err != nil { @@ -287,7 +337,7 @@ func (c *Client) addOperationListPartsMiddlewares(stack *middleware.Stack, optio if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -336,8 +386,8 @@ func NewListPartsPaginator(client ListPartsAPIClient, params *ListPartsInput, op } options := ListPartsPaginatorOptions{} - if params.MaxParts != 0 { - options.Limit = params.MaxParts + if params.MaxParts != nil { + options.Limit = *params.MaxParts } for _, fn := range optFns { @@ -367,7 +417,11 @@ func (p *ListPartsPaginator) NextPage(ctx context.Context, optFns ...func(*Optio params := *p.params params.PartNumberMarker = p.nextToken - params.MaxParts = p.options.Limit + var limit *int32 + if p.options.Limit > 0 { + limit = &p.options.Limit + } + params.MaxParts = limit result, err := p.client.ListParts(ctx, ¶ms, optFns...) if err != nil { @@ -377,7 +431,7 @@ func (p *ListPartsPaginator) NextPage(ctx context.Context, optFns ...func(*Optio prevToken := p.nextToken p.nextToken = nil - if result.IsTruncated { + if result.IsTruncated != nil && *result.IsTruncated { p.nextToken = result.NextPartNumberMarker } @@ -395,7 +449,6 @@ func newServiceMetadataMiddleware_opListParts(region string) *awsmiddleware.Regi return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "ListParts", } } @@ -424,139 +477,3 @@ func addListPartsUpdateEndpoint(stack *middleware.Stack, options Options) error DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opListPartsResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opListPartsResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opListPartsResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*ListPartsInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addListPartsResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opListPartsResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketAccelerateConfiguration.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketAccelerateConfiguration.go index 723273d98..80344efb1 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketAccelerateConfiguration.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketAccelerateConfiguration.go @@ -4,28 +4,25 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Sets the accelerate configuration of an existing bucket. Amazon S3 Transfer -// Acceleration is a bucket-level feature that enables you to perform faster data -// transfers to Amazon S3. To use this operation, you must have permission to -// perform the s3:PutAccelerateConfiguration action. The bucket owner has this -// permission by default. The bucket owner can grant this permission to others. For -// more information about permissions, see Permissions Related to Bucket -// Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// This operation is not supported by directory buckets. Sets the accelerate +// configuration of an existing bucket. Amazon S3 Transfer Acceleration is a +// bucket-level feature that enables you to perform faster data transfers to Amazon +// S3. To use this operation, you must have permission to perform the +// s3:PutAccelerateConfiguration action. The bucket owner has this permission by +// default. The bucket owner can grant this permission to others. For more +// information about permissions, see Permissions Related to Bucket Subresource +// Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) // and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) // . The Transfer Acceleration state of a bucket can be set to one of the following // two values: @@ -69,24 +66,29 @@ type PutBucketAccelerateConfigurationInput struct { // This member is required. Bucket *string - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not using - // the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the - // HTTP status code 400 Bad Request . For more information, see Checking object - // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you use + // the SDK. This header will not provide any additional functionality if you don't + // use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request . For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3 // ignores any provided ChecksumAlgorithm parameter. ChecksumAlgorithm types.ChecksumAlgorithm - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *PutBucketAccelerateConfigurationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type PutBucketAccelerateConfigurationOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -95,6 +97,9 @@ type PutBucketAccelerateConfigurationOutput struct { } func (c *Client) addOperationPutBucketAccelerateConfigurationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutBucketAccelerateConfiguration{}, middleware.After) if err != nil { return err @@ -103,6 +108,10 @@ func (c *Client) addOperationPutBucketAccelerateConfigurationMiddlewares(stack * if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutBucketAccelerateConfiguration"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -124,9 +133,6 @@ func (c *Client) addOperationPutBucketAccelerateConfigurationMiddlewares(stack * if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -142,10 +148,10 @@ func (c *Client) addOperationPutBucketAccelerateConfigurationMiddlewares(stack * if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutBucketAccelerateConfigurationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutBucketAccelerateConfigurationValidationMiddleware(stack); err != nil { @@ -178,7 +184,7 @@ func (c *Client) addOperationPutBucketAccelerateConfigurationMiddlewares(stack * if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -198,7 +204,6 @@ func newServiceMetadataMiddleware_opPutBucketAccelerateConfiguration(region stri return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutBucketAccelerateConfiguration", } } @@ -248,139 +253,3 @@ func addPutBucketAccelerateConfigurationUpdateEndpoint(stack *middleware.Stack, DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutBucketAccelerateConfigurationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutBucketAccelerateConfigurationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutBucketAccelerateConfigurationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutBucketAccelerateConfigurationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutBucketAccelerateConfigurationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutBucketAccelerateConfigurationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketAcl.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketAcl.go index bb706bbee..6382d2769 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketAcl.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketAcl.go @@ -4,25 +4,22 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Sets the permissions on an existing bucket using access control lists (ACL). -// For more information, see Using ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html) -// . To set the ACL of a bucket, you must have WRITE_ACP permission. You can use -// one of the following two ways to set a bucket's permissions: +// This operation is not supported by directory buckets. Sets the permissions on +// an existing bucket using access control lists (ACL). For more information, see +// Using ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html) +// . To set the ACL of a bucket, you must have the WRITE_ACP permission. You can +// use one of the following two ways to set a bucket's permissions: // - Specify the ACL in the request body // - Specify permissions using request headers // @@ -129,12 +126,12 @@ type PutBucketAclInput struct { // Contains the elements that set the ACL permissions for an object per grantee. AccessControlPolicy *types.AccessControlPolicy - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not using - // the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the - // HTTP status code 400 Bad Request . For more information, see Checking object - // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you use + // the SDK. This header will not provide any additional functionality if you don't + // use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request . For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3 // ignores any provided ChecksumAlgorithm parameter. ChecksumAlgorithm types.ChecksumAlgorithm @@ -146,9 +143,9 @@ type PutBucketAclInput struct { // Amazon Web Services SDKs, this field is calculated automatically. ContentMD5 *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Allows grantee the read, write, read ACP, and write ACP permissions on the @@ -172,6 +169,11 @@ type PutBucketAclInput struct { noSmithyDocumentSerde } +func (in *PutBucketAclInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type PutBucketAclOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -180,6 +182,9 @@ type PutBucketAclOutput struct { } func (c *Client) addOperationPutBucketAclMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutBucketAcl{}, middleware.After) if err != nil { return err @@ -188,6 +193,10 @@ func (c *Client) addOperationPutBucketAclMiddlewares(stack *middleware.Stack, op if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutBucketAcl"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -209,9 +218,6 @@ func (c *Client) addOperationPutBucketAclMiddlewares(stack *middleware.Stack, op if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -227,10 +233,10 @@ func (c *Client) addOperationPutBucketAclMiddlewares(stack *middleware.Stack, op if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutBucketAclResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutBucketAclValidationMiddleware(stack); err != nil { @@ -263,12 +269,15 @@ func (c *Client) addOperationPutBucketAclMiddlewares(stack *middleware.Stack, op if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { return err } + if err = s3cust.AddExpressDefaultChecksumMiddleware(stack); err != nil { + return err + } return nil } @@ -283,7 +292,6 @@ func newServiceMetadataMiddleware_opPutBucketAcl(region string) *awsmiddleware.R return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutBucketAcl", } } @@ -333,139 +341,3 @@ func addPutBucketAclUpdateEndpoint(stack *middleware.Stack, options Options) err DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutBucketAclResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutBucketAclResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutBucketAclResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutBucketAclInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutBucketAclResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutBucketAclResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketAnalyticsConfiguration.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketAnalyticsConfiguration.go index 581c5ca46..9b1009f65 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketAnalyticsConfiguration.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketAnalyticsConfiguration.go @@ -4,31 +4,27 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Sets an analytics configuration for the bucket (specified by the analytics -// configuration ID). You can have up to 1,000 analytics configurations per bucket. -// You can choose to have storage class analysis export analysis reports sent to a -// comma-separated values (CSV) flat file. See the DataExport request element. -// Reports are updated daily and are based on the object filters that you -// configure. When selecting data export, you specify a destination bucket and an -// optional destination prefix where the file is written. You can export the data -// to a destination bucket in a different account. However, the destination bucket -// must be in the same Region as the bucket that you are making the PUT analytics -// configuration to. For more information, see Amazon S3 Analytics – Storage Class -// Analysis (https://docs.aws.amazon.com/AmazonS3/latest/dev/analytics-storage-class.html) +// This operation is not supported by directory buckets. Sets an analytics +// configuration for the bucket (specified by the analytics configuration ID). You +// can have up to 1,000 analytics configurations per bucket. You can choose to have +// storage class analysis export analysis reports sent to a comma-separated values +// (CSV) flat file. See the DataExport request element. Reports are updated daily +// and are based on the object filters that you configure. When selecting data +// export, you specify a destination bucket and an optional destination prefix +// where the file is written. You can export the data to a destination bucket in a +// different account. However, the destination bucket must be in the same Region as +// the bucket that you are making the PUT analytics configuration to. For more +// information, see Amazon S3 Analytics – Storage Class Analysis (https://docs.aws.amazon.com/AmazonS3/latest/dev/analytics-storage-class.html) // . You must create a bucket policy on the destination bucket where the exported // file is written to grant permissions to Amazon S3 to write objects to the // bucket. For an example policy, see Granting Permissions for Amazon S3 Inventory @@ -89,14 +85,19 @@ type PutBucketAnalyticsConfigurationInput struct { // This member is required. Id *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *PutBucketAnalyticsConfigurationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type PutBucketAnalyticsConfigurationOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -105,6 +106,9 @@ type PutBucketAnalyticsConfigurationOutput struct { } func (c *Client) addOperationPutBucketAnalyticsConfigurationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutBucketAnalyticsConfiguration{}, middleware.After) if err != nil { return err @@ -113,6 +117,10 @@ func (c *Client) addOperationPutBucketAnalyticsConfigurationMiddlewares(stack *m if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutBucketAnalyticsConfiguration"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -134,9 +142,6 @@ func (c *Client) addOperationPutBucketAnalyticsConfigurationMiddlewares(stack *m if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -152,10 +157,10 @@ func (c *Client) addOperationPutBucketAnalyticsConfigurationMiddlewares(stack *m if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutBucketAnalyticsConfigurationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutBucketAnalyticsConfigurationValidationMiddleware(stack); err != nil { @@ -185,7 +190,7 @@ func (c *Client) addOperationPutBucketAnalyticsConfigurationMiddlewares(stack *m if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -205,7 +210,6 @@ func newServiceMetadataMiddleware_opPutBucketAnalyticsConfiguration(region strin return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutBucketAnalyticsConfiguration", } } @@ -235,139 +239,3 @@ func addPutBucketAnalyticsConfigurationUpdateEndpoint(stack *middleware.Stack, o DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutBucketAnalyticsConfigurationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutBucketAnalyticsConfigurationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutBucketAnalyticsConfigurationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutBucketAnalyticsConfigurationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutBucketAnalyticsConfigurationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutBucketAnalyticsConfigurationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketCors.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketCors.go index 7a1f49c33..394a2bad8 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketCors.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketCors.go @@ -4,33 +4,30 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Sets the cors configuration for your bucket. If the configuration exists, -// Amazon S3 replaces it. To use this operation, you must be allowed to perform the -// s3:PutBucketCORS action. By default, the bucket owner has this permission and -// can grant it to others. You set this configuration on a bucket so that the -// bucket can service cross-origin requests. For example, you might want to enable -// a request whose origin is http://www.example.com to access your Amazon S3 -// bucket at my.example.bucket.com by using the browser's XMLHttpRequest -// capability. To enable cross-origin resource sharing (CORS) on a bucket, you add -// the cors subresource to the bucket. The cors subresource is an XML document in -// which you configure rules that identify origins and the HTTP methods that can be -// executed on your bucket. The document is limited to 64 KB in size. When Amazon -// S3 receives a cross-origin request (or a pre-flight OPTIONS request) against a +// This operation is not supported by directory buckets. Sets the cors +// configuration for your bucket. If the configuration exists, Amazon S3 replaces +// it. To use this operation, you must be allowed to perform the s3:PutBucketCORS +// action. By default, the bucket owner has this permission and can grant it to +// others. You set this configuration on a bucket so that the bucket can service +// cross-origin requests. For example, you might want to enable a request whose +// origin is http://www.example.com to access your Amazon S3 bucket at +// my.example.bucket.com by using the browser's XMLHttpRequest capability. To +// enable cross-origin resource sharing (CORS) on a bucket, you add the cors +// subresource to the bucket. The cors subresource is an XML document in which you +// configure rules that identify origins and the HTTP methods that can be executed +// on your bucket. The document is limited to 64 KB in size. When Amazon S3 +// receives a cross-origin request (or a pre-flight OPTIONS request) against a // bucket, it evaluates the cors configuration on the bucket and uses the first // CORSRule rule that matches the incoming browser request to enable a cross-origin // request. For a rule to match, the following conditions must be met: @@ -76,12 +73,12 @@ type PutBucketCorsInput struct { // This member is required. CORSConfiguration *types.CORSConfiguration - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not using - // the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the - // HTTP status code 400 Bad Request . For more information, see Checking object - // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you use + // the SDK. This header will not provide any additional functionality if you don't + // use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request . For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3 // ignores any provided ChecksumAlgorithm parameter. ChecksumAlgorithm types.ChecksumAlgorithm @@ -93,14 +90,19 @@ type PutBucketCorsInput struct { // Amazon Web Services SDKs, this field is calculated automatically. ContentMD5 *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *PutBucketCorsInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type PutBucketCorsOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -109,6 +111,9 @@ type PutBucketCorsOutput struct { } func (c *Client) addOperationPutBucketCorsMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutBucketCors{}, middleware.After) if err != nil { return err @@ -117,6 +122,10 @@ func (c *Client) addOperationPutBucketCorsMiddlewares(stack *middleware.Stack, o if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutBucketCors"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -138,9 +147,6 @@ func (c *Client) addOperationPutBucketCorsMiddlewares(stack *middleware.Stack, o if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -156,10 +162,10 @@ func (c *Client) addOperationPutBucketCorsMiddlewares(stack *middleware.Stack, o if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutBucketCorsResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutBucketCorsValidationMiddleware(stack); err != nil { @@ -192,12 +198,15 @@ func (c *Client) addOperationPutBucketCorsMiddlewares(stack *middleware.Stack, o if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { return err } + if err = s3cust.AddExpressDefaultChecksumMiddleware(stack); err != nil { + return err + } return nil } @@ -212,7 +221,6 @@ func newServiceMetadataMiddleware_opPutBucketCors(region string) *awsmiddleware. return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutBucketCors", } } @@ -262,139 +270,3 @@ func addPutBucketCorsUpdateEndpoint(stack *middleware.Stack, options Options) er DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutBucketCorsResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutBucketCorsResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutBucketCorsResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutBucketCorsInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutBucketCorsResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutBucketCorsResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketEncryption.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketEncryption.go index ef1091961..615e98a3d 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketEncryption.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketEncryption.go @@ -4,29 +4,26 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// This action uses the encryption subresource to configure default encryption and -// Amazon S3 Bucket Keys for an existing bucket. By default, all buckets have a -// default encryption configuration that uses server-side encryption with Amazon S3 -// managed keys (SSE-S3). You can optionally configure default encryption for a -// bucket by using server-side encryption with Key Management Service (KMS) keys -// (SSE-KMS) or dual-layer server-side encryption with Amazon Web Services KMS keys -// (DSSE-KMS). If you specify default encryption by using SSE-KMS, you can also -// configure Amazon S3 Bucket Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) +// This operation is not supported by directory buckets. This action uses the +// encryption subresource to configure default encryption and Amazon S3 Bucket Keys +// for an existing bucket. By default, all buckets have a default encryption +// configuration that uses server-side encryption with Amazon S3 managed keys +// (SSE-S3). You can optionally configure default encryption for a bucket by using +// server-side encryption with Key Management Service (KMS) keys (SSE-KMS) or +// dual-layer server-side encryption with Amazon Web Services KMS keys (DSSE-KMS). +// If you specify default encryption by using SSE-KMS, you can also configure +// Amazon S3 Bucket Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) // . If you use PutBucketEncryption to set your default bucket encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) // to SSE-KMS, you should verify that your KMS key ID is correct. Amazon S3 does // not validate the KMS key ID provided in PutBucketEncryption requests. This @@ -76,12 +73,12 @@ type PutBucketEncryptionInput struct { // This member is required. ServerSideEncryptionConfiguration *types.ServerSideEncryptionConfiguration - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not using - // the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the - // HTTP status code 400 Bad Request . For more information, see Checking object - // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you use + // the SDK. This header will not provide any additional functionality if you don't + // use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request . For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3 // ignores any provided ChecksumAlgorithm parameter. ChecksumAlgorithm types.ChecksumAlgorithm @@ -92,14 +89,19 @@ type PutBucketEncryptionInput struct { // automatically. ContentMD5 *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *PutBucketEncryptionInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type PutBucketEncryptionOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -108,6 +110,9 @@ type PutBucketEncryptionOutput struct { } func (c *Client) addOperationPutBucketEncryptionMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutBucketEncryption{}, middleware.After) if err != nil { return err @@ -116,6 +121,10 @@ func (c *Client) addOperationPutBucketEncryptionMiddlewares(stack *middleware.St if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutBucketEncryption"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -137,9 +146,6 @@ func (c *Client) addOperationPutBucketEncryptionMiddlewares(stack *middleware.St if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -155,10 +161,10 @@ func (c *Client) addOperationPutBucketEncryptionMiddlewares(stack *middleware.St if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutBucketEncryptionResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutBucketEncryptionValidationMiddleware(stack); err != nil { @@ -191,12 +197,15 @@ func (c *Client) addOperationPutBucketEncryptionMiddlewares(stack *middleware.St if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { return err } + if err = s3cust.AddExpressDefaultChecksumMiddleware(stack); err != nil { + return err + } return nil } @@ -211,7 +220,6 @@ func newServiceMetadataMiddleware_opPutBucketEncryption(region string) *awsmiddl return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutBucketEncryption", } } @@ -261,139 +269,3 @@ func addPutBucketEncryptionUpdateEndpoint(stack *middleware.Stack, options Optio DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutBucketEncryptionResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutBucketEncryptionResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutBucketEncryptionResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutBucketEncryptionInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutBucketEncryptionResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutBucketEncryptionResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketIntelligentTieringConfiguration.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketIntelligentTieringConfiguration.go index d6725e64b..a5f8fc7ad 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketIntelligentTieringConfiguration.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketIntelligentTieringConfiguration.go @@ -4,22 +4,19 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Puts a S3 Intelligent-Tiering configuration to the specified bucket. You can -// have up to 1,000 S3 Intelligent-Tiering configurations per bucket. The S3 +// This operation is not supported by directory buckets. Puts a S3 +// Intelligent-Tiering configuration to the specified bucket. You can have up to +// 1,000 S3 Intelligent-Tiering configurations per bucket. The S3 // Intelligent-Tiering storage class is designed to optimize storage costs by // automatically moving data to the most cost-effective storage access tier, // without performance impact or operational overhead. S3 Intelligent-Tiering @@ -84,6 +81,11 @@ type PutBucketIntelligentTieringConfigurationInput struct { noSmithyDocumentSerde } +func (in *PutBucketIntelligentTieringConfigurationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type PutBucketIntelligentTieringConfigurationOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -92,6 +94,9 @@ type PutBucketIntelligentTieringConfigurationOutput struct { } func (c *Client) addOperationPutBucketIntelligentTieringConfigurationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutBucketIntelligentTieringConfiguration{}, middleware.After) if err != nil { return err @@ -100,6 +105,10 @@ func (c *Client) addOperationPutBucketIntelligentTieringConfigurationMiddlewares if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutBucketIntelligentTieringConfiguration"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -121,9 +130,6 @@ func (c *Client) addOperationPutBucketIntelligentTieringConfigurationMiddlewares if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -139,10 +145,10 @@ func (c *Client) addOperationPutBucketIntelligentTieringConfigurationMiddlewares if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutBucketIntelligentTieringConfigurationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutBucketIntelligentTieringConfigurationValidationMiddleware(stack); err != nil { @@ -172,7 +178,7 @@ func (c *Client) addOperationPutBucketIntelligentTieringConfigurationMiddlewares if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -192,7 +198,6 @@ func newServiceMetadataMiddleware_opPutBucketIntelligentTieringConfiguration(reg return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutBucketIntelligentTieringConfiguration", } } @@ -222,139 +227,3 @@ func addPutBucketIntelligentTieringConfigurationUpdateEndpoint(stack *middleware DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutBucketIntelligentTieringConfigurationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutBucketIntelligentTieringConfigurationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutBucketIntelligentTieringConfigurationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutBucketIntelligentTieringConfigurationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutBucketIntelligentTieringConfigurationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutBucketIntelligentTieringConfigurationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketInventoryConfiguration.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketInventoryConfiguration.go index 8c7f195d5..e2d06796a 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketInventoryConfiguration.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketInventoryConfiguration.go @@ -4,33 +4,29 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// This implementation of the PUT action adds an inventory configuration -// (identified by the inventory ID) to the bucket. You can have up to 1,000 -// inventory configurations per bucket. Amazon S3 inventory generates inventories -// of the objects in the bucket on a daily or weekly basis, and the results are -// published to a flat file. The bucket that is inventoried is called the source -// bucket, and the bucket where the inventory flat file is stored is called the -// destination bucket. The destination bucket must be in the same Amazon Web -// Services Region as the source bucket. When you configure an inventory for a -// source bucket, you specify the destination bucket where you want the inventory -// to be stored, and whether to generate the inventory daily or weekly. You can -// also configure what object metadata to include and whether to inventory all -// object versions or only current versions. For more information, see Amazon S3 -// Inventory (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-inventory.html) +// This operation is not supported by directory buckets. This implementation of +// the PUT action adds an inventory configuration (identified by the inventory ID) +// to the bucket. You can have up to 1,000 inventory configurations per bucket. +// Amazon S3 inventory generates inventories of the objects in the bucket on a +// daily or weekly basis, and the results are published to a flat file. The bucket +// that is inventoried is called the source bucket, and the bucket where the +// inventory flat file is stored is called the destination bucket. The destination +// bucket must be in the same Amazon Web Services Region as the source bucket. When +// you configure an inventory for a source bucket, you specify the destination +// bucket where you want the inventory to be stored, and whether to generate the +// inventory daily or weekly. You can also configure what object metadata to +// include and whether to inventory all object versions or only current versions. +// For more information, see Amazon S3 Inventory (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-inventory.html) // in the Amazon S3 User Guide. You must create a bucket policy on the destination // bucket to grant permissions to Amazon S3 to write objects to the bucket in the // defined location. For an example policy, see Granting Permissions for Amazon S3 @@ -92,14 +88,19 @@ type PutBucketInventoryConfigurationInput struct { // This member is required. InventoryConfiguration *types.InventoryConfiguration - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *PutBucketInventoryConfigurationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type PutBucketInventoryConfigurationOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -108,6 +109,9 @@ type PutBucketInventoryConfigurationOutput struct { } func (c *Client) addOperationPutBucketInventoryConfigurationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutBucketInventoryConfiguration{}, middleware.After) if err != nil { return err @@ -116,6 +120,10 @@ func (c *Client) addOperationPutBucketInventoryConfigurationMiddlewares(stack *m if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutBucketInventoryConfiguration"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -137,9 +145,6 @@ func (c *Client) addOperationPutBucketInventoryConfigurationMiddlewares(stack *m if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -155,10 +160,10 @@ func (c *Client) addOperationPutBucketInventoryConfigurationMiddlewares(stack *m if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutBucketInventoryConfigurationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutBucketInventoryConfigurationValidationMiddleware(stack); err != nil { @@ -188,7 +193,7 @@ func (c *Client) addOperationPutBucketInventoryConfigurationMiddlewares(stack *m if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -208,7 +213,6 @@ func newServiceMetadataMiddleware_opPutBucketInventoryConfiguration(region strin return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutBucketInventoryConfiguration", } } @@ -238,139 +242,3 @@ func addPutBucketInventoryConfigurationUpdateEndpoint(stack *middleware.Stack, o DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutBucketInventoryConfigurationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutBucketInventoryConfigurationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutBucketInventoryConfigurationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutBucketInventoryConfigurationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutBucketInventoryConfigurationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutBucketInventoryConfigurationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketLifecycleConfiguration.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketLifecycleConfiguration.go index 1cebaee58..ac2b63ebb 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketLifecycleConfiguration.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketLifecycleConfiguration.go @@ -4,26 +4,23 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Creates a new lifecycle configuration for the bucket or replaces an existing -// lifecycle configuration. Keep in mind that this will overwrite an existing -// lifecycle configuration, so if you want to retain any configuration details, -// they must be included in the new lifecycle configuration. For information about -// lifecycle configuration, see Managing your storage lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html) +// This operation is not supported by directory buckets. Creates a new lifecycle +// configuration for the bucket or replaces an existing lifecycle configuration. +// Keep in mind that this will overwrite an existing lifecycle configuration, so if +// you want to retain any configuration details, they must be included in the new +// lifecycle configuration. For information about lifecycle configuration, see +// Managing your storage lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html) // . Bucket lifecycle configuration now supports specifying a lifecycle rule using // an object key name prefix, one or more object tags, or a combination of both. // Accordingly, this section describes the latest API. The previous version of the @@ -91,19 +88,19 @@ type PutBucketLifecycleConfigurationInput struct { // This member is required. Bucket *string - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not using - // the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the - // HTTP status code 400 Bad Request . For more information, see Checking object - // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you use + // the SDK. This header will not provide any additional functionality if you don't + // use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request . For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3 // ignores any provided ChecksumAlgorithm parameter. ChecksumAlgorithm types.ChecksumAlgorithm - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Container for lifecycle rules. You can add as many as 1,000 rules. @@ -112,6 +109,11 @@ type PutBucketLifecycleConfigurationInput struct { noSmithyDocumentSerde } +func (in *PutBucketLifecycleConfigurationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type PutBucketLifecycleConfigurationOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -120,6 +122,9 @@ type PutBucketLifecycleConfigurationOutput struct { } func (c *Client) addOperationPutBucketLifecycleConfigurationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutBucketLifecycleConfiguration{}, middleware.After) if err != nil { return err @@ -128,6 +133,10 @@ func (c *Client) addOperationPutBucketLifecycleConfigurationMiddlewares(stack *m if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutBucketLifecycleConfiguration"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -149,9 +158,6 @@ func (c *Client) addOperationPutBucketLifecycleConfigurationMiddlewares(stack *m if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -167,10 +173,10 @@ func (c *Client) addOperationPutBucketLifecycleConfigurationMiddlewares(stack *m if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutBucketLifecycleConfigurationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutBucketLifecycleConfigurationValidationMiddleware(stack); err != nil { @@ -203,12 +209,15 @@ func (c *Client) addOperationPutBucketLifecycleConfigurationMiddlewares(stack *m if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { return err } + if err = s3cust.AddExpressDefaultChecksumMiddleware(stack); err != nil { + return err + } return nil } @@ -223,7 +232,6 @@ func newServiceMetadataMiddleware_opPutBucketLifecycleConfiguration(region strin return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutBucketLifecycleConfiguration", } } @@ -273,139 +281,3 @@ func addPutBucketLifecycleConfigurationUpdateEndpoint(stack *middleware.Stack, o DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutBucketLifecycleConfigurationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutBucketLifecycleConfigurationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutBucketLifecycleConfigurationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutBucketLifecycleConfigurationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutBucketLifecycleConfigurationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutBucketLifecycleConfigurationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketLogging.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketLogging.go index 456288247..e69fa24c7 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketLogging.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketLogging.go @@ -4,32 +4,28 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Set the logging parameters for a bucket and to specify permissions for who can -// view and modify the logging parameters. All logs are saved to buckets in the -// same Amazon Web Services Region as the source bucket. To set the logging status -// of a bucket, you must be the bucket owner. The bucket owner is automatically -// granted FULL_CONTROL to all logs. You use the Grantee request element to grant -// access to other people. The Permissions request element specifies the kind of -// access the grantee has to the logs. If the target bucket for log delivery uses -// the bucket owner enforced setting for S3 Object Ownership, you can't use the -// Grantee request element to grant access to others. Permissions can only be -// granted using policies. For more information, see Permissions for server access -// log delivery (https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html#grant-log-delivery-permissions-general) +// This operation is not supported by directory buckets. Set the logging +// parameters for a bucket and to specify permissions for who can view and modify +// the logging parameters. All logs are saved to buckets in the same Amazon Web +// Services Region as the source bucket. To set the logging status of a bucket, you +// must be the bucket owner. The bucket owner is automatically granted FULL_CONTROL +// to all logs. You use the Grantee request element to grant access to other +// people. The Permissions request element specifies the kind of access the +// grantee has to the logs. If the target bucket for log delivery uses the bucket +// owner enforced setting for S3 Object Ownership, you can't use the Grantee +// request element to grant access to others. Permissions can only be granted using +// policies. For more information, see Permissions for server access log delivery (https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html#grant-log-delivery-permissions-general) // in the Amazon S3 User Guide. Grantee Values You can specify the person (grantee) // to whom you're assigning access rights (by using request elements) in the // following ways: @@ -79,12 +75,12 @@ type PutBucketLoggingInput struct { // This member is required. BucketLoggingStatus *types.BucketLoggingStatus - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not using - // the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the - // HTTP status code 400 Bad Request . For more information, see Checking object - // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you use + // the SDK. This header will not provide any additional functionality if you don't + // use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request . For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3 // ignores any provided ChecksumAlgorithm parameter. ChecksumAlgorithm types.ChecksumAlgorithm @@ -94,14 +90,19 @@ type PutBucketLoggingInput struct { // this field is calculated automatically. ContentMD5 *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *PutBucketLoggingInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type PutBucketLoggingOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -110,6 +111,9 @@ type PutBucketLoggingOutput struct { } func (c *Client) addOperationPutBucketLoggingMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutBucketLogging{}, middleware.After) if err != nil { return err @@ -118,6 +122,10 @@ func (c *Client) addOperationPutBucketLoggingMiddlewares(stack *middleware.Stack if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutBucketLogging"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -139,9 +147,6 @@ func (c *Client) addOperationPutBucketLoggingMiddlewares(stack *middleware.Stack if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -157,10 +162,10 @@ func (c *Client) addOperationPutBucketLoggingMiddlewares(stack *middleware.Stack if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutBucketLoggingResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutBucketLoggingValidationMiddleware(stack); err != nil { @@ -193,12 +198,15 @@ func (c *Client) addOperationPutBucketLoggingMiddlewares(stack *middleware.Stack if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { return err } + if err = s3cust.AddExpressDefaultChecksumMiddleware(stack); err != nil { + return err + } return nil } @@ -213,7 +221,6 @@ func newServiceMetadataMiddleware_opPutBucketLogging(region string) *awsmiddlewa return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutBucketLogging", } } @@ -263,139 +270,3 @@ func addPutBucketLoggingUpdateEndpoint(stack *middleware.Stack, options Options) DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutBucketLoggingResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutBucketLoggingResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutBucketLoggingResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutBucketLoggingInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutBucketLoggingResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutBucketLoggingResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketMetricsConfiguration.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketMetricsConfiguration.go index 785a1f831..099736c11 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketMetricsConfiguration.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketMetricsConfiguration.go @@ -4,29 +4,26 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Sets a metrics configuration (specified by the metrics configuration ID) for -// the bucket. You can have up to 1,000 metrics configurations per bucket. If -// you're updating an existing metrics configuration, note that this is a full -// replacement of the existing metrics configuration. If you don't include the -// elements you want to keep, they are erased. To use this operation, you must have -// permissions to perform the s3:PutMetricsConfiguration action. The bucket owner -// has this permission by default. The bucket owner can grant this permission to -// others. For more information about permissions, see Permissions Related to -// Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// This operation is not supported by directory buckets. Sets a metrics +// configuration (specified by the metrics configuration ID) for the bucket. You +// can have up to 1,000 metrics configurations per bucket. If you're updating an +// existing metrics configuration, note that this is a full replacement of the +// existing metrics configuration. If you don't include the elements you want to +// keep, they are erased. To use this operation, you must have permissions to +// perform the s3:PutMetricsConfiguration action. The bucket owner has this +// permission by default. The bucket owner can grant this permission to others. For +// more information about permissions, see Permissions Related to Bucket +// Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) // and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) // . For information about CloudWatch request metrics for Amazon S3, see // Monitoring Metrics with Amazon CloudWatch (https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html) @@ -73,14 +70,19 @@ type PutBucketMetricsConfigurationInput struct { // This member is required. MetricsConfiguration *types.MetricsConfiguration - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *PutBucketMetricsConfigurationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type PutBucketMetricsConfigurationOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -89,6 +91,9 @@ type PutBucketMetricsConfigurationOutput struct { } func (c *Client) addOperationPutBucketMetricsConfigurationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutBucketMetricsConfiguration{}, middleware.After) if err != nil { return err @@ -97,6 +102,10 @@ func (c *Client) addOperationPutBucketMetricsConfigurationMiddlewares(stack *mid if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutBucketMetricsConfiguration"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -118,9 +127,6 @@ func (c *Client) addOperationPutBucketMetricsConfigurationMiddlewares(stack *mid if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -136,10 +142,10 @@ func (c *Client) addOperationPutBucketMetricsConfigurationMiddlewares(stack *mid if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutBucketMetricsConfigurationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutBucketMetricsConfigurationValidationMiddleware(stack); err != nil { @@ -169,7 +175,7 @@ func (c *Client) addOperationPutBucketMetricsConfigurationMiddlewares(stack *mid if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -189,7 +195,6 @@ func newServiceMetadataMiddleware_opPutBucketMetricsConfiguration(region string) return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutBucketMetricsConfiguration", } } @@ -219,139 +224,3 @@ func addPutBucketMetricsConfigurationUpdateEndpoint(stack *middleware.Stack, opt DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutBucketMetricsConfigurationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutBucketMetricsConfigurationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutBucketMetricsConfigurationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutBucketMetricsConfigurationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutBucketMetricsConfigurationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutBucketMetricsConfigurationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketNotificationConfiguration.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketNotificationConfiguration.go index 098445cf4..7139f6ea6 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketNotificationConfiguration.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketNotificationConfiguration.go @@ -4,22 +4,19 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Enables notifications of specified events for a bucket. For more information -// about event notifications, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) +// This operation is not supported by directory buckets. Enables notifications of +// specified events for a bucket. For more information about event notifications, +// see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) // . Using this API, you can replace an existing notification configuration. The // configuration is an XML file that defines the event types that you want Amazon // S3 to publish and the destination where you want Amazon S3 to publish an event @@ -80,18 +77,23 @@ type PutBucketNotificationConfigurationInput struct { // This member is required. NotificationConfiguration *types.NotificationConfiguration - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Skips validation of Amazon SQS, Amazon SNS, and Lambda destinations. True or // false value. - SkipDestinationValidation bool + SkipDestinationValidation *bool noSmithyDocumentSerde } +func (in *PutBucketNotificationConfigurationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type PutBucketNotificationConfigurationOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -100,6 +102,9 @@ type PutBucketNotificationConfigurationOutput struct { } func (c *Client) addOperationPutBucketNotificationConfigurationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutBucketNotificationConfiguration{}, middleware.After) if err != nil { return err @@ -108,6 +113,10 @@ func (c *Client) addOperationPutBucketNotificationConfigurationMiddlewares(stack if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutBucketNotificationConfiguration"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -129,9 +138,6 @@ func (c *Client) addOperationPutBucketNotificationConfigurationMiddlewares(stack if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -147,10 +153,10 @@ func (c *Client) addOperationPutBucketNotificationConfigurationMiddlewares(stack if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutBucketNotificationConfigurationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutBucketNotificationConfigurationValidationMiddleware(stack); err != nil { @@ -180,7 +186,7 @@ func (c *Client) addOperationPutBucketNotificationConfigurationMiddlewares(stack if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -200,7 +206,6 @@ func newServiceMetadataMiddleware_opPutBucketNotificationConfiguration(region st return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutBucketNotificationConfiguration", } } @@ -230,139 +235,3 @@ func addPutBucketNotificationConfigurationUpdateEndpoint(stack *middleware.Stack DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutBucketNotificationConfigurationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutBucketNotificationConfigurationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutBucketNotificationConfigurationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutBucketNotificationConfigurationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutBucketNotificationConfigurationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutBucketNotificationConfigurationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketOwnershipControls.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketOwnershipControls.go index 6944f1b8b..f89f86d65 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketOwnershipControls.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketOwnershipControls.go @@ -4,24 +4,21 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Creates or modifies OwnershipControls for an Amazon S3 bucket. To use this -// operation, you must have the s3:PutBucketOwnershipControls permission. For more -// information about Amazon S3 permissions, see Specifying permissions in a policy (https://docs.aws.amazon.com/AmazonS3/latest/user-guide/using-with-s3-actions.html) +// This operation is not supported by directory buckets. Creates or modifies +// OwnershipControls for an Amazon S3 bucket. To use this operation, you must have +// the s3:PutBucketOwnershipControls permission. For more information about Amazon +// S3 permissions, see Specifying permissions in a policy (https://docs.aws.amazon.com/AmazonS3/latest/user-guide/using-with-s3-actions.html) // . For information about Amazon S3 Object Ownership, see Using object ownership (https://docs.aws.amazon.com/AmazonS3/latest/user-guide/about-object-ownership.html) // . The following operations are related to PutBucketOwnershipControls : // - GetBucketOwnershipControls @@ -59,14 +56,19 @@ type PutBucketOwnershipControlsInput struct { // this field is calculated automatically. ContentMD5 *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *PutBucketOwnershipControlsInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type PutBucketOwnershipControlsOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -75,6 +77,9 @@ type PutBucketOwnershipControlsOutput struct { } func (c *Client) addOperationPutBucketOwnershipControlsMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutBucketOwnershipControls{}, middleware.After) if err != nil { return err @@ -83,6 +88,10 @@ func (c *Client) addOperationPutBucketOwnershipControlsMiddlewares(stack *middle if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutBucketOwnershipControls"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -104,9 +113,6 @@ func (c *Client) addOperationPutBucketOwnershipControlsMiddlewares(stack *middle if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -122,10 +128,10 @@ func (c *Client) addOperationPutBucketOwnershipControlsMiddlewares(stack *middle if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutBucketOwnershipControlsResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutBucketOwnershipControlsValidationMiddleware(stack); err != nil { @@ -158,12 +164,15 @@ func (c *Client) addOperationPutBucketOwnershipControlsMiddlewares(stack *middle if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { return err } + if err = s3cust.AddExpressDefaultChecksumMiddleware(stack); err != nil { + return err + } return nil } @@ -178,7 +187,6 @@ func newServiceMetadataMiddleware_opPutBucketOwnershipControls(region string) *a return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutBucketOwnershipControls", } } @@ -218,139 +226,3 @@ func addPutBucketOwnershipControlsUpdateEndpoint(stack *middleware.Stack, option DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutBucketOwnershipControlsResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutBucketOwnershipControlsResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutBucketOwnershipControlsResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutBucketOwnershipControlsInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutBucketOwnershipControlsResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutBucketOwnershipControlsResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketPolicy.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketPolicy.go index 999c38a7b..b3da186ac 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketPolicy.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketPolicy.go @@ -4,37 +4,57 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Applies an Amazon S3 bucket policy to an Amazon S3 bucket. If you are using an -// identity other than the root user of the Amazon Web Services account that owns -// the bucket, the calling identity must have the PutBucketPolicy permissions on -// the specified bucket and belong to the bucket owner's account in order to use -// this operation. If you don't have PutBucketPolicy permissions, Amazon S3 -// returns a 403 Access Denied error. If you have the correct permissions, but -// you're not using an identity that belongs to the bucket owner's account, Amazon -// S3 returns a 405 Method Not Allowed error. To ensure that bucket owners don't +// Applies an Amazon S3 bucket policy to an Amazon S3 bucket. Directory buckets - +// For directory buckets, you must make requests for this API operation to the +// Regional endpoint. These endpoints support path-style requests in the format +// https://s3express-control.region_code.amazonaws.com/bucket-name . +// Virtual-hosted-style requests aren't supported. For more information, see +// Regional and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. Permissions If you are using an identity other than +// the root user of the Amazon Web Services account that owns the bucket, the +// calling identity must both have the PutBucketPolicy permissions on the +// specified bucket and belong to the bucket owner's account in order to use this +// operation. If you don't have PutBucketPolicy permissions, Amazon S3 returns a +// 403 Access Denied error. If you have the correct permissions, but you're not +// using an identity that belongs to the bucket owner's account, Amazon S3 returns +// a 405 Method Not Allowed error. To ensure that bucket owners don't // inadvertently lock themselves out of their own buckets, the root principal in a // bucket owner's Amazon Web Services account can perform the GetBucketPolicy , // PutBucketPolicy , and DeleteBucketPolicy API actions, even if their bucket // policy explicitly denies the root principal's access. Bucket owner root // principals can only be blocked from performing these API actions by VPC endpoint -// policies and Amazon Web Services Organizations policies. For more information, -// see Bucket policy examples (https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) -// . The following operations are related to PutBucketPolicy : +// policies and Amazon Web Services Organizations policies. +// - General purpose bucket permissions - The s3:PutBucketPolicy permission is +// required in a policy. For more information about general purpose buckets bucket +// policies, see Using Bucket Policies and User Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html) +// in the Amazon S3 User Guide. +// - Directory bucket permissions - To grant access to this API operation, you +// must have the s3express:PutBucketPolicy permission in an IAM identity-based +// policy instead of a bucket policy. Cross-account access to this API operation +// isn't supported. This operation can only be performed by the Amazon Web Services +// account that owns the resource. For more information about directory bucket +// policies and permissions, see Amazon Web Services Identity and Access +// Management (IAM) for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) +// in the Amazon S3 User Guide. +// +// Example bucket policies General purpose buckets example bucket policies - See +// Bucket policy examples (https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) +// in the Amazon S3 User Guide. Directory bucket example bucket policies - See +// Example bucket policies for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) +// in the Amazon S3 User Guide. HTTP Host header syntax Directory buckets - The +// HTTP Host header syntax is s3express-control.region.amazonaws.com . The +// following operations are related to PutBucketPolicy : // - CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) // - DeleteBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html) func (c *Client) PutBucketPolicy(ctx context.Context, params *PutBucketPolicyInput, optFns ...func(*Options)) (*PutBucketPolicyOutput, error) { @@ -54,43 +74,72 @@ func (c *Client) PutBucketPolicy(ctx context.Context, params *PutBucketPolicyInp type PutBucketPolicyInput struct { - // The name of the bucket. + // The name of the bucket. Directory buckets - When you use this operation with a + // directory bucket, you must use path-style requests in the format + // https://s3express-control.region_code.amazonaws.com/bucket-name . + // Virtual-hosted-style requests aren't supported. Directory bucket names must be + // unique in the chosen Availability Zone. Bucket names must also follow the format + // bucket_base_name--az_id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az2--x-s3 + // ). For information about bucket naming restrictions, see Directory bucket + // naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide // // This member is required. Bucket *string - // The bucket policy as a JSON document. + // The bucket policy as a JSON document. For directory buckets, the only IAM + // action supported in the bucket policy is s3express:CreateSession . // // This member is required. Policy *string - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not using - // the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the - // HTTP status code 400 Bad Request . For more information, see Checking object - // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) - // in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3 - // ignores any provided ChecksumAlgorithm parameter. + // Indicates the algorithm used to create the checksum for the object when you use + // the SDK. This header will not provide any additional functionality if you don't + // use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum-algorithm or x-amz-trailer header sent. Otherwise, Amazon S3 + // fails the request with the HTTP status code 400 Bad Request . For the + // x-amz-checksum-algorithm header, replace algorithm with the supported + // algorithm from the following list: + // - CRC32 + // - CRC32C + // - SHA1 + // - SHA256 + // For more information, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. If the individual checksum value you provide + // through x-amz-checksum-algorithm doesn't match the checksum algorithm you set + // through x-amz-sdk-checksum-algorithm , Amazon S3 ignores any provided + // ChecksumAlgorithm parameter and uses the checksum algorithm that matches the + // provided value in x-amz-checksum-algorithm . For directory buckets, when you + // use Amazon Web Services SDKs, CRC32 is the default checksum algorithm that's + // used for performance. ChecksumAlgorithm types.ChecksumAlgorithm // Set this parameter to true to confirm that you want to remove your permissions - // to change this bucket policy in the future. - ConfirmRemoveSelfBucketAccess bool + // to change this bucket policy in the future. This functionality is not supported + // for directory buckets. + ConfirmRemoveSelfBucketAccess *bool // The MD5 hash of the request body. For requests made using the Amazon Web // Services Command Line Interface (CLI) or Amazon Web Services SDKs, this field is - // calculated automatically. + // calculated automatically. This functionality is not supported for directory + // buckets. ContentMD5 *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). For directory buckets, this header + // is not supported in this API operation. If you specify this header, the request + // fails with the HTTP status code 501 Not Implemented . ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *PutBucketPolicyInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type PutBucketPolicyOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -99,6 +148,9 @@ type PutBucketPolicyOutput struct { } func (c *Client) addOperationPutBucketPolicyMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutBucketPolicy{}, middleware.After) if err != nil { return err @@ -107,6 +159,10 @@ func (c *Client) addOperationPutBucketPolicyMiddlewares(stack *middleware.Stack, if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutBucketPolicy"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -128,9 +184,6 @@ func (c *Client) addOperationPutBucketPolicyMiddlewares(stack *middleware.Stack, if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -146,10 +199,10 @@ func (c *Client) addOperationPutBucketPolicyMiddlewares(stack *middleware.Stack, if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutBucketPolicyResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutBucketPolicyValidationMiddleware(stack); err != nil { @@ -182,12 +235,15 @@ func (c *Client) addOperationPutBucketPolicyMiddlewares(stack *middleware.Stack, if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { return err } + if err = s3cust.AddExpressDefaultChecksumMiddleware(stack); err != nil { + return err + } return nil } @@ -202,7 +258,6 @@ func newServiceMetadataMiddleware_opPutBucketPolicy(region string) *awsmiddlewar return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutBucketPolicy", } } @@ -252,139 +307,3 @@ func addPutBucketPolicyUpdateEndpoint(stack *middleware.Stack, options Options) DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutBucketPolicyResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutBucketPolicyResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutBucketPolicyResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutBucketPolicyInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutBucketPolicyResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutBucketPolicyResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketReplication.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketReplication.go index d44e96bc8..ddf58ad88 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketReplication.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketReplication.go @@ -4,23 +4,19 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Creates a replication configuration or replaces an existing one. For more -// information, see Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) +// This operation is not supported by directory buckets. Creates a replication +// configuration or replaces an existing one. For more information, see Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) // in the Amazon S3 User Guide. Specify the replication configuration in the // request body. In the replication configuration, you provide the name of the // destination bucket or buckets where you want Amazon S3 to replicate objects, the @@ -88,12 +84,12 @@ type PutBucketReplicationInput struct { // This member is required. ReplicationConfiguration *types.ReplicationConfiguration - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not using - // the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the - // HTTP status code 400 Bad Request . For more information, see Checking object - // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you use + // the SDK. This header will not provide any additional functionality if you don't + // use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request . For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3 // ignores any provided ChecksumAlgorithm parameter. ChecksumAlgorithm types.ChecksumAlgorithm @@ -105,9 +101,9 @@ type PutBucketReplicationInput struct { // or Amazon Web Services SDKs, this field is calculated automatically. ContentMD5 *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // A token to allow Object Lock to be enabled for an existing bucket. @@ -116,6 +112,11 @@ type PutBucketReplicationInput struct { noSmithyDocumentSerde } +func (in *PutBucketReplicationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type PutBucketReplicationOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -124,6 +125,9 @@ type PutBucketReplicationOutput struct { } func (c *Client) addOperationPutBucketReplicationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutBucketReplication{}, middleware.After) if err != nil { return err @@ -132,6 +136,10 @@ func (c *Client) addOperationPutBucketReplicationMiddlewares(stack *middleware.S if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutBucketReplication"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -153,9 +161,6 @@ func (c *Client) addOperationPutBucketReplicationMiddlewares(stack *middleware.S if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -171,10 +176,10 @@ func (c *Client) addOperationPutBucketReplicationMiddlewares(stack *middleware.S if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutBucketReplicationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutBucketReplicationValidationMiddleware(stack); err != nil { @@ -207,12 +212,15 @@ func (c *Client) addOperationPutBucketReplicationMiddlewares(stack *middleware.S if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { return err } + if err = s3cust.AddExpressDefaultChecksumMiddleware(stack); err != nil { + return err + } return nil } @@ -227,7 +235,6 @@ func newServiceMetadataMiddleware_opPutBucketReplication(region string) *awsmidd return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutBucketReplication", } } @@ -277,139 +284,3 @@ func addPutBucketReplicationUpdateEndpoint(stack *middleware.Stack, options Opti DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutBucketReplicationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutBucketReplicationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutBucketReplicationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutBucketReplicationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutBucketReplicationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutBucketReplicationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketRequestPayment.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketRequestPayment.go index 427b7b103..d1dc5a765 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketRequestPayment.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketRequestPayment.go @@ -4,25 +4,22 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Sets the request payment configuration for a bucket. By default, the bucket -// owner pays for downloads from the bucket. This configuration parameter enables -// the bucket owner (only) to specify that the person requesting the download will -// be charged for the download. For more information, see Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html) +// This operation is not supported by directory buckets. Sets the request payment +// configuration for a bucket. By default, the bucket owner pays for downloads from +// the bucket. This configuration parameter enables the bucket owner (only) to +// specify that the person requesting the download will be charged for the +// download. For more information, see Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html) // . The following operations are related to PutBucketRequestPayment : // - CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) // - GetBucketRequestPayment (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketRequestPayment.html) @@ -53,12 +50,12 @@ type PutBucketRequestPaymentInput struct { // This member is required. RequestPaymentConfiguration *types.RequestPaymentConfiguration - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not using - // the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the - // HTTP status code 400 Bad Request . For more information, see Checking object - // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you use + // the SDK. This header will not provide any additional functionality if you don't + // use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request . For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3 // ignores any provided ChecksumAlgorithm parameter. ChecksumAlgorithm types.ChecksumAlgorithm @@ -70,14 +67,19 @@ type PutBucketRequestPaymentInput struct { // or Amazon Web Services SDKs, this field is calculated automatically. ContentMD5 *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *PutBucketRequestPaymentInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type PutBucketRequestPaymentOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -86,6 +88,9 @@ type PutBucketRequestPaymentOutput struct { } func (c *Client) addOperationPutBucketRequestPaymentMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutBucketRequestPayment{}, middleware.After) if err != nil { return err @@ -94,6 +99,10 @@ func (c *Client) addOperationPutBucketRequestPaymentMiddlewares(stack *middlewar if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutBucketRequestPayment"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -115,9 +124,6 @@ func (c *Client) addOperationPutBucketRequestPaymentMiddlewares(stack *middlewar if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -133,10 +139,10 @@ func (c *Client) addOperationPutBucketRequestPaymentMiddlewares(stack *middlewar if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutBucketRequestPaymentResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutBucketRequestPaymentValidationMiddleware(stack); err != nil { @@ -169,12 +175,15 @@ func (c *Client) addOperationPutBucketRequestPaymentMiddlewares(stack *middlewar if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { return err } + if err = s3cust.AddExpressDefaultChecksumMiddleware(stack); err != nil { + return err + } return nil } @@ -189,7 +198,6 @@ func newServiceMetadataMiddleware_opPutBucketRequestPayment(region string) *awsm return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutBucketRequestPayment", } } @@ -239,139 +247,3 @@ func addPutBucketRequestPaymentUpdateEndpoint(stack *middleware.Stack, options O DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutBucketRequestPaymentResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutBucketRequestPaymentResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutBucketRequestPaymentResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutBucketRequestPaymentInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutBucketRequestPaymentResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutBucketRequestPaymentResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketTagging.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketTagging.go index 9792ad38e..725facc11 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketTagging.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketTagging.go @@ -4,29 +4,26 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Sets the tags for a bucket. Use tags to organize your Amazon Web Services bill -// to reflect your own cost structure. To do this, sign up to get your Amazon Web -// Services account bill with tag key values included. Then, to see the cost of -// combined resources, organize your billing information according to resources -// with the same tag key values. For example, you can tag several resources with a -// specific application name, and then organize your billing information to see the -// total cost of that application across several services. For more information, -// see Cost Allocation and Tagging (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) +// This operation is not supported by directory buckets. Sets the tags for a +// bucket. Use tags to organize your Amazon Web Services bill to reflect your own +// cost structure. To do this, sign up to get your Amazon Web Services account bill +// with tag key values included. Then, to see the cost of combined resources, +// organize your billing information according to resources with the same tag key +// values. For example, you can tag several resources with a specific application +// name, and then organize your billing information to see the total cost of that +// application across several services. For more information, see Cost Allocation +// and Tagging (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) // and Using Cost Allocation in Amazon S3 Bucket Tags (https://docs.aws.amazon.com/AmazonS3/latest/userguide/CostAllocTagging.html) // . When this operation sets the tags for a bucket, it will overwrite any current // tags the bucket already has. You cannot use this operation to add tags to an @@ -78,12 +75,12 @@ type PutBucketTaggingInput struct { // This member is required. Tagging *types.Tagging - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not using - // the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the - // HTTP status code 400 Bad Request . For more information, see Checking object - // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you use + // the SDK. This header will not provide any additional functionality if you don't + // use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request . For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3 // ignores any provided ChecksumAlgorithm parameter. ChecksumAlgorithm types.ChecksumAlgorithm @@ -95,14 +92,19 @@ type PutBucketTaggingInput struct { // or Amazon Web Services SDKs, this field is calculated automatically. ContentMD5 *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *PutBucketTaggingInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type PutBucketTaggingOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -111,6 +113,9 @@ type PutBucketTaggingOutput struct { } func (c *Client) addOperationPutBucketTaggingMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutBucketTagging{}, middleware.After) if err != nil { return err @@ -119,6 +124,10 @@ func (c *Client) addOperationPutBucketTaggingMiddlewares(stack *middleware.Stack if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutBucketTagging"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -140,9 +149,6 @@ func (c *Client) addOperationPutBucketTaggingMiddlewares(stack *middleware.Stack if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -158,10 +164,10 @@ func (c *Client) addOperationPutBucketTaggingMiddlewares(stack *middleware.Stack if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutBucketTaggingResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutBucketTaggingValidationMiddleware(stack); err != nil { @@ -194,12 +200,15 @@ func (c *Client) addOperationPutBucketTaggingMiddlewares(stack *middleware.Stack if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { return err } + if err = s3cust.AddExpressDefaultChecksumMiddleware(stack); err != nil { + return err + } return nil } @@ -214,7 +223,6 @@ func newServiceMetadataMiddleware_opPutBucketTagging(region string) *awsmiddlewa return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutBucketTagging", } } @@ -264,139 +272,3 @@ func addPutBucketTaggingUpdateEndpoint(stack *middleware.Stack, options Options) DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutBucketTaggingResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutBucketTaggingResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutBucketTaggingResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutBucketTaggingInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutBucketTaggingResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutBucketTaggingResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketVersioning.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketVersioning.go index 9e3ddf76b..c2b751ab7 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketVersioning.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketVersioning.go @@ -4,27 +4,24 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Sets the versioning state of an existing bucket. You can set the versioning -// state with one of the following values: Enabled—Enables versioning for the -// objects in the bucket. All objects added to the bucket receive a unique version -// ID. Suspended—Disables versioning for the objects in the bucket. All objects -// added to the bucket receive the version ID null. If the versioning state has -// never been set on a bucket, it has no versioning state; a GetBucketVersioning (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html) +// This operation is not supported by directory buckets. Sets the versioning state +// of an existing bucket. You can set the versioning state with one of the +// following values: Enabled—Enables versioning for the objects in the bucket. All +// objects added to the bucket receive a unique version ID. Suspended—Disables +// versioning for the objects in the bucket. All objects added to the bucket +// receive the version ID null. If the versioning state has never been set on a +// bucket, it has no versioning state; a GetBucketVersioning (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html) // request does not return a versioning state value. In order to enable MFA Delete, // you must be the bucket owner. If you are the bucket owner and want to enable MFA // Delete in the bucket versioning configuration, you must include the x-amz-mfa @@ -67,12 +64,12 @@ type PutBucketVersioningInput struct { // This member is required. VersioningConfiguration *types.VersioningConfiguration - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not using - // the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the - // HTTP status code 400 Bad Request . For more information, see Checking object - // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you use + // the SDK. This header will not provide any additional functionality if you don't + // use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request . For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3 // ignores any provided ChecksumAlgorithm parameter. ChecksumAlgorithm types.ChecksumAlgorithm @@ -84,9 +81,9 @@ type PutBucketVersioningInput struct { // or Amazon Web Services SDKs, this field is calculated automatically. ContentMD5 *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // The concatenation of the authentication device's serial number, a space, and @@ -96,6 +93,11 @@ type PutBucketVersioningInput struct { noSmithyDocumentSerde } +func (in *PutBucketVersioningInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type PutBucketVersioningOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -104,6 +106,9 @@ type PutBucketVersioningOutput struct { } func (c *Client) addOperationPutBucketVersioningMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutBucketVersioning{}, middleware.After) if err != nil { return err @@ -112,6 +117,10 @@ func (c *Client) addOperationPutBucketVersioningMiddlewares(stack *middleware.St if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutBucketVersioning"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -133,9 +142,6 @@ func (c *Client) addOperationPutBucketVersioningMiddlewares(stack *middleware.St if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -151,10 +157,10 @@ func (c *Client) addOperationPutBucketVersioningMiddlewares(stack *middleware.St if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutBucketVersioningResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutBucketVersioningValidationMiddleware(stack); err != nil { @@ -187,12 +193,15 @@ func (c *Client) addOperationPutBucketVersioningMiddlewares(stack *middleware.St if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { return err } + if err = s3cust.AddExpressDefaultChecksumMiddleware(stack); err != nil { + return err + } return nil } @@ -207,7 +216,6 @@ func newServiceMetadataMiddleware_opPutBucketVersioning(region string) *awsmiddl return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutBucketVersioning", } } @@ -257,139 +265,3 @@ func addPutBucketVersioningUpdateEndpoint(stack *middleware.Stack, options Optio DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutBucketVersioningResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutBucketVersioningResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutBucketVersioningResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutBucketVersioningInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutBucketVersioningResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutBucketVersioningResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketWebsite.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketWebsite.go index e21b4c171..275554530 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketWebsite.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutBucketWebsite.go @@ -4,26 +4,22 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Sets the configuration of the website that is specified in the website -// subresource. To configure a bucket as a website, you can add this subresource on -// the bucket with website configuration information such as the file name of the -// index document and any redirect rules. For more information, see Hosting -// Websites on Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) +// This operation is not supported by directory buckets. Sets the configuration of +// the website that is specified in the website subresource. To configure a bucket +// as a website, you can add this subresource on the bucket with website +// configuration information such as the file name of the index document and any +// redirect rules. For more information, see Hosting Websites on Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) // . This PUT action requires the S3:PutBucketWebsite permission. By default, only // the bucket owner can configure the website attached to a bucket; however, bucket // owners can allow other users to set the website configuration by writing a @@ -89,12 +85,12 @@ type PutBucketWebsiteInput struct { // This member is required. WebsiteConfiguration *types.WebsiteConfiguration - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not using - // the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the - // HTTP status code 400 Bad Request . For more information, see Checking object - // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you use + // the SDK. This header will not provide any additional functionality if you don't + // use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request . For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3 // ignores any provided ChecksumAlgorithm parameter. ChecksumAlgorithm types.ChecksumAlgorithm @@ -106,14 +102,19 @@ type PutBucketWebsiteInput struct { // or Amazon Web Services SDKs, this field is calculated automatically. ContentMD5 *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *PutBucketWebsiteInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type PutBucketWebsiteOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -122,6 +123,9 @@ type PutBucketWebsiteOutput struct { } func (c *Client) addOperationPutBucketWebsiteMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutBucketWebsite{}, middleware.After) if err != nil { return err @@ -130,6 +134,10 @@ func (c *Client) addOperationPutBucketWebsiteMiddlewares(stack *middleware.Stack if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutBucketWebsite"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -151,9 +159,6 @@ func (c *Client) addOperationPutBucketWebsiteMiddlewares(stack *middleware.Stack if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -169,10 +174,10 @@ func (c *Client) addOperationPutBucketWebsiteMiddlewares(stack *middleware.Stack if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutBucketWebsiteResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutBucketWebsiteValidationMiddleware(stack); err != nil { @@ -205,12 +210,15 @@ func (c *Client) addOperationPutBucketWebsiteMiddlewares(stack *middleware.Stack if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { return err } + if err = s3cust.AddExpressDefaultChecksumMiddleware(stack); err != nil { + return err + } return nil } @@ -225,7 +233,6 @@ func newServiceMetadataMiddleware_opPutBucketWebsite(region string) *awsmiddlewa return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutBucketWebsite", } } @@ -275,139 +282,3 @@ func addPutBucketWebsiteUpdateEndpoint(stack *middleware.Stack, options Options) DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutBucketWebsiteResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutBucketWebsiteResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutBucketWebsiteResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutBucketWebsiteInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutBucketWebsiteResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutBucketWebsiteResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObject.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObject.go index 51c2f1fd4..1bade82e9 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObject.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObject.go @@ -4,89 +4,88 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" "io" "time" ) -// Adds an object to a bucket. You must have WRITE permissions on a bucket to add -// an object to it. Amazon S3 never adds partial objects; if you receive a success -// response, Amazon S3 added the entire object to the bucket. You cannot use -// PutObject to only update a single piece of metadata for an existing object. You -// must put the entire object with updated metadata if you want to update some -// values. Amazon S3 is a distributed system. If it receives multiple write -// requests for the same object simultaneously, it overwrites all but the last -// object written. To prevent objects from being deleted or overwritten, you can -// use Amazon S3 Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock.html) -// . To ensure that data is not corrupted traversing the network, use the -// Content-MD5 header. When you use this header, Amazon S3 checks the object -// against the provided MD5 value and, if they do not match, returns an error. -// Additionally, you can calculate the MD5 while putting an object to Amazon S3 and -// compare the returned ETag to the calculated MD5 value. -// - To successfully complete the PutObject request, you must have the -// s3:PutObject in your IAM permissions. -// - To successfully change the objects acl of your PutObject request, you must -// have the s3:PutObjectAcl in your IAM permissions. -// - To successfully set the tag-set with your PutObject request, you must have -// the s3:PutObjectTagging in your IAM permissions. -// - The Content-MD5 header is required for any request to upload an object with -// a retention period configured using Amazon S3 Object Lock. For more information -// about Amazon S3 Object Lock, see Amazon S3 Object Lock Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html) +// Adds an object to a bucket. +// - Amazon S3 never adds partial objects; if you receive a success response, +// Amazon S3 added the entire object to the bucket. You cannot use PutObject to +// only update a single piece of metadata for an existing object. You must put the +// entire object with updated metadata if you want to update some values. +// - If your bucket uses the bucket owner enforced setting for Object Ownership, +// ACLs are disabled and no longer affect permissions. All objects written to the +// bucket by any account will be owned by the bucket owner. +// - Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support +// virtual-hosted-style requests in the format +// https://bucket_name.s3express-az_id.region.amazonaws.com/key-name . +// Path-style requests are not supported. For more information, see Regional and +// Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) // in the Amazon S3 User Guide. // -// You have four mutually exclusive options to protect data using server-side -// encryption in Amazon S3, depending on how you choose to manage the encryption -// keys. Specifically, the encryption key options are Amazon S3 managed keys -// (SSE-S3), Amazon Web Services KMS keys (SSE-KMS or DSSE-KMS), and -// customer-provided keys (SSE-C). Amazon S3 encrypts data with server-side -// encryption by using Amazon S3 managed keys (SSE-S3) by default. You can -// optionally tell Amazon S3 to encrypt data at rest by using server-side -// encryption with other key options. For more information, see Using Server-Side -// Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) -// . When adding a new object, you can use headers to grant ACL-based permissions -// to individual Amazon Web Services accounts or to predefined groups defined by -// Amazon S3. These permissions are then added to the ACL on the object. By -// default, all objects are private. Only the owner has full access control. For -// more information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) -// and Managing ACLs Using the REST API (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-using-rest-api.html) -// . If the bucket that you're uploading objects to uses the bucket owner enforced -// setting for S3 Object Ownership, ACLs are disabled and no longer affect -// permissions. Buckets that use this setting only accept PUT requests that don't -// specify an ACL or PUT requests that specify bucket owner full control ACLs, such -// as the bucket-owner-full-control canned ACL or an equivalent form of this ACL -// expressed in the XML format. PUT requests that contain other ACLs (for example, -// custom grants to certain Amazon Web Services accounts) fail and return a 400 -// error with the error code AccessControlListNotSupported . For more information, -// see Controlling ownership of objects and disabling ACLs (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) -// in the Amazon S3 User Guide. If your bucket uses the bucket owner enforced -// setting for Object Ownership, all objects written to the bucket by any account -// will be owned by the bucket owner. By default, Amazon S3 uses the STANDARD -// Storage Class to store newly created objects. The STANDARD storage class -// provides high durability and high availability. Depending on performance needs, -// you can specify a different Storage Class. Amazon S3 on Outposts only uses the -// OUTPOSTS Storage Class. For more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) -// in the Amazon S3 User Guide. If you enable versioning for a bucket, Amazon S3 -// automatically generates a unique version ID for the object being stored. Amazon -// S3 returns this ID in the response. When you enable versioning for a bucket, if -// Amazon S3 receives multiple write requests for the same object simultaneously, -// it stores all of the objects. For more information about versioning, see Adding -// Objects to Versioning-Enabled Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/AddingObjectstoVersioningEnabledBuckets.html) -// . For information about returning the versioning state of a bucket, see -// GetBucketVersioning (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html) -// . For more information about related Amazon S3 APIs, see the following: +// Amazon S3 is a distributed system. If it receives multiple write requests for +// the same object simultaneously, it overwrites all but the last object written. +// However, Amazon S3 provides features that can modify this behavior: +// - S3 Object Lock - To prevent objects from being deleted or overwritten, you +// can use Amazon S3 Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock.html) +// in the Amazon S3 User Guide. This functionality is not supported for directory +// buckets. +// - S3 Versioning - When you enable versioning for a bucket, if Amazon S3 +// receives multiple write requests for the same object simultaneously, it stores +// all versions of the objects. For each write request that is made to the same +// object, Amazon S3 automatically generates a unique version ID of that object +// being stored in Amazon S3. You can retrieve, replace, or delete any version of +// the object. For more information about versioning, see Adding Objects to +// Versioning-Enabled Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/AddingObjectstoVersioningEnabledBuckets.html) +// in the Amazon S3 User Guide. For information about returning the versioning +// state of a bucket, see GetBucketVersioning (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html) +// . This functionality is not supported for directory buckets. +// +// Permissions +// - General purpose bucket permissions - The following permissions are required +// in your policies when your PutObject request includes specific headers. +// - s3:PutObject - To successfully complete the PutObject request, you must +// always have the s3:PutObject permission on a bucket to add an object to it. +// - s3:PutObjectAcl - To successfully change the objects ACL of your PutObject +// request, you must have the s3:PutObjectAcl . +// - s3:PutObjectTagging - To successfully set the tag-set with your PutObject +// request, you must have the s3:PutObjectTagging . +// - Directory bucket permissions - To grant access to this API operation on a +// directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant the +// s3express:CreateSession permission to the directory bucket in a bucket policy +// or an IAM identity-based policy. Then, you make the CreateSession API call on +// the bucket to obtain a session token. With the session token in your request +// header, you can make API requests to this operation. After the session token +// expires, you make another CreateSession API call to generate a new session +// token for use. Amazon Web Services CLI or SDKs create session and refresh the +// session token automatically to avoid service interruptions when a session +// expires. For more information about authorization, see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// . +// +// Data integrity with Content-MD5 +// - General purpose bucket - To ensure that data is not corrupted traversing +// the network, use the Content-MD5 header. When you use this header, Amazon S3 +// checks the object against the provided MD5 value and, if they do not match, +// Amazon S3 returns an error. Alternatively, when the object's ETag is its MD5 +// digest, you can calculate the MD5 while putting the object to Amazon S3 and +// compare the returned ETag to the calculated MD5 value. +// - Directory bucket - This functionality is not supported for directory +// buckets. +// +// HTTP Host header syntax Directory buckets - The HTTP Host header syntax is +// Bucket_name.s3express-az_id.region.amazonaws.com . For more information about +// related Amazon S3 APIs, see the following: // - CopyObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) // - DeleteObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) func (c *Client) PutObject(ctx context.Context, params *PutObjectInput, optFns ...func(*Options)) (*PutObjectOutput, error) { @@ -106,16 +105,26 @@ func (c *Client) PutObject(ctx context.Context, params *PutObjectInput, optFns . type PutObjectInput struct { - // The bucket name to which the PUT action was initiated. When using this action - // with an access point, you must direct requests to the access point hostname. The - // access point hostname takes the form - // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this - // action with an access point through the Amazon Web Services SDKs, you provide - // the access point ARN in place of the bucket name. For more information about - // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form + // The bucket name to which the PUT action was initiated. Directory buckets - When + // you use this operation with a directory bucket, you must use + // virtual-hosted-style requests in the format + // Bucket_name.s3express-az_id.region.amazonaws.com . Path-style requests are not + // supported. Directory bucket names must be unique in the chosen Availability + // Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 (for + // example, DOC-EXAMPLE-BUCKET--usw2-az2--x-s3 ). For information about bucket + // naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. Access points - When you use this action with an + // access point, you must provide the alias of the access point in place of the + // bucket name or specify the access point ARN. When using the access point ARN, + // you must direct requests to the access point hostname. The access point hostname + // takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. Access points and Object Lambda access points are + // not supported by directory buckets. S3 on Outposts - When you use this action + // with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts + // hostname. The S3 on Outposts hostname takes the form // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you // use this action with S3 on Outposts through the Amazon Web Services SDKs, you // provide the Outposts access point ARN in place of the bucket name. For more @@ -131,7 +140,25 @@ type PutObjectInput struct { Key *string // The canned ACL to apply to the object. For more information, see Canned ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL) - // . This action is not supported by Amazon S3 on Outposts. + // in the Amazon S3 User Guide. When adding a new object, you can use headers to + // grant ACL-based permissions to individual Amazon Web Services accounts or to + // predefined groups defined by Amazon S3. These permissions are then added to the + // ACL on the object. By default, all objects are private. Only the owner has full + // access control. For more information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) + // and Managing ACLs Using the REST API (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-using-rest-api.html) + // in the Amazon S3 User Guide. If the bucket that you're uploading objects to uses + // the bucket owner enforced setting for S3 Object Ownership, ACLs are disabled and + // no longer affect permissions. Buckets that use this setting only accept PUT + // requests that don't specify an ACL or PUT requests that specify bucket owner + // full control ACLs, such as the bucket-owner-full-control canned ACL or an + // equivalent form of this ACL expressed in the XML format. PUT requests that + // contain other ACLs (for example, custom grants to certain Amazon Web Services + // accounts) fail and return a 400 error with the error code + // AccessControlListNotSupported . For more information, see Controlling + // ownership of objects and disabling ACLs (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) + // in the Amazon S3 User Guide. + // - This functionality is not supported for directory buckets. + // - This functionality is not supported for Amazon S3 on Outposts. ACL types.ObjectCannedACL // Object data. @@ -141,22 +168,34 @@ type PutObjectInput struct { // with server-side encryption using Key Management Service (KMS) keys (SSE-KMS). // Setting this header to true causes Amazon S3 to use an S3 Bucket Key for object // encryption with SSE-KMS. Specifying this header with a PUT action doesn’t affect - // bucket-level settings for S3 Bucket Key. - BucketKeyEnabled bool + // bucket-level settings for S3 Bucket Key. This functionality is not supported for + // directory buckets. + BucketKeyEnabled *bool // Can be used to specify caching behavior along the request/reply chain. For more // information, see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9) // . CacheControl *string - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not using - // the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the - // HTTP status code 400 Bad Request . For more information, see Checking object - // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) - // in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3 - // ignores any provided ChecksumAlgorithm parameter. + // Indicates the algorithm used to create the checksum for the object when you use + // the SDK. This header will not provide any additional functionality if you don't + // use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum-algorithm or x-amz-trailer header sent. Otherwise, Amazon S3 + // fails the request with the HTTP status code 400 Bad Request . For the + // x-amz-checksum-algorithm header, replace algorithm with the supported + // algorithm from the following list: + // - CRC32 + // - CRC32C + // - SHA1 + // - SHA256 + // For more information, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. If the individual checksum value you provide + // through x-amz-checksum-algorithm doesn't match the checksum algorithm you set + // through x-amz-sdk-checksum-algorithm , Amazon S3 ignores any provided + // ChecksumAlgorithm parameter and uses the checksum algorithm that matches the + // provided value in x-amz-checksum-algorithm . For directory buckets, when you + // use Amazon Web Services SDKs, CRC32 is the default checksum algorithm that's + // used for performance. ChecksumAlgorithm types.ChecksumAlgorithm // This header can be used as a data integrity check to verify that the data @@ -206,7 +245,7 @@ type PutObjectInput struct { // cannot be determined automatically. For more information, see // https://www.rfc-editor.org/rfc/rfc9110.html#name-content-length (https://www.rfc-editor.org/rfc/rfc9110.html#name-content-length) // . - ContentLength int64 + ContentLength *int64 // The base64-encoded 128-bit MD5 digest of the message (without the headers) // according to RFC 1864. This header can be used as a message integrity check to @@ -214,7 +253,11 @@ type PutObjectInput struct { // optional, we recommend using the Content-MD5 mechanism as an end-to-end // integrity check. For more information about REST request authentication, see // REST Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html) - // . + // . The Content-MD5 header is required for any request to upload an object with a + // retention period configured using Amazon S3 Object Lock. For more information + // about Amazon S3 Object Lock, see Amazon S3 Object Lock Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html) + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. ContentMD5 *string // A standard MIME type describing the format of the contents. For more @@ -222,9 +265,9 @@ type PutObjectInput struct { // . ContentType *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // The date and time at which the object is no longer cacheable. For more @@ -232,20 +275,24 @@ type PutObjectInput struct { // . Expires *time.Time - // Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object. This - // action is not supported by Amazon S3 on Outposts. + // Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object. + // - This functionality is not supported for directory buckets. + // - This functionality is not supported for Amazon S3 on Outposts. GrantFullControl *string - // Allows grantee to read the object data and its metadata. This action is not - // supported by Amazon S3 on Outposts. + // Allows grantee to read the object data and its metadata. + // - This functionality is not supported for directory buckets. + // - This functionality is not supported for Amazon S3 on Outposts. GrantRead *string - // Allows grantee to read the object ACL. This action is not supported by Amazon - // S3 on Outposts. + // Allows grantee to read the object ACL. + // - This functionality is not supported for directory buckets. + // - This functionality is not supported for Amazon S3 on Outposts. GrantReadACP *string - // Allows grantee to write the ACL for the applicable object. This action is not - // supported by Amazon S3 on Outposts. + // Allows grantee to write the ACL for the applicable object. + // - This functionality is not supported for directory buckets. + // - This functionality is not supported for Amazon S3 on Outposts. GrantWriteACP *string // A map of metadata to store with the object in S3. @@ -253,46 +300,54 @@ type PutObjectInput struct { // Specifies whether a legal hold will be applied to this object. For more // information about S3 Object Lock, see Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) - // . + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. ObjectLockLegalHoldStatus types.ObjectLockLegalHoldStatus - // The Object Lock mode that you want to apply to this object. + // The Object Lock mode that you want to apply to this object. This functionality + // is not supported for directory buckets. ObjectLockMode types.ObjectLockMode // The date and time when you want this object's Object Lock to expire. Must be - // formatted as a timestamp parameter. + // formatted as a timestamp parameter. This functionality is not supported for + // directory buckets. ObjectLockRetainUntilDate *time.Time // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer - // Specifies the algorithm to use to when encrypting the object (for example, - // AES256). + // Specifies the algorithm to use when encrypting the object (for example, AES256 + // ). This functionality is not supported for directory buckets. SSECustomerAlgorithm *string // Specifies the customer-provided encryption key for Amazon S3 to use in // encrypting data. This value is used to store the object and then it is // discarded; Amazon S3 does not store the encryption key. The key must be // appropriate for use with the algorithm specified in the - // x-amz-server-side-encryption-customer-algorithm header. + // x-amz-server-side-encryption-customer-algorithm header. This functionality is + // not supported for directory buckets. SSECustomerKey *string // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the - // encryption key was transmitted without error. + // encryption key was transmitted without error. This functionality is not + // supported for directory buckets. SSECustomerKeyMD5 *string // Specifies the Amazon Web Services KMS Encryption Context to use for object // encryption. The value of this header is a base64-encoded UTF-8 string holding // JSON with the encryption context key-value pairs. This value is stored as object // metadata and automatically gets passed on to Amazon Web Services KMS for future - // GetObject or CopyObject operations on this object. + // GetObject or CopyObject operations on this object. This value must be + // explicitly added during CopyObject operations. This functionality is not + // supported for directory buckets. SSEKMSEncryptionContext *string // If x-amz-server-side-encryption has a valid value of aws:kms or aws:kms:dsse , @@ -303,117 +358,168 @@ type PutObjectInput struct { // x-amz-server-side-encryption-aws-kms-key-id , Amazon S3 uses the Amazon Web // Services managed key ( aws/s3 ) to protect the data. If the KMS key does not // exist in the same account that's issuing the command, you must use the full ARN - // and not just the ID. + // and not just the ID. This functionality is not supported for directory buckets. SSEKMSKeyId *string - // The server-side encryption algorithm used when storing this object in Amazon S3 - // (for example, AES256 , aws:kms , aws:kms:dsse ). + // The server-side encryption algorithm that was used when you store this object + // in Amazon S3 (for example, AES256 , aws:kms , aws:kms:dsse ). General purpose + // buckets - You have four mutually exclusive options to protect data using + // server-side encryption in Amazon S3, depending on how you choose to manage the + // encryption keys. Specifically, the encryption key options are Amazon S3 managed + // keys (SSE-S3), Amazon Web Services KMS keys (SSE-KMS or DSSE-KMS), and + // customer-provided keys (SSE-C). Amazon S3 encrypts data with server-side + // encryption by using Amazon S3 managed keys (SSE-S3) by default. You can + // optionally tell Amazon S3 to encrypt data at rest by using server-side + // encryption with other key options. For more information, see Using Server-Side + // Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) + // in the Amazon S3 User Guide. Directory buckets - For directory buckets, only the + // server-side encryption with Amazon S3 managed keys (SSE-S3) ( AES256 ) value is + // supported. ServerSideEncryption types.ServerSideEncryption // By default, Amazon S3 uses the STANDARD Storage Class to store newly created // objects. The STANDARD storage class provides high durability and high // availability. Depending on performance needs, you can specify a different - // Storage Class. Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. For - // more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) + // Storage Class. For more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) // in the Amazon S3 User Guide. + // - For directory buckets, only the S3 Express One Zone storage class is + // supported to store newly created objects. + // - Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. StorageClass types.StorageClass // The tag-set for the object. The tag-set must be encoded as URL Query - // parameters. (For example, "Key1=Value1") + // parameters. (For example, "Key1=Value1") This functionality is not supported for + // directory buckets. Tagging *string // If the bucket is configured as a website, redirects requests for this object to // another object in the same bucket or to an external URL. Amazon S3 stores the // value of this header in the object metadata. For information about object // metadata, see Object Key and Metadata (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html) - // . In the following example, the request header sets the redirect to an object - // (anotherPage.html) in the same bucket: x-amz-website-redirect-location: - // /anotherPage.html In the following example, the request header sets the object - // redirect to another website: x-amz-website-redirect-location: - // http://www.example.com/ For more information about website hosting in Amazon S3, - // see Hosting Websites on Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) + // in the Amazon S3 User Guide. In the following example, the request header sets + // the redirect to an object (anotherPage.html) in the same bucket: + // x-amz-website-redirect-location: /anotherPage.html In the following example, the + // request header sets the object redirect to another website: + // x-amz-website-redirect-location: http://www.example.com/ For more information + // about website hosting in Amazon S3, see Hosting Websites on Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) // and How to Configure Website Page Redirects (https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html) - // . + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. WebsiteRedirectLocation *string noSmithyDocumentSerde } +func (in *PutObjectInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.Key = in.Key + +} + type PutObjectOutput struct { // Indicates whether the uploaded object uses an S3 Bucket Key for server-side - // encryption with Key Management Service (KMS) keys (SSE-KMS). - BucketKeyEnabled bool + // encryption with Key Management Service (KMS) keys (SSE-KMS). This functionality + // is not supported for directory buckets. + BucketKeyEnabled *bool // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32 *string // The base64-encoded, 32-bit CRC32C checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32C *string // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use the API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA1 *string // The base64-encoded, 256-bit SHA-256 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA256 *string - // Entity tag for the uploaded object. + // Entity tag for the uploaded object. General purpose buckets - To ensure that + // data is not corrupted traversing the network, for objects where the ETag is the + // MD5 digest of the object, you can calculate the MD5 while putting an object to + // Amazon S3 and compare the returned ETag to the calculated MD5 value. Directory + // buckets - The ETag for the object in a directory bucket isn't the MD5 digest of + // the object. ETag *string // If the expiration is configured for the object (see // PutBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html) - // ), the response includes this header. It includes the expiry-date and rule-id - // key-value pairs that provide information about object expiration. The value of - // the rule-id is URL-encoded. + // ) in the Amazon S3 User Guide, the response includes this header. It includes + // the expiry-date and rule-id key-value pairs that provide information about + // object expiration. The value of the rule-id is URL-encoded. This functionality + // is not supported for directory buckets. Expiration *string // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged // If server-side encryption with a customer-provided encryption key was - // requested, the response will include this header confirming the encryption - // algorithm used. + // requested, the response will include this header to confirm the encryption + // algorithm that's used. This functionality is not supported for directory + // buckets. SSECustomerAlgorithm *string // If server-side encryption with a customer-provided encryption key was - // requested, the response will include this header to provide round-trip message - // integrity verification of the customer-provided encryption key. + // requested, the response will include this header to provide the round-trip + // message integrity verification of the customer-provided encryption key. This + // functionality is not supported for directory buckets. SSECustomerKeyMD5 *string - // If present, specifies the Amazon Web Services KMS Encryption Context to use for + // If present, indicates the Amazon Web Services KMS Encryption Context to use for // object encryption. The value of this header is a base64-encoded UTF-8 string // holding JSON with the encryption context key-value pairs. This value is stored // as object metadata and automatically gets passed on to Amazon Web Services KMS - // for future GetObject or CopyObject operations on this object. + // for future GetObject or CopyObject operations on this object. This + // functionality is not supported for directory buckets. SSEKMSEncryptionContext *string // If x-amz-server-side-encryption has a valid value of aws:kms or aws:kms:dsse , - // this header specifies the ID of the Key Management Service (KMS) symmetric - // encryption customer managed key that was used for the object. + // this header indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. This functionality + // is not supported for directory buckets. SSEKMSKeyId *string - // The server-side encryption algorithm used when storing this object in Amazon S3 - // (for example, AES256 , aws:kms , aws:kms:dsse ). + // The server-side encryption algorithm used when you store this object in Amazon + // S3 (for example, AES256 , aws:kms , aws:kms:dsse ). For directory buckets, only + // server-side encryption with Amazon S3 managed keys (SSE-S3) ( AES256 ) is + // supported. ServerSideEncryption types.ServerSideEncryption - // Version of the object. + // Version ID of the object. If you enable versioning for a bucket, Amazon S3 + // automatically generates a unique version ID for the object being stored. Amazon + // S3 returns this ID in the response. When you enable versioning for a bucket, if + // Amazon S3 receives multiple write requests for the same object simultaneously, + // it stores all of the objects. For more information about versioning, see Adding + // Objects to Versioning-Enabled Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/AddingObjectstoVersioningEnabledBuckets.html) + // in the Amazon S3 User Guide. For information about returning the versioning + // state of a bucket, see GetBucketVersioning (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html) + // . This functionality is not supported for directory buckets. VersionId *string // Metadata pertaining to the operation's result. @@ -423,6 +529,9 @@ type PutObjectOutput struct { } func (c *Client) addOperationPutObjectMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutObject{}, middleware.After) if err != nil { return err @@ -431,6 +540,10 @@ func (c *Client) addOperationPutObjectMiddlewares(stack *middleware.Stack, optio if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutObject"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -452,9 +565,6 @@ func (c *Client) addOperationPutObjectMiddlewares(stack *middleware.Stack, optio if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -470,10 +580,10 @@ func (c *Client) addOperationPutObjectMiddlewares(stack *middleware.Stack, optio if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutObjectResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutObjectValidationMiddleware(stack); err != nil { @@ -512,7 +622,7 @@ func (c *Client) addOperationPutObjectMiddlewares(stack *middleware.Stack, optio if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -532,7 +642,6 @@ func newServiceMetadataMiddleware_opPutObject(region string) *awsmiddleware.Regi return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutObject", } } @@ -615,139 +724,3 @@ func addPutObjectPayloadAsUnsigned(stack *middleware.Stack, options Options) err v4.RemoveComputePayloadSHA256Middleware(stack) return v4.AddUnsignedPayloadMiddleware(stack) } - -type opPutObjectResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutObjectResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutObjectResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutObjectInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutObjectResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutObjectResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectAcl.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectAcl.go index 22a0dcc22..5716f550f 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectAcl.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectAcl.go @@ -4,30 +4,25 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Uses the acl subresource to set the access control list (ACL) permissions for a -// new or existing object in an S3 bucket. You must have WRITE_ACP permission to -// set the ACL of an object. For more information, see What permissions can I -// grant? (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#permissions) -// in the Amazon S3 User Guide. This action is not supported by Amazon S3 on -// Outposts. Depending on your application needs, you can choose to set the ACL on -// an object using either the request body or the headers. For example, if you have -// an existing application that updates a bucket ACL using the request body, you -// can continue to use that approach. For more information, see Access Control +// This operation is not supported by directory buckets. Uses the acl subresource +// to set the access control list (ACL) permissions for a new or existing object in +// an S3 bucket. You must have the WRITE_ACP permission to set the ACL of an +// object. For more information, see What permissions can I grant? (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#permissions) +// in the Amazon S3 User Guide. This functionality is not supported for Amazon S3 +// on Outposts. Depending on your application needs, you can choose to set the ACL +// on an object using either the request body or the headers. For example, if you +// have an existing application that updates a bucket ACL using the request body, +// you can continue to use that approach. For more information, see Access Control // List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) // in the Amazon S3 User Guide. If your bucket uses the bucket owner enforced // setting for S3 Object Ownership, ACLs are disabled and no longer affect @@ -118,27 +113,17 @@ func (c *Client) PutObjectAcl(ctx context.Context, params *PutObjectAclInput, op type PutObjectAclInput struct { // The bucket name that contains the object to which you want to attach the ACL. - // When using this action with an access point, you must direct requests to the + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the access + // point ARN. When using the access point ARN, you must direct requests to the // access point hostname. The access point hostname takes the form // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this // action with an access point through the Amazon Web Services SDKs, you provide // the access point ARN in place of the bucket name. For more information about // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. - // - // This member is required. - Bucket *string - - // Key for which the PUT action was initiated. When using this action with an - // access point, you must direct requests to the access point hostname. The access - // point hostname takes the form - // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this - // action with an access point through the Amazon Web Services SDKs, you provide - // the access point ARN in place of the bucket name. For more information about - // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form + // in the Amazon S3 User Guide. S3 on Outposts - When you use this action with + // Amazon S3 on Outposts, you must direct requests to the S3 on Outposts hostname. + // The S3 on Outposts hostname takes the form // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you // use this action with S3 on Outposts through the Amazon Web Services SDKs, you // provide the Outposts access point ARN in place of the bucket name. For more @@ -146,6 +131,11 @@ type PutObjectAclInput struct { // in the Amazon S3 User Guide. // // This member is required. + Bucket *string + + // Key for which the PUT action was initiated. + // + // This member is required. Key *string // The canned ACL to apply to the object. For more information, see Canned ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL) @@ -155,12 +145,12 @@ type PutObjectAclInput struct { // Contains the elements that set the ACL permissions for an object per grantee. AccessControlPolicy *types.AccessControlPolicy - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not using - // the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the - // HTTP status code 400 Bad Request . For more information, see Checking object - // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you use + // the SDK. This header will not provide any additional functionality if you don't + // use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request . For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3 // ignores any provided ChecksumAlgorithm parameter. ChecksumAlgorithm types.ChecksumAlgorithm @@ -172,21 +162,21 @@ type PutObjectAclInput struct { // Amazon Web Services SDKs, this field is calculated automatically. ContentMD5 *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Allows grantee the read, write, read ACP, and write ACP permissions on the - // bucket. This action is not supported by Amazon S3 on Outposts. + // bucket. This functionality is not supported for Amazon S3 on Outposts. GrantFullControl *string - // Allows grantee to list the objects in the bucket. This action is not supported - // by Amazon S3 on Outposts. + // Allows grantee to list the objects in the bucket. This functionality is not + // supported for Amazon S3 on Outposts. GrantRead *string - // Allows grantee to read the bucket ACL. This action is not supported by Amazon - // S3 on Outposts. + // Allows grantee to read the bucket ACL. This functionality is not supported for + // Amazon S3 on Outposts. GrantReadACP *string // Allows grantee to create new objects in the bucket. For the bucket and object @@ -194,29 +184,37 @@ type PutObjectAclInput struct { // objects. GrantWrite *string - // Allows grantee to write the ACL for the applicable bucket. This action is not - // supported by Amazon S3 on Outposts. + // Allows grantee to write the ACL for the applicable bucket. This functionality + // is not supported for Amazon S3 on Outposts. GrantWriteACP *string // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer - // VersionId used to reference a specific version of the object. + // Version ID used to reference a specific version of the object. This + // functionality is not supported for directory buckets. VersionId *string noSmithyDocumentSerde } +func (in *PutObjectAclInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.Key = in.Key + +} + type PutObjectAclOutput struct { // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged // Metadata pertaining to the operation's result. @@ -226,6 +224,9 @@ type PutObjectAclOutput struct { } func (c *Client) addOperationPutObjectAclMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutObjectAcl{}, middleware.After) if err != nil { return err @@ -234,6 +235,10 @@ func (c *Client) addOperationPutObjectAclMiddlewares(stack *middleware.Stack, op if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutObjectAcl"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -255,9 +260,6 @@ func (c *Client) addOperationPutObjectAclMiddlewares(stack *middleware.Stack, op if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -273,10 +275,10 @@ func (c *Client) addOperationPutObjectAclMiddlewares(stack *middleware.Stack, op if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutObjectAclResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutObjectAclValidationMiddleware(stack); err != nil { @@ -309,12 +311,15 @@ func (c *Client) addOperationPutObjectAclMiddlewares(stack *middleware.Stack, op if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { return err } + if err = s3cust.AddExpressDefaultChecksumMiddleware(stack); err != nil { + return err + } return nil } @@ -329,7 +334,6 @@ func newServiceMetadataMiddleware_opPutObjectAcl(region string) *awsmiddleware.R return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutObjectAcl", } } @@ -379,139 +383,3 @@ func addPutObjectAclUpdateEndpoint(stack *middleware.Stack, options Options) err DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutObjectAclResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutObjectAclResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutObjectAclResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutObjectAclInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutObjectAclResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutObjectAclResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectLegalHold.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectLegalHold.go index d4d371df7..3fa38af3e 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectLegalHold.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectLegalHold.go @@ -4,24 +4,19 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Applies a legal hold configuration to the specified object. For more -// information, see Locking Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) -// . This action is not supported by Amazon S3 on Outposts. +// This operation is not supported by directory buckets. Applies a legal hold +// configuration to the specified object. For more information, see Locking Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) +// . This functionality is not supported for Amazon S3 on Outposts. func (c *Client) PutObjectLegalHold(ctx context.Context, params *PutObjectLegalHoldInput, optFns ...func(*Options)) (*PutObjectLegalHoldOutput, error) { if params == nil { params = &PutObjectLegalHoldInput{} @@ -40,7 +35,9 @@ func (c *Client) PutObjectLegalHold(ctx context.Context, params *PutObjectLegalH type PutObjectLegalHoldInput struct { // The bucket name containing the object that you want to place a legal hold on. - // When using this action with an access point, you must direct requests to the + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the access + // point ARN. When using the access point ARN, you must direct requests to the // access point hostname. The access point hostname takes the form // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this // action with an access point through the Amazon Web Services SDKs, you provide @@ -56,12 +53,12 @@ type PutObjectLegalHoldInput struct { // This member is required. Key *string - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not using - // the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the - // HTTP status code 400 Bad Request . For more information, see Checking object - // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you use + // the SDK. This header will not provide any additional functionality if you don't + // use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request . For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3 // ignores any provided ChecksumAlgorithm parameter. ChecksumAlgorithm types.ChecksumAlgorithm @@ -71,9 +68,9 @@ type PutObjectLegalHoldInput struct { // calculated automatically. ContentMD5 *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Container element for the legal hold configuration you want to apply to the @@ -82,11 +79,12 @@ type PutObjectLegalHoldInput struct { // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer // The version ID of the object that you want to place a legal hold on. @@ -95,10 +93,15 @@ type PutObjectLegalHoldInput struct { noSmithyDocumentSerde } +func (in *PutObjectLegalHoldInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + +} + type PutObjectLegalHoldOutput struct { // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged // Metadata pertaining to the operation's result. @@ -108,6 +111,9 @@ type PutObjectLegalHoldOutput struct { } func (c *Client) addOperationPutObjectLegalHoldMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutObjectLegalHold{}, middleware.After) if err != nil { return err @@ -116,6 +122,10 @@ func (c *Client) addOperationPutObjectLegalHoldMiddlewares(stack *middleware.Sta if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutObjectLegalHold"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -137,9 +147,6 @@ func (c *Client) addOperationPutObjectLegalHoldMiddlewares(stack *middleware.Sta if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -155,10 +162,10 @@ func (c *Client) addOperationPutObjectLegalHoldMiddlewares(stack *middleware.Sta if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutObjectLegalHoldResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutObjectLegalHoldValidationMiddleware(stack); err != nil { @@ -191,12 +198,15 @@ func (c *Client) addOperationPutObjectLegalHoldMiddlewares(stack *middleware.Sta if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { return err } + if err = s3cust.AddExpressDefaultChecksumMiddleware(stack); err != nil { + return err + } return nil } @@ -211,7 +221,6 @@ func newServiceMetadataMiddleware_opPutObjectLegalHold(region string) *awsmiddle return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutObjectLegalHold", } } @@ -261,139 +270,3 @@ func addPutObjectLegalHoldUpdateEndpoint(stack *middleware.Stack, options Option DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutObjectLegalHoldResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutObjectLegalHoldResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutObjectLegalHoldResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutObjectLegalHoldInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutObjectLegalHoldResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutObjectLegalHoldResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectLockConfiguration.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectLockConfiguration.go index 5b4a897e5..49425c8f9 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectLockConfiguration.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectLockConfiguration.go @@ -4,30 +4,27 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Places an Object Lock configuration on the specified bucket. The rule specified -// in the Object Lock configuration will be applied by default to every new object -// placed in the specified bucket. For more information, see Locking Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) +// This operation is not supported by directory buckets. Places an Object Lock +// configuration on the specified bucket. The rule specified in the Object Lock +// configuration will be applied by default to every new object placed in the +// specified bucket. For more information, see Locking Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) // . // - The DefaultRetention settings require both a mode and a period. // - The DefaultRetention period can be either Days or Years but you must select // one. You cannot specify Days and Years at the same time. -// - You can only enable Object Lock for new buckets. If you want to turn on -// Object Lock for an existing bucket, contact Amazon Web Services Support. +// - You can enable Object Lock for new or existing buckets. For more +// information, see Configuring Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html) +// . func (c *Client) PutObjectLockConfiguration(ctx context.Context, params *PutObjectLockConfigurationInput, optFns ...func(*Options)) (*PutObjectLockConfigurationOutput, error) { if params == nil { params = &PutObjectLockConfigurationInput{} @@ -50,12 +47,12 @@ type PutObjectLockConfigurationInput struct { // This member is required. Bucket *string - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not using - // the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the - // HTTP status code 400 Bad Request . For more information, see Checking object - // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you use + // the SDK. This header will not provide any additional functionality if you don't + // use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request . For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3 // ignores any provided ChecksumAlgorithm parameter. ChecksumAlgorithm types.ChecksumAlgorithm @@ -65,9 +62,9 @@ type PutObjectLockConfigurationInput struct { // calculated automatically. ContentMD5 *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // The Object Lock configuration that you want to apply to the specified bucket. @@ -75,11 +72,12 @@ type PutObjectLockConfigurationInput struct { // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer // A token to allow Object Lock to be enabled for an existing bucket. @@ -88,10 +86,15 @@ type PutObjectLockConfigurationInput struct { noSmithyDocumentSerde } +func (in *PutObjectLockConfigurationInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + +} + type PutObjectLockConfigurationOutput struct { // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged // Metadata pertaining to the operation's result. @@ -101,6 +104,9 @@ type PutObjectLockConfigurationOutput struct { } func (c *Client) addOperationPutObjectLockConfigurationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutObjectLockConfiguration{}, middleware.After) if err != nil { return err @@ -109,6 +115,10 @@ func (c *Client) addOperationPutObjectLockConfigurationMiddlewares(stack *middle if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutObjectLockConfiguration"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -130,9 +140,6 @@ func (c *Client) addOperationPutObjectLockConfigurationMiddlewares(stack *middle if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -148,10 +155,10 @@ func (c *Client) addOperationPutObjectLockConfigurationMiddlewares(stack *middle if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutObjectLockConfigurationResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutObjectLockConfigurationValidationMiddleware(stack); err != nil { @@ -184,12 +191,15 @@ func (c *Client) addOperationPutObjectLockConfigurationMiddlewares(stack *middle if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { return err } + if err = s3cust.AddExpressDefaultChecksumMiddleware(stack); err != nil { + return err + } return nil } @@ -204,7 +214,6 @@ func newServiceMetadataMiddleware_opPutObjectLockConfiguration(region string) *a return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutObjectLockConfiguration", } } @@ -254,139 +263,3 @@ func addPutObjectLockConfigurationUpdateEndpoint(stack *middleware.Stack, option DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutObjectLockConfigurationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutObjectLockConfigurationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutObjectLockConfigurationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutObjectLockConfigurationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutObjectLockConfigurationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutObjectLockConfigurationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectRetention.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectRetention.go index 95176ea69..5dfb98f3d 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectRetention.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectRetention.go @@ -4,27 +4,22 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Places an Object Retention configuration on an object. For more information, -// see Locking Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) +// This operation is not supported by directory buckets. Places an Object +// Retention configuration on an object. For more information, see Locking Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) // . Users or accounts require the s3:PutObjectRetention permission in order to // place an Object Retention configuration on objects. Bypassing a Governance // Retention configuration requires the s3:BypassGovernanceRetention permission. -// This action is not supported by Amazon S3 on Outposts. +// This functionality is not supported for Amazon S3 on Outposts. func (c *Client) PutObjectRetention(ctx context.Context, params *PutObjectRetentionInput, optFns ...func(*Options)) (*PutObjectRetentionOutput, error) { if params == nil { params = &PutObjectRetentionInput{} @@ -43,8 +38,10 @@ func (c *Client) PutObjectRetention(ctx context.Context, params *PutObjectRetent type PutObjectRetentionInput struct { // The bucket name that contains the object you want to apply this Object - // Retention configuration to. When using this action with an access point, you - // must direct requests to the access point hostname. The access point hostname + // Retention configuration to. Access points - When you use this action with an + // access point, you must provide the alias of the access point in place of the + // bucket name or specify the access point ARN. When using the access point ARN, + // you must direct requests to the access point hostname. The access point hostname // takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more @@ -61,14 +58,14 @@ type PutObjectRetentionInput struct { Key *string // Indicates whether this action should bypass Governance-mode restrictions. - BypassGovernanceRetention bool + BypassGovernanceRetention *bool - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not using - // the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the - // HTTP status code 400 Bad Request . For more information, see Checking object - // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you use + // the SDK. This header will not provide any additional functionality if you don't + // use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request . For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3 // ignores any provided ChecksumAlgorithm parameter. ChecksumAlgorithm types.ChecksumAlgorithm @@ -78,18 +75,19 @@ type PutObjectRetentionInput struct { // calculated automatically. ContentMD5 *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer // The container element for the Object Retention configuration. @@ -102,10 +100,15 @@ type PutObjectRetentionInput struct { noSmithyDocumentSerde } +func (in *PutObjectRetentionInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + +} + type PutObjectRetentionOutput struct { // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged // Metadata pertaining to the operation's result. @@ -115,6 +118,9 @@ type PutObjectRetentionOutput struct { } func (c *Client) addOperationPutObjectRetentionMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutObjectRetention{}, middleware.After) if err != nil { return err @@ -123,6 +129,10 @@ func (c *Client) addOperationPutObjectRetentionMiddlewares(stack *middleware.Sta if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutObjectRetention"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -144,9 +154,6 @@ func (c *Client) addOperationPutObjectRetentionMiddlewares(stack *middleware.Sta if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -162,10 +169,10 @@ func (c *Client) addOperationPutObjectRetentionMiddlewares(stack *middleware.Sta if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutObjectRetentionResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutObjectRetentionValidationMiddleware(stack); err != nil { @@ -198,12 +205,15 @@ func (c *Client) addOperationPutObjectRetentionMiddlewares(stack *middleware.Sta if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { return err } + if err = s3cust.AddExpressDefaultChecksumMiddleware(stack); err != nil { + return err + } return nil } @@ -218,7 +228,6 @@ func newServiceMetadataMiddleware_opPutObjectRetention(region string) *awsmiddle return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutObjectRetention", } } @@ -268,139 +277,3 @@ func addPutObjectRetentionUpdateEndpoint(stack *middleware.Stack, options Option DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutObjectRetentionResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutObjectRetentionResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutObjectRetentionResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutObjectRetentionInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutObjectRetentionResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutObjectRetentionResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectTagging.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectTagging.go index e9785b934..8b42d43d1 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectTagging.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutObjectTagging.go @@ -4,23 +4,19 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Sets the supplied tag-set to an object that already exists in a bucket. A tag -// is a key-value pair. For more information, see Object Tagging (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-tagging.html) +// This operation is not supported by directory buckets. Sets the supplied tag-set +// to an object that already exists in a bucket. A tag is a key-value pair. For +// more information, see Object Tagging (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-tagging.html) // . You can associate tags with an object by sending a PUT request against the // tagging subresource that is associated with the object. You can retrieve tags by // sending a GET request. For more information, see GetObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html) @@ -64,16 +60,18 @@ func (c *Client) PutObjectTagging(ctx context.Context, params *PutObjectTaggingI type PutObjectTaggingInput struct { - // The bucket name containing the object. When using this action with an access - // point, you must direct requests to the access point hostname. The access point + // The bucket name containing the object. Access points - When you use this action + // with an access point, you must provide the alias of the access point in place of + // the bucket name or specify the access point ARN. When using the access point + // ARN, you must direct requests to the access point hostname. The access point // hostname takes the form // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this // action with an access point through the Amazon Web Services SDKs, you provide // the access point ARN in place of the bucket name. For more information about // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form + // in the Amazon S3 User Guide. S3 on Outposts - When you use this action with + // Amazon S3 on Outposts, you must direct requests to the S3 on Outposts hostname. + // The S3 on Outposts hostname takes the form // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you // use this action with S3 on Outposts through the Amazon Web Services SDKs, you // provide the Outposts access point ARN in place of the bucket name. For more @@ -93,12 +91,12 @@ type PutObjectTaggingInput struct { // This member is required. Tagging *types.Tagging - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not using - // the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the - // HTTP status code 400 Bad Request . For more information, see Checking object - // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you use + // the SDK. This header will not provide any additional functionality if you don't + // use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request . For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3 // ignores any provided ChecksumAlgorithm parameter. ChecksumAlgorithm types.ChecksumAlgorithm @@ -108,18 +106,19 @@ type PutObjectTaggingInput struct { // calculated automatically. ContentMD5 *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer // The versionId of the object that the tag-set will be added to. @@ -128,6 +127,11 @@ type PutObjectTaggingInput struct { noSmithyDocumentSerde } +func (in *PutObjectTaggingInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + +} + type PutObjectTaggingOutput struct { // The versionId of the object the tag-set was added to. @@ -140,6 +144,9 @@ type PutObjectTaggingOutput struct { } func (c *Client) addOperationPutObjectTaggingMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutObjectTagging{}, middleware.After) if err != nil { return err @@ -148,6 +155,10 @@ func (c *Client) addOperationPutObjectTaggingMiddlewares(stack *middleware.Stack if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutObjectTagging"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -169,9 +180,6 @@ func (c *Client) addOperationPutObjectTaggingMiddlewares(stack *middleware.Stack if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -187,10 +195,10 @@ func (c *Client) addOperationPutObjectTaggingMiddlewares(stack *middleware.Stack if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutObjectTaggingResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutObjectTaggingValidationMiddleware(stack); err != nil { @@ -223,12 +231,15 @@ func (c *Client) addOperationPutObjectTaggingMiddlewares(stack *middleware.Stack if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { return err } + if err = s3cust.AddExpressDefaultChecksumMiddleware(stack); err != nil { + return err + } return nil } @@ -243,7 +254,6 @@ func newServiceMetadataMiddleware_opPutObjectTagging(region string) *awsmiddlewa return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutObjectTagging", } } @@ -293,139 +303,3 @@ func addPutObjectTaggingUpdateEndpoint(stack *middleware.Stack, options Options) DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutObjectTaggingResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutObjectTaggingResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutObjectTaggingResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutObjectTaggingInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutObjectTaggingResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutObjectTaggingResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutPublicAccessBlock.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutPublicAccessBlock.go index 8aa349c74..ab0b5405e 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutPublicAccessBlock.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_PutPublicAccessBlock.go @@ -4,30 +4,26 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Creates or modifies the PublicAccessBlock configuration for an Amazon S3 -// bucket. To use this operation, you must have the s3:PutBucketPublicAccessBlock -// permission. For more information about Amazon S3 permissions, see Specifying -// Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) +// This operation is not supported by directory buckets. Creates or modifies the +// PublicAccessBlock configuration for an Amazon S3 bucket. To use this operation, +// you must have the s3:PutBucketPublicAccessBlock permission. For more +// information about Amazon S3 permissions, see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) // . When Amazon S3 evaluates the PublicAccessBlock configuration for a bucket or // an object, it checks the PublicAccessBlock configuration for both the bucket // (or the bucket that contains the object) and the bucket owner's account. If the // PublicAccessBlock configurations are different between the bucket and the -// account, S3 uses the most restrictive combination of the bucket-level and +// account, Amazon S3 uses the most restrictive combination of the bucket-level and // account-level settings. For more information about when Amazon S3 considers a // bucket or an object public, see The Meaning of "Public" (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) // . The following operations are related to PutPublicAccessBlock : @@ -67,12 +63,12 @@ type PutPublicAccessBlockInput struct { // This member is required. PublicAccessBlockConfiguration *types.PublicAccessBlockConfiguration - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not using - // the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the - // HTTP status code 400 Bad Request . For more information, see Checking object - // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you use + // the SDK. This header will not provide any additional functionality if you don't + // use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request . For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3 // ignores any provided ChecksumAlgorithm parameter. ChecksumAlgorithm types.ChecksumAlgorithm @@ -82,14 +78,19 @@ type PutPublicAccessBlockInput struct { // SDKs, this field is calculated automatically. ContentMD5 *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string noSmithyDocumentSerde } +func (in *PutPublicAccessBlockInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.UseS3ExpressControlEndpoint = ptr.Bool(true) +} + type PutPublicAccessBlockOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -98,6 +99,9 @@ type PutPublicAccessBlockOutput struct { } func (c *Client) addOperationPutPublicAccessBlockMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpPutPublicAccessBlock{}, middleware.After) if err != nil { return err @@ -106,6 +110,10 @@ func (c *Client) addOperationPutPublicAccessBlockMiddlewares(stack *middleware.S if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "PutPublicAccessBlock"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -127,9 +135,6 @@ func (c *Client) addOperationPutPublicAccessBlockMiddlewares(stack *middleware.S if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -145,10 +150,10 @@ func (c *Client) addOperationPutPublicAccessBlockMiddlewares(stack *middleware.S if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addPutPublicAccessBlockResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpPutPublicAccessBlockValidationMiddleware(stack); err != nil { @@ -181,12 +186,15 @@ func (c *Client) addOperationPutPublicAccessBlockMiddlewares(stack *middleware.S if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { return err } + if err = s3cust.AddExpressDefaultChecksumMiddleware(stack); err != nil { + return err + } return nil } @@ -201,7 +209,6 @@ func newServiceMetadataMiddleware_opPutPublicAccessBlock(region string) *awsmidd return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "PutPublicAccessBlock", } } @@ -251,139 +258,3 @@ func addPutPublicAccessBlockUpdateEndpoint(stack *middleware.Stack, options Opti DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opPutPublicAccessBlockResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opPutPublicAccessBlockResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opPutPublicAccessBlockResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*PutPublicAccessBlockInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addPutPublicAccessBlockResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opPutPublicAccessBlockResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_RestoreObject.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_RestoreObject.go index 0ccf96b3f..a84b5326c 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_RestoreObject.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_RestoreObject.go @@ -4,24 +4,19 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Restores an archived copy of an object back into Amazon S3 This action is not -// supported by Amazon S3 on Outposts. This action performs the following types of -// requests: +// This operation is not supported by directory buckets. Restores an archived copy +// of an object back into Amazon S3 This functionality is not supported for Amazon +// S3 on Outposts. This action performs the following types of requests: // - select - Perform a select query on an archived object // - restore an archive - Restore an archived object // @@ -184,16 +179,18 @@ func (c *Client) RestoreObject(ctx context.Context, params *RestoreObjectInput, type RestoreObjectInput struct { - // The bucket name containing the object to restore. When using this action with - // an access point, you must direct requests to the access point hostname. The + // The bucket name containing the object to restore. Access points - When you use + // this action with an access point, you must provide the alias of the access point + // in place of the bucket name or specify the access point ARN. When using the + // access point ARN, you must direct requests to the access point hostname. The // access point hostname takes the form // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this // action with an access point through the Amazon Web Services SDKs, you provide // the access point ARN in place of the bucket name. For more information about // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form + // in the Amazon S3 User Guide. S3 on Outposts - When you use this action with + // Amazon S3 on Outposts, you must direct requests to the S3 on Outposts hostname. + // The S3 on Outposts hostname takes the form // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you // use this action with S3 on Outposts through the Amazon Web Services SDKs, you // provide the Outposts access point ARN in place of the bucket name. For more @@ -208,28 +205,29 @@ type RestoreObjectInput struct { // This member is required. Key *string - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not using - // the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the - // HTTP status code 400 Bad Request . For more information, see Checking object - // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you use + // the SDK. This header will not provide any additional functionality if you don't + // use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request . For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3 // ignores any provided ChecksumAlgorithm parameter. ChecksumAlgorithm types.ChecksumAlgorithm - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer // Container for restore job parameters. @@ -241,10 +239,15 @@ type RestoreObjectInput struct { noSmithyDocumentSerde } +func (in *RestoreObjectInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + +} + type RestoreObjectOutput struct { // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged // Indicates the path in the provided S3 output location where Select results will @@ -258,6 +261,9 @@ type RestoreObjectOutput struct { } func (c *Client) addOperationRestoreObjectMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpRestoreObject{}, middleware.After) if err != nil { return err @@ -266,6 +272,10 @@ func (c *Client) addOperationRestoreObjectMiddlewares(stack *middleware.Stack, o if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "RestoreObject"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -287,9 +297,6 @@ func (c *Client) addOperationRestoreObjectMiddlewares(stack *middleware.Stack, o if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -305,10 +312,10 @@ func (c *Client) addOperationRestoreObjectMiddlewares(stack *middleware.Stack, o if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addRestoreObjectResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpRestoreObjectValidationMiddleware(stack); err != nil { @@ -341,7 +348,7 @@ func (c *Client) addOperationRestoreObjectMiddlewares(stack *middleware.Stack, o if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -361,7 +368,6 @@ func newServiceMetadataMiddleware_opRestoreObject(region string) *awsmiddleware. return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "RestoreObject", } } @@ -411,139 +417,3 @@ func addRestoreObjectUpdateEndpoint(stack *middleware.Stack, options Options) er DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opRestoreObjectResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opRestoreObjectResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opRestoreObjectResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*RestoreObjectInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addRestoreObjectResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opRestoreObjectResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_SelectObjectContent.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_SelectObjectContent.go index d6c2ff637..888ec9c25 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_SelectObjectContent.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_SelectObjectContent.go @@ -4,34 +4,31 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithysync "github.com/aws/smithy-go/sync" smithyhttp "github.com/aws/smithy-go/transport/http" "sync" ) -// This action filters the contents of an Amazon S3 object based on a simple -// structured query language (SQL) statement. In the request, along with the SQL -// expression, you must also specify a data serialization format (JSON, CSV, or -// Apache Parquet) of the object. Amazon S3 uses this format to parse object data -// into records, and returns only records that match the specified SQL expression. -// You must also specify the data serialization format for the response. This -// action is not supported by Amazon S3 on Outposts. For more information about -// Amazon S3 Select, see Selecting Content from Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/selecting-content-from-objects.html) +// This operation is not supported by directory buckets. This action filters the +// contents of an Amazon S3 object based on a simple structured query language +// (SQL) statement. In the request, along with the SQL expression, you must also +// specify a data serialization format (JSON, CSV, or Apache Parquet) of the +// object. Amazon S3 uses this format to parse object data into records, and +// returns only records that match the specified SQL expression. You must also +// specify the data serialization format for the response. This functionality is +// not supported for Amazon S3 on Outposts. For more information about Amazon S3 +// Select, see Selecting Content from Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/selecting-content-from-objects.html) // and SELECT Command (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-glacier-select-sql-reference-select.html) -// in the Amazon S3 User Guide. Permissions You must have s3:GetObject permission -// for this operation. Amazon S3 Select does not support anonymous access. For more -// information about permissions, see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) +// in the Amazon S3 User Guide. Permissions You must have the s3:GetObject +// permission for this operation. Amazon S3 Select does not support anonymous +// access. For more information about permissions, see Specifying Permissions in a +// Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) // in the Amazon S3 User Guide. Object Data Formats You can use Amazon S3 Select to // query objects that have the following format properties: // - CSV, JSON, and Parquet - Objects must be in CSV, JSON, or Parquet format. @@ -134,9 +131,9 @@ type SelectObjectContentInput struct { // This member is required. OutputSerialization *types.OutputSerialization - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Specifies if periodic request progress information should be enabled. @@ -174,6 +171,11 @@ type SelectObjectContentInput struct { noSmithyDocumentSerde } +func (in *SelectObjectContentInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + +} + type SelectObjectContentOutput struct { eventStream *SelectObjectContentEventStream @@ -189,6 +191,9 @@ func (o *SelectObjectContentOutput) GetStream() *SelectObjectContentEventStream } func (c *Client) addOperationSelectObjectContentMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpSelectObjectContent{}, middleware.After) if err != nil { return err @@ -197,6 +202,10 @@ func (c *Client) addOperationSelectObjectContentMiddlewares(stack *middleware.St if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "SelectObjectContent"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -221,9 +230,6 @@ func (c *Client) addOperationSelectObjectContentMiddlewares(stack *middleware.St if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -233,10 +239,10 @@ func (c *Client) addOperationSelectObjectContentMiddlewares(stack *middleware.St if err = addClientUserAgent(stack, options); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addSelectObjectContentResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpSelectObjectContentValidationMiddleware(stack); err != nil { @@ -266,7 +272,7 @@ func (c *Client) addOperationSelectObjectContentMiddlewares(stack *middleware.St if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -286,7 +292,6 @@ func newServiceMetadataMiddleware_opSelectObjectContent(region string) *awsmiddl return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "SelectObjectContent", } } @@ -416,139 +421,3 @@ func (es *SelectObjectContentEventStream) waitStreamClose() { } } - -type opSelectObjectContentResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opSelectObjectContentResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opSelectObjectContentResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*SelectObjectContentInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addSelectObjectContentResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opSelectObjectContentResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_UploadPart.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_UploadPart.go index a3e1a7db4..53507fbab 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_UploadPart.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_UploadPart.go @@ -4,37 +4,61 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" internalChecksum "github.com/aws/aws-sdk-go-v2/service/internal/checksum" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" "io" ) -// Uploads a part in a multipart upload. In this operation, you provide part data -// in your request. However, you have an option to specify your existing Amazon S3 -// object as a data source for the part you are uploading. To upload a part from an -// existing object, you use the UploadPartCopy (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) +// Uploads a part in a multipart upload. In this operation, you provide new data +// as a part of an object in your request. However, you have an option to specify +// your existing Amazon S3 object as a data source for the part you are uploading. +// To upload a part from an existing object, you use the UploadPartCopy (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) // operation. You must initiate a multipart upload (see CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) // ) before you can upload any part. In response to your initiate request, Amazon -// S3 returns an upload ID, a unique identifier, that you must include in your +// S3 returns an upload ID, a unique identifier that you must include in your // upload part request. Part numbers can be any number from 1 to 10,000, inclusive. // A part number uniquely identifies a part and also defines its position within // the object being created. If you upload a new part using the same part number // that was used with a previous part, the previously uploaded part is overwritten. // For information about maximum and minimum part sizes and other multipart upload // specifications, see Multipart upload limits (https://docs.aws.amazon.com/AmazonS3/latest/userguide/qfacts.html) -// in the Amazon S3 User Guide. To ensure that data is not corrupted when +// in the Amazon S3 User Guide. After you initiate multipart upload and upload one +// or more parts, you must either complete or abort multipart upload in order to +// stop getting charged for storage of the uploaded parts. Only after you either +// complete or abort multipart upload, Amazon S3 frees up the parts storage and +// stops charging you for the parts storage. For more information on multipart +// uploads, go to Multipart Upload Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) +// in the Amazon S3 User Guide . Directory buckets - For directory buckets, you +// must make requests for this API operation to the Zonal endpoint. These endpoints +// support virtual-hosted-style requests in the format +// https://bucket_name.s3express-az_id.region.amazonaws.com/key-name . Path-style +// requests are not supported. For more information, see Regional and Zonal +// endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. Permissions +// - General purpose bucket permissions - For information on the permissions +// required to use the multipart upload API, see Multipart Upload and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) +// in the Amazon S3 User Guide. +// - Directory bucket permissions - To grant access to this API operation on a +// directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant the +// s3express:CreateSession permission to the directory bucket in a bucket policy +// or an IAM identity-based policy. Then, you make the CreateSession API call on +// the bucket to obtain a session token. With the session token in your request +// header, you can make API requests to this operation. After the session token +// expires, you make another CreateSession API call to generate a new session +// token for use. Amazon Web Services CLI or SDKs create session and refresh the +// session token automatically to avoid service interruptions when a session +// expires. For more information about authorization, see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// . +// +// Data integrity General purpose bucket - To ensure that data is not corrupted // traversing the network, specify the Content-MD5 header in the upload part // request. Amazon S3 checks the part data against the provided MD5 value. If they // do not match, Amazon S3 returns an error. If the upload request is signed with @@ -42,51 +66,44 @@ import ( // header as a checksum instead of Content-MD5 . For more information see // Authenticating Requests: Using the Authorization Header (Amazon Web Services // Signature Version 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html) -// . Note: After you initiate multipart upload and upload one or more parts, you -// must either complete or abort multipart upload in order to stop getting charged -// for storage of the uploaded parts. Only after you either complete or abort -// multipart upload, Amazon S3 frees up the parts storage and stops charging you -// for the parts storage. For more information on multipart uploads, go to -// Multipart Upload Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) -// in the Amazon S3 User Guide . For information on the permissions required to use -// the multipart upload API, go to Multipart Upload and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) -// in the Amazon S3 User Guide. Server-side encryption is for data encryption at -// rest. Amazon S3 encrypts your data as it writes it to disks in its data centers -// and decrypts it when you access it. You have three mutually exclusive options to -// protect data using server-side encryption in Amazon S3, depending on how you -// choose to manage the encryption keys. Specifically, the encryption key options -// are Amazon S3 managed keys (SSE-S3), Amazon Web Services KMS keys (SSE-KMS), and -// Customer-Provided Keys (SSE-C). Amazon S3 encrypts data with server-side -// encryption using Amazon S3 managed keys (SSE-S3) by default. You can optionally -// tell Amazon S3 to encrypt data at rest using server-side encryption with other -// key options. The option you use depends on whether you want to use KMS keys -// (SSE-KMS) or provide your own encryption key (SSE-C). If you choose to provide -// your own encryption key, the request headers you provide in the request must -// match the headers you used in the request to initiate the upload by using -// CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) -// . For more information, go to Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) -// in the Amazon S3 User Guide. Server-side encryption is supported by the S3 -// Multipart Upload actions. Unless you are using a customer-provided encryption -// key (SSE-C), you don't need to specify the encryption parameters in each -// UploadPart request. Instead, you only need to specify the server-side encryption -// parameters in the initial Initiate Multipart request. For more information, see -// CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) -// . If you requested server-side encryption using a customer-provided encryption -// key (SSE-C) in your initiate multipart upload request, you must provide -// identical encryption information in each part upload using the following -// headers. +// . Directory buckets - MD5 is not supported by directory buckets. You can use +// checksum algorithms to check object integrity. Encryption +// - General purpose bucket - Server-side encryption is for data encryption at +// rest. Amazon S3 encrypts your data as it writes it to disks in its data centers +// and decrypts it when you access it. You have mutually exclusive options to +// protect data using server-side encryption in Amazon S3, depending on how you +// choose to manage the encryption keys. Specifically, the encryption key options +// are Amazon S3 managed keys (SSE-S3), Amazon Web Services KMS keys (SSE-KMS), and +// Customer-Provided Keys (SSE-C). Amazon S3 encrypts data with server-side +// encryption using Amazon S3 managed keys (SSE-S3) by default. You can optionally +// tell Amazon S3 to encrypt data at rest using server-side encryption with other +// key options. The option you use depends on whether you want to use KMS keys +// (SSE-KMS) or provide your own encryption key (SSE-C). Server-side encryption is +// supported by the S3 Multipart Upload operations. Unless you are using a +// customer-provided encryption key (SSE-C), you don't need to specify the +// encryption parameters in each UploadPart request. Instead, you only need to +// specify the server-side encryption parameters in the initial Initiate Multipart +// request. For more information, see CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) +// . If you request server-side encryption using a customer-provided encryption key +// (SSE-C) in your initiate multipart upload request, you must provide identical +// encryption information in each part upload using the following request headers. // - x-amz-server-side-encryption-customer-algorithm // - x-amz-server-side-encryption-customer-key // - x-amz-server-side-encryption-customer-key-MD5 +// - Directory bucket - For directory buckets, only server-side encryption with +// Amazon S3 managed keys (SSE-S3) ( AES256 ) is supported. // -// UploadPart has the following special errors: -// - Code: NoSuchUpload -// - Cause: The specified multipart upload does not exist. The upload ID might -// be invalid, or the multipart upload might have been aborted or completed. +// For more information, see Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) +// in the Amazon S3 User Guide. Special errors +// - Error Code: NoSuchUpload +// - Description: The specified multipart upload does not exist. The upload ID +// might be invalid, or the multipart upload might have been aborted or completed. // - HTTP Status Code: 404 Not Found // - SOAP Fault Code Prefix: Client // -// The following operations are related to UploadPart : +// HTTP Host header syntax Directory buckets - The HTTP Host header syntax is +// Bucket_name.s3express-az_id.region.amazonaws.com . The following operations are +// related to UploadPart : // - CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) // - CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) // - AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) @@ -109,16 +126,26 @@ func (c *Client) UploadPart(ctx context.Context, params *UploadPartInput, optFns type UploadPartInput struct { - // The name of the bucket to which the multipart upload was initiated. When using - // this action with an access point, you must direct requests to the access point - // hostname. The access point hostname takes the form - // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this - // action with an access point through the Amazon Web Services SDKs, you provide - // the access point ARN in place of the bucket name. For more information about - // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form + // The name of the bucket to which the multipart upload was initiated. Directory + // buckets - When you use this operation with a directory bucket, you must use + // virtual-hosted-style requests in the format + // Bucket_name.s3express-az_id.region.amazonaws.com . Path-style requests are not + // supported. Directory bucket names must be unique in the chosen Availability + // Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 (for + // example, DOC-EXAMPLE-BUCKET--usw2-az2--x-s3 ). For information about bucket + // naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. Access points - When you use this action with an + // access point, you must provide the alias of the access point in place of the + // bucket name or specify the access point ARN. When using the access point ARN, + // you must direct requests to the access point hostname. The access point hostname + // takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. Access points and Object Lambda access points are + // not supported by directory buckets. S3 on Outposts - When you use this action + // with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts + // hostname. The S3 on Outposts hostname takes the form // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you // use this action with S3 on Outposts through the Amazon Web Services SDKs, you // provide the Outposts access point ARN in place of the bucket name. For more @@ -137,7 +164,7 @@ type UploadPartInput struct { // 10,000. // // This member is required. - PartNumber int32 + PartNumber *int32 // Upload ID identifying the multipart upload whose part is being uploaded. // @@ -147,12 +174,12 @@ type UploadPartInput struct { // Object data. Body io.Reader - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not using - // the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with the - // HTTP status code 400 Bad Request . For more information, see Checking object - // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you use + // the SDK. This header will not provide any additional functionality if you don't + // use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request . For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. If you provide an individual checksum, Amazon S3 // ignores any provided ChecksumAlgorithm parameter. This checksum algorithm must // be the same for all parts and it match the checksum value supplied in the @@ -189,29 +216,31 @@ type UploadPartInput struct { // Size of the body in bytes. This parameter is useful when the size of the body // cannot be determined automatically. - ContentLength int64 + ContentLength *int64 // The base64-encoded 128-bit MD5 digest of the part data. This parameter is // auto-populated when using the command from the CLI. This parameter is required - // if object lock parameters are specified. + // if object lock parameters are specified. This functionality is not supported for + // directory buckets. ContentMD5 *string - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the HTTP + // status code 403 Forbidden (access denied). ExpectedBucketOwner *string // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer - // Specifies the algorithm to use to when encrypting the object (for example, - // AES256). + // Specifies the algorithm to use when encrypting the object (for example, + // AES256). This functionality is not supported for directory buckets. SSECustomerAlgorithm *string // Specifies the customer-provided encryption key for Amazon S3 to use in @@ -219,48 +248,65 @@ type UploadPartInput struct { // discarded; Amazon S3 does not store the encryption key. The key must be // appropriate for use with the algorithm specified in the // x-amz-server-side-encryption-customer-algorithm header . This must be the same - // encryption key specified in the initiate multipart upload request. + // encryption key specified in the initiate multipart upload request. This + // functionality is not supported for directory buckets. SSECustomerKey *string // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the - // encryption key was transmitted without error. + // encryption key was transmitted without error. This functionality is not + // supported for directory buckets. SSECustomerKeyMD5 *string noSmithyDocumentSerde } +func (in *UploadPartInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.Key = in.Key + +} + type UploadPartOutput struct { // Indicates whether the multipart upload uses an S3 Bucket Key for server-side - // encryption with Key Management Service (KMS) keys (SSE-KMS). - BucketKeyEnabled bool + // encryption with Key Management Service (KMS) keys (SSE-KMS). This functionality + // is not supported for directory buckets. + BucketKeyEnabled *bool // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32 *string // The base64-encoded, 32-bit CRC32C checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32C *string // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use the API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA1 *string // The base64-encoded, 256-bit SHA-256 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA256 *string @@ -268,25 +314,29 @@ type UploadPartOutput struct { ETag *string // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged // If server-side encryption with a customer-provided encryption key was - // requested, the response will include this header confirming the encryption - // algorithm used. + // requested, the response will include this header to confirm the encryption + // algorithm that's used. This functionality is not supported for directory + // buckets. SSECustomerAlgorithm *string // If server-side encryption with a customer-provided encryption key was - // requested, the response will include this header to provide round-trip message - // integrity verification of the customer-provided encryption key. + // requested, the response will include this header to provide the round-trip + // message integrity verification of the customer-provided encryption key. This + // functionality is not supported for directory buckets. SSECustomerKeyMD5 *string - // If present, specifies the ID of the Key Management Service (KMS) symmetric - // encryption customer managed key was used for the object. + // If present, indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. This functionality + // is not supported for directory buckets. SSEKMSKeyId *string - // The server-side encryption algorithm used when storing this object in Amazon S3 - // (for example, AES256 , aws:kms ). + // The server-side encryption algorithm used when you store this object in Amazon + // S3 (for example, AES256 , aws:kms ). For directory buckets, only server-side + // encryption with Amazon S3 managed keys (SSE-S3) ( AES256 ) is supported. ServerSideEncryption types.ServerSideEncryption // Metadata pertaining to the operation's result. @@ -296,6 +346,9 @@ type UploadPartOutput struct { } func (c *Client) addOperationUploadPartMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpUploadPart{}, middleware.After) if err != nil { return err @@ -304,6 +357,10 @@ func (c *Client) addOperationUploadPartMiddlewares(stack *middleware.Stack, opti if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "UploadPart"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -325,9 +382,6 @@ func (c *Client) addOperationUploadPartMiddlewares(stack *middleware.Stack, opti if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -343,10 +397,10 @@ func (c *Client) addOperationUploadPartMiddlewares(stack *middleware.Stack, opti if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addUploadPartResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpUploadPartValidationMiddleware(stack); err != nil { @@ -385,7 +439,7 @@ func (c *Client) addOperationUploadPartMiddlewares(stack *middleware.Stack, opti if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -405,7 +459,6 @@ func newServiceMetadataMiddleware_opUploadPart(region string) *awsmiddleware.Reg return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "UploadPart", } } @@ -489,139 +542,3 @@ func addUploadPartPayloadAsUnsigned(stack *middleware.Stack, options Options) er v4.RemoveComputePayloadSHA256Middleware(stack) return v4.AddUnsignedPayloadMiddleware(stack) } - -type opUploadPartResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opUploadPartResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opUploadPartResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*UploadPartInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addUploadPartResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opUploadPartResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_UploadPartCopy.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_UploadPartCopy.go index ce9a179a7..1d48a7bea 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_UploadPartCopy.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_UploadPartCopy.go @@ -4,83 +4,98 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" "time" ) -// Uploads a part by copying data from an existing object as data source. You -// specify the data source by adding the request header x-amz-copy-source in your -// request and a byte range by adding the request header x-amz-copy-source-range -// in your request. For information about maximum and minimum part sizes and other -// multipart upload specifications, see Multipart upload limits (https://docs.aws.amazon.com/AmazonS3/latest/userguide/qfacts.html) -// in the Amazon S3 User Guide. Instead of using an existing object as part data, -// you might use the UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) -// action and provide data in your request. You must initiate a multipart upload -// before you can upload any part. In response to your initiate request. Amazon S3 -// returns a unique identifier, the upload ID, that you must include in your upload -// part request. For more information about using the UploadPartCopy operation, -// see the following: -// - For conceptual information about multipart uploads, see Uploading Objects -// Using Multipart Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html) +// Uploads a part by copying data from an existing object as data source. To +// specify the data source, you add the request header x-amz-copy-source in your +// request. To specify a byte range, you add the request header +// x-amz-copy-source-range in your request. For information about maximum and +// minimum part sizes and other multipart upload specifications, see Multipart +// upload limits (https://docs.aws.amazon.com/AmazonS3/latest/userguide/qfacts.html) +// in the Amazon S3 User Guide. Instead of copying data from an existing object as +// part data, you might use the UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) +// action to upload new data as a part of an object in your request. You must +// initiate a multipart upload before you can upload any part. In response to your +// initiate request, Amazon S3 returns the upload ID, a unique identifier that you +// must include in your upload part request. For conceptual information about +// multipart uploads, see Uploading Objects Using Multipart Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html) +// in the Amazon S3 User Guide. For information about copying objects using a +// single atomic action vs. a multipart upload, see Operations on Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectOperations.html) +// in the Amazon S3 User Guide. Directory buckets - For directory buckets, you must +// make requests for this API operation to the Zonal endpoint. These endpoints +// support virtual-hosted-style requests in the format +// https://bucket_name.s3express-az_id.region.amazonaws.com/key-name . Path-style +// requests are not supported. For more information, see Regional and Zonal +// endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. Authentication and authorization All UploadPartCopy +// requests must be authenticated and signed by using IAM credentials (access key +// ID and secret access key for the IAM identities). All headers with the x-amz- +// prefix, including x-amz-copy-source , must be signed. For more information, see +// REST Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html) +// . Directory buckets - You must use IAM credentials to authenticate and authorize +// your access to the UploadPartCopy API operation, instead of using the temporary +// security credentials through the CreateSession API operation. Amazon Web +// Services CLI or SDKs handles authentication and authorization on your behalf. +// Permissions You must have READ access to the source object and WRITE access to +// the destination bucket. +// - General purpose bucket permissions - You must have the permissions in a +// policy based on the bucket types of your source bucket and destination bucket in +// an UploadPartCopy operation. +// - If the source object is in a general purpose bucket, you must have the +// s3:GetObject permission to read the source object that is being copied. +// - If the destination bucket is a general purpose bucket, you must have the +// s3:PubObject permission to write the object copy to the destination bucket. +// For information about permissions required to use the multipart upload API, see +// Multipart Upload and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) // in the Amazon S3 User Guide. -// - For information about permissions required to use the multipart upload API, -// see Multipart Upload and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) +// - Directory bucket permissions - You must have permissions in a bucket policy +// or an IAM identity-based policy based on the source and destination bucket types +// in an UploadPartCopy operation. +// - If the source object that you want to copy is in a directory bucket, you +// must have the s3express:CreateSession permission in the Action element of a +// policy to read the object . By default, the session is in the ReadWrite mode. +// If you want to restrict the access, you can explicitly set the +// s3express:SessionMode condition key to ReadOnly on the copy source bucket. +// - If the copy destination is a directory bucket, you must have the +// s3express:CreateSession permission in the Action element of a policy to write +// the object to the destination. The s3express:SessionMode condition key cannot +// be set to ReadOnly on the copy destination. For example policies, see Example +// bucket policies for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) +// and Amazon Web Services Identity and Access Management (IAM) identity-based +// policies for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html) // in the Amazon S3 User Guide. -// - For information about copying objects using a single atomic action vs. a -// multipart upload, see Operations on Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectOperations.html) -// in the Amazon S3 User Guide. -// - For information about using server-side encryption with customer-provided -// encryption keys with the UploadPartCopy operation, see CopyObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) +// +// Encryption +// - General purpose buckets - For information about using server-side +// encryption with customer-provided encryption keys with the UploadPartCopy +// operation, see CopyObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) // and UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) // . +// - Directory buckets - For directory buckets, only server-side encryption with +// Amazon S3 managed keys (SSE-S3) ( AES256 ) is supported. // -// Note the following additional considerations about the request headers -// x-amz-copy-source-if-match , x-amz-copy-source-if-none-match , -// x-amz-copy-source-if-unmodified-since , and x-amz-copy-source-if-modified-since -// : -// - Consideration 1 - If both of the x-amz-copy-source-if-match and -// x-amz-copy-source-if-unmodified-since headers are present in the request as -// follows: x-amz-copy-source-if-match condition evaluates to true , and; -// x-amz-copy-source-if-unmodified-since condition evaluates to false ; Amazon S3 -// returns 200 OK and copies the data. -// - Consideration 2 - If both of the x-amz-copy-source-if-none-match and -// x-amz-copy-source-if-modified-since headers are present in the request as -// follows: x-amz-copy-source-if-none-match condition evaluates to false , and; -// x-amz-copy-source-if-modified-since condition evaluates to true ; Amazon S3 -// returns 412 Precondition Failed response code. -// -// Versioning If your bucket has versioning enabled, you could have multiple -// versions of the same object. By default, x-amz-copy-source identifies the -// current version of the object to copy. If the current version is a delete marker -// and you don't specify a versionId in the x-amz-copy-source , Amazon S3 returns a -// 404 error, because the object does not exist. If you specify versionId in the -// x-amz-copy-source and the versionId is a delete marker, Amazon S3 returns an -// HTTP 400 error, because you are not allowed to specify a delete marker as a -// version for the x-amz-copy-source . You can optionally specify a specific -// version of the source object to copy by adding the versionId subresource as -// shown in the following example: x-amz-copy-source: -// /bucket/object?versionId=version id Special errors -// - Code: NoSuchUpload -// - Cause: The specified multipart upload does not exist. The upload ID might -// be invalid, or the multipart upload might have been aborted or completed. +// Special errors +// - Error Code: NoSuchUpload +// - Description: The specified multipart upload does not exist. The upload ID +// might be invalid, or the multipart upload might have been aborted or completed. // - HTTP Status Code: 404 Not Found -// - Code: InvalidRequest -// - Cause: The specified copy source is not supported as a byte-range copy -// source. +// - Error Code: InvalidRequest +// - Description: The specified copy source is not supported as a byte-range +// copy source. // - HTTP Status Code: 400 Bad Request // -// The following operations are related to UploadPartCopy : +// HTTP Host header syntax Directory buckets - The HTTP Host header syntax is +// Bucket_name.s3express-az_id.region.amazonaws.com . The following operations are +// related to UploadPartCopy : // - CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) // - UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) // - CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) @@ -104,15 +119,25 @@ func (c *Client) UploadPartCopy(ctx context.Context, params *UploadPartCopyInput type UploadPartCopyInput struct { - // The bucket name. When using this action with an access point, you must direct - // requests to the access point hostname. The access point hostname takes the form - // AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this - // action with an access point through the Amazon Web Services SDKs, you provide - // the access point ARN in place of the bucket name. For more information about - // access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. When you use this action with Amazon S3 on - // Outposts, you must direct requests to the S3 on Outposts hostname. The S3 on - // Outposts hostname takes the form + // The bucket name. Directory buckets - When you use this operation with a + // directory bucket, you must use virtual-hosted-style requests in the format + // Bucket_name.s3express-az_id.region.amazonaws.com . Path-style requests are not + // supported. Directory bucket names must be unique in the chosen Availability + // Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 (for + // example, DOC-EXAMPLE-BUCKET--usw2-az2--x-s3 ). For information about bucket + // naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. Access points - When you use this action with an + // access point, you must provide the alias of the access point in place of the + // bucket name or specify the access point ARN. When using the access point ARN, + // you must direct requests to the access point hostname. The access point hostname + // takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. Access points and Object Lambda access points are + // not supported by directory buckets. S3 on Outposts - When you use this action + // with Amazon S3 on Outposts, you must direct requests to the S3 on Outposts + // hostname. The S3 on Outposts hostname takes the form // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com . When you // use this action with S3 on Outposts through the Amazon Web Services SDKs, you // provide the Outposts access point ARN in place of the bucket name. For more @@ -137,20 +162,29 @@ type UploadPartCopyInput struct { // reports/january.pdf through access point my-access-point owned by account // 123456789012 in Region us-west-2 , use the URL encoding of // arn:aws:s3:us-west-2:123456789012:accesspoint/my-access-point/object/reports/january.pdf - // . The value must be URL encoded. Amazon S3 supports copy operations using access - // points only when the source and destination buckets are in the same Amazon Web - // Services Region. Alternatively, for objects accessed through Amazon S3 on - // Outposts, specify the ARN of the object as accessed in the format - // arn:aws:s3-outposts:::outpost//object/ . For example, to copy the object - // reports/january.pdf through outpost my-outpost owned by account 123456789012 - // in Region us-west-2 , use the URL encoding of + // . The value must be URL encoded. + // - Amazon S3 supports copy operations using Access points only when the source + // and destination buckets are in the same Amazon Web Services Region. + // - Access points are not supported by directory buckets. Alternatively, for + // objects accessed through Amazon S3 on Outposts, specify the ARN of the object as + // accessed in the format arn:aws:s3-outposts:::outpost//object/ . For example, + // to copy the object reports/january.pdf through outpost my-outpost owned by + // account 123456789012 in Region us-west-2 , use the URL encoding of // arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/object/reports/january.pdf // . The value must be URL-encoded. - // To copy a specific version of an object, append ?versionId= to the value (for - // example, - // awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893 - // ). If you don't specify a version ID, Amazon S3 copies the latest version of the - // source object. + // If your bucket has versioning enabled, you could have multiple versions of the + // same object. By default, x-amz-copy-source identifies the current version of + // the source object to copy. To copy a specific version of the source object to + // copy, append ?versionId= to the x-amz-copy-source request header (for example, + // x-amz-copy-source: + // /awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893 + // ). If the current version is a delete marker and you don't specify a versionId + // in the x-amz-copy-source request header, Amazon S3 returns a 404 Not Found + // error, because the object does not exist. If you specify versionId in the + // x-amz-copy-source and the versionId is a delete marker, Amazon S3 returns an + // HTTP 400 Bad Request error, because you are not allowed to specify a delete + // marker as a version for the x-amz-copy-source . Directory buckets - S3 + // Versioning isn't enabled and supported for directory buckets. // // This member is required. CopySource *string @@ -164,23 +198,41 @@ type UploadPartCopyInput struct { // 10,000. // // This member is required. - PartNumber int32 + PartNumber *int32 // Upload ID identifying the multipart upload whose part is being copied. // // This member is required. UploadId *string - // Copies the object if its entity tag (ETag) matches the specified tag. + // Copies the object if its entity tag (ETag) matches the specified tag. If both + // of the x-amz-copy-source-if-match and x-amz-copy-source-if-unmodified-since + // headers are present in the request as follows: x-amz-copy-source-if-match + // condition evaluates to true , and; x-amz-copy-source-if-unmodified-since + // condition evaluates to false ; Amazon S3 returns 200 OK and copies the data. CopySourceIfMatch *string - // Copies the object if it has been modified since the specified time. + // Copies the object if it has been modified since the specified time. If both of + // the x-amz-copy-source-if-none-match and x-amz-copy-source-if-modified-since + // headers are present in the request as follows: x-amz-copy-source-if-none-match + // condition evaluates to false , and; x-amz-copy-source-if-modified-since + // condition evaluates to true ; Amazon S3 returns 412 Precondition Failed + // response code. CopySourceIfModifiedSince *time.Time - // Copies the object if its entity tag (ETag) is different than the specified ETag. + // Copies the object if its entity tag (ETag) is different than the specified + // ETag. If both of the x-amz-copy-source-if-none-match and + // x-amz-copy-source-if-modified-since headers are present in the request as + // follows: x-amz-copy-source-if-none-match condition evaluates to false , and; + // x-amz-copy-source-if-modified-since condition evaluates to true ; Amazon S3 + // returns 412 Precondition Failed response code. CopySourceIfNoneMatch *string - // Copies the object if it hasn't been modified since the specified time. + // Copies the object if it hasn't been modified since the specified time. If both + // of the x-amz-copy-source-if-match and x-amz-copy-source-if-unmodified-since + // headers are present in the request as follows: x-amz-copy-source-if-match + // condition evaluates to true , and; x-amz-copy-source-if-unmodified-since + // condition evaluates to false ; Amazon S3 returns 200 OK and copies the data. CopySourceIfUnmodifiedSince *time.Time // The range of bytes to copy from the source object. The range value must use the @@ -191,40 +243,45 @@ type UploadPartCopyInput struct { CopySourceRange *string // Specifies the algorithm to use when decrypting the source object (for example, - // AES256). + // AES256 ). This functionality is not supported when the source object is in a + // directory bucket. CopySourceSSECustomerAlgorithm *string // Specifies the customer-provided encryption key for Amazon S3 to use to decrypt // the source object. The encryption key provided in this header must be one that - // was used when the source object was created. + // was used when the source object was created. This functionality is not supported + // when the source object is in a directory bucket. CopySourceSSECustomerKey *string // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the - // encryption key was transmitted without error. + // encryption key was transmitted without error. This functionality is not + // supported when the source object is in a directory bucket. CopySourceSSECustomerKeyMD5 *string - // The account ID of the expected destination bucket owner. If the destination - // bucket is owned by a different account, the request fails with the HTTP status - // code 403 Forbidden (access denied). + // The account ID of the expected destination bucket owner. If the account ID that + // you provide does not match the actual owner of the destination bucket, the + // request fails with the HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string - // The account ID of the expected source bucket owner. If the source bucket is - // owned by a different account, the request fails with the HTTP status code 403 - // Forbidden (access denied). + // The account ID of the expected source bucket owner. If the account ID that you + // provide does not match the actual owner of the source bucket, the request fails + // with the HTTP status code 403 Forbidden (access denied). ExpectedSourceBucketOwner *string // Confirms that the requester knows that they will be charged for the request. // Bucket owners need not specify this parameter in their requests. If either the - // source or destination Amazon S3 bucket has Requester Pays enabled, the requester - // will pay for corresponding charges to copy the object. For information about + // source or destination S3 bucket has Requester Pays enabled, the requester will + // pay for corresponding charges to copy the object. For information about // downloading objects from Requester Pays buckets, see Downloading Objects in // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. RequestPayer types.RequestPayer - // Specifies the algorithm to use to when encrypting the object (for example, - // AES256). + // Specifies the algorithm to use when encrypting the object (for example, + // AES256). This functionality is not supported when the destination bucket is a + // directory bucket. SSECustomerAlgorithm *string // Specifies the customer-provided encryption key for Amazon S3 to use in @@ -232,50 +289,64 @@ type UploadPartCopyInput struct { // discarded; Amazon S3 does not store the encryption key. The key must be // appropriate for use with the algorithm specified in the // x-amz-server-side-encryption-customer-algorithm header. This must be the same - // encryption key specified in the initiate multipart upload request. + // encryption key specified in the initiate multipart upload request. This + // functionality is not supported when the destination bucket is a directory + // bucket. SSECustomerKey *string // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the - // encryption key was transmitted without error. + // encryption key was transmitted without error. This functionality is not + // supported when the destination bucket is a directory bucket. SSECustomerKeyMD5 *string noSmithyDocumentSerde } +func (in *UploadPartCopyInput) bindEndpointParams(p *EndpointParameters) { + p.Bucket = in.Bucket + p.DisableS3ExpressSessionAuth = ptr.Bool(true) +} + type UploadPartCopyOutput struct { // Indicates whether the multipart upload uses an S3 Bucket Key for server-side - // encryption with Key Management Service (KMS) keys (SSE-KMS). - BucketKeyEnabled bool + // encryption with Key Management Service (KMS) keys (SSE-KMS). This functionality + // is not supported for directory buckets. + BucketKeyEnabled *bool // Container for all response elements. CopyPartResult *types.CopyPartResult // The version of the source object that was copied, if you have enabled - // versioning on the source bucket. + // versioning on the source bucket. This functionality is not supported when the + // source object is in a directory bucket. CopySourceVersionId *string // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged // If server-side encryption with a customer-provided encryption key was - // requested, the response will include this header confirming the encryption - // algorithm used. + // requested, the response will include this header to confirm the encryption + // algorithm that's used. This functionality is not supported for directory + // buckets. SSECustomerAlgorithm *string // If server-side encryption with a customer-provided encryption key was - // requested, the response will include this header to provide round-trip message - // integrity verification of the customer-provided encryption key. + // requested, the response will include this header to provide the round-trip + // message integrity verification of the customer-provided encryption key. This + // functionality is not supported for directory buckets. SSECustomerKeyMD5 *string - // If present, specifies the ID of the Key Management Service (KMS) symmetric - // encryption customer managed key that was used for the object. + // If present, indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. This functionality + // is not supported for directory buckets. SSEKMSKeyId *string - // The server-side encryption algorithm used when storing this object in Amazon S3 - // (for example, AES256 , aws:kms ). + // The server-side encryption algorithm used when you store this object in Amazon + // S3 (for example, AES256 , aws:kms ). For directory buckets, only server-side + // encryption with Amazon S3 managed keys (SSE-S3) ( AES256 ) is supported. ServerSideEncryption types.ServerSideEncryption // Metadata pertaining to the operation's result. @@ -285,6 +356,9 @@ type UploadPartCopyOutput struct { } func (c *Client) addOperationUploadPartCopyMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpUploadPartCopy{}, middleware.After) if err != nil { return err @@ -293,6 +367,10 @@ func (c *Client) addOperationUploadPartCopyMiddlewares(stack *middleware.Stack, if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "UploadPartCopy"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -314,9 +392,6 @@ func (c *Client) addOperationUploadPartCopyMiddlewares(stack *middleware.Stack, if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -332,10 +407,10 @@ func (c *Client) addOperationUploadPartCopyMiddlewares(stack *middleware.Stack, if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } - if err = addUploadPartCopyResolveEndpointMiddleware(stack, options); err != nil { + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addOpUploadPartCopyValidationMiddleware(stack); err != nil { @@ -368,7 +443,7 @@ func (c *Client) addOperationUploadPartCopyMiddlewares(stack *middleware.Stack, if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -388,7 +463,6 @@ func newServiceMetadataMiddleware_opUploadPartCopy(region string) *awsmiddleware return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "UploadPartCopy", } } @@ -418,139 +492,3 @@ func addUploadPartCopyUpdateEndpoint(stack *middleware.Stack, options Options) e DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opUploadPartCopyResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opUploadPartCopyResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opUploadPartCopyResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - input, ok := in.Parameters.(*UploadPartCopyInput) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.Bucket = input.Bucket - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addUploadPartCopyResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opUploadPartCopyResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_WriteGetObjectResponse.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_WriteGetObjectResponse.go index 751f646dc..ac90ff703 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_WriteGetObjectResponse.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_op_WriteGetObjectResponse.go @@ -4,17 +4,12 @@ package s3 import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/v4a" s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" "github.com/aws/aws-sdk-go-v2/service/s3/types" smithy "github.com/aws/smithy-go" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" "github.com/aws/smithy-go/ptr" smithyhttp "github.com/aws/smithy-go/transport/http" @@ -23,9 +18,10 @@ import ( "time" ) -// Passes transformed objects to a GetObject operation when using Object Lambda -// access points. For information about Object Lambda access points, see -// Transforming objects with Object Lambda access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/transforming-objects.html) +// This operation is not supported by directory buckets. Passes transformed +// objects to a GetObject operation when using Object Lambda access points. For +// information about Object Lambda access points, see Transforming objects with +// Object Lambda access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/transforming-objects.html) // in the Amazon S3 User Guide. This operation supports metadata that can be // returned by GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) // , in addition to RequestRoute , RequestToken , StatusCode , ErrorCode , and @@ -94,7 +90,7 @@ type WriteGetObjectResponseInput struct { // Indicates whether the object stored in Amazon S3 uses an S3 bucket key for // server-side encryption with Amazon Web Services KMS (SSE-KMS). - BucketKeyEnabled bool + BucketKeyEnabled *bool // Specifies caching behavior along the request/reply chain. CacheControl *string @@ -155,7 +151,7 @@ type WriteGetObjectResponseInput struct { ContentLanguage *string // The size of the content body in bytes. - ContentLength int64 + ContentLength *int64 // The portion of the object returned in the response. ContentRange *string @@ -165,7 +161,7 @@ type WriteGetObjectResponseInput struct { // Specifies whether an object stored in Amazon S3 is ( true ) or is not ( false ) // a delete marker. - DeleteMarker bool + DeleteMarker *bool // An opaque identifier assigned by a web server to a specific version of a // resource found at a URL. @@ -203,7 +199,7 @@ type WriteGetObjectResponseInput struct { // can happen if you create metadata using an API like SOAP that supports more // flexible metadata than the REST API. For example, using SOAP, you can create // metadata whose values are not legal HTTP headers. - MissingMeta int32 + MissingMeta *int32 // Indicates whether an object stored in Amazon S3 has an active legal hold. ObjectLockLegalHoldStatus types.ObjectLockLegalHoldStatus @@ -217,7 +213,7 @@ type WriteGetObjectResponseInput struct { ObjectLockRetainUntilDate *time.Time // The count of parts this object has. - PartsCount int32 + PartsCount *int32 // Indicates if request involves bucket that is either a source or destination in // a Replication rule. For more information about S3 Replication, see Replication (https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication.html) @@ -225,7 +221,7 @@ type WriteGetObjectResponseInput struct { ReplicationStatus types.ReplicationStatus // If present, indicates that the requester was successfully charged for the - // request. + // request. This functionality is not supported for directory buckets. RequestCharged types.RequestCharged // Provides information about object restoration operation and expiration time of @@ -267,7 +263,7 @@ type WriteGetObjectResponseInput struct { // - 416 - Range Not Satisfiable // - 500 - Internal Server Error // - 503 - Service Unavailable - StatusCode int32 + StatusCode *int32 // Provides storage class information of the object. Amazon S3 returns this header // for all objects except for S3 Standard storage class objects. For more @@ -276,7 +272,7 @@ type WriteGetObjectResponseInput struct { StorageClass types.StorageClass // The number of tags, if any, on the object. - TagCount int32 + TagCount *int32 // An ID used to reference a specific version of the object. VersionId *string @@ -284,6 +280,11 @@ type WriteGetObjectResponseInput struct { noSmithyDocumentSerde } +func (in *WriteGetObjectResponseInput) bindEndpointParams(p *EndpointParameters) { + + p.UseObjectLambdaEndpoint = ptr.Bool(true) +} + type WriteGetObjectResponseOutput struct { // Metadata pertaining to the operation's result. ResultMetadata middleware.Metadata @@ -292,6 +293,9 @@ type WriteGetObjectResponseOutput struct { } func (c *Client) addOperationWriteGetObjectResponseMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestxml_serializeOpWriteGetObjectResponse{}, middleware.After) if err != nil { return err @@ -300,6 +304,10 @@ func (c *Client) addOperationWriteGetObjectResponseMiddlewares(stack *middleware if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "WriteGetObjectResponse"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -324,9 +332,6 @@ func (c *Client) addOperationWriteGetObjectResponseMiddlewares(stack *middleware if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -342,15 +347,15 @@ func (c *Client) addOperationWriteGetObjectResponseMiddlewares(stack *middleware if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = swapWithCustomHTTPSignerMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addPutBucketContextMiddleware(stack); err != nil { return err } if err = addEndpointPrefix_opWriteGetObjectResponseMiddleware(stack); err != nil { return err } - if err = addWriteGetObjectResponseResolveEndpointMiddleware(stack, options); err != nil { - return err - } if err = addOpWriteGetObjectResponseValidationMiddleware(stack); err != nil { return err } @@ -378,7 +383,7 @@ func (c *Client) addOperationWriteGetObjectResponseMiddlewares(stack *middleware if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } if err = addSerializeImmutableHostnameBucketMiddleware(stack, options); err != nil { @@ -394,11 +399,11 @@ func (*endpointPrefix_opWriteGetObjectResponseMiddleware) ID() string { return "EndpointHostPrefix" } -func (m *endpointPrefix_opWriteGetObjectResponseMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, +func (m *endpointPrefix_opWriteGetObjectResponseMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { if smithyhttp.GetHostnameImmutable(ctx) || smithyhttp.IsEndpointHostPrefixDisabled(ctx) { - return next.HandleSerialize(ctx, in) + return next.HandleFinalize(ctx, in) } req, ok := in.Request.(*smithyhttp.Request) @@ -406,9 +411,10 @@ func (m *endpointPrefix_opWriteGetObjectResponseMiddleware) HandleSerialize(ctx return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) } - input, ok := in.Parameters.(*WriteGetObjectResponseInput) + opaqueInput := getOperationInput(ctx) + input, ok := opaqueInput.(*WriteGetObjectResponseInput) if !ok { - return out, metadata, fmt.Errorf("unknown input type %T", in.Parameters) + return out, metadata, fmt.Errorf("unknown input type %T", opaqueInput) } var prefix strings.Builder @@ -422,17 +428,16 @@ func (m *endpointPrefix_opWriteGetObjectResponseMiddleware) HandleSerialize(ctx prefix.WriteString(".") req.URL.Host = prefix.String() + req.URL.Host - return next.HandleSerialize(ctx, in) + return next.HandleFinalize(ctx, in) } func addEndpointPrefix_opWriteGetObjectResponseMiddleware(stack *middleware.Stack) error { - return stack.Serialize.Insert(&endpointPrefix_opWriteGetObjectResponseMiddleware{}, `OperationSerializer`, middleware.After) + return stack.Finalize.Insert(&endpointPrefix_opWriteGetObjectResponseMiddleware{}, "ResolveEndpointV2", middleware.After) } func newServiceMetadataMiddleware_opWriteGetObjectResponse(region string) *awsmiddleware.RegisterServiceMetadata { return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "s3", OperationName: "WriteGetObjectResponse", } } @@ -452,134 +457,3 @@ func addWriteGetObjectResponseUpdateEndpoint(stack *middleware.Stack, options Op DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, }) } - -type opWriteGetObjectResponseResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opWriteGetObjectResponseResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opWriteGetObjectResponseResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - params.UseObjectLambdaEndpoint = ptr.Bool(true) - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "s3" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, internalauth.SigV4) - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "s3" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - ctx = s3cust.SetSignerVersion(ctx, v4Scheme.Name) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("s3") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - ctx = s3cust.SetSignerVersion(ctx, v4a.Version) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addWriteGetObjectResponseResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opWriteGetObjectResponseResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - Endpoint: options.BaseEndpoint, - ForcePathStyle: options.UsePathStyle, - Accelerate: options.UseAccelerate, - DisableMultiRegionAccessPoints: options.DisableMultiRegionAccessPoints, - UseArnRegion: options.UseARNRegion, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/auth.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/auth.go new file mode 100644 index 000000000..8a4f832f7 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/auth.go @@ -0,0 +1,310 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package s3 + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { + params.Region = options.Region +} + +func bindAuthEndpointParams(params *AuthResolverParameters, input interface{}, options Options) { + params.endpointParams = bindEndpointParams(input, options) +} + +type setLegacyContextSigningOptionsMiddleware struct { +} + +func (*setLegacyContextSigningOptionsMiddleware) ID() string { + return "setLegacyContextSigningOptions" +} + +func (m *setLegacyContextSigningOptionsMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + rscheme := getResolvedAuthScheme(ctx) + schemeID := rscheme.Scheme.SchemeID() + + if sn := awsmiddleware.GetSigningName(ctx); sn != "" { + if schemeID == "aws.auth#sigv4" { + smithyhttp.SetSigV4SigningName(&rscheme.SignerProperties, sn) + } else if schemeID == "aws.auth#sigv4a" { + smithyhttp.SetSigV4ASigningName(&rscheme.SignerProperties, sn) + } + } + + if sr := awsmiddleware.GetSigningRegion(ctx); sr != "" { + if schemeID == "aws.auth#sigv4" { + smithyhttp.SetSigV4SigningRegion(&rscheme.SignerProperties, sr) + } else if schemeID == "aws.auth#sigv4a" { + smithyhttp.SetSigV4ASigningRegions(&rscheme.SignerProperties, []string{sr}) + } + } + + return next.HandleFinalize(ctx, in) +} + +func addSetLegacyContextSigningOptionsMiddleware(stack *middleware.Stack) error { + return stack.Finalize.Insert(&setLegacyContextSigningOptionsMiddleware{}, "Signing", middleware.Before) +} + +type withAnonymous struct { + resolver AuthSchemeResolver +} + +var _ AuthSchemeResolver = (*withAnonymous)(nil) + +func (v *withAnonymous) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) { + opts, err := v.resolver.ResolveAuthSchemes(ctx, params) + if err != nil { + return nil, err + } + + opts = append(opts, &smithyauth.Option{ + SchemeID: smithyauth.SchemeIDAnonymous, + }) + return opts, nil +} + +func wrapWithAnonymousAuth(options *Options) { + if _, ok := options.AuthSchemeResolver.(*defaultAuthSchemeResolver); !ok { + return + } + + options.AuthSchemeResolver = &withAnonymous{ + resolver: options.AuthSchemeResolver, + } +} + +// AuthResolverParameters contains the set of inputs necessary for auth scheme +// resolution. +type AuthResolverParameters struct { + // The name of the operation being invoked. + Operation string + + // The endpoint resolver parameters for this operation. This service's default + // resolver delegates to endpoint rules. + endpointParams *EndpointParameters + + // The region in which the operation is being invoked. + Region string +} + +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { + params := &AuthResolverParameters{ + Operation: operation, + } + + bindAuthEndpointParams(params, input, options) + bindAuthParamsRegion(params, input, options) + + return params +} + +// AuthSchemeResolver returns a set of possible authentication options for an +// operation. +type AuthSchemeResolver interface { + ResolveAuthSchemes(context.Context, *AuthResolverParameters) ([]*smithyauth.Option, error) +} + +type defaultAuthSchemeResolver struct{} + +var _ AuthSchemeResolver = (*defaultAuthSchemeResolver)(nil) + +func (*defaultAuthSchemeResolver) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) { + if overrides, ok := operationAuthOptions[params.Operation]; ok { + return overrides(params), nil + } + return serviceAuthOptions(params), nil +} + +var operationAuthOptions = map[string]func(*AuthResolverParameters) []*smithyauth.Option{ + "WriteGetObjectResponse": func(params *AuthResolverParameters) []*smithyauth.Option { + return []*smithyauth.Option{ + { + SchemeID: smithyauth.SchemeIDSigV4, + SignerProperties: func() smithy.Properties { + var props smithy.Properties + smithyhttp.SetSigV4SigningName(&props, "s3") + smithyhttp.SetSigV4SigningRegion(&props, params.Region) + smithyhttp.SetIsUnsignedPayload(&props, true) + return props + }(), + }, + } + }, +} + +func serviceAuthOptions(params *AuthResolverParameters) []*smithyauth.Option { + return []*smithyauth.Option{ + { + SchemeID: smithyauth.SchemeIDSigV4, + SignerProperties: func() smithy.Properties { + var props smithy.Properties + smithyhttp.SetSigV4SigningName(&props, "s3") + smithyhttp.SetSigV4SigningRegion(&props, params.Region) + return props + }(), + }, + + {SchemeID: smithyauth.SchemeIDSigV4A}, + } +} + +type resolveAuthSchemeMiddleware struct { + operation string + options Options +} + +func (*resolveAuthSchemeMiddleware) ID() string { + return "ResolveAuthScheme" +} + +func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) + if err != nil { + return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) + } + + scheme, ok := m.selectScheme(options) + if !ok { + return out, metadata, fmt.Errorf("could not select an auth scheme") + } + + ctx = setResolvedAuthScheme(ctx, scheme) + return next.HandleFinalize(ctx, in) +} + +func (m *resolveAuthSchemeMiddleware) selectScheme(options []*smithyauth.Option) (*resolvedAuthScheme, bool) { + for _, option := range options { + if option.SchemeID == smithyauth.SchemeIDAnonymous { + return newResolvedAuthScheme(smithyhttp.NewAnonymousScheme(), option), true + } + + for _, scheme := range m.options.AuthSchemes { + if scheme.SchemeID() != option.SchemeID { + continue + } + + if scheme.IdentityResolver(m.options) != nil { + return newResolvedAuthScheme(scheme, option), true + } + } + } + + return nil, false +} + +type resolvedAuthSchemeKey struct{} + +type resolvedAuthScheme struct { + Scheme smithyhttp.AuthScheme + IdentityProperties smithy.Properties + SignerProperties smithy.Properties +} + +func newResolvedAuthScheme(scheme smithyhttp.AuthScheme, option *smithyauth.Option) *resolvedAuthScheme { + return &resolvedAuthScheme{ + Scheme: scheme, + IdentityProperties: option.IdentityProperties, + SignerProperties: option.SignerProperties, + } +} + +func setResolvedAuthScheme(ctx context.Context, scheme *resolvedAuthScheme) context.Context { + return middleware.WithStackValue(ctx, resolvedAuthSchemeKey{}, scheme) +} + +func getResolvedAuthScheme(ctx context.Context) *resolvedAuthScheme { + v, _ := middleware.GetStackValue(ctx, resolvedAuthSchemeKey{}).(*resolvedAuthScheme) + return v +} + +type getIdentityMiddleware struct { + options Options +} + +func (*getIdentityMiddleware) ID() string { + return "GetIdentity" +} + +func (m *getIdentityMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + rscheme := getResolvedAuthScheme(ctx) + if rscheme == nil { + return out, metadata, fmt.Errorf("no resolved auth scheme") + } + + resolver := rscheme.Scheme.IdentityResolver(m.options) + if resolver == nil { + return out, metadata, fmt.Errorf("no identity resolver") + } + + identity, err := resolver.GetIdentity(ctx, rscheme.IdentityProperties) + if err != nil { + return out, metadata, fmt.Errorf("get identity: %w", err) + } + + ctx = setIdentity(ctx, identity) + return next.HandleFinalize(ctx, in) +} + +type identityKey struct{} + +func setIdentity(ctx context.Context, identity smithyauth.Identity) context.Context { + return middleware.WithStackValue(ctx, identityKey{}, identity) +} + +func getIdentity(ctx context.Context) smithyauth.Identity { + v, _ := middleware.GetStackValue(ctx, identityKey{}).(smithyauth.Identity) + return v +} + +type signRequestMiddleware struct { +} + +func (*signRequestMiddleware) ID() string { + return "Signing" +} + +func (m *signRequestMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + req, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, fmt.Errorf("unexpected transport type %T", in.Request) + } + + rscheme := getResolvedAuthScheme(ctx) + if rscheme == nil { + return out, metadata, fmt.Errorf("no resolved auth scheme") + } + + identity := getIdentity(ctx) + if identity == nil { + return out, metadata, fmt.Errorf("no identity") + } + + signer := rscheme.Scheme.Signer() + if signer == nil { + return out, metadata, fmt.Errorf("no signer") + } + + if err := signer.SignRequest(ctx, req, identity, rscheme.SignerProperties); err != nil { + return out, metadata, fmt.Errorf("sign request: %w", err) + } + + return next.HandleFinalize(ctx, in) +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/bucket_context.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/bucket_context.go new file mode 100644 index 000000000..860af056a --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/bucket_context.go @@ -0,0 +1,47 @@ +package s3 + +import ( + "context" + + "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" + "github.com/aws/smithy-go/middleware" +) + +// putBucketContextMiddleware stores the input bucket name within the request context (if +// present) which is required for a variety of custom S3 behaviors +type putBucketContextMiddleware struct{} + +func (*putBucketContextMiddleware) ID() string { + return "putBucketContext" +} + +func (m *putBucketContextMiddleware) HandleSerialize( + ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler, +) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + if bucket, ok := m.bucketFromInput(in.Parameters); ok { + ctx = customizations.SetBucket(ctx, bucket) + } + return next.HandleSerialize(ctx, in) +} + +func (m *putBucketContextMiddleware) bucketFromInput(params interface{}) (string, bool) { + v, ok := params.(bucketer) + if !ok { + return "", false + } + + return v.bucket() +} + +func addPutBucketContextMiddleware(stack *middleware.Stack) error { + // This is essentially a post-Initialize task - only run it once the input + // has received all modifications from that phase. Therefore we add it as + // an early Serialize step. + // + // FUTURE: it would be nice to have explicit phases that only we as SDK + // authors can hook into (such as between phases like this really should + // be) + return stack.Serialize.Add(&putBucketContextMiddleware{}, middleware.Before) +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/create_mpu_checksum.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/create_mpu_checksum.go new file mode 100644 index 000000000..5803b9e45 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/create_mpu_checksum.go @@ -0,0 +1,36 @@ +package s3 + +import ( + "context" + "fmt" + + internalcontext "github.com/aws/aws-sdk-go-v2/internal/context" + "github.com/aws/smithy-go/middleware" +) + +// backfills checksum algorithm onto the context for CreateMultipart upload so +// transfer manager can set a checksum header on the request accordingly for +// s3express requests +type setCreateMPUChecksumAlgorithm struct{} + +func (*setCreateMPUChecksumAlgorithm) ID() string { + return "setCreateMPUChecksumAlgorithm" +} + +func (*setCreateMPUChecksumAlgorithm) HandleSerialize( + ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler, +) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*CreateMultipartUploadInput) + if !ok { + return out, metadata, fmt.Errorf("unexpected input type %T", in.Parameters) + } + + ctx = internalcontext.SetChecksumInputAlgorithm(ctx, string(input.ChecksumAlgorithm)) + return next.HandleSerialize(ctx, in) +} + +func addSetCreateMPUChecksumAlgorithm(s *middleware.Stack) error { + return s.Serialize.Add(&setCreateMPUChecksumAlgorithm{}, middleware.Before) +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/deserializers.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/deserializers.go index fc192a326..2be5df30f 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/deserializers.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/deserializers.go @@ -230,7 +230,7 @@ func awsRestxml_deserializeOpHttpBindingsCompleteMultipartUploadOutput(v *Comple if err != nil { return err } - v.BucketKeyEnabled = vv + v.BucketKeyEnabled = ptr.Bool(vv) } if headerValues := response.Header.Values("x-amz-expiration"); len(headerValues) != 0 { @@ -516,7 +516,7 @@ func awsRestxml_deserializeOpHttpBindingsCopyObjectOutput(v *CopyObjectOutput, r if err != nil { return err } - v.BucketKeyEnabled = vv + v.BucketKeyEnabled = ptr.Bool(vv) } if headerValues := response.Header.Values("x-amz-copy-source-version-id"); len(headerValues) != 0 { @@ -828,7 +828,7 @@ func awsRestxml_deserializeOpHttpBindingsCreateMultipartUploadOutput(v *CreateMu if err != nil { return err } - v.BucketKeyEnabled = vv + v.BucketKeyEnabled = ptr.Bool(vv) } if headerValues := response.Header.Values("x-amz-checksum-algorithm"); len(headerValues) != 0 { @@ -943,6 +943,148 @@ func awsRestxml_deserializeOpDocumentCreateMultipartUploadOutput(v **CreateMulti return nil } +type awsRestxml_deserializeOpCreateSession struct { +} + +func (*awsRestxml_deserializeOpCreateSession) ID() string { + return "OperationDeserializer" +} + +func (m *awsRestxml_deserializeOpCreateSession) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsRestxml_deserializeOpErrorCreateSession(response, &metadata) + } + output := &CreateSessionOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + body := io.TeeReader(response.Body, ringBuffer) + rootDecoder := xml.NewDecoder(body) + t, err := smithyxml.FetchRootElement(rootDecoder) + if err == io.EOF { + return out, metadata, nil + } + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + return out, metadata, &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + } + + decoder := smithyxml.WrapNodeDecoder(rootDecoder, t) + err = awsRestxml_deserializeOpDocumentCreateSessionOutput(&output, decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + return out, metadata, &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + } + + return out, metadata, err +} + +func awsRestxml_deserializeOpErrorCreateSession(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + errorComponents, err := s3shared.GetErrorResponseComponents(errorBody, s3shared.ErrorResponseDeserializerOptions{ + UseStatusCode: true, StatusCode: response.StatusCode, + }) + if err != nil { + return err + } + if hostID := errorComponents.HostID; len(hostID) != 0 { + s3shared.SetHostIDMetadata(metadata, hostID) + } + if reqID := errorComponents.RequestID; len(reqID) != 0 { + awsmiddleware.SetRequestIDMetadata(metadata, reqID) + } + if len(errorComponents.Code) != 0 { + errorCode = errorComponents.Code + } + if len(errorComponents.Message) != 0 { + errorMessage = errorComponents.Message + } + errorBody.Seek(0, io.SeekStart) + switch { + case strings.EqualFold("NoSuchBucket", errorCode): + return awsRestxml_deserializeErrorNoSuchBucket(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +func awsRestxml_deserializeOpDocumentCreateSessionOutput(v **CreateSessionOutput, decoder smithyxml.NodeDecoder) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + var sv *CreateSessionOutput + if *v == nil { + sv = &CreateSessionOutput{} + } else { + sv = *v + } + + for { + t, done, err := decoder.Token() + if err != nil { + return err + } + if done { + break + } + originalDecoder := decoder + decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) + switch { + case strings.EqualFold("Credentials", t.Name.Local): + nodeDecoder := smithyxml.WrapNodeDecoder(decoder.Decoder, t) + if err := awsRestxml_deserializeDocumentSessionCredentials(&sv.Credentials, nodeDecoder); err != nil { + return err + } + + default: + // Do nothing and ignore the unexpected tag element + err = decoder.Decoder.Skip() + if err != nil { + return err + } + + } + decoder = originalDecoder + } + *v = sv + return nil +} + type awsRestxml_deserializeOpDeleteBucket struct { } @@ -2003,7 +2145,7 @@ func awsRestxml_deserializeOpHttpBindingsDeleteObjectOutput(v *DeleteObjectOutpu if err != nil { return err } - v.DeleteMarker = vv + v.DeleteMarker = ptr.Bool(vv) } if headerValues := response.Header.Values("x-amz-request-charged"); len(headerValues) != 0 { @@ -5280,7 +5422,7 @@ func awsRestxml_deserializeOpHttpBindingsGetObjectOutput(v *GetObjectOutput, res if err != nil { return err } - v.BucketKeyEnabled = vv + v.BucketKeyEnabled = ptr.Bool(vv) } if headerValues := response.Header.Values("Cache-Control"); len(headerValues) != 0 { @@ -5329,7 +5471,7 @@ func awsRestxml_deserializeOpHttpBindingsGetObjectOutput(v *GetObjectOutput, res if err != nil { return err } - v.ContentLength = vv + v.ContentLength = ptr.Int64(vv) } if headerValues := response.Header.Values("Content-Range"); len(headerValues) != 0 { @@ -5348,7 +5490,7 @@ func awsRestxml_deserializeOpHttpBindingsGetObjectOutput(v *GetObjectOutput, res if err != nil { return err } - v.DeleteMarker = vv + v.DeleteMarker = ptr.Bool(vv) } if headerValues := response.Header.Values("ETag"); len(headerValues) != 0 { @@ -5395,7 +5537,7 @@ func awsRestxml_deserializeOpHttpBindingsGetObjectOutput(v *GetObjectOutput, res if err != nil { return err } - v.MissingMeta = int32(vv) + v.MissingMeta = ptr.Int32(int32(vv)) } if headerValues := response.Header.Values("x-amz-object-lock-legal-hold"); len(headerValues) != 0 { @@ -5423,7 +5565,7 @@ func awsRestxml_deserializeOpHttpBindingsGetObjectOutput(v *GetObjectOutput, res if err != nil { return err } - v.PartsCount = int32(vv) + v.PartsCount = ptr.Int32(int32(vv)) } if headerValues := response.Header.Values("x-amz-replication-status"); len(headerValues) != 0 { @@ -5472,7 +5614,7 @@ func awsRestxml_deserializeOpHttpBindingsGetObjectOutput(v *GetObjectOutput, res if err != nil { return err } - v.TagCount = int32(vv) + v.TagCount = ptr.Int32(int32(vv)) } if headerValues := response.Header.Values("x-amz-version-id"); len(headerValues) != 0 { @@ -5776,7 +5918,7 @@ func awsRestxml_deserializeOpHttpBindingsGetObjectAttributesOutput(v *GetObjectA if err != nil { return err } - v.DeleteMarker = vv + v.DeleteMarker = ptr.Bool(vv) } if headerValues := response.Header.Values("Last-Modified"); len(headerValues) != 0 { @@ -5861,7 +6003,7 @@ func awsRestxml_deserializeOpDocumentGetObjectAttributesOutput(v **GetObjectAttr if err != nil { return err } - sv.ObjectSize = i64 + sv.ObjectSize = ptr.Int64(i64) } case strings.EqualFold("StorageClass", t.Name.Local): @@ -6728,10 +6870,9 @@ func (m *awsRestxml_deserializeOpHeadBucket) HandleDeserialize(ctx context.Conte output := &HeadBucketOutput{} out.Result = output - if _, err = io.Copy(ioutil.Discard, response.Body); err != nil { - return out, metadata, &smithy.DeserializationError{ - Err: fmt.Errorf("failed to discard response body, %w", err), - } + err = awsRestxml_deserializeOpHttpBindingsHeadBucketOutput(output, response) + if err != nil { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("failed to decode response with invalid Http bindings, %w", err)} } return out, metadata, err @@ -6780,6 +6921,38 @@ func awsRestxml_deserializeOpErrorHeadBucket(response *smithyhttp.Response, meta } } +func awsRestxml_deserializeOpHttpBindingsHeadBucketOutput(v *HeadBucketOutput, response *smithyhttp.Response) error { + if v == nil { + return fmt.Errorf("unsupported deserialization for nil %T", v) + } + + if headerValues := response.Header.Values("x-amz-access-point-alias"); len(headerValues) != 0 { + headerValues[0] = strings.TrimSpace(headerValues[0]) + vv, err := strconv.ParseBool(headerValues[0]) + if err != nil { + return err + } + v.AccessPointAlias = ptr.Bool(vv) + } + + if headerValues := response.Header.Values("x-amz-bucket-location-name"); len(headerValues) != 0 { + headerValues[0] = strings.TrimSpace(headerValues[0]) + v.BucketLocationName = ptr.String(headerValues[0]) + } + + if headerValues := response.Header.Values("x-amz-bucket-location-type"); len(headerValues) != 0 { + headerValues[0] = strings.TrimSpace(headerValues[0]) + v.BucketLocationType = types.LocationType(headerValues[0]) + } + + if headerValues := response.Header.Values("x-amz-bucket-region"); len(headerValues) != 0 { + headerValues[0] = strings.TrimSpace(headerValues[0]) + v.BucketRegion = ptr.String(headerValues[0]) + } + + return nil +} + type awsRestxml_deserializeOpHeadObject struct { } @@ -6878,7 +7051,7 @@ func awsRestxml_deserializeOpHttpBindingsHeadObjectOutput(v *HeadObjectOutput, r if err != nil { return err } - v.BucketKeyEnabled = vv + v.BucketKeyEnabled = ptr.Bool(vv) } if headerValues := response.Header.Values("Cache-Control"); len(headerValues) != 0 { @@ -6927,7 +7100,7 @@ func awsRestxml_deserializeOpHttpBindingsHeadObjectOutput(v *HeadObjectOutput, r if err != nil { return err } - v.ContentLength = vv + v.ContentLength = ptr.Int64(vv) } if headerValues := response.Header.Values("Content-Type"); len(headerValues) != 0 { @@ -6941,7 +7114,7 @@ func awsRestxml_deserializeOpHttpBindingsHeadObjectOutput(v *HeadObjectOutput, r if err != nil { return err } - v.DeleteMarker = vv + v.DeleteMarker = ptr.Bool(vv) } if headerValues := response.Header.Values("ETag"); len(headerValues) != 0 { @@ -6988,7 +7161,7 @@ func awsRestxml_deserializeOpHttpBindingsHeadObjectOutput(v *HeadObjectOutput, r if err != nil { return err } - v.MissingMeta = int32(vv) + v.MissingMeta = ptr.Int32(int32(vv)) } if headerValues := response.Header.Values("x-amz-object-lock-legal-hold"); len(headerValues) != 0 { @@ -7016,7 +7189,7 @@ func awsRestxml_deserializeOpHttpBindingsHeadObjectOutput(v *HeadObjectOutput, r if err != nil { return err } - v.PartsCount = int32(vv) + v.PartsCount = ptr.Int32(int32(vv)) } if headerValues := response.Header.Values("x-amz-replication-status"); len(headerValues) != 0 { @@ -7223,7 +7396,7 @@ func awsRestxml_deserializeOpDocumentListBucketAnalyticsConfigurationsOutput(v * if err != nil { return fmt.Errorf("expected IsTruncated to be of type *bool, got %T instead", val) } - sv.IsTruncated = xtv + sv.IsTruncated = ptr.Bool(xtv) } case strings.EqualFold("NextContinuationToken", t.Name.Local): @@ -7404,7 +7577,7 @@ func awsRestxml_deserializeOpDocumentListBucketIntelligentTieringConfigurationsO if err != nil { return fmt.Errorf("expected IsTruncated to be of type *bool, got %T instead", val) } - sv.IsTruncated = xtv + sv.IsTruncated = ptr.Bool(xtv) } case strings.EqualFold("NextContinuationToken", t.Name.Local): @@ -7585,7 +7758,7 @@ func awsRestxml_deserializeOpDocumentListBucketInventoryConfigurationsOutput(v * if err != nil { return fmt.Errorf("expected IsTruncated to be of type *bool, got %T instead", val) } - sv.IsTruncated = xtv + sv.IsTruncated = ptr.Bool(xtv) } case strings.EqualFold("NextContinuationToken", t.Name.Local): @@ -7760,7 +7933,7 @@ func awsRestxml_deserializeOpDocumentListBucketMetricsConfigurationsOutput(v **L if err != nil { return fmt.Errorf("expected IsTruncated to be of type *bool, got %T instead", val) } - sv.IsTruncated = xtv + sv.IsTruncated = ptr.Bool(xtv) } case strings.EqualFold("MetricsConfiguration", t.Name.Local): @@ -7941,6 +8114,158 @@ func awsRestxml_deserializeOpDocumentListBucketsOutput(v **ListBucketsOutput, de return nil } +type awsRestxml_deserializeOpListDirectoryBuckets struct { +} + +func (*awsRestxml_deserializeOpListDirectoryBuckets) ID() string { + return "OperationDeserializer" +} + +func (m *awsRestxml_deserializeOpListDirectoryBuckets) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsRestxml_deserializeOpErrorListDirectoryBuckets(response, &metadata) + } + output := &ListDirectoryBucketsOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + body := io.TeeReader(response.Body, ringBuffer) + rootDecoder := xml.NewDecoder(body) + t, err := smithyxml.FetchRootElement(rootDecoder) + if err == io.EOF { + return out, metadata, nil + } + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + return out, metadata, &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + } + + decoder := smithyxml.WrapNodeDecoder(rootDecoder, t) + err = awsRestxml_deserializeOpDocumentListDirectoryBucketsOutput(&output, decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + return out, metadata, &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + } + + return out, metadata, err +} + +func awsRestxml_deserializeOpErrorListDirectoryBuckets(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + errorComponents, err := s3shared.GetErrorResponseComponents(errorBody, s3shared.ErrorResponseDeserializerOptions{ + UseStatusCode: true, StatusCode: response.StatusCode, + }) + if err != nil { + return err + } + if hostID := errorComponents.HostID; len(hostID) != 0 { + s3shared.SetHostIDMetadata(metadata, hostID) + } + if reqID := errorComponents.RequestID; len(reqID) != 0 { + awsmiddleware.SetRequestIDMetadata(metadata, reqID) + } + if len(errorComponents.Code) != 0 { + errorCode = errorComponents.Code + } + if len(errorComponents.Message) != 0 { + errorMessage = errorComponents.Message + } + errorBody.Seek(0, io.SeekStart) + switch { + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +func awsRestxml_deserializeOpDocumentListDirectoryBucketsOutput(v **ListDirectoryBucketsOutput, decoder smithyxml.NodeDecoder) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + var sv *ListDirectoryBucketsOutput + if *v == nil { + sv = &ListDirectoryBucketsOutput{} + } else { + sv = *v + } + + for { + t, done, err := decoder.Token() + if err != nil { + return err + } + if done { + break + } + originalDecoder := decoder + decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) + switch { + case strings.EqualFold("Buckets", t.Name.Local): + nodeDecoder := smithyxml.WrapNodeDecoder(decoder.Decoder, t) + if err := awsRestxml_deserializeDocumentBuckets(&sv.Buckets, nodeDecoder); err != nil { + return err + } + + case strings.EqualFold("ContinuationToken", t.Name.Local): + val, err := decoder.Value() + if err != nil { + return err + } + if val == nil { + break + } + { + xtv := string(val) + sv.ContinuationToken = ptr.String(xtv) + } + + default: + // Do nothing and ignore the unexpected tag element + err = decoder.Decoder.Skip() + if err != nil { + return err + } + + } + decoder = originalDecoder + } + *v = sv + return nil +} + type awsRestxml_deserializeOpListMultipartUploads struct { } @@ -8135,7 +8460,7 @@ func awsRestxml_deserializeOpDocumentListMultipartUploadsOutput(v **ListMultipar if err != nil { return fmt.Errorf("expected IsTruncated to be of type *bool, got %T instead", val) } - sv.IsTruncated = xtv + sv.IsTruncated = ptr.Bool(xtv) } case strings.EqualFold("KeyMarker", t.Name.Local): @@ -8165,7 +8490,7 @@ func awsRestxml_deserializeOpDocumentListMultipartUploadsOutput(v **ListMultipar if err != nil { return err } - sv.MaxUploads = int32(i64) + sv.MaxUploads = ptr.Int32(int32(i64)) } case strings.EqualFold("NextKeyMarker", t.Name.Local): @@ -8430,7 +8755,7 @@ func awsRestxml_deserializeOpDocumentListObjectsOutput(v **ListObjectsOutput, de if err != nil { return fmt.Errorf("expected IsTruncated to be of type *bool, got %T instead", val) } - sv.IsTruncated = xtv + sv.IsTruncated = ptr.Bool(xtv) } case strings.EqualFold("Marker", t.Name.Local): @@ -8460,7 +8785,7 @@ func awsRestxml_deserializeOpDocumentListObjectsOutput(v **ListObjectsOutput, de if err != nil { return err } - sv.MaxKeys = int32(i64) + sv.MaxKeys = ptr.Int32(int32(i64)) } case strings.EqualFold("Name", t.Name.Local): @@ -8719,7 +9044,7 @@ func awsRestxml_deserializeOpDocumentListObjectsV2Output(v **ListObjectsV2Output if err != nil { return fmt.Errorf("expected IsTruncated to be of type *bool, got %T instead", val) } - sv.IsTruncated = xtv + sv.IsTruncated = ptr.Bool(xtv) } case strings.EqualFold("KeyCount", t.Name.Local): @@ -8736,7 +9061,7 @@ func awsRestxml_deserializeOpDocumentListObjectsV2Output(v **ListObjectsV2Output if err != nil { return err } - sv.KeyCount = int32(i64) + sv.KeyCount = ptr.Int32(int32(i64)) } case strings.EqualFold("MaxKeys", t.Name.Local): @@ -8753,7 +9078,7 @@ func awsRestxml_deserializeOpDocumentListObjectsV2Output(v **ListObjectsV2Output if err != nil { return err } - sv.MaxKeys = int32(i64) + sv.MaxKeys = ptr.Int32(int32(i64)) } case strings.EqualFold("Name", t.Name.Local): @@ -9009,7 +9334,7 @@ func awsRestxml_deserializeOpDocumentListObjectVersionsOutput(v **ListObjectVers if err != nil { return fmt.Errorf("expected IsTruncated to be of type *bool, got %T instead", val) } - sv.IsTruncated = xtv + sv.IsTruncated = ptr.Bool(xtv) } case strings.EqualFold("KeyMarker", t.Name.Local): @@ -9039,7 +9364,7 @@ func awsRestxml_deserializeOpDocumentListObjectVersionsOutput(v **ListObjectVers if err != nil { return err } - sv.MaxKeys = int32(i64) + sv.MaxKeys = ptr.Int32(int32(i64)) } case strings.EqualFold("Name", t.Name.Local): @@ -9322,7 +9647,7 @@ func awsRestxml_deserializeOpDocumentListPartsOutput(v **ListPartsOutput, decode if err != nil { return fmt.Errorf("expected IsTruncated to be of type *bool, got %T instead", val) } - sv.IsTruncated = xtv + sv.IsTruncated = ptr.Bool(xtv) } case strings.EqualFold("Key", t.Name.Local): @@ -9352,7 +9677,7 @@ func awsRestxml_deserializeOpDocumentListPartsOutput(v **ListPartsOutput, decode if err != nil { return err } - sv.MaxParts = int32(i64) + sv.MaxParts = ptr.Int32(int32(i64)) } case strings.EqualFold("NextPartNumberMarker", t.Name.Local): @@ -10868,7 +11193,7 @@ func awsRestxml_deserializeOpHttpBindingsPutObjectOutput(v *PutObjectOutput, res if err != nil { return err } - v.BucketKeyEnabled = vv + v.BucketKeyEnabled = ptr.Bool(vv) } if headerValues := response.Header.Values("x-amz-checksum-crc32"); len(headerValues) != 0 { @@ -11701,7 +12026,7 @@ func awsRestxml_deserializeOpHttpBindingsUploadPartOutput(v *UploadPartOutput, r if err != nil { return err } - v.BucketKeyEnabled = vv + v.BucketKeyEnabled = ptr.Bool(vv) } if headerValues := response.Header.Values("x-amz-checksum-crc32"); len(headerValues) != 0 { @@ -11870,7 +12195,7 @@ func awsRestxml_deserializeOpHttpBindingsUploadPartCopyOutput(v *UploadPartCopyO if err != nil { return err } - v.BucketKeyEnabled = vv + v.BucketKeyEnabled = ptr.Bool(vv) } if headerValues := response.Header.Values("x-amz-copy-source-version-id"); len(headerValues) != 0 { @@ -12392,7 +12717,7 @@ func awsRestxml_deserializeDocumentProgress(v **types.Progress, decoder smithyxm if err != nil { return err } - sv.BytesProcessed = i64 + sv.BytesProcessed = ptr.Int64(i64) } case strings.EqualFold("BytesReturned", t.Name.Local): @@ -12409,7 +12734,7 @@ func awsRestxml_deserializeDocumentProgress(v **types.Progress, decoder smithyxm if err != nil { return err } - sv.BytesReturned = i64 + sv.BytesReturned = ptr.Int64(i64) } case strings.EqualFold("BytesScanned", t.Name.Local): @@ -12426,7 +12751,7 @@ func awsRestxml_deserializeDocumentProgress(v **types.Progress, decoder smithyxm if err != nil { return err } - sv.BytesScanned = i64 + sv.BytesScanned = ptr.Int64(i64) } default: @@ -12479,7 +12804,7 @@ func awsRestxml_deserializeDocumentStats(v **types.Stats, decoder smithyxml.Node if err != nil { return err } - sv.BytesProcessed = i64 + sv.BytesProcessed = ptr.Int64(i64) } case strings.EqualFold("BytesReturned", t.Name.Local): @@ -12496,7 +12821,7 @@ func awsRestxml_deserializeDocumentStats(v **types.Stats, decoder smithyxml.Node if err != nil { return err } - sv.BytesReturned = i64 + sv.BytesReturned = ptr.Int64(i64) } case strings.EqualFold("BytesScanned", t.Name.Local): @@ -12513,7 +12838,7 @@ func awsRestxml_deserializeDocumentStats(v **types.Stats, decoder smithyxml.Node if err != nil { return err } - sv.BytesScanned = i64 + sv.BytesScanned = ptr.Int64(i64) } default: @@ -12639,7 +12964,7 @@ func awsRestxml_deserializeDocumentAbortIncompleteMultipartUpload(v **types.Abor if err != nil { return err } - sv.DaysAfterInitiation = int32(i64) + sv.DaysAfterInitiation = ptr.Int32(int32(i64)) } default: @@ -14192,7 +14517,7 @@ func awsRestxml_deserializeDocumentCORSRule(v **types.CORSRule, decoder smithyxm if err != nil { return err } - sv.MaxAgeSeconds = int32(i64) + sv.MaxAgeSeconds = ptr.Int32(int32(i64)) } default: @@ -14313,7 +14638,7 @@ func awsRestxml_deserializeDocumentDefaultRetention(v **types.DefaultRetention, if err != nil { return err } - sv.Days = int32(i64) + sv.Days = ptr.Int32(int32(i64)) } case strings.EqualFold("Mode", t.Name.Local): @@ -14343,7 +14668,7 @@ func awsRestxml_deserializeDocumentDefaultRetention(v **types.DefaultRetention, if err != nil { return err } - sv.Years = int32(i64) + sv.Years = ptr.Int32(int32(i64)) } default: @@ -14395,7 +14720,7 @@ func awsRestxml_deserializeDocumentDeletedObject(v **types.DeletedObject, decode if err != nil { return fmt.Errorf("expected DeleteMarker to be of type *bool, got %T instead", val) } - sv.DeleteMarker = xtv + sv.DeleteMarker = ptr.Bool(xtv) } case strings.EqualFold("DeleteMarkerVersionId", t.Name.Local): @@ -14554,7 +14879,7 @@ func awsRestxml_deserializeDocumentDeleteMarkerEntry(v **types.DeleteMarkerEntry if err != nil { return fmt.Errorf("expected IsLatest to be of type *bool, got %T instead", val) } - sv.IsLatest = xtv + sv.IsLatest = ptr.Bool(xtv) } case strings.EqualFold("Key", t.Name.Local): @@ -15500,7 +15825,7 @@ func awsRestxml_deserializeDocumentGetObjectAttributesParts(v **types.GetObjectA if err != nil { return fmt.Errorf("expected IsTruncated to be of type *bool, got %T instead", val) } - sv.IsTruncated = xtv + sv.IsTruncated = ptr.Bool(xtv) } case strings.EqualFold("MaxParts", t.Name.Local): @@ -15517,7 +15842,7 @@ func awsRestxml_deserializeDocumentGetObjectAttributesParts(v **types.GetObjectA if err != nil { return err } - sv.MaxParts = int32(i64) + sv.MaxParts = ptr.Int32(int32(i64)) } case strings.EqualFold("NextPartNumberMarker", t.Name.Local): @@ -15566,7 +15891,7 @@ func awsRestxml_deserializeDocumentGetObjectAttributesParts(v **types.GetObjectA if err != nil { return err } - sv.TotalPartsCount = int32(i64) + sv.TotalPartsCount = ptr.Int32(int32(i64)) } default: @@ -16313,7 +16638,7 @@ func awsRestxml_deserializeDocumentInventoryConfiguration(v **types.InventoryCon if err != nil { return fmt.Errorf("expected IsEnabled to be of type *bool, got %T instead", val) } - sv.IsEnabled = xtv + sv.IsEnabled = ptr.Bool(xtv) } case strings.EqualFold("OptionalFields", t.Name.Local): @@ -16967,7 +17292,7 @@ func awsRestxml_deserializeDocumentLifecycleExpiration(v **types.LifecycleExpira if err != nil { return err } - sv.Days = int32(i64) + sv.Days = ptr.Int32(int32(i64)) } case strings.EqualFold("ExpiredObjectDeleteMarker", t.Name.Local): @@ -16983,7 +17308,7 @@ func awsRestxml_deserializeDocumentLifecycleExpiration(v **types.LifecycleExpira if err != nil { return fmt.Errorf("expected ExpiredObjectDeleteMarker to be of type *bool, got %T instead", val) } - sv.ExpiredObjectDeleteMarker = xtv + sv.ExpiredObjectDeleteMarker = ptr.Bool(xtv) } default: @@ -17147,7 +17472,7 @@ func awsRestxml_deserializeDocumentLifecycleRuleAndOperator(v **types.LifecycleR if err != nil { return err } - sv.ObjectSizeGreaterThan = i64 + sv.ObjectSizeGreaterThan = ptr.Int64(i64) } case strings.EqualFold("ObjectSizeLessThan", t.Name.Local): @@ -17164,7 +17489,7 @@ func awsRestxml_deserializeDocumentLifecycleRuleAndOperator(v **types.LifecycleR if err != nil { return err } - sv.ObjectSizeLessThan = i64 + sv.ObjectSizeLessThan = ptr.Int64(i64) } case strings.EqualFold("Prefix", t.Name.Local): @@ -17420,6 +17745,12 @@ func awsRestxml_deserializeDocumentLoggingEnabled(v **types.LoggingEnabled, deco return err } + case strings.EqualFold("TargetObjectKeyFormat", t.Name.Local): + nodeDecoder := smithyxml.WrapNodeDecoder(decoder.Decoder, t) + if err := awsRestxml_deserializeDocumentTargetObjectKeyFormat(&sv.TargetObjectKeyFormat, nodeDecoder); err != nil { + return err + } + case strings.EqualFold("TargetPrefix", t.Name.Local): val, err := decoder.Value() if err != nil { @@ -18001,7 +18332,7 @@ func awsRestxml_deserializeDocumentNoncurrentVersionExpiration(v **types.Noncurr if err != nil { return err } - sv.NewerNoncurrentVersions = int32(i64) + sv.NewerNoncurrentVersions = ptr.Int32(int32(i64)) } case strings.EqualFold("NoncurrentDays", t.Name.Local): @@ -18018,7 +18349,7 @@ func awsRestxml_deserializeDocumentNoncurrentVersionExpiration(v **types.Noncurr if err != nil { return err } - sv.NoncurrentDays = int32(i64) + sv.NoncurrentDays = ptr.Int32(int32(i64)) } default: @@ -18071,7 +18402,7 @@ func awsRestxml_deserializeDocumentNoncurrentVersionTransition(v **types.Noncurr if err != nil { return err } - sv.NewerNoncurrentVersions = int32(i64) + sv.NewerNoncurrentVersions = ptr.Int32(int32(i64)) } case strings.EqualFold("NoncurrentDays", t.Name.Local): @@ -18088,7 +18419,7 @@ func awsRestxml_deserializeDocumentNoncurrentVersionTransition(v **types.Noncurr if err != nil { return err } - sv.NoncurrentDays = int32(i64) + sv.NoncurrentDays = ptr.Int32(int32(i64)) } case strings.EqualFold("StorageClass", t.Name.Local): @@ -18469,7 +18800,7 @@ func awsRestxml_deserializeDocumentObject(v **types.Object, decoder smithyxml.No if err != nil { return err } - sv.Size = i64 + sv.Size = ptr.Int64(i64) } case strings.EqualFold("StorageClass", t.Name.Local): @@ -18939,7 +19270,7 @@ func awsRestxml_deserializeDocumentObjectPart(v **types.ObjectPart, decoder smit if err != nil { return err } - sv.PartNumber = int32(i64) + sv.PartNumber = ptr.Int32(int32(i64)) } case strings.EqualFold("Size", t.Name.Local): @@ -18956,7 +19287,7 @@ func awsRestxml_deserializeDocumentObjectPart(v **types.ObjectPart, decoder smit if err != nil { return err } - sv.Size = i64 + sv.Size = ptr.Int64(i64) } default: @@ -19027,7 +19358,7 @@ func awsRestxml_deserializeDocumentObjectVersion(v **types.ObjectVersion, decode if err != nil { return fmt.Errorf("expected IsLatest to be of type *bool, got %T instead", val) } - sv.IsLatest = xtv + sv.IsLatest = ptr.Bool(xtv) } case strings.EqualFold("Key", t.Name.Local): @@ -19086,7 +19417,7 @@ func awsRestxml_deserializeDocumentObjectVersion(v **types.ObjectVersion, decode if err != nil { return err } - sv.Size = i64 + sv.Size = ptr.Int64(i64) } case strings.EqualFold("StorageClass", t.Name.Local): @@ -19536,7 +19867,7 @@ func awsRestxml_deserializeDocumentPart(v **types.Part, decoder smithyxml.NodeDe if err != nil { return err } - sv.PartNumber = int32(i64) + sv.PartNumber = ptr.Int32(int32(i64)) } case strings.EqualFold("Size", t.Name.Local): @@ -19553,7 +19884,56 @@ func awsRestxml_deserializeDocumentPart(v **types.Part, decoder smithyxml.NodeDe if err != nil { return err } - sv.Size = i64 + sv.Size = ptr.Int64(i64) + } + + default: + // Do nothing and ignore the unexpected tag element + err = decoder.Decoder.Skip() + if err != nil { + return err + } + + } + decoder = originalDecoder + } + *v = sv + return nil +} + +func awsRestxml_deserializeDocumentPartitionedPrefix(v **types.PartitionedPrefix, decoder smithyxml.NodeDecoder) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + var sv *types.PartitionedPrefix + if *v == nil { + sv = &types.PartitionedPrefix{} + } else { + sv = *v + } + + for { + t, done, err := decoder.Token() + if err != nil { + return err + } + if done { + break + } + originalDecoder := decoder + decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) + switch { + case strings.EqualFold("PartitionDateSource", t.Name.Local): + val, err := decoder.Value() + if err != nil { + return err + } + if val == nil { + break + } + { + xtv := string(val) + sv.PartitionDateSource = types.PartitionDateSource(xtv) } default: @@ -19741,7 +20121,7 @@ func awsRestxml_deserializeDocumentPolicyStatus(v **types.PolicyStatus, decoder if err != nil { return fmt.Errorf("expected IsPublic to be of type *bool, got %T instead", val) } - sv.IsPublic = xtv + sv.IsPublic = ptr.Bool(xtv) } default: @@ -19793,7 +20173,7 @@ func awsRestxml_deserializeDocumentPublicAccessBlockConfiguration(v **types.Publ if err != nil { return fmt.Errorf("expected Setting to be of type *bool, got %T instead", val) } - sv.BlockPublicAcls = xtv + sv.BlockPublicAcls = ptr.Bool(xtv) } case strings.EqualFold("BlockPublicPolicy", t.Name.Local): @@ -19809,7 +20189,7 @@ func awsRestxml_deserializeDocumentPublicAccessBlockConfiguration(v **types.Publ if err != nil { return fmt.Errorf("expected Setting to be of type *bool, got %T instead", val) } - sv.BlockPublicPolicy = xtv + sv.BlockPublicPolicy = ptr.Bool(xtv) } case strings.EqualFold("IgnorePublicAcls", t.Name.Local): @@ -19825,7 +20205,7 @@ func awsRestxml_deserializeDocumentPublicAccessBlockConfiguration(v **types.Publ if err != nil { return fmt.Errorf("expected Setting to be of type *bool, got %T instead", val) } - sv.IgnorePublicAcls = xtv + sv.IgnorePublicAcls = ptr.Bool(xtv) } case strings.EqualFold("RestrictPublicBuckets", t.Name.Local): @@ -19841,7 +20221,7 @@ func awsRestxml_deserializeDocumentPublicAccessBlockConfiguration(v **types.Publ if err != nil { return fmt.Errorf("expected Setting to be of type *bool, got %T instead", val) } - sv.RestrictPublicBuckets = xtv + sv.RestrictPublicBuckets = ptr.Bool(xtv) } default: @@ -20353,7 +20733,7 @@ func awsRestxml_deserializeDocumentReplicationRule(v **types.ReplicationRule, de if err != nil { return err } - sv.Priority = int32(i64) + sv.Priority = ptr.Int32(int32(i64)) } case strings.EqualFold("SourceSelectionCriteria", t.Name.Local): @@ -20674,7 +21054,7 @@ func awsRestxml_deserializeDocumentReplicationTimeValue(v **types.ReplicationTim if err != nil { return err } - sv.Minutes = int32(i64) + sv.Minutes = ptr.Int32(int32(i64)) } default: @@ -20726,7 +21106,7 @@ func awsRestxml_deserializeDocumentRestoreStatus(v **types.RestoreStatus, decode if err != nil { return fmt.Errorf("expected IsRestoreInProgress to be of type *bool, got %T instead", val) } - sv.IsRestoreInProgress = xtv + sv.IsRestoreInProgress = ptr.Bool(xtv) } case strings.EqualFold("RestoreExpiryDate", t.Name.Local): @@ -21063,7 +21443,7 @@ func awsRestxml_deserializeDocumentServerSideEncryptionRule(v **types.ServerSide if err != nil { return fmt.Errorf("expected BucketKeyEnabled to be of type *bool, got %T instead", val) } - sv.BucketKeyEnabled = xtv + sv.BucketKeyEnabled = ptr.Bool(xtv) } default: @@ -21148,6 +21528,134 @@ func awsRestxml_deserializeDocumentServerSideEncryptionRulesUnwrapped(v *[]types *v = sv return nil } +func awsRestxml_deserializeDocumentSessionCredentials(v **types.SessionCredentials, decoder smithyxml.NodeDecoder) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + var sv *types.SessionCredentials + if *v == nil { + sv = &types.SessionCredentials{} + } else { + sv = *v + } + + for { + t, done, err := decoder.Token() + if err != nil { + return err + } + if done { + break + } + originalDecoder := decoder + decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) + switch { + case strings.EqualFold("AccessKeyId", t.Name.Local): + val, err := decoder.Value() + if err != nil { + return err + } + if val == nil { + break + } + { + xtv := string(val) + sv.AccessKeyId = ptr.String(xtv) + } + + case strings.EqualFold("Expiration", t.Name.Local): + val, err := decoder.Value() + if err != nil { + return err + } + if val == nil { + break + } + { + xtv := string(val) + t, err := smithytime.ParseDateTime(xtv) + if err != nil { + return err + } + sv.Expiration = ptr.Time(t) + } + + case strings.EqualFold("SecretAccessKey", t.Name.Local): + val, err := decoder.Value() + if err != nil { + return err + } + if val == nil { + break + } + { + xtv := string(val) + sv.SecretAccessKey = ptr.String(xtv) + } + + case strings.EqualFold("SessionToken", t.Name.Local): + val, err := decoder.Value() + if err != nil { + return err + } + if val == nil { + break + } + { + xtv := string(val) + sv.SessionToken = ptr.String(xtv) + } + + default: + // Do nothing and ignore the unexpected tag element + err = decoder.Decoder.Skip() + if err != nil { + return err + } + + } + decoder = originalDecoder + } + *v = sv + return nil +} + +func awsRestxml_deserializeDocumentSimplePrefix(v **types.SimplePrefix, decoder smithyxml.NodeDecoder) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + var sv *types.SimplePrefix + if *v == nil { + sv = &types.SimplePrefix{} + } else { + sv = *v + } + + for { + t, done, err := decoder.Token() + if err != nil { + return err + } + if done { + break + } + originalDecoder := decoder + decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) + switch { + default: + // Do nothing and ignore the unexpected tag element + err = decoder.Decoder.Skip() + if err != nil { + return err + } + + } + decoder = originalDecoder + } + *v = sv + return nil +} + func awsRestxml_deserializeDocumentSourceSelectionCriteria(v **types.SourceSelectionCriteria, decoder smithyxml.NodeDecoder) error { if v == nil { return fmt.Errorf("unexpected nil of type %T", v) @@ -21680,6 +22188,54 @@ func awsRestxml_deserializeDocumentTargetGrantsUnwrapped(v *[]types.TargetGrant, *v = sv return nil } +func awsRestxml_deserializeDocumentTargetObjectKeyFormat(v **types.TargetObjectKeyFormat, decoder smithyxml.NodeDecoder) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + var sv *types.TargetObjectKeyFormat + if *v == nil { + sv = &types.TargetObjectKeyFormat{} + } else { + sv = *v + } + + for { + t, done, err := decoder.Token() + if err != nil { + return err + } + if done { + break + } + originalDecoder := decoder + decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) + switch { + case strings.EqualFold("PartitionedPrefix", t.Name.Local): + nodeDecoder := smithyxml.WrapNodeDecoder(decoder.Decoder, t) + if err := awsRestxml_deserializeDocumentPartitionedPrefix(&sv.PartitionedPrefix, nodeDecoder); err != nil { + return err + } + + case strings.EqualFold("SimplePrefix", t.Name.Local): + nodeDecoder := smithyxml.WrapNodeDecoder(decoder.Decoder, t) + if err := awsRestxml_deserializeDocumentSimplePrefix(&sv.SimplePrefix, nodeDecoder); err != nil { + return err + } + + default: + // Do nothing and ignore the unexpected tag element + err = decoder.Decoder.Skip() + if err != nil { + return err + } + + } + decoder = originalDecoder + } + *v = sv + return nil +} + func awsRestxml_deserializeDocumentTiering(v **types.Tiering, decoder smithyxml.NodeDecoder) error { if v == nil { return fmt.Errorf("unexpected nil of type %T", v) @@ -21729,7 +22285,7 @@ func awsRestxml_deserializeDocumentTiering(v **types.Tiering, decoder smithyxml. if err != nil { return err } - sv.Days = int32(i64) + sv.Days = ptr.Int32(int32(i64)) } default: @@ -22009,7 +22565,7 @@ func awsRestxml_deserializeDocumentTransition(v **types.Transition, decoder smit if err != nil { return err } - sv.Days = int32(i64) + sv.Days = ptr.Int32(int32(i64)) } case strings.EqualFold("StorageClass", t.Name.Local): diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/endpoint_auth_resolver.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/endpoint_auth_resolver.go new file mode 100644 index 000000000..91af48fc0 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/endpoint_auth_resolver.go @@ -0,0 +1,115 @@ +package s3 + +import ( + "context" + "fmt" + + smithyauth "github.com/aws/smithy-go/auth" +) + +type endpointAuthResolver struct { + EndpointResolver EndpointResolverV2 +} + +var _ AuthSchemeResolver = (*endpointAuthResolver)(nil) + +func (r *endpointAuthResolver) ResolveAuthSchemes( + ctx context.Context, params *AuthResolverParameters, +) ( + []*smithyauth.Option, error, +) { + opts, err := r.resolveAuthSchemes(ctx, params) + if err != nil { + return nil, err + } + + // canonicalize sigv4-s3express ID + for _, opt := range opts { + if opt.SchemeID == "sigv4-s3express" { + opt.SchemeID = "com.amazonaws.s3#sigv4express" + } + } + + // preserve pre-SRA behavior where everything technically had anonymous + return append(opts, &smithyauth.Option{ + SchemeID: smithyauth.SchemeIDAnonymous, + }), nil +} + +func (r *endpointAuthResolver) resolveAuthSchemes( + ctx context.Context, params *AuthResolverParameters, +) ( + []*smithyauth.Option, error, +) { + baseOpts, err := (&defaultAuthSchemeResolver{}).ResolveAuthSchemes(ctx, params) + if err != nil { + return nil, fmt.Errorf("get base options: %w", err) + } + + endpt, err := r.EndpointResolver.ResolveEndpoint(ctx, *params.endpointParams) + if err != nil { + return nil, fmt.Errorf("resolve endpoint: %w", err) + } + + endptOpts, ok := smithyauth.GetAuthOptions(&endpt.Properties) + if !ok { + return baseOpts, nil + } + + // the list of options from the endpoint is authoritative, however, the + // modeled options have some properties that the endpoint ones don't, so we + // start from the latter and merge in + for _, endptOpt := range endptOpts { + if baseOpt := findScheme(baseOpts, endptOpt.SchemeID); baseOpt != nil { + rebaseProps(endptOpt, baseOpt) + } + } + + return endptOpts, nil +} + +// rebase the properties of dst, taking src as the base and overlaying those +// from dst +func rebaseProps(dst, src *smithyauth.Option) { + iprops, sprops := src.IdentityProperties, src.SignerProperties + + iprops.SetAll(&dst.IdentityProperties) + sprops.SetAll(&dst.SignerProperties) + + dst.IdentityProperties = iprops + dst.SignerProperties = sprops +} + +func findScheme(opts []*smithyauth.Option, schemeID string) *smithyauth.Option { + for _, opt := range opts { + if opt.SchemeID == schemeID { + return opt + } + } + return nil +} + +func finalizeServiceEndpointAuthResolver(options *Options) { + if _, ok := options.AuthSchemeResolver.(*defaultAuthSchemeResolver); !ok { + return + } + + options.AuthSchemeResolver = &endpointAuthResolver{ + EndpointResolver: options.EndpointResolverV2, + } +} + +func finalizeOperationEndpointAuthResolver(options *Options) { + resolver, ok := options.AuthSchemeResolver.(*endpointAuthResolver) + if !ok { + return + } + + if resolver.EndpointResolver == options.EndpointResolverV2 { + return + } + + options.AuthSchemeResolver = &endpointAuthResolver{ + EndpointResolver: options.EndpointResolverV2, + } +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/endpoints.go index 7d57e70dc..a1f2e36d6 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/endpoints.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/endpoints.go @@ -9,9 +9,13 @@ import ( "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" + internalcontext "github.com/aws/aws-sdk-go-v2/internal/context" + "github.com/aws/aws-sdk-go-v2/internal/endpoints" "github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn" + s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" internalendpoints "github.com/aws/aws-sdk-go-v2/service/s3/internal/endpoints" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/endpoints/private/rulesfn" "github.com/aws/smithy-go/middleware" @@ -224,96 +228,6 @@ func resolveBaseEndpoint(cfg aws.Config, o *Options) { } } -// Utility function to aid with translating pseudo-regions to classical regions -// with the appropriate setting indicated by the pseudo-region -func mapPseudoRegion(pr string) (region string, fips aws.FIPSEndpointState) { - const fipsInfix = "-fips-" - const fipsPrefix = "fips-" - const fipsSuffix = "-fips" - - if strings.Contains(pr, fipsInfix) || - strings.Contains(pr, fipsPrefix) || - strings.Contains(pr, fipsSuffix) { - region = strings.ReplaceAll(strings.ReplaceAll(strings.ReplaceAll( - pr, fipsInfix, "-"), fipsPrefix, ""), fipsSuffix, "") - fips = aws.FIPSEndpointStateEnabled - } else { - region = pr - } - - return region, fips -} - -// builtInParameterResolver is the interface responsible for resolving BuiltIn -// values during the sourcing of EndpointParameters -type builtInParameterResolver interface { - ResolveBuiltIns(*EndpointParameters) error -} - -// builtInResolver resolves modeled BuiltIn values using only the members defined -// below. -type builtInResolver struct { - // The AWS region used to dispatch the request. - Region string - - // Sourced BuiltIn value in a historical enabled or disabled state. - UseFIPS aws.FIPSEndpointState - - // Sourced BuiltIn value in a historical enabled or disabled state. - UseDualStack aws.DualStackEndpointState - - // Base endpoint that can potentially be modified during Endpoint resolution. - Endpoint *string - - // When true, force a path-style endpoint to be used where the bucket name is part - // of the path. - ForcePathStyle bool - - // When true, use S3 Accelerate. NOTE: Not all regions support S3 accelerate. - Accelerate bool - - // Whether the global endpoint should be used, rather then the regional endpoint - // for us-east-1. - UseGlobalEndpoint bool - - // Whether multi-region access points (MRAP) should be disabled. - DisableMultiRegionAccessPoints bool - - // When an Access Point ARN is provided and this flag is enabled, the SDK MUST use - // the ARN's region when constructing the endpoint instead of the client's - // configured region. - UseArnRegion bool -} - -// Invoked at runtime to resolve BuiltIn Values. Only resolution code specific to -// each BuiltIn value is generated. -func (b *builtInResolver) ResolveBuiltIns(params *EndpointParameters) error { - - region, _ := mapPseudoRegion(b.Region) - if len(region) == 0 { - return fmt.Errorf("Could not resolve AWS::Region") - } else { - params.Region = aws.String(region) - } - if b.UseFIPS == aws.FIPSEndpointStateEnabled { - params.UseFIPS = aws.Bool(true) - } else { - params.UseFIPS = aws.Bool(false) - } - if b.UseDualStack == aws.DualStackEndpointStateEnabled { - params.UseDualStack = aws.Bool(true) - } else { - params.UseDualStack = aws.Bool(false) - } - params.Endpoint = b.Endpoint - params.ForcePathStyle = aws.Bool(b.ForcePathStyle) - params.Accelerate = aws.Bool(b.Accelerate) - params.UseGlobalEndpoint = aws.Bool(b.UseGlobalEndpoint) - params.DisableMultiRegionAccessPoints = aws.Bool(b.DisableMultiRegionAccessPoints) - params.UseArnRegion = aws.Bool(b.UseArnRegion) - return nil -} - // EndpointParameters provides the parameters that influence how endpoints are // resolved. type EndpointParameters struct { @@ -391,6 +305,20 @@ type EndpointParameters struct { // Parameter is required. UseObjectLambdaEndpoint *bool + // The S3 Key used to send the request. This is an optional parameter that will be + // set automatically for operations that are scoped to an S3 Key. + // + // Parameter is + // required. + Key *string + + // The S3 Prefix used to send the request. This is an optional parameter that will + // be set automatically for operations that are scoped to an S3 Prefix. + // + // Parameter + // is required. + Prefix *string + // Internal parameter to disable Access Point Buckets // // Parameter is required. @@ -412,6 +340,18 @@ type EndpointParameters struct { // // AWS::S3::UseArnRegion UseArnRegion *bool + + // Internal parameter to indicate whether S3Express operation should use control + // plane, (ex. CreateBucket) + // + // Parameter is required. + UseS3ExpressControlEndpoint *bool + + // Parameter to indicate whether S3Express session auth should be + // disabled + // + // Parameter is required. + DisableS3ExpressSessionAuth *bool } // ValidateRequired validates required parameters are set. @@ -544,6 +484,816 @@ func (r *resolver) ResolveEndpoint( } } } + if exprVal := params.Bucket; exprVal != nil { + _Bucket := *exprVal + _ = _Bucket + if exprVal := rulesfn.SubString(_Bucket, 0, 6, true); exprVal != nil { + _bucketSuffix := *exprVal + _ = _bucketSuffix + if _bucketSuffix == "--x-s3" { + if _UseDualStack == true { + return endpoint, fmt.Errorf("endpoint rule error, %s", "S3Express does not support Dual-stack.") + } + if _Accelerate == true { + return endpoint, fmt.Errorf("endpoint rule error, %s", "S3Express does not support S3 Accelerate.") + } + if exprVal := params.Endpoint; exprVal != nil { + _Endpoint := *exprVal + _ = _Endpoint + if exprVal := rulesfn.ParseURL(_Endpoint); exprVal != nil { + _url := *exprVal + _ = _url + if exprVal := params.DisableS3ExpressSessionAuth; exprVal != nil { + _DisableS3ExpressSessionAuth := *exprVal + _ = _DisableS3ExpressSessionAuth + if _DisableS3ExpressSessionAuth == true { + if _url.IsIp == true { + _uri_encoded_bucket := rulesfn.URIEncode(_Bucket) + _ = _uri_encoded_bucket + uriString := func() string { + var out strings.Builder + out.WriteString(_url.Scheme) + out.WriteString("://") + out.WriteString(_url.Authority) + out.WriteString("/") + out.WriteString(_uri_encoded_bucket) + out.WriteString(_url.Path) + return out.String() + }() + + uri, err := url.Parse(uriString) + if err != nil { + return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) + } + + return smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: func() smithy.Properties { + var out smithy.Properties + out.Set("backend", "S3Express") + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3express") + smithyhttp.SetSigV4ASigningName(&sp, "s3express") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), + }, + }) + return out + }(), + }, nil + } + if awsrulesfn.IsVirtualHostableS3Bucket(_Bucket, false) { + uriString := func() string { + var out strings.Builder + out.WriteString(_url.Scheme) + out.WriteString("://") + out.WriteString(_Bucket) + out.WriteString(".") + out.WriteString(_url.Authority) + out.WriteString(_url.Path) + return out.String() + }() + + uri, err := url.Parse(uriString) + if err != nil { + return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) + } + + return smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: func() smithy.Properties { + var out smithy.Properties + out.Set("backend", "S3Express") + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3express") + smithyhttp.SetSigV4ASigningName(&sp, "s3express") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), + }, + }) + return out + }(), + }, nil + } + return endpoint, fmt.Errorf("endpoint rule error, %s", "S3Express bucket name is not a valid virtual hostable name.") + } + } + if _url.IsIp == true { + _uri_encoded_bucket := rulesfn.URIEncode(_Bucket) + _ = _uri_encoded_bucket + uriString := func() string { + var out strings.Builder + out.WriteString(_url.Scheme) + out.WriteString("://") + out.WriteString(_url.Authority) + out.WriteString("/") + out.WriteString(_uri_encoded_bucket) + out.WriteString(_url.Path) + return out.String() + }() + + uri, err := url.Parse(uriString) + if err != nil { + return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) + } + + return smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: func() smithy.Properties { + var out smithy.Properties + out.Set("backend", "S3Express") + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "sigv4-s3express", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3express") + smithyhttp.SetSigV4ASigningName(&sp, "s3express") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), + }, + }) + return out + }(), + }, nil + } + if awsrulesfn.IsVirtualHostableS3Bucket(_Bucket, false) { + uriString := func() string { + var out strings.Builder + out.WriteString(_url.Scheme) + out.WriteString("://") + out.WriteString(_Bucket) + out.WriteString(".") + out.WriteString(_url.Authority) + out.WriteString(_url.Path) + return out.String() + }() + + uri, err := url.Parse(uriString) + if err != nil { + return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) + } + + return smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: func() smithy.Properties { + var out smithy.Properties + out.Set("backend", "S3Express") + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "sigv4-s3express", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3express") + smithyhttp.SetSigV4ASigningName(&sp, "s3express") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), + }, + }) + return out + }(), + }, nil + } + return endpoint, fmt.Errorf("endpoint rule error, %s", "S3Express bucket name is not a valid virtual hostable name.") + } + } + if exprVal := params.UseS3ExpressControlEndpoint; exprVal != nil { + _UseS3ExpressControlEndpoint := *exprVal + _ = _UseS3ExpressControlEndpoint + if _UseS3ExpressControlEndpoint == true { + _uri_encoded_bucket := rulesfn.URIEncode(_Bucket) + _ = _uri_encoded_bucket + if !(params.Endpoint != nil) { + if _UseFIPS == true { + uriString := func() string { + var out strings.Builder + out.WriteString("https://s3express-control-fips.") + out.WriteString(_Region) + out.WriteString(".amazonaws.com/") + out.WriteString(_uri_encoded_bucket) + return out.String() + }() + + uri, err := url.Parse(uriString) + if err != nil { + return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) + } + + return smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: func() smithy.Properties { + var out smithy.Properties + out.Set("backend", "S3Express") + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3express") + smithyhttp.SetSigV4ASigningName(&sp, "s3express") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), + }, + }) + return out + }(), + }, nil + } + uriString := func() string { + var out strings.Builder + out.WriteString("https://s3express-control.") + out.WriteString(_Region) + out.WriteString(".amazonaws.com/") + out.WriteString(_uri_encoded_bucket) + return out.String() + }() + + uri, err := url.Parse(uriString) + if err != nil { + return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) + } + + return smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: func() smithy.Properties { + var out smithy.Properties + out.Set("backend", "S3Express") + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3express") + smithyhttp.SetSigV4ASigningName(&sp, "s3express") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), + }, + }) + return out + }(), + }, nil + } + return endpoint, fmt.Errorf("Endpoint resolution failed. Invalid operation or environment input.") + } + } + if awsrulesfn.IsVirtualHostableS3Bucket(_Bucket, false) { + if exprVal := params.DisableS3ExpressSessionAuth; exprVal != nil { + _DisableS3ExpressSessionAuth := *exprVal + _ = _DisableS3ExpressSessionAuth + if _DisableS3ExpressSessionAuth == true { + if exprVal := rulesfn.SubString(_Bucket, 6, 14, true); exprVal != nil { + _s3expressAvailabilityZoneId := *exprVal + _ = _s3expressAvailabilityZoneId + if exprVal := rulesfn.SubString(_Bucket, 14, 16, true); exprVal != nil { + _s3expressAvailabilityZoneDelim := *exprVal + _ = _s3expressAvailabilityZoneDelim + if _s3expressAvailabilityZoneDelim == "--" { + if _UseFIPS == true { + uriString := func() string { + var out strings.Builder + out.WriteString("https://") + out.WriteString(_Bucket) + out.WriteString(".s3express-fips-") + out.WriteString(_s3expressAvailabilityZoneId) + out.WriteString(".") + out.WriteString(_Region) + out.WriteString(".amazonaws.com") + return out.String() + }() + + uri, err := url.Parse(uriString) + if err != nil { + return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) + } + + return smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: func() smithy.Properties { + var out smithy.Properties + out.Set("backend", "S3Express") + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3express") + smithyhttp.SetSigV4ASigningName(&sp, "s3express") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), + }, + }) + return out + }(), + }, nil + } + uriString := func() string { + var out strings.Builder + out.WriteString("https://") + out.WriteString(_Bucket) + out.WriteString(".s3express-") + out.WriteString(_s3expressAvailabilityZoneId) + out.WriteString(".") + out.WriteString(_Region) + out.WriteString(".amazonaws.com") + return out.String() + }() + + uri, err := url.Parse(uriString) + if err != nil { + return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) + } + + return smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: func() smithy.Properties { + var out smithy.Properties + out.Set("backend", "S3Express") + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3express") + smithyhttp.SetSigV4ASigningName(&sp, "s3express") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), + }, + }) + return out + }(), + }, nil + } + } + } + if exprVal := rulesfn.SubString(_Bucket, 6, 15, true); exprVal != nil { + _s3expressAvailabilityZoneId := *exprVal + _ = _s3expressAvailabilityZoneId + if exprVal := rulesfn.SubString(_Bucket, 15, 17, true); exprVal != nil { + _s3expressAvailabilityZoneDelim := *exprVal + _ = _s3expressAvailabilityZoneDelim + if _s3expressAvailabilityZoneDelim == "--" { + if _UseFIPS == true { + uriString := func() string { + var out strings.Builder + out.WriteString("https://") + out.WriteString(_Bucket) + out.WriteString(".s3express-fips-") + out.WriteString(_s3expressAvailabilityZoneId) + out.WriteString(".") + out.WriteString(_Region) + out.WriteString(".amazonaws.com") + return out.String() + }() + + uri, err := url.Parse(uriString) + if err != nil { + return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) + } + + return smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: func() smithy.Properties { + var out smithy.Properties + out.Set("backend", "S3Express") + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3express") + smithyhttp.SetSigV4ASigningName(&sp, "s3express") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), + }, + }) + return out + }(), + }, nil + } + uriString := func() string { + var out strings.Builder + out.WriteString("https://") + out.WriteString(_Bucket) + out.WriteString(".s3express-") + out.WriteString(_s3expressAvailabilityZoneId) + out.WriteString(".") + out.WriteString(_Region) + out.WriteString(".amazonaws.com") + return out.String() + }() + + uri, err := url.Parse(uriString) + if err != nil { + return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) + } + + return smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: func() smithy.Properties { + var out smithy.Properties + out.Set("backend", "S3Express") + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3express") + smithyhttp.SetSigV4ASigningName(&sp, "s3express") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), + }, + }) + return out + }(), + }, nil + } + } + } + return endpoint, fmt.Errorf("endpoint rule error, %s", "Unrecognized S3Express bucket name format.") + } + } + if exprVal := rulesfn.SubString(_Bucket, 6, 14, true); exprVal != nil { + _s3expressAvailabilityZoneId := *exprVal + _ = _s3expressAvailabilityZoneId + if exprVal := rulesfn.SubString(_Bucket, 14, 16, true); exprVal != nil { + _s3expressAvailabilityZoneDelim := *exprVal + _ = _s3expressAvailabilityZoneDelim + if _s3expressAvailabilityZoneDelim == "--" { + if _UseFIPS == true { + uriString := func() string { + var out strings.Builder + out.WriteString("https://") + out.WriteString(_Bucket) + out.WriteString(".s3express-fips-") + out.WriteString(_s3expressAvailabilityZoneId) + out.WriteString(".") + out.WriteString(_Region) + out.WriteString(".amazonaws.com") + return out.String() + }() + + uri, err := url.Parse(uriString) + if err != nil { + return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) + } + + return smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: func() smithy.Properties { + var out smithy.Properties + out.Set("backend", "S3Express") + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "sigv4-s3express", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3express") + smithyhttp.SetSigV4ASigningName(&sp, "s3express") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), + }, + }) + return out + }(), + }, nil + } + uriString := func() string { + var out strings.Builder + out.WriteString("https://") + out.WriteString(_Bucket) + out.WriteString(".s3express-") + out.WriteString(_s3expressAvailabilityZoneId) + out.WriteString(".") + out.WriteString(_Region) + out.WriteString(".amazonaws.com") + return out.String() + }() + + uri, err := url.Parse(uriString) + if err != nil { + return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) + } + + return smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: func() smithy.Properties { + var out smithy.Properties + out.Set("backend", "S3Express") + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "sigv4-s3express", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3express") + smithyhttp.SetSigV4ASigningName(&sp, "s3express") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), + }, + }) + return out + }(), + }, nil + } + } + } + if exprVal := rulesfn.SubString(_Bucket, 6, 15, true); exprVal != nil { + _s3expressAvailabilityZoneId := *exprVal + _ = _s3expressAvailabilityZoneId + if exprVal := rulesfn.SubString(_Bucket, 15, 17, true); exprVal != nil { + _s3expressAvailabilityZoneDelim := *exprVal + _ = _s3expressAvailabilityZoneDelim + if _s3expressAvailabilityZoneDelim == "--" { + if _UseFIPS == true { + uriString := func() string { + var out strings.Builder + out.WriteString("https://") + out.WriteString(_Bucket) + out.WriteString(".s3express-fips-") + out.WriteString(_s3expressAvailabilityZoneId) + out.WriteString(".") + out.WriteString(_Region) + out.WriteString(".amazonaws.com") + return out.String() + }() + + uri, err := url.Parse(uriString) + if err != nil { + return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) + } + + return smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: func() smithy.Properties { + var out smithy.Properties + out.Set("backend", "S3Express") + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "sigv4-s3express", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3express") + smithyhttp.SetSigV4ASigningName(&sp, "s3express") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), + }, + }) + return out + }(), + }, nil + } + uriString := func() string { + var out strings.Builder + out.WriteString("https://") + out.WriteString(_Bucket) + out.WriteString(".s3express-") + out.WriteString(_s3expressAvailabilityZoneId) + out.WriteString(".") + out.WriteString(_Region) + out.WriteString(".amazonaws.com") + return out.String() + }() + + uri, err := url.Parse(uriString) + if err != nil { + return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) + } + + return smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: func() smithy.Properties { + var out smithy.Properties + out.Set("backend", "S3Express") + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "sigv4-s3express", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3express") + smithyhttp.SetSigV4ASigningName(&sp, "s3express") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), + }, + }) + return out + }(), + }, nil + } + } + } + return endpoint, fmt.Errorf("endpoint rule error, %s", "Unrecognized S3Express bucket name format.") + } + return endpoint, fmt.Errorf("endpoint rule error, %s", "S3Express bucket name is not a valid virtual hostable name.") + } + } + } + if !(params.Bucket != nil) { + if exprVal := params.UseS3ExpressControlEndpoint; exprVal != nil { + _UseS3ExpressControlEndpoint := *exprVal + _ = _UseS3ExpressControlEndpoint + if _UseS3ExpressControlEndpoint == true { + if exprVal := params.Endpoint; exprVal != nil { + _Endpoint := *exprVal + _ = _Endpoint + if exprVal := rulesfn.ParseURL(_Endpoint); exprVal != nil { + _url := *exprVal + _ = _url + uriString := func() string { + var out strings.Builder + out.WriteString(_url.Scheme) + out.WriteString("://") + out.WriteString(_url.Authority) + out.WriteString(_url.Path) + return out.String() + }() + + uri, err := url.Parse(uriString) + if err != nil { + return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) + } + + return smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: func() smithy.Properties { + var out smithy.Properties + out.Set("backend", "S3Express") + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3express") + smithyhttp.SetSigV4ASigningName(&sp, "s3express") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), + }, + }) + return out + }(), + }, nil + } + } + if _UseFIPS == true { + uriString := func() string { + var out strings.Builder + out.WriteString("https://s3express-control-fips.") + out.WriteString(_Region) + out.WriteString(".amazonaws.com") + return out.String() + }() + + uri, err := url.Parse(uriString) + if err != nil { + return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) + } + + return smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: func() smithy.Properties { + var out smithy.Properties + out.Set("backend", "S3Express") + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3express") + smithyhttp.SetSigV4ASigningName(&sp, "s3express") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), + }, + }) + return out + }(), + }, nil + } + uriString := func() string { + var out strings.Builder + out.WriteString("https://s3express-control.") + out.WriteString(_Region) + out.WriteString(".amazonaws.com") + return out.String() + }() + + uri, err := url.Parse(uriString) + if err != nil { + return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) + } + + return smithyendpoints.Endpoint{ + URI: *uri, + Headers: http.Header{}, + Properties: func() smithy.Properties { + var out smithy.Properties + out.Set("backend", "S3Express") + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3express") + smithyhttp.SetSigV4ASigningName(&sp, "s3express") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), + }, + }) + return out + }(), + }, nil + } + } + } if exprVal := params.Bucket; exprVal != nil { _Bucket := *exprVal _ = _Bucket @@ -594,12 +1344,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3-outposts", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3-outposts") + smithyhttp.SetSigV4ASigningName(&sp, "s3-outposts") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -630,12 +1387,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3-outposts", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3-outposts") + smithyhttp.SetSigV4ASigningName(&sp, "s3-outposts") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -674,12 +1438,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3-outposts", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3-outposts") + smithyhttp.SetSigV4ASigningName(&sp, "s3-outposts") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -712,12 +1483,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3-outposts", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3-outposts") + smithyhttp.SetSigV4ASigningName(&sp, "s3-outposts") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -791,12 +1569,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -834,12 +1619,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -878,12 +1670,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -919,12 +1718,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -962,12 +1768,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -1006,12 +1819,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -1047,12 +1867,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -1088,12 +1915,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -1130,12 +1964,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -1171,12 +2012,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -1214,12 +2062,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -1258,12 +2113,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -1306,12 +2168,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -1356,12 +2225,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -1407,12 +2283,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -1439,12 +2322,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -1492,12 +2382,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -1525,12 +2422,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -1576,12 +2480,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -1628,12 +2539,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -1671,12 +2589,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -1713,12 +2638,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -1744,12 +2676,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -1786,12 +2725,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -1827,12 +2773,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -1869,12 +2822,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -1902,12 +2862,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -1946,12 +2913,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -2007,12 +2981,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -2118,12 +3099,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3-object-lambda", - "signingRegion": _bucketArn.Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3-object-lambda") + smithyhttp.SetSigV4ASigningName(&sp, "s3-object-lambda") + + smithyhttp.SetSigV4SigningRegion(&sp, _bucketArn.Region) + return sp + }(), }, }) return out @@ -2155,12 +3143,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3-object-lambda", - "signingRegion": _bucketArn.Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3-object-lambda") + smithyhttp.SetSigV4ASigningName(&sp, "s3-object-lambda") + + smithyhttp.SetSigV4SigningRegion(&sp, _bucketArn.Region) + return sp + }(), }, }) return out @@ -2190,12 +3185,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3-object-lambda", - "signingRegion": _bucketArn.Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3-object-lambda") + smithyhttp.SetSigV4ASigningName(&sp, "s3-object-lambda") + + smithyhttp.SetSigV4SigningRegion(&sp, _bucketArn.Region) + return sp + }(), }, }) return out @@ -2329,12 +3331,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _bucketArn.Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _bucketArn.Region) + return sp + }(), }, }) return out @@ -2367,12 +3376,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _bucketArn.Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _bucketArn.Region) + return sp + }(), }, }) return out @@ -2405,12 +3421,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _bucketArn.Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _bucketArn.Region) + return sp + }(), }, }) return out @@ -2449,12 +3472,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _bucketArn.Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _bucketArn.Region) + return sp + }(), }, }) return out @@ -2489,12 +3519,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _bucketArn.Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _bucketArn.Region) + return sp + }(), }, }) return out @@ -2593,14 +3630,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4a", - "signingName": "s3", - "signingRegionSet": []interface{}{ - "*", - }, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4a", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4ASigningRegions(&sp, []string{"*"}) + return sp + }(), }, }) return out @@ -2635,8 +3677,8 @@ func (r *resolver) ResolveEndpoint( return endpoint, fmt.Errorf("endpoint rule error, %s", "S3 Outposts does not support S3 Accelerate") } if exprVal := _bucketArn.ResourceId.Get(4); exprVal != nil { - _var_244 := *exprVal - _ = _var_244 + _var_275 := *exprVal + _ = _var_275 return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Arn: Outpost Access Point ARN contains sub resources") } if exprVal := _bucketArn.ResourceId.Get(1); exprVal != nil { @@ -2705,12 +3747,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3-outposts", - "signingRegion": _bucketArn.Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3-outposts") + smithyhttp.SetSigV4ASigningName(&sp, "s3-outposts") + + smithyhttp.SetSigV4SigningRegion(&sp, _bucketArn.Region) + return sp + }(), }, }) return out @@ -2743,12 +3792,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3-outposts", - "signingRegion": _bucketArn.Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3-outposts") + smithyhttp.SetSigV4ASigningName(&sp, "s3-outposts") + + smithyhttp.SetSigV4SigningRegion(&sp, _bucketArn.Region) + return sp + }(), }, }) return out @@ -2839,8 +3895,8 @@ func (r *resolver) ResolveEndpoint( } if _ForcePathStyle == true { if exprVal := awsrulesfn.ParseARN(_Bucket); exprVal != nil { - _var_257 := *exprVal - _ = _var_257 + _var_288 := *exprVal + _ = _var_288 return endpoint, fmt.Errorf("endpoint rule error, %s", "Path-style addressing cannot be used with ARN buckets") } } @@ -2873,12 +3929,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -2914,12 +3977,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -2956,12 +4026,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -2995,12 +4072,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -3036,12 +4120,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -3078,12 +4169,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -3117,12 +4215,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -3158,12 +4263,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -3200,12 +4312,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -3245,12 +4364,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -3292,12 +4418,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -3324,12 +4457,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -3371,12 +4511,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -3411,12 +4558,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -3451,12 +4605,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -3484,12 +4645,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -3526,12 +4694,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -3587,12 +4762,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3-object-lambda", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3-object-lambda") + smithyhttp.SetSigV4ASigningName(&sp, "s3-object-lambda") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -3620,12 +4802,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3-object-lambda", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3-object-lambda") + smithyhttp.SetSigV4ASigningName(&sp, "s3-object-lambda") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -3651,12 +4840,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3-object-lambda", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3-object-lambda") + smithyhttp.SetSigV4ASigningName(&sp, "s3-object-lambda") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -3694,12 +4890,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -3733,12 +4936,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -3773,12 +4983,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -3810,12 +5027,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -3849,12 +5073,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -3889,12 +5120,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -3926,12 +5164,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -3965,12 +5210,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -4005,12 +5257,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -4049,12 +5308,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -4095,12 +5361,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -4126,12 +5399,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -4172,12 +5452,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -4210,12 +5497,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -4248,12 +5542,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -4279,12 +5580,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -4319,12 +5627,19 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "disableDoubleEncoding": true, - "name": "sigv4", - "signingName": "s3", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetDisableDoubleEncoding(&sp, true) + + smithyhttp.SetSigV4SigningName(&sp, "s3") + smithyhttp.SetSigV4ASigningName(&sp, "s3") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -4345,3 +5660,85 @@ func (r *resolver) ResolveEndpoint( } return endpoint, fmt.Errorf("endpoint rule error, %s", "A region must be set when sending requests to S3.") } + +type endpointParamsBinder interface { + bindEndpointParams(*EndpointParameters) +} + +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { + params := &EndpointParameters{} + + params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) + params.UseFIPS = aws.Bool(options.EndpointOptions.UseFIPSEndpoint == aws.FIPSEndpointStateEnabled) + params.UseDualStack = aws.Bool(options.EndpointOptions.UseDualStackEndpoint == aws.DualStackEndpointStateEnabled) + params.Endpoint = options.BaseEndpoint + params.ForcePathStyle = aws.Bool(options.UsePathStyle) + params.Accelerate = aws.Bool(options.UseAccelerate) + params.DisableMultiRegionAccessPoints = aws.Bool(options.DisableMultiRegionAccessPoints) + params.UseArnRegion = aws.Bool(options.UseARNRegion) + + params.DisableS3ExpressSessionAuth = options.DisableS3ExpressSessionAuth + + if b, ok := input.(endpointParamsBinder); ok { + b.bindEndpointParams(params) + } + + return params +} + +type resolveEndpointV2Middleware struct { + options Options +} + +func (*resolveEndpointV2Middleware) ID() string { + return "ResolveEndpointV2" +} + +func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { + return next.HandleFinalize(ctx, in) + } + + req, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) + } + + if m.options.EndpointResolverV2 == nil { + return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") + } + + params := bindEndpointParams(getOperationInput(ctx), m.options) + endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) + if err != nil { + return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) + } + + if endpt.URI.RawPath == "" && req.URL.RawPath != "" { + endpt.URI.RawPath = endpt.URI.Path + } + req.URL.Scheme = endpt.URI.Scheme + req.URL.Host = endpt.URI.Host + req.URL.Path = smithyhttp.JoinPath(endpt.URI.Path, req.URL.Path) + req.URL.RawPath = smithyhttp.JoinPath(endpt.URI.RawPath, req.URL.RawPath) + for k := range endpt.Headers { + req.Header.Set(k, endpt.Headers.Get(k)) + } + + rscheme := getResolvedAuthScheme(ctx) + if rscheme == nil { + return out, metadata, fmt.Errorf("no resolved auth scheme") + } + + opts, _ := smithyauth.GetAuthOptions(&endpt.Properties) + for _, o := range opts { + rscheme.SignerProperties.SetAll(&o.SignerProperties) + } + + backend := s3cust.GetPropertiesBackend(&endpt.Properties) + ctx = internalcontext.SetS3Backend(ctx, backend) + + return next.HandleFinalize(ctx, in) +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/express.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/express.go new file mode 100644 index 000000000..bbac9ca27 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/express.go @@ -0,0 +1,9 @@ +package s3 + +import ( + "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" +) + +// ExpressCredentialsProvider retrieves credentials for operations against the +// S3Express storage class. +type ExpressCredentialsProvider = customizations.S3ExpressCredentialsProvider diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/express_default.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/express_default.go new file mode 100644 index 000000000..3b35a3e57 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/express_default.go @@ -0,0 +1,170 @@ +package s3 + +import ( + "context" + "crypto/hmac" + "crypto/sha256" + "errors" + "fmt" + "sync" + "time" + + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/internal/sdk" + "github.com/aws/aws-sdk-go-v2/internal/sync/singleflight" + "github.com/aws/smithy-go/container/private/cache" + "github.com/aws/smithy-go/container/private/cache/lru" +) + +const s3ExpressCacheCap = 100 + +const s3ExpressRefreshWindow = 1 * time.Minute + +type cacheKey struct { + CredentialsHash string // hmac(sigv4 akid, sigv4 secret) + Bucket string +} + +func (c cacheKey) Slug() string { + return fmt.Sprintf("%s%s", c.CredentialsHash, c.Bucket) +} + +type sessionCredsCache struct { + mu sync.Mutex + cache cache.Cache +} + +func (c *sessionCredsCache) Get(key cacheKey) (*aws.Credentials, bool) { + c.mu.Lock() + defer c.mu.Unlock() + + if v, ok := c.cache.Get(key); ok { + return v.(*aws.Credentials), true + } + return nil, false +} + +func (c *sessionCredsCache) Put(key cacheKey, creds *aws.Credentials) { + c.mu.Lock() + defer c.mu.Unlock() + + c.cache.Put(key, creds) +} + +// The default S3Express provider uses an LRU cache with a capacity of 100. +// +// Credentials will be refreshed asynchronously when a Retrieve() call is made +// for cached credentials within an expiry window (1 minute, currently +// non-configurable). +type defaultS3ExpressCredentialsProvider struct { + sf singleflight.Group + + client createSessionAPIClient + cache *sessionCredsCache + refreshWindow time.Duration + v4creds aws.CredentialsProvider // underlying credentials used for CreateSession +} + +type createSessionAPIClient interface { + CreateSession(context.Context, *CreateSessionInput, ...func(*Options)) (*CreateSessionOutput, error) +} + +func newDefaultS3ExpressCredentialsProvider() *defaultS3ExpressCredentialsProvider { + return &defaultS3ExpressCredentialsProvider{ + cache: &sessionCredsCache{ + cache: lru.New(s3ExpressCacheCap), + }, + refreshWindow: s3ExpressRefreshWindow, + } +} + +// returns a cloned provider using new base credentials, used when per-op +// config mutations change the credentials provider +func (p *defaultS3ExpressCredentialsProvider) CloneWithBaseCredentials(v4creds aws.CredentialsProvider) *defaultS3ExpressCredentialsProvider { + return &defaultS3ExpressCredentialsProvider{ + client: p.client, + cache: p.cache, + refreshWindow: p.refreshWindow, + v4creds: v4creds, + } +} + +func (p *defaultS3ExpressCredentialsProvider) Retrieve(ctx context.Context, bucket string) (aws.Credentials, error) { + v4creds, err := p.v4creds.Retrieve(ctx) + if err != nil { + return aws.Credentials{}, fmt.Errorf("get sigv4 creds: %w", err) + } + + key := cacheKey{ + CredentialsHash: gethmac(v4creds.AccessKeyID, v4creds.SecretAccessKey), + Bucket: bucket, + } + creds, ok := p.cache.Get(key) + if !ok || creds.Expired() { + return p.awaitDoChanRetrieve(ctx, key) + } + + if creds.Expires.Sub(sdk.NowTime()) <= p.refreshWindow { + p.doChanRetrieve(ctx, key) + } + + return *creds, nil +} + +func (p *defaultS3ExpressCredentialsProvider) doChanRetrieve(ctx context.Context, key cacheKey) <-chan singleflight.Result { + return p.sf.DoChan(key.Slug(), func() (interface{}, error) { + return p.retrieve(ctx, key) + }) +} + +func (p *defaultS3ExpressCredentialsProvider) awaitDoChanRetrieve(ctx context.Context, key cacheKey) (aws.Credentials, error) { + ch := p.doChanRetrieve(ctx, key) + + select { + case r := <-ch: + return r.Val.(aws.Credentials), r.Err + case <-ctx.Done(): + return aws.Credentials{}, errors.New("s3express retrieve credentials canceled") + } +} + +func (p *defaultS3ExpressCredentialsProvider) retrieve(ctx context.Context, key cacheKey) (aws.Credentials, error) { + resp, err := p.client.CreateSession(ctx, &CreateSessionInput{ + Bucket: aws.String(key.Bucket), + }) + if err != nil { + return aws.Credentials{}, err + } + + creds, err := credentialsFromResponse(resp) + if err != nil { + return aws.Credentials{}, err + } + + p.cache.Put(key, creds) + return *creds, nil +} + +func credentialsFromResponse(o *CreateSessionOutput) (*aws.Credentials, error) { + if o.Credentials == nil { + return nil, errors.New("s3express session credentials unset") + } + + if o.Credentials.AccessKeyId == nil || o.Credentials.SecretAccessKey == nil || o.Credentials.SessionToken == nil || o.Credentials.Expiration == nil { + return nil, errors.New("s3express session credentials missing one or more required fields") + } + + return &aws.Credentials{ + AccessKeyID: *o.Credentials.AccessKeyId, + SecretAccessKey: *o.Credentials.SecretAccessKey, + SessionToken: *o.Credentials.SessionToken, + CanExpire: true, + Expires: *o.Credentials.Expiration, + }, nil +} + +func gethmac(p, key string) string { + hash := hmac.New(sha256.New, []byte(key)) + hash.Write([]byte(p)) + return string(hash.Sum(nil)) +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/express_resolve.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/express_resolve.go new file mode 100644 index 000000000..18d6c06ad --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/express_resolve.go @@ -0,0 +1,44 @@ +package s3 + +import ( + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" +) + +// If the caller hasn't provided an S3Express provider, we use our default +// which will grab a reference to the S3 client itself in finalization. +func resolveExpressCredentials(o *Options) { + if o.ExpressCredentials == nil { + o.ExpressCredentials = newDefaultS3ExpressCredentialsProvider() + } +} + +// Config finalizer: if we're using the default S3Express implementation, grab +// a reference to the client for its CreateSession API, and the underlying +// sigv4 credentials provider for cache keying. +func finalizeExpressCredentials(o *Options, c *Client) { + if p, ok := o.ExpressCredentials.(*defaultS3ExpressCredentialsProvider); ok { + p.client = c + p.v4creds = o.Credentials + } +} + +// Operation config finalizer: update the sigv4 credentials on the default +// express provider if it changed to ensure different cache keys +func finalizeOperationExpressCredentials(o *Options, c Client) { + p, ok := o.ExpressCredentials.(*defaultS3ExpressCredentialsProvider) + if !ok { + return + } + + if c.options.Credentials != o.Credentials { + o.ExpressCredentials = p.CloneWithBaseCredentials(o.Credentials) + } +} + +// NewFromConfig resolver: pull from opaque sources if it exists. +func resolveDisableExpressAuth(cfg aws.Config, o *Options) { + if v, ok := customizations.ResolveDisableExpressAuth(cfg.ConfigSources); ok { + o.DisableS3ExpressSessionAuth = &v + } +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/generated.json b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/generated.json index b15270c4d..4e666764f 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/generated.json +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/generated.json @@ -20,6 +20,7 @@ "api_op_CopyObject.go", "api_op_CreateBucket.go", "api_op_CreateMultipartUpload.go", + "api_op_CreateSession.go", "api_op_DeleteBucket.go", "api_op_DeleteBucketAnalyticsConfiguration.go", "api_op_DeleteBucketCors.go", @@ -73,6 +74,7 @@ "api_op_ListBucketInventoryConfigurations.go", "api_op_ListBucketMetricsConfigurations.go", "api_op_ListBuckets.go", + "api_op_ListDirectoryBuckets.go", "api_op_ListMultipartUploads.go", "api_op_ListObjectVersions.go", "api_op_ListObjects.go", @@ -108,6 +110,7 @@ "api_op_UploadPart.go", "api_op_UploadPartCopy.go", "api_op_WriteGetObjectResponse.go", + "auth.go", "deserializers.go", "doc.go", "endpoints.go", @@ -117,6 +120,7 @@ "generated.json", "internal/endpoints/endpoints.go", "internal/endpoints/endpoints_test.go", + "options.go", "protocol_test.go", "serializers.go", "types/enums.go", diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/go_module_metadata.go index 9ef7a1d2b..3b7c6ddca 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/go_module_metadata.go @@ -3,4 +3,4 @@ package s3 // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.42.1" +const goModuleVersion = "1.47.5" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/handwritten_paginators.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/handwritten_paginators.go index 3d0b25100..6aae79e7c 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/handwritten_paginators.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/handwritten_paginators.go @@ -3,6 +3,8 @@ package s3 import ( "context" "fmt" + + "github.com/aws/aws-sdk-go-v2/aws" ) // ListObjectVersionsAPIClient is a client that implements the ListObjectVersions @@ -42,7 +44,9 @@ func NewListObjectVersionsPaginator(client ListObjectVersionsAPIClient, params * } options := ListObjectVersionsPaginatorOptions{} - options.Limit = params.MaxKeys + if params.MaxKeys != nil { + options.Limit = aws.ToInt32(params.MaxKeys) + } for _, fn := range optFns { fn(&options) @@ -77,7 +81,9 @@ func (p *ListObjectVersionsPaginator) NextPage(ctx context.Context, optFns ...fu if p.options.Limit > 0 { limit = p.options.Limit } - params.MaxKeys = limit + if limit > 0 { + params.MaxKeys = aws.Int32(limit) + } result, err := p.client.ListObjectVersions(ctx, ¶ms, optFns...) if err != nil { @@ -86,10 +92,10 @@ func (p *ListObjectVersionsPaginator) NextPage(ctx context.Context, optFns ...fu p.firstPage = false prevToken := p.keyMarker - p.isTruncated = result.IsTruncated + p.isTruncated = aws.ToBool(result.IsTruncated) p.keyMarker = nil p.versionIDMarker = nil - if result.IsTruncated { + if aws.ToBool(result.IsTruncated) { p.keyMarker = result.NextKeyMarker p.versionIDMarker = result.NextVersionIdMarker } @@ -141,7 +147,9 @@ func NewListMultipartUploadsPaginator(client ListMultipartUploadsAPIClient, para } options := ListMultipartUploadsPaginatorOptions{} - options.Limit = params.MaxUploads + if params.MaxUploads != nil { + options.Limit = aws.ToInt32(params.MaxUploads) + } for _, fn := range optFns { fn(&options) @@ -176,7 +184,9 @@ func (p *ListMultipartUploadsPaginator) NextPage(ctx context.Context, optFns ... if p.options.Limit > 0 { limit = p.options.Limit } - params.MaxUploads = limit + if limit > 0 { + params.MaxUploads = aws.Int32(limit) + } result, err := p.client.ListMultipartUploads(ctx, ¶ms, optFns...) if err != nil { @@ -185,10 +195,10 @@ func (p *ListMultipartUploadsPaginator) NextPage(ctx context.Context, optFns ... p.firstPage = false prevToken := p.keyMarker - p.isTruncated = result.IsTruncated + p.isTruncated = aws.ToBool(result.IsTruncated) p.keyMarker = nil p.uploadIDMarker = nil - if result.IsTruncated { + if aws.ToBool(result.IsTruncated) { p.keyMarker = result.NextKeyMarker p.uploadIDMarker = result.NextUploadIdMarker } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/context.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/context.go new file mode 100644 index 000000000..91b8fde0d --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/context.go @@ -0,0 +1,21 @@ +package customizations + +import ( + "context" + + "github.com/aws/smithy-go/middleware" +) + +type bucketKey struct{} + +// SetBucket stores a bucket name within the request context, which is required +// for a variety of custom S3 behaviors. +func SetBucket(ctx context.Context, bucket string) context.Context { + return middleware.WithStackValue(ctx, bucketKey{}, bucket) +} + +// GetBucket retrieves a stored bucket name within a context. +func GetBucket(ctx context.Context) string { + v, _ := middleware.GetStackValue(ctx, bucketKey{}).(string) + return v +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/express.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/express.go new file mode 100644 index 000000000..8cc0b3624 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/express.go @@ -0,0 +1,44 @@ +package customizations + +import ( + "context" + "fmt" + + "github.com/aws/aws-sdk-go-v2/aws" + internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" + "github.com/aws/smithy-go" + "github.com/aws/smithy-go/auth" +) + +// S3ExpressCredentialsProvider retrieves credentials for the S3Express storage +// class. +type S3ExpressCredentialsProvider interface { + Retrieve(ctx context.Context, bucket string) (aws.Credentials, error) +} + +// ExpressIdentityResolver retrieves identity for the S3Express storage class. +type ExpressIdentityResolver struct { + Provider S3ExpressCredentialsProvider +} + +var _ (auth.IdentityResolver) = (*ExpressIdentityResolver)(nil) + +// GetIdentity retrieves AWS credentials using the underlying provider. +func (v *ExpressIdentityResolver) GetIdentity(ctx context.Context, props smithy.Properties) ( + auth.Identity, error, +) { + bucket, ok := GetIdentityPropertiesBucket(&props) + if !ok { + bucket = GetBucket(ctx) + } + if bucket == "" { + return nil, fmt.Errorf("bucket name is missing") + } + + creds, err := v.Provider.Retrieve(ctx, bucket) + if err != nil { + return nil, fmt.Errorf("get credentials: %v", err) + } + + return &internalauthsmithy.CredentialsAdapter{Credentials: creds}, nil +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/express_config.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/express_config.go new file mode 100644 index 000000000..bb22d3474 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/express_config.go @@ -0,0 +1,18 @@ +package customizations + +type s3DisableExpressAuthProvider interface { + GetS3DisableExpressAuth() (bool, bool) +} + +// ResolveDisableExpressAuth pulls S3DisableExpressAuth setting from config +// sources. +func ResolveDisableExpressAuth(configs []interface{}) (value bool, exists bool) { + for _, cfg := range configs { + if p, ok := cfg.(s3DisableExpressAuthProvider); ok { + if value, exists = p.GetS3DisableExpressAuth(); exists { + break + } + } + } + return +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/express_default_checksum.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/express_default_checksum.go new file mode 100644 index 000000000..cf3ff5966 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/express_default_checksum.go @@ -0,0 +1,42 @@ +package customizations + +import ( + "context" + "fmt" + + ictx "github.com/aws/aws-sdk-go-v2/internal/context" + "github.com/aws/aws-sdk-go-v2/service/internal/checksum" + "github.com/aws/smithy-go/middleware" +) + +type expressDefaultChecksumMiddleware struct{} + +func (*expressDefaultChecksumMiddleware) ID() string { + return "expressDefaultChecksum" +} + +func (*expressDefaultChecksumMiddleware) HandleFinalize( + ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, +) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + if ictx.GetS3Backend(ctx) == ictx.S3BackendS3Express && ictx.GetChecksumInputAlgorithm(ctx) == "" { + ctx = ictx.SetChecksumInputAlgorithm(ctx, string(checksum.AlgorithmCRC32)) + } + return next.HandleFinalize(ctx, in) +} + +// AddExpressDefaultChecksumMiddleware appends a step to default to CRC32 for +// S3Express requests. This should only be applied to operations where a +// checksum is required (e.g. DeleteObject). +func AddExpressDefaultChecksumMiddleware(s *middleware.Stack) error { + err := s.Finalize.Insert( + &expressDefaultChecksumMiddleware{}, + "AWSChecksum:ComputeInputPayloadChecksum", + middleware.Before, + ) + if err != nil { + return fmt.Errorf("add expressDefaultChecksum: %v", err) + } + return nil +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/express_properties.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/express_properties.go new file mode 100644 index 000000000..171de4613 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/express_properties.go @@ -0,0 +1,21 @@ +package customizations + +import "github.com/aws/smithy-go" + +// GetPropertiesBackend returns a resolved endpoint backend from the property +// set. +func GetPropertiesBackend(p *smithy.Properties) string { + v, _ := p.Get("backend").(string) + return v +} + +// GetIdentityPropertiesBucket returns the S3 bucket from identity properties. +func GetIdentityPropertiesBucket(ip *smithy.Properties) (string, bool) { + v, ok := ip.Get(bucketKey{}).(string) + return v, ok +} + +// SetIdentityPropertiesBucket sets the S3 bucket to identity properties. +func SetIdentityPropertiesBucket(ip *smithy.Properties, bucket string) { + ip.Set(bucketKey{}, bucket) +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/express_signer.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/express_signer.go new file mode 100644 index 000000000..545e5b220 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/express_signer.go @@ -0,0 +1,109 @@ +package customizations + +import ( + "context" + "net/http" + "time" + + "github.com/aws/aws-sdk-go-v2/aws" + v4 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" + "github.com/aws/smithy-go/middleware" +) + +const ( + s3ExpressSignerVersion = "com.amazonaws.s3#sigv4express" + headerAmzSessionToken = "x-amz-s3session-token" +) + +// adapts a v4 signer for S3Express +type s3ExpressSignerAdapter struct { + v4 v4.HTTPSigner +} + +// SignHTTP performs S3Express signing on a request, which is identical to +// SigV4 signing save for an additional header containing the S3Express +// session token. +func (s *s3ExpressSignerAdapter) SignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time, optFns ...func(*v4.SignerOptions)) error { + r.Header.Set(headerAmzSessionToken, credentials.SessionToken) + optFns = append(optFns, func(o *v4.SignerOptions) { + o.DisableSessionToken = true + }) + return s.v4.SignHTTP(ctx, credentials, r, payloadHash, service, region, signingTime, optFns...) +} + +// adapts S3ExpressCredentialsProvider to the standard AWS +// CredentialsProvider interface +type s3ExpressCredentialsAdapter struct { + provider S3ExpressCredentialsProvider + bucket string +} + +func (c *s3ExpressCredentialsAdapter) Retrieve(ctx context.Context) (aws.Credentials, error) { + return c.provider.Retrieve(ctx, c.bucket) +} + +// S3ExpressSignHTTPRequestMiddleware signs S3 S3Express requests. +// +// This is NOT mutually exclusive with existing v4 or v4a signer handling on +// the stack itself, but only one handler will actually perform signing based +// on the provided signing version in the context. +type S3ExpressSignHTTPRequestMiddleware struct { + Credentials S3ExpressCredentialsProvider + Signer v4.HTTPSigner + LogSigning bool +} + +// ID identifies S3ExpressSignHTTPRequestMiddleware. +func (*S3ExpressSignHTTPRequestMiddleware) ID() string { + return "S3ExpressSigning" +} + +// HandleFinalize will sign the request if the S3Express signer has been +// selected. +func (m *S3ExpressSignHTTPRequestMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + if GetSignerVersion(ctx) != s3ExpressSignerVersion { + return next.HandleFinalize(ctx, in) + } + + mw := v4.NewSignHTTPRequestMiddleware(v4.SignHTTPRequestMiddlewareOptions{ + CredentialsProvider: m.credentialsAdapter(ctx), + Signer: m.signerAdapter(), + LogSigning: m.LogSigning, + }) + return mw.HandleFinalize(ctx, in, next) +} + +func (m *S3ExpressSignHTTPRequestMiddleware) credentialsAdapter(ctx context.Context) aws.CredentialsProvider { + return &s3ExpressCredentialsAdapter{ + provider: m.Credentials, + bucket: GetBucket(ctx), + } +} + +func (m *S3ExpressSignHTTPRequestMiddleware) signerAdapter() v4.HTTPSigner { + return &s3ExpressSignerAdapter{v4: m.Signer} +} + +type s3ExpressPresignerAdapter struct { + v4 v4.HTTPPresigner +} + +// SignHTTP performs S3Express signing on a request, which is identical to +// SigV4 signing save for an additional header containing the S3Express +// session token. +func (s *s3ExpressPresignerAdapter) PresignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time, optFns ...func(*v4.SignerOptions)) ( + string, http.Header, error, +) { + r.Header.Set(headerAmzSessionToken, credentials.SessionToken) + optFns = append(optFns, func(o *v4.SignerOptions) { + o.DisableSessionToken = true + }) + return s.v4.PresignHTTP(ctx, credentials, r, payloadHash, service, region, signingTime, optFns...) +} + +var ( + _ aws.CredentialsProvider = &s3ExpressCredentialsAdapter{} + _ v4.HTTPSigner = &s3ExpressSignerAdapter{} +) diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/express_signer_smithy.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/express_signer_smithy.go new file mode 100644 index 000000000..e3ec7f011 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/express_signer_smithy.go @@ -0,0 +1,61 @@ +package customizations + +import ( + "context" + "fmt" + + v4 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" + internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" + "github.com/aws/aws-sdk-go-v2/internal/sdk" + "github.com/aws/smithy-go" + "github.com/aws/smithy-go/auth" + "github.com/aws/smithy-go/logging" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// ExpressSigner signs requests for the sigv4-s3express auth scheme. +// +// This signer respects the aws.auth#sigv4 properties for signing name and +// region. +type ExpressSigner struct { + Signer v4.HTTPSigner + Logger logging.Logger + LogSigning bool +} + +var _ (smithyhttp.Signer) = (*ExpressSigner)(nil) + +// SignRequest signs the request with the provided identity. +func (v *ExpressSigner) SignRequest(ctx context.Context, r *smithyhttp.Request, identity auth.Identity, props smithy.Properties) error { + ca, ok := identity.(*internalauthsmithy.CredentialsAdapter) + if !ok { + return fmt.Errorf("unexpected identity type: %T", identity) + } + + name, ok := smithyhttp.GetSigV4SigningName(&props) + if !ok { + return fmt.Errorf("sigv4 signing name is required for s3express variant") + } + + region, ok := smithyhttp.GetSigV4SigningRegion(&props) + if !ok { + return fmt.Errorf("sigv4 signing region is required for s3express variant") + } + + hash := v4.GetPayloadHash(ctx) + + r.Header.Set(headerAmzSessionToken, ca.Credentials.SessionToken) + err := v.Signer.SignHTTP(ctx, ca.Credentials, r.Request, hash, name, region, sdk.NowTime(), func(o *v4.SignerOptions) { + o.DisableSessionToken = true + + o.DisableURIPathEscaping, _ = smithyhttp.GetDisableDoubleEncoding(&props) + + o.Logger = v.Logger + o.LogSigning = v.LogSigning + }) + if err != nil { + return fmt.Errorf("sign http: %v", err) + } + + return nil +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/signer_wrapper.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/signer_wrapper.go index 4408f3e8a..cc2bf9c13 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/signer_wrapper.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/signer_wrapper.go @@ -77,15 +77,21 @@ func (s *SignHTTPRequestMiddleware) ID() string { return "Signing" } -// HandleFinalize will take the provided input and sign the request using the SigV4 authentication scheme +// HandleFinalize will take the provided input and handle signing for either +// SigV4 or SigV4A as called for. func (s *SignHTTPRequestMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { - // fetch signer type from context - signerVersion := GetSignerVersion(ctx) + sv := GetSignerVersion(ctx) - // SigV4a - if strings.EqualFold(signerVersion, v4a.Version) { + if strings.EqualFold(sv, v4.Version) { + mw := v4.NewSignHTTPRequestMiddleware(v4.SignHTTPRequestMiddlewareOptions{ + CredentialsProvider: s.credentialsProvider, + Signer: s.v4Signer, + LogSigning: s.logSigning, + }) + return mw.HandleFinalize(ctx, in, next) + } else if strings.EqualFold(sv, v4a.Version) { v4aCredentialProvider, ok := s.credentialsProvider.(v4a.CredentialsProvider) if !ok { return out, metadata, fmt.Errorf("invalid credential-provider provided for sigV4a Signer") @@ -98,13 +104,8 @@ func (s *SignHTTPRequestMiddleware) HandleFinalize(ctx context.Context, in middl }) return mw.HandleFinalize(ctx, in, next) } - // SigV4 - mw := v4.NewSignHTTPRequestMiddleware(v4.SignHTTPRequestMiddlewareOptions{ - CredentialsProvider: s.credentialsProvider, - Signer: s.v4Signer, - LogSigning: s.logSigning, - }) - return mw.HandleFinalize(ctx, in, next) + + return next.HandleFinalize(ctx, in) } // RegisterSigningMiddleware registers the wrapper signing middleware to the stack. If a signing middleware is already @@ -124,6 +125,7 @@ func RegisterSigningMiddleware(stack *middleware.Stack, signingMiddleware *SignH // PresignHTTPRequestMiddlewareOptions is the options for the PresignHTTPRequestMiddleware middleware. type PresignHTTPRequestMiddlewareOptions struct { CredentialsProvider aws.CredentialsProvider + ExpressCredentials S3ExpressCredentialsProvider V4Presigner v4.HTTPPresigner V4aPresigner v4a.HTTPPresigner LogSigning bool @@ -139,6 +141,9 @@ type PresignHTTPRequestMiddleware struct { // cred provider and signer for sigv4 credentialsProvider aws.CredentialsProvider + // s3Express credentials + expressCredentials S3ExpressCredentialsProvider + // sigV4 signer v4Signer v4.HTTPPresigner @@ -153,6 +158,7 @@ type PresignHTTPRequestMiddleware struct { func NewPresignHTTPRequestMiddleware(options PresignHTTPRequestMiddlewareOptions) *PresignHTTPRequestMiddleware { return &PresignHTTPRequestMiddleware{ credentialsProvider: options.CredentialsProvider, + expressCredentials: options.ExpressCredentials, v4Signer: options.V4Presigner, v4aSigner: options.V4aPresigner, logSigning: options.LogSigning, @@ -175,7 +181,7 @@ func (p *PresignHTTPRequestMiddleware) HandleFinalize( signerVersion := GetSignerVersion(ctx) switch signerVersion { - case v4a.Version: + case "aws.auth#sigv4a": v4aCredentialProvider, ok := p.credentialsProvider.(v4a.CredentialsProvider) if !ok { return out, metadata, fmt.Errorf("invalid credential-provider provided for sigV4a Signer") @@ -187,14 +193,25 @@ func (p *PresignHTTPRequestMiddleware) HandleFinalize( LogSigning: p.logSigning, }) return mw.HandleFinalize(ctx, in, next) - - default: + case "aws.auth#sigv4": mw := v4.NewPresignHTTPRequestMiddleware(v4.PresignHTTPRequestMiddlewareOptions{ CredentialsProvider: p.credentialsProvider, Presigner: p.v4Signer, LogSigning: p.logSigning, }) return mw.HandleFinalize(ctx, in, next) + case s3ExpressSignerVersion: + mw := v4.NewPresignHTTPRequestMiddleware(v4.PresignHTTPRequestMiddlewareOptions{ + CredentialsProvider: &s3ExpressCredentialsAdapter{ + provider: p.expressCredentials, + bucket: GetBucket(ctx), + }, + Presigner: &s3ExpressPresignerAdapter{v4: p.v4Signer}, + LogSigning: p.logSigning, + }) + return mw.HandleFinalize(ctx, in, next) + default: + return out, metadata, fmt.Errorf("unsupported signer type \"%s\"", signerVersion) } } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/options.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/options.go new file mode 100644 index 000000000..064bcefb4 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/options.go @@ -0,0 +1,314 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package s3 + +import ( + "context" + "fmt" + "github.com/aws/aws-sdk-go-v2/aws" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" + "github.com/aws/aws-sdk-go-v2/internal/v4a" + s3cust "github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations" + smithyauth "github.com/aws/smithy-go/auth" + "github.com/aws/smithy-go/logging" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" + "net/http" +) + +type HTTPClient interface { + Do(*http.Request) (*http.Response, error) +} + +type Options struct { + // Set of options to modify how an operation is invoked. These apply to all + // operations invoked for this client. Use functional options on operation call to + // modify this list for per operation behavior. + APIOptions []func(*middleware.Stack) error + + // The optional application specific identifier appended to the User-Agent header. + AppID string + + // This endpoint will be given as input to an EndpointResolverV2. It is used for + // providing a custom base endpoint that is subject to modifications by the + // processing EndpointResolverV2. + BaseEndpoint *string + + // Configures the events that will be sent to the configured logger. + ClientLogMode aws.ClientLogMode + + // The threshold ContentLength in bytes for HTTP PUT request to receive {Expect: + // 100-continue} header. Setting to -1 will disable adding the Expect header to + // requests; setting to 0 will set the threshold to default 2MB + ContinueHeaderThresholdBytes int64 + + // The credentials object to use when signing requests. + Credentials aws.CredentialsProvider + + // The configuration DefaultsMode that the SDK should use when constructing the + // clients initial default settings. + DefaultsMode aws.DefaultsMode + + // Allows you to disable S3 Multi-Region access points feature. + DisableMultiRegionAccessPoints bool + + // Disables this client's usage of Session Auth for S3Express buckets and reverts + // to using conventional SigV4 for those. + DisableS3ExpressSessionAuth *bool + + // The endpoint options to be used when attempting to resolve an endpoint. + EndpointOptions EndpointResolverOptions + + // The service endpoint resolver. + // + // Deprecated: Deprecated: EndpointResolver and WithEndpointResolver. Providing a + // value for this field will likely prevent you from using any endpoint-related + // service features released after the introduction of EndpointResolverV2 and + // BaseEndpoint. To migrate an EndpointResolver implementation that uses a custom + // endpoint, set the client option BaseEndpoint instead. + EndpointResolver EndpointResolver + + // Resolves the endpoint used for a particular service operation. This should be + // used over the deprecated EndpointResolver. + EndpointResolverV2 EndpointResolverV2 + + // The credentials provider for S3Express requests. + ExpressCredentials ExpressCredentialsProvider + + // Signature Version 4 (SigV4) Signer + HTTPSignerV4 HTTPSignerV4 + + // The logger writer interface to write logging messages to. + Logger logging.Logger + + // The region to send requests to. (Required) + Region string + + // RetryMaxAttempts specifies the maximum number attempts an API client will call + // an operation that fails with a retryable error. A value of 0 is ignored, and + // will not be used to configure the API client created default retryer, or modify + // per operation call's retry max attempts. If specified in an operation call's + // functional options with a value that is different than the constructed client's + // Options, the Client's Retryer will be wrapped to use the operation's specific + // RetryMaxAttempts value. + RetryMaxAttempts int + + // RetryMode specifies the retry mode the API client will be created with, if + // Retryer option is not also specified. When creating a new API Clients this + // member will only be used if the Retryer Options member is nil. This value will + // be ignored if Retryer is not nil. Currently does not support per operation call + // overrides, may in the future. + RetryMode aws.RetryMode + + // Retryer guides how HTTP requests should be retried in case of recoverable + // failures. When nil the API client will use a default retryer. The kind of + // default retry created by the API client can be changed with the RetryMode + // option. + Retryer aws.Retryer + + // The RuntimeEnvironment configuration, only populated if the DefaultsMode is set + // to DefaultsModeAuto and is initialized using config.LoadDefaultConfig . You + // should not populate this structure programmatically, or rely on the values here + // within your applications. + RuntimeEnvironment aws.RuntimeEnvironment + + // Allows you to enable arn region support for the service. + UseARNRegion bool + + // Allows you to enable S3 Accelerate feature. All operations compatible with S3 + // Accelerate will use the accelerate endpoint for requests. Requests not + // compatible will fall back to normal S3 requests. The bucket must be enabled for + // accelerate to be used with S3 client with accelerate enabled. If the bucket is + // not enabled for accelerate an error will be returned. The bucket name must be + // DNS compatible to work with accelerate. + UseAccelerate bool + + // Allows you to enable dual-stack endpoint support for the service. + // + // Deprecated: Set dual-stack by setting UseDualStackEndpoint on + // EndpointResolverOptions. When EndpointResolverOptions' UseDualStackEndpoint + // field is set it overrides this field value. + UseDualstack bool + + // Allows you to enable the client to use path-style addressing, i.e., + // https://s3.amazonaws.com/BUCKET/KEY . By default, the S3 client will use virtual + // hosted bucket addressing when possible( https://BUCKET.s3.amazonaws.com/KEY ). + UsePathStyle bool + + // Signature Version 4a (SigV4a) Signer + httpSignerV4a httpSignerV4a + + // The initial DefaultsMode used when the client options were constructed. If the + // DefaultsMode was set to aws.DefaultsModeAuto this will store what the resolved + // value was at that point in time. Currently does not support per operation call + // overrides, may in the future. + resolvedDefaultsMode aws.DefaultsMode + + // The HTTP client to invoke API calls with. Defaults to client's default HTTP + // implementation if nil. + HTTPClient HTTPClient + + // The auth scheme resolver which determines how to authenticate for each + // operation. + AuthSchemeResolver AuthSchemeResolver + + // The list of auth schemes supported by the client. + AuthSchemes []smithyhttp.AuthScheme +} + +// Copy creates a clone where the APIOptions list is deep copied. +func (o Options) Copy() Options { + to := o + to.APIOptions = make([]func(*middleware.Stack) error, len(o.APIOptions)) + copy(to.APIOptions, o.APIOptions) + + return to +} + +func (o Options) GetIdentityResolver(schemeID string) smithyauth.IdentityResolver { + if schemeID == "aws.auth#sigv4" { + return getSigV4IdentityResolver(o) + } + if schemeID == "com.amazonaws.s3#sigv4express" { + return getExpressIdentityResolver(o) + } + if schemeID == "aws.auth#sigv4a" { + return getSigV4AIdentityResolver(o) + } + if schemeID == "smithy.api#noAuth" { + return &smithyauth.AnonymousIdentityResolver{} + } + return nil +} + +// WithAPIOptions returns a functional option for setting the Client's APIOptions +// option. +func WithAPIOptions(optFns ...func(*middleware.Stack) error) func(*Options) { + return func(o *Options) { + o.APIOptions = append(o.APIOptions, optFns...) + } +} + +// Deprecated: EndpointResolver and WithEndpointResolver. Providing a value for +// this field will likely prevent you from using any endpoint-related service +// features released after the introduction of EndpointResolverV2 and BaseEndpoint. +// To migrate an EndpointResolver implementation that uses a custom endpoint, set +// the client option BaseEndpoint instead. +func WithEndpointResolver(v EndpointResolver) func(*Options) { + return func(o *Options) { + o.EndpointResolver = v + } +} + +// WithEndpointResolverV2 returns a functional option for setting the Client's +// EndpointResolverV2 option. +func WithEndpointResolverV2(v EndpointResolverV2) func(*Options) { + return func(o *Options) { + o.EndpointResolverV2 = v + } +} + +func getSigV4IdentityResolver(o Options) smithyauth.IdentityResolver { + if o.Credentials != nil { + return &internalauthsmithy.CredentialsProviderAdapter{Provider: o.Credentials} + } + return nil +} + +// WithSigV4SigningName applies an override to the authentication workflow to +// use the given signing name for SigV4-authenticated operations. +// +// This is an advanced setting. The value here is FINAL, taking precedence over +// the resolved signing name from both auth scheme resolution and endpoint +// resolution. +func WithSigV4SigningName(name string) func(*Options) { + fn := func(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, + ) { + return next.HandleInitialize(awsmiddleware.SetSigningName(ctx, name), in) + } + return func(o *Options) { + o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error { + return s.Initialize.Add( + middleware.InitializeMiddlewareFunc("withSigV4SigningName", fn), + middleware.Before, + ) + }) + } +} + +// WithSigV4SigningRegion applies an override to the authentication workflow to +// use the given signing region for SigV4-authenticated operations. +// +// This is an advanced setting. The value here is FINAL, taking precedence over +// the resolved signing region from both auth scheme resolution and endpoint +// resolution. +func WithSigV4SigningRegion(region string) func(*Options) { + fn := func(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, + ) { + return next.HandleInitialize(awsmiddleware.SetSigningRegion(ctx, region), in) + } + return func(o *Options) { + o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error { + return s.Initialize.Add( + middleware.InitializeMiddlewareFunc("withSigV4SigningRegion", fn), + middleware.Before, + ) + }) + } +} + +func getSigV4AIdentityResolver(o Options) smithyauth.IdentityResolver { + if o.Credentials != nil { + return &v4a.CredentialsProviderAdapter{ + Provider: &v4a.SymmetricCredentialAdaptor{ + SymmetricProvider: o.Credentials, + }, + } + } + return nil +} + +// WithSigV4ASigningRegions applies an override to the authentication workflow to +// use the given signing region set for SigV4A-authenticated operations. +// +// This is an advanced setting. The value here is FINAL, taking precedence over +// the resolved signing region set from both auth scheme resolution and endpoint +// resolution. +func WithSigV4ASigningRegions(regions []string) func(*Options) { + fn := func(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, + ) { + rscheme := getResolvedAuthScheme(ctx) + if rscheme == nil { + return out, metadata, fmt.Errorf("no resolved auth scheme") + } + + smithyhttp.SetSigV4ASigningRegions(&rscheme.SignerProperties, regions) + return next.HandleFinalize(ctx, in) + } + return func(o *Options) { + o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error { + return s.Finalize.Insert( + middleware.FinalizeMiddlewareFunc("withSigV4ASigningRegions", fn), + "Signing", + middleware.Before, + ) + }) + } +} + +func ignoreAnonymousAuth(options *Options) { + if aws.IsCredentialsProvider(options.Credentials, (*aws.AnonymousCredentials)(nil)) { + options.Credentials = nil + } +} + +func getExpressIdentityResolver(o Options) smithyauth.IdentityResolver { + if o.ExpressCredentials != nil { + return &s3cust.ExpressIdentityResolver{Provider: o.ExpressCredentials} + } + return nil +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/serialize_immutable_hostname_bucket.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/serialize_immutable_hostname_bucket.go index cb22779fb..4e34d1a22 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/serialize_immutable_hostname_bucket.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/serialize_immutable_hostname_bucket.go @@ -3,9 +3,10 @@ package s3 import ( "context" "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "path" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn" smithy "github.com/aws/smithy-go" "github.com/aws/smithy-go/encoding/httpbinding" @@ -38,16 +39,20 @@ func (m *serializeImmutableHostnameBucketMiddleware) HandleSerialize( if !ok { return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} } - if !smithyhttp.GetHostnameImmutable(ctx) && - !(awsmiddleware.GetRequiresLegacyEndpoints(ctx) && m.UsePathStyle) { - return next.HandleSerialize(ctx, in) - } bucket, ok := bucketFromInput(in.Parameters) if !ok { return next.HandleSerialize(ctx, in) } + // a bucket being un-vhostable will also force us to use path style + usePathStyle := m.UsePathStyle || !awsrulesfn.IsVirtualHostableS3Bucket(bucket, request.URL.Scheme != "https") + + if !smithyhttp.GetHostnameImmutable(ctx) && + !(awsmiddleware.GetRequiresLegacyEndpoints(ctx) && usePathStyle) { + return next.HandleSerialize(ctx, in) + } + parsedBucket := awsrulesfn.ParseARN(bucket) // disallow ARN buckets except for MRAP arns diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/serializers.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/serializers.go index 463f6b706..59524bdcb 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/serializers.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/serializers.go @@ -293,9 +293,9 @@ func awsRestxml_serializeOpHttpBindingsCopyObjectInput(v *CopyObjectInput, encod encoder.SetHeader(locationName).String(string(v.ACL)) } - if v.BucketKeyEnabled { + if v.BucketKeyEnabled != nil { locationName := "X-Amz-Server-Side-Encryption-Bucket-Key-Enabled" - encoder.SetHeader(locationName).Boolean(v.BucketKeyEnabled) + encoder.SetHeader(locationName).Boolean(*v.BucketKeyEnabled) } if v.CacheControl != nil && len(*v.CacheControl) > 0 { @@ -606,9 +606,9 @@ func awsRestxml_serializeOpHttpBindingsCreateBucketInput(v *CreateBucketInput, e encoder.SetHeader(locationName).String(*v.GrantWriteACP) } - if v.ObjectLockEnabledForBucket { + if v.ObjectLockEnabledForBucket != nil { locationName := "X-Amz-Bucket-Object-Lock-Enabled" - encoder.SetHeader(locationName).Boolean(v.ObjectLockEnabledForBucket) + encoder.SetHeader(locationName).Boolean(*v.ObjectLockEnabledForBucket) } if len(v.ObjectOwnership) > 0 { @@ -677,9 +677,9 @@ func awsRestxml_serializeOpHttpBindingsCreateMultipartUploadInput(v *CreateMulti encoder.SetHeader(locationName).String(string(v.ACL)) } - if v.BucketKeyEnabled { + if v.BucketKeyEnabled != nil { locationName := "X-Amz-Server-Side-Encryption-Bucket-Key-Enabled" - encoder.SetHeader(locationName).Boolean(v.BucketKeyEnabled) + encoder.SetHeader(locationName).Boolean(*v.BucketKeyEnabled) } if v.CacheControl != nil && len(*v.CacheControl) > 0 { @@ -828,6 +828,67 @@ func awsRestxml_serializeOpHttpBindingsCreateMultipartUploadInput(v *CreateMulti return nil } +type awsRestxml_serializeOpCreateSession struct { +} + +func (*awsRestxml_serializeOpCreateSession) ID() string { + return "OperationSerializer" +} + +func (m *awsRestxml_serializeOpCreateSession) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*CreateSessionInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + opPath, opQuery := httpbinding.SplitURI("/?session") + request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) + request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) + request.Method = "GET" + var restEncoder *httpbinding.Encoder + if request.URL.RawPath == "" { + restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + } else { + request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) + restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) + } + + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if err := awsRestxml_serializeOpHttpBindingsCreateSessionInput(input, restEncoder); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = restEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} +func awsRestxml_serializeOpHttpBindingsCreateSessionInput(v *CreateSessionInput, encoder *httpbinding.Encoder) error { + if v == nil { + return fmt.Errorf("unsupported serialization of nil %T", v) + } + + if len(v.SessionMode) > 0 { + locationName := "X-Amz-Create-Session-Mode" + encoder.SetHeader(locationName).String(string(v.SessionMode)) + } + + return nil +} + type awsRestxml_serializeOpDeleteBucket struct { } @@ -1685,9 +1746,9 @@ func awsRestxml_serializeOpHttpBindingsDeleteObjectInput(v *DeleteObjectInput, e return fmt.Errorf("unsupported serialization of nil %T", v) } - if v.BypassGovernanceRetention { + if v.BypassGovernanceRetention != nil { locationName := "X-Amz-Bypass-Governance-Retention" - encoder.SetHeader(locationName).Boolean(v.BypassGovernanceRetention) + encoder.SetHeader(locationName).Boolean(*v.BypassGovernanceRetention) } if v.ExpectedBucketOwner != nil && len(*v.ExpectedBucketOwner) > 0 { @@ -1798,9 +1859,9 @@ func awsRestxml_serializeOpHttpBindingsDeleteObjectsInput(v *DeleteObjectsInput, return fmt.Errorf("unsupported serialization of nil %T", v) } - if v.BypassGovernanceRetention { + if v.BypassGovernanceRetention != nil { locationName := "X-Amz-Bypass-Governance-Retention" - encoder.SetHeader(locationName).Boolean(v.BypassGovernanceRetention) + encoder.SetHeader(locationName).Boolean(*v.BypassGovernanceRetention) } if len(v.ChecksumAlgorithm) > 0 { @@ -3289,8 +3350,8 @@ func awsRestxml_serializeOpHttpBindingsGetObjectInput(v *GetObjectInput, encoder } } - if v.PartNumber != 0 { - encoder.SetQuery("partNumber").Integer(v.PartNumber) + if v.PartNumber != nil { + encoder.SetQuery("partNumber").Integer(*v.PartNumber) } if v.Range != nil && len(*v.Range) > 0 { @@ -3495,9 +3556,9 @@ func awsRestxml_serializeOpHttpBindingsGetObjectAttributesInput(v *GetObjectAttr } } - if v.MaxParts != 0 { + if v.MaxParts != nil { locationName := "X-Amz-Max-Parts" - encoder.SetHeader(locationName).Integer(v.MaxParts) + encoder.SetHeader(locationName).Integer(*v.MaxParts) } if v.ObjectAttributes != nil { @@ -4133,8 +4194,8 @@ func awsRestxml_serializeOpHttpBindingsHeadObjectInput(v *HeadObjectInput, encod } } - if v.PartNumber != 0 { - encoder.SetQuery("partNumber").Integer(v.PartNumber) + if v.PartNumber != nil { + encoder.SetQuery("partNumber").Integer(*v.PartNumber) } if v.Range != nil && len(*v.Range) > 0 { @@ -4445,7 +4506,7 @@ func (m *awsRestxml_serializeOpListBuckets) HandleSerialize(ctx context.Context, return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} } - opPath, opQuery := httpbinding.SplitURI("/") + opPath, opQuery := httpbinding.SplitURI("/?x-id=ListBuckets") request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) request.Method = "GET" @@ -4476,6 +4537,70 @@ func awsRestxml_serializeOpHttpBindingsListBucketsInput(v *ListBucketsInput, enc return nil } +type awsRestxml_serializeOpListDirectoryBuckets struct { +} + +func (*awsRestxml_serializeOpListDirectoryBuckets) ID() string { + return "OperationSerializer" +} + +func (m *awsRestxml_serializeOpListDirectoryBuckets) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*ListDirectoryBucketsInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + opPath, opQuery := httpbinding.SplitURI("/?x-id=ListDirectoryBuckets") + request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) + request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) + request.Method = "GET" + var restEncoder *httpbinding.Encoder + if request.URL.RawPath == "" { + restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + } else { + request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) + restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) + } + + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if err := awsRestxml_serializeOpHttpBindingsListDirectoryBucketsInput(input, restEncoder); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = restEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} +func awsRestxml_serializeOpHttpBindingsListDirectoryBucketsInput(v *ListDirectoryBucketsInput, encoder *httpbinding.Encoder) error { + if v == nil { + return fmt.Errorf("unsupported serialization of nil %T", v) + } + + if v.ContinuationToken != nil { + encoder.SetQuery("continuation-token").String(*v.ContinuationToken) + } + + if v.MaxDirectoryBuckets != nil { + encoder.SetQuery("max-directory-buckets").Integer(*v.MaxDirectoryBuckets) + } + + return nil +} + type awsRestxml_serializeOpListMultipartUploads struct { } @@ -4546,8 +4671,8 @@ func awsRestxml_serializeOpHttpBindingsListMultipartUploadsInput(v *ListMultipar encoder.SetQuery("key-marker").String(*v.KeyMarker) } - if v.MaxUploads != 0 { - encoder.SetQuery("max-uploads").Integer(v.MaxUploads) + if v.MaxUploads != nil { + encoder.SetQuery("max-uploads").Integer(*v.MaxUploads) } if v.Prefix != nil { @@ -4636,8 +4761,8 @@ func awsRestxml_serializeOpHttpBindingsListObjectsInput(v *ListObjectsInput, enc encoder.SetQuery("marker").String(*v.Marker) } - if v.MaxKeys != 0 { - encoder.SetQuery("max-keys").Integer(v.MaxKeys) + if v.MaxKeys != nil { + encoder.SetQuery("max-keys").Integer(*v.MaxKeys) } if v.OptionalObjectAttributes != nil { @@ -4736,12 +4861,12 @@ func awsRestxml_serializeOpHttpBindingsListObjectsV2Input(v *ListObjectsV2Input, encoder.SetHeader(locationName).String(*v.ExpectedBucketOwner) } - if v.FetchOwner { - encoder.SetQuery("fetch-owner").Boolean(v.FetchOwner) + if v.FetchOwner != nil { + encoder.SetQuery("fetch-owner").Boolean(*v.FetchOwner) } - if v.MaxKeys != 0 { - encoder.SetQuery("max-keys").Integer(v.MaxKeys) + if v.MaxKeys != nil { + encoder.SetQuery("max-keys").Integer(*v.MaxKeys) } if v.OptionalObjectAttributes != nil { @@ -4844,8 +4969,8 @@ func awsRestxml_serializeOpHttpBindingsListObjectVersionsInput(v *ListObjectVers encoder.SetQuery("key-marker").String(*v.KeyMarker) } - if v.MaxKeys != 0 { - encoder.SetQuery("max-keys").Integer(v.MaxKeys) + if v.MaxKeys != nil { + encoder.SetQuery("max-keys").Integer(*v.MaxKeys) } if v.OptionalObjectAttributes != nil { @@ -4945,8 +5070,8 @@ func awsRestxml_serializeOpHttpBindingsListPartsInput(v *ListPartsInput, encoder } } - if v.MaxParts != 0 { - encoder.SetQuery("max-parts").Integer(v.MaxParts) + if v.MaxParts != nil { + encoder.SetQuery("max-parts").Integer(*v.MaxParts) } if v.PartNumberMarker != nil { @@ -6003,9 +6128,9 @@ func awsRestxml_serializeOpHttpBindingsPutBucketNotificationConfigurationInput(v encoder.SetHeader(locationName).String(*v.ExpectedBucketOwner) } - if v.SkipDestinationValidation { + if v.SkipDestinationValidation != nil { locationName := "X-Amz-Skip-Destination-Validation" - encoder.SetHeader(locationName).Boolean(v.SkipDestinationValidation) + encoder.SetHeader(locationName).Boolean(*v.SkipDestinationValidation) } return nil @@ -6171,9 +6296,9 @@ func awsRestxml_serializeOpHttpBindingsPutBucketPolicyInput(v *PutBucketPolicyIn encoder.SetHeader(locationName).String(string(v.ChecksumAlgorithm)) } - if v.ConfirmRemoveSelfBucketAccess { + if v.ConfirmRemoveSelfBucketAccess != nil { locationName := "X-Amz-Confirm-Remove-Self-Bucket-Access" - encoder.SetHeader(locationName).Boolean(v.ConfirmRemoveSelfBucketAccess) + encoder.SetHeader(locationName).Boolean(*v.ConfirmRemoveSelfBucketAccess) } if v.ContentMD5 != nil && len(*v.ContentMD5) > 0 { @@ -6744,9 +6869,9 @@ func awsRestxml_serializeOpHttpBindingsPutObjectInput(v *PutObjectInput, encoder encoder.SetHeader(locationName).String(string(v.ACL)) } - if v.BucketKeyEnabled { + if v.BucketKeyEnabled != nil { locationName := "X-Amz-Server-Side-Encryption-Bucket-Key-Enabled" - encoder.SetHeader(locationName).Boolean(v.BucketKeyEnabled) + encoder.SetHeader(locationName).Boolean(*v.BucketKeyEnabled) } if v.CacheControl != nil && len(*v.CacheControl) > 0 { @@ -6794,9 +6919,9 @@ func awsRestxml_serializeOpHttpBindingsPutObjectInput(v *PutObjectInput, encoder encoder.SetHeader(locationName).String(*v.ContentLanguage) } - if v.ContentLength != 0 { + if v.ContentLength != nil { locationName := "Content-Length" - encoder.SetHeader(locationName).Long(v.ContentLength) + encoder.SetHeader(locationName).Long(*v.ContentLength) } if v.ContentMD5 != nil && len(*v.ContentMD5) > 0 { @@ -7363,9 +7488,9 @@ func awsRestxml_serializeOpHttpBindingsPutObjectRetentionInput(v *PutObjectReten return fmt.Errorf("unsupported serialization of nil %T", v) } - if v.BypassGovernanceRetention { + if v.BypassGovernanceRetention != nil { locationName := "X-Amz-Bypass-Governance-Retention" - encoder.SetHeader(locationName).Boolean(v.BypassGovernanceRetention) + encoder.SetHeader(locationName).Boolean(*v.BypassGovernanceRetention) } if len(v.ChecksumAlgorithm) > 0 { @@ -7992,9 +8117,9 @@ func awsRestxml_serializeOpHttpBindingsUploadPartInput(v *UploadPartInput, encod encoder.SetHeader(locationName).String(*v.ChecksumSHA256) } - if v.ContentLength != 0 { + if v.ContentLength != nil { locationName := "Content-Length" - encoder.SetHeader(locationName).Long(v.ContentLength) + encoder.SetHeader(locationName).Long(*v.ContentLength) } if v.ContentMD5 != nil && len(*v.ContentMD5) > 0 { @@ -8016,8 +8141,8 @@ func awsRestxml_serializeOpHttpBindingsUploadPartInput(v *UploadPartInput, encod } } - { - encoder.SetQuery("partNumber").Integer(v.PartNumber) + if v.PartNumber != nil { + encoder.SetQuery("partNumber").Integer(*v.PartNumber) } if len(v.RequestPayer) > 0 { @@ -8164,8 +8289,8 @@ func awsRestxml_serializeOpHttpBindingsUploadPartCopyInput(v *UploadPartCopyInpu } } - { - encoder.SetQuery("partNumber").Integer(v.PartNumber) + if v.PartNumber != nil { + encoder.SetQuery("partNumber").Integer(*v.PartNumber) } if len(v.RequestPayer) > 0 { @@ -8265,9 +8390,9 @@ func awsRestxml_serializeOpHttpBindingsWriteGetObjectResponseInput(v *WriteGetOb encoder.SetHeader(locationName).String(*v.AcceptRanges) } - if v.BucketKeyEnabled { + if v.BucketKeyEnabled != nil { locationName := "X-Amz-Fwd-Header-X-Amz-Server-Side-Encryption-Bucket-Key-Enabled" - encoder.SetHeader(locationName).Boolean(v.BucketKeyEnabled) + encoder.SetHeader(locationName).Boolean(*v.BucketKeyEnabled) } if v.CacheControl != nil && len(*v.CacheControl) > 0 { @@ -8310,9 +8435,9 @@ func awsRestxml_serializeOpHttpBindingsWriteGetObjectResponseInput(v *WriteGetOb encoder.SetHeader(locationName).String(*v.ContentLanguage) } - if v.ContentLength != 0 { + if v.ContentLength != nil { locationName := "Content-Length" - encoder.SetHeader(locationName).Long(v.ContentLength) + encoder.SetHeader(locationName).Long(*v.ContentLength) } if v.ContentRange != nil && len(*v.ContentRange) > 0 { @@ -8325,9 +8450,9 @@ func awsRestxml_serializeOpHttpBindingsWriteGetObjectResponseInput(v *WriteGetOb encoder.SetHeader(locationName).String(*v.ContentType) } - if v.DeleteMarker { + if v.DeleteMarker != nil { locationName := "X-Amz-Fwd-Header-X-Amz-Delete-Marker" - encoder.SetHeader(locationName).Boolean(v.DeleteMarker) + encoder.SetHeader(locationName).Boolean(*v.DeleteMarker) } if v.ErrorCode != nil && len(*v.ErrorCode) > 0 { @@ -8369,9 +8494,9 @@ func awsRestxml_serializeOpHttpBindingsWriteGetObjectResponseInput(v *WriteGetOb } } - if v.MissingMeta != 0 { + if v.MissingMeta != nil { locationName := "X-Amz-Fwd-Header-X-Amz-Missing-Meta" - encoder.SetHeader(locationName).Integer(v.MissingMeta) + encoder.SetHeader(locationName).Integer(*v.MissingMeta) } if len(v.ObjectLockLegalHoldStatus) > 0 { @@ -8389,9 +8514,9 @@ func awsRestxml_serializeOpHttpBindingsWriteGetObjectResponseInput(v *WriteGetOb encoder.SetHeader(locationName).String(smithytime.FormatDateTime(*v.ObjectLockRetainUntilDate)) } - if v.PartsCount != 0 { + if v.PartsCount != nil { locationName := "X-Amz-Fwd-Header-X-Amz-Mp-Parts-Count" - encoder.SetHeader(locationName).Integer(v.PartsCount) + encoder.SetHeader(locationName).Integer(*v.PartsCount) } if len(v.ReplicationStatus) > 0 { @@ -8439,9 +8564,9 @@ func awsRestxml_serializeOpHttpBindingsWriteGetObjectResponseInput(v *WriteGetOb encoder.SetHeader(locationName).String(*v.SSEKMSKeyId) } - if v.StatusCode != 0 { + if v.StatusCode != nil { locationName := "X-Amz-Fwd-Status" - encoder.SetHeader(locationName).Integer(v.StatusCode) + encoder.SetHeader(locationName).Integer(*v.StatusCode) } if len(v.StorageClass) > 0 { @@ -8449,9 +8574,9 @@ func awsRestxml_serializeOpHttpBindingsWriteGetObjectResponseInput(v *WriteGetOb encoder.SetHeader(locationName).String(string(v.StorageClass)) } - if v.TagCount != 0 { + if v.TagCount != nil { locationName := "X-Amz-Fwd-Header-X-Amz-Tagging-Count" - encoder.SetHeader(locationName).Integer(v.TagCount) + encoder.SetHeader(locationName).Integer(*v.TagCount) } if v.VersionId != nil && len(*v.VersionId) > 0 { @@ -8464,7 +8589,7 @@ func awsRestxml_serializeOpHttpBindingsWriteGetObjectResponseInput(v *WriteGetOb func awsRestxml_serializeDocumentAbortIncompleteMultipartUpload(v *types.AbortIncompleteMultipartUpload, value smithyxml.Value) error { defer value.Close() - if v.DaysAfterInitiation != 0 { + if v.DaysAfterInitiation != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -8473,7 +8598,7 @@ func awsRestxml_serializeDocumentAbortIncompleteMultipartUpload(v *types.AbortIn Attr: rootAttr, } el := value.MemberElement(root) - el.Integer(v.DaysAfterInitiation) + el.Integer(*v.DaysAfterInitiation) } return nil } @@ -8765,6 +8890,33 @@ func awsRestxml_serializeDocumentAnalyticsS3BucketDestination(v *types.Analytics return nil } +func awsRestxml_serializeDocumentBucketInfo(v *types.BucketInfo, value smithyxml.Value) error { + defer value.Close() + if len(v.DataRedundancy) > 0 { + rootAttr := []smithyxml.Attr{} + root := smithyxml.StartElement{ + Name: smithyxml.Name{ + Local: "DataRedundancy", + }, + Attr: rootAttr, + } + el := value.MemberElement(root) + el.String(string(v.DataRedundancy)) + } + if len(v.Type) > 0 { + rootAttr := []smithyxml.Attr{} + root := smithyxml.StartElement{ + Name: smithyxml.Name{ + Local: "Type", + }, + Attr: rootAttr, + } + el := value.MemberElement(root) + el.String(string(v.Type)) + } + return nil +} + func awsRestxml_serializeDocumentBucketLifecycleConfiguration(v *types.BucketLifecycleConfiguration, value smithyxml.Value) error { defer value.Close() if v.Rules != nil { @@ -8876,7 +9028,7 @@ func awsRestxml_serializeDocumentCompletedPart(v *types.CompletedPart, value smi el := value.MemberElement(root) el.String(*v.ETag) } - if v.PartNumber != 0 { + if v.PartNumber != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -8885,7 +9037,7 @@ func awsRestxml_serializeDocumentCompletedPart(v *types.CompletedPart, value smi Attr: rootAttr, } el := value.MemberElement(root) - el.Integer(v.PartNumber) + el.Integer(*v.PartNumber) } return nil } @@ -9015,7 +9167,7 @@ func awsRestxml_serializeDocumentCORSRule(v *types.CORSRule, value smithyxml.Val el := value.MemberElement(root) el.String(*v.ID) } - if v.MaxAgeSeconds != 0 { + if v.MaxAgeSeconds != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -9024,7 +9176,7 @@ func awsRestxml_serializeDocumentCORSRule(v *types.CORSRule, value smithyxml.Val Attr: rootAttr, } el := value.MemberElement(root) - el.Integer(v.MaxAgeSeconds) + el.Integer(*v.MaxAgeSeconds) } return nil } @@ -9046,6 +9198,32 @@ func awsRestxml_serializeDocumentCORSRules(v []types.CORSRule, value smithyxml.V func awsRestxml_serializeDocumentCreateBucketConfiguration(v *types.CreateBucketConfiguration, value smithyxml.Value) error { defer value.Close() + if v.Bucket != nil { + rootAttr := []smithyxml.Attr{} + root := smithyxml.StartElement{ + Name: smithyxml.Name{ + Local: "Bucket", + }, + Attr: rootAttr, + } + el := value.MemberElement(root) + if err := awsRestxml_serializeDocumentBucketInfo(v.Bucket, el); err != nil { + return err + } + } + if v.Location != nil { + rootAttr := []smithyxml.Attr{} + root := smithyxml.StartElement{ + Name: smithyxml.Name{ + Local: "Location", + }, + Attr: rootAttr, + } + el := value.MemberElement(root) + if err := awsRestxml_serializeDocumentLocationInfo(v.Location, el); err != nil { + return err + } + } if len(v.LocationConstraint) > 0 { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ @@ -9062,7 +9240,7 @@ func awsRestxml_serializeDocumentCreateBucketConfiguration(v *types.CreateBucket func awsRestxml_serializeDocumentCSVInput(v *types.CSVInput, value smithyxml.Value) error { defer value.Close() - if v.AllowQuotedRecordDelimiter { + if v.AllowQuotedRecordDelimiter != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -9071,7 +9249,7 @@ func awsRestxml_serializeDocumentCSVInput(v *types.CSVInput, value smithyxml.Val Attr: rootAttr, } el := value.MemberElement(root) - el.Boolean(v.AllowQuotedRecordDelimiter) + el.Boolean(*v.AllowQuotedRecordDelimiter) } if v.Comments != nil { rootAttr := []smithyxml.Attr{} @@ -9204,7 +9382,7 @@ func awsRestxml_serializeDocumentCSVOutput(v *types.CSVOutput, value smithyxml.V func awsRestxml_serializeDocumentDefaultRetention(v *types.DefaultRetention, value smithyxml.Value) error { defer value.Close() - if v.Days != 0 { + if v.Days != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -9213,7 +9391,7 @@ func awsRestxml_serializeDocumentDefaultRetention(v *types.DefaultRetention, val Attr: rootAttr, } el := value.MemberElement(root) - el.Integer(v.Days) + el.Integer(*v.Days) } if len(v.Mode) > 0 { rootAttr := []smithyxml.Attr{} @@ -9226,7 +9404,7 @@ func awsRestxml_serializeDocumentDefaultRetention(v *types.DefaultRetention, val el := value.MemberElement(root) el.String(string(v.Mode)) } - if v.Years != 0 { + if v.Years != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -9235,7 +9413,7 @@ func awsRestxml_serializeDocumentDefaultRetention(v *types.DefaultRetention, val Attr: rootAttr, } el := value.MemberElement(root) - el.Integer(v.Years) + el.Integer(*v.Years) } return nil } @@ -9255,7 +9433,7 @@ func awsRestxml_serializeDocumentDelete(v *types.Delete, value smithyxml.Value) return err } } - if v.Quiet { + if v.Quiet != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -9264,7 +9442,7 @@ func awsRestxml_serializeDocumentDelete(v *types.Delete, value smithyxml.Value) Attr: rootAttr, } el := value.MemberElement(root) - el.Boolean(v.Quiet) + el.Boolean(*v.Quiet) } return nil } @@ -9901,7 +10079,7 @@ func awsRestxml_serializeDocumentInventoryConfiguration(v *types.InventoryConfig el := value.MemberElement(root) el.String(string(v.IncludedObjectVersions)) } - { + if v.IsEnabled != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -9910,7 +10088,7 @@ func awsRestxml_serializeDocumentInventoryConfiguration(v *types.InventoryConfig Attr: rootAttr, } el := value.MemberElement(root) - el.Boolean(v.IsEnabled) + el.Boolean(*v.IsEnabled) } if v.OptionalFields != nil { rootAttr := []smithyxml.Attr{} @@ -10217,7 +10395,7 @@ func awsRestxml_serializeDocumentLifecycleExpiration(v *types.LifecycleExpiratio el := value.MemberElement(root) el.String(smithytime.FormatDateTime(*v.Date)) } - if v.Days != 0 { + if v.Days != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -10226,9 +10404,9 @@ func awsRestxml_serializeDocumentLifecycleExpiration(v *types.LifecycleExpiratio Attr: rootAttr, } el := value.MemberElement(root) - el.Integer(v.Days) + el.Integer(*v.Days) } - if v.ExpiredObjectDeleteMarker { + if v.ExpiredObjectDeleteMarker != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -10237,7 +10415,7 @@ func awsRestxml_serializeDocumentLifecycleExpiration(v *types.LifecycleExpiratio Attr: rootAttr, } el := value.MemberElement(root) - el.Boolean(v.ExpiredObjectDeleteMarker) + el.Boolean(*v.ExpiredObjectDeleteMarker) } return nil } @@ -10360,7 +10538,7 @@ func awsRestxml_serializeDocumentLifecycleRule(v *types.LifecycleRule, value smi func awsRestxml_serializeDocumentLifecycleRuleAndOperator(v *types.LifecycleRuleAndOperator, value smithyxml.Value) error { defer value.Close() - if v.ObjectSizeGreaterThan != 0 { + if v.ObjectSizeGreaterThan != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -10369,9 +10547,9 @@ func awsRestxml_serializeDocumentLifecycleRuleAndOperator(v *types.LifecycleRule Attr: rootAttr, } el := value.MemberElement(root) - el.Long(v.ObjectSizeGreaterThan) + el.Long(*v.ObjectSizeGreaterThan) } - if v.ObjectSizeLessThan != 0 { + if v.ObjectSizeLessThan != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -10380,7 +10558,7 @@ func awsRestxml_serializeDocumentLifecycleRuleAndOperator(v *types.LifecycleRule Attr: rootAttr, } el := value.MemberElement(root) - el.Long(v.ObjectSizeLessThan) + el.Long(*v.ObjectSizeLessThan) } if v.Prefix != nil { rootAttr := []smithyxml.Attr{} @@ -10493,6 +10671,33 @@ func awsRestxml_serializeDocumentLifecycleRules(v []types.LifecycleRule, value s return nil } +func awsRestxml_serializeDocumentLocationInfo(v *types.LocationInfo, value smithyxml.Value) error { + defer value.Close() + if v.Name != nil { + rootAttr := []smithyxml.Attr{} + root := smithyxml.StartElement{ + Name: smithyxml.Name{ + Local: "Name", + }, + Attr: rootAttr, + } + el := value.MemberElement(root) + el.String(*v.Name) + } + if len(v.Type) > 0 { + rootAttr := []smithyxml.Attr{} + root := smithyxml.StartElement{ + Name: smithyxml.Name{ + Local: "Type", + }, + Attr: rootAttr, + } + el := value.MemberElement(root) + el.String(string(v.Type)) + } + return nil +} + func awsRestxml_serializeDocumentLoggingEnabled(v *types.LoggingEnabled, value smithyxml.Value) error { defer value.Close() if v.TargetBucket != nil { @@ -10519,6 +10724,19 @@ func awsRestxml_serializeDocumentLoggingEnabled(v *types.LoggingEnabled, value s return err } } + if v.TargetObjectKeyFormat != nil { + rootAttr := []smithyxml.Attr{} + root := smithyxml.StartElement{ + Name: smithyxml.Name{ + Local: "TargetObjectKeyFormat", + }, + Attr: rootAttr, + } + el := value.MemberElement(root) + if err := awsRestxml_serializeDocumentTargetObjectKeyFormat(v.TargetObjectKeyFormat, el); err != nil { + return err + } + } if v.TargetPrefix != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ @@ -10718,7 +10936,7 @@ func awsRestxml_serializeDocumentMetricsFilter(v types.MetricsFilter, value smit func awsRestxml_serializeDocumentNoncurrentVersionExpiration(v *types.NoncurrentVersionExpiration, value smithyxml.Value) error { defer value.Close() - if v.NewerNoncurrentVersions != 0 { + if v.NewerNoncurrentVersions != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -10727,9 +10945,9 @@ func awsRestxml_serializeDocumentNoncurrentVersionExpiration(v *types.Noncurrent Attr: rootAttr, } el := value.MemberElement(root) - el.Integer(v.NewerNoncurrentVersions) + el.Integer(*v.NewerNoncurrentVersions) } - if v.NoncurrentDays != 0 { + if v.NoncurrentDays != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -10738,14 +10956,14 @@ func awsRestxml_serializeDocumentNoncurrentVersionExpiration(v *types.Noncurrent Attr: rootAttr, } el := value.MemberElement(root) - el.Integer(v.NoncurrentDays) + el.Integer(*v.NoncurrentDays) } return nil } func awsRestxml_serializeDocumentNoncurrentVersionTransition(v *types.NoncurrentVersionTransition, value smithyxml.Value) error { defer value.Close() - if v.NewerNoncurrentVersions != 0 { + if v.NewerNoncurrentVersions != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -10754,9 +10972,9 @@ func awsRestxml_serializeDocumentNoncurrentVersionTransition(v *types.Noncurrent Attr: rootAttr, } el := value.MemberElement(root) - el.Integer(v.NewerNoncurrentVersions) + el.Integer(*v.NewerNoncurrentVersions) } - if v.NoncurrentDays != 0 { + if v.NoncurrentDays != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -10765,7 +10983,7 @@ func awsRestxml_serializeDocumentNoncurrentVersionTransition(v *types.Noncurrent Attr: rootAttr, } el := value.MemberElement(root) - el.Integer(v.NoncurrentDays) + el.Integer(*v.NoncurrentDays) } if len(v.StorageClass) > 0 { rootAttr := []smithyxml.Attr{} @@ -11133,9 +11351,25 @@ func awsRestxml_serializeDocumentParquetInput(v *types.ParquetInput, value smith return nil } +func awsRestxml_serializeDocumentPartitionedPrefix(v *types.PartitionedPrefix, value smithyxml.Value) error { + defer value.Close() + if len(v.PartitionDateSource) > 0 { + rootAttr := []smithyxml.Attr{} + root := smithyxml.StartElement{ + Name: smithyxml.Name{ + Local: "PartitionDateSource", + }, + Attr: rootAttr, + } + el := value.MemberElement(root) + el.String(string(v.PartitionDateSource)) + } + return nil +} + func awsRestxml_serializeDocumentPublicAccessBlockConfiguration(v *types.PublicAccessBlockConfiguration, value smithyxml.Value) error { defer value.Close() - if v.BlockPublicAcls { + if v.BlockPublicAcls != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -11144,9 +11378,9 @@ func awsRestxml_serializeDocumentPublicAccessBlockConfiguration(v *types.PublicA Attr: rootAttr, } el := value.MemberElement(root) - el.Boolean(v.BlockPublicAcls) + el.Boolean(*v.BlockPublicAcls) } - if v.BlockPublicPolicy { + if v.BlockPublicPolicy != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -11155,9 +11389,9 @@ func awsRestxml_serializeDocumentPublicAccessBlockConfiguration(v *types.PublicA Attr: rootAttr, } el := value.MemberElement(root) - el.Boolean(v.BlockPublicPolicy) + el.Boolean(*v.BlockPublicPolicy) } - if v.IgnorePublicAcls { + if v.IgnorePublicAcls != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -11166,9 +11400,9 @@ func awsRestxml_serializeDocumentPublicAccessBlockConfiguration(v *types.PublicA Attr: rootAttr, } el := value.MemberElement(root) - el.Boolean(v.IgnorePublicAcls) + el.Boolean(*v.IgnorePublicAcls) } - if v.RestrictPublicBuckets { + if v.RestrictPublicBuckets != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -11177,7 +11411,7 @@ func awsRestxml_serializeDocumentPublicAccessBlockConfiguration(v *types.PublicA Attr: rootAttr, } el := value.MemberElement(root) - el.Boolean(v.RestrictPublicBuckets) + el.Boolean(*v.RestrictPublicBuckets) } return nil } @@ -11458,7 +11692,7 @@ func awsRestxml_serializeDocumentReplicationRule(v *types.ReplicationRule, value el := value.MemberElement(root) el.String(*v.Prefix) } - if v.Priority != 0 { + if v.Priority != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -11467,7 +11701,7 @@ func awsRestxml_serializeDocumentReplicationRule(v *types.ReplicationRule, value Attr: rootAttr, } el := value.MemberElement(root) - el.Integer(v.Priority) + el.Integer(*v.Priority) } if v.SourceSelectionCriteria != nil { rootAttr := []smithyxml.Attr{} @@ -11618,7 +11852,7 @@ func awsRestxml_serializeDocumentReplicationTime(v *types.ReplicationTime, value func awsRestxml_serializeDocumentReplicationTimeValue(v *types.ReplicationTimeValue, value smithyxml.Value) error { defer value.Close() - if v.Minutes != 0 { + if v.Minutes != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -11627,7 +11861,7 @@ func awsRestxml_serializeDocumentReplicationTimeValue(v *types.ReplicationTimeVa Attr: rootAttr, } el := value.MemberElement(root) - el.Integer(v.Minutes) + el.Integer(*v.Minutes) } return nil } @@ -11650,7 +11884,7 @@ func awsRestxml_serializeDocumentRequestPaymentConfiguration(v *types.RequestPay func awsRestxml_serializeDocumentRequestProgress(v *types.RequestProgress, value smithyxml.Value) error { defer value.Close() - if v.Enabled { + if v.Enabled != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -11659,14 +11893,14 @@ func awsRestxml_serializeDocumentRequestProgress(v *types.RequestProgress, value Attr: rootAttr, } el := value.MemberElement(root) - el.Boolean(v.Enabled) + el.Boolean(*v.Enabled) } return nil } func awsRestxml_serializeDocumentRestoreRequest(v *types.RestoreRequest, value smithyxml.Value) error { defer value.Close() - if v.Days != 0 { + if v.Days != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -11675,7 +11909,7 @@ func awsRestxml_serializeDocumentRestoreRequest(v *types.RestoreRequest, value s Attr: rootAttr, } el := value.MemberElement(root) - el.Integer(v.Days) + el.Integer(*v.Days) } if v.Description != nil { rootAttr := []smithyxml.Attr{} @@ -11926,7 +12160,7 @@ func awsRestxml_serializeDocumentS3Location(v *types.S3Location, value smithyxml func awsRestxml_serializeDocumentScanRange(v *types.ScanRange, value smithyxml.Value) error { defer value.Close() - if v.End != 0 { + if v.End != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -11935,9 +12169,9 @@ func awsRestxml_serializeDocumentScanRange(v *types.ScanRange, value smithyxml.V Attr: rootAttr, } el := value.MemberElement(root) - el.Long(v.End) + el.Long(*v.End) } - if v.Start != 0 { + if v.Start != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -11946,7 +12180,7 @@ func awsRestxml_serializeDocumentScanRange(v *types.ScanRange, value smithyxml.V Attr: rootAttr, } el := value.MemberElement(root) - el.Long(v.Start) + el.Long(*v.Start) } return nil } @@ -12064,7 +12298,7 @@ func awsRestxml_serializeDocumentServerSideEncryptionRule(v *types.ServerSideEnc return err } } - if v.BucketKeyEnabled { + if v.BucketKeyEnabled != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -12073,7 +12307,7 @@ func awsRestxml_serializeDocumentServerSideEncryptionRule(v *types.ServerSideEnc Attr: rootAttr, } el := value.MemberElement(root) - el.Boolean(v.BucketKeyEnabled) + el.Boolean(*v.BucketKeyEnabled) } return nil } @@ -12093,6 +12327,11 @@ func awsRestxml_serializeDocumentServerSideEncryptionRules(v []types.ServerSideE return nil } +func awsRestxml_serializeDocumentSimplePrefix(v *types.SimplePrefix, value smithyxml.Value) error { + defer value.Close() + return nil +} + func awsRestxml_serializeDocumentSourceSelectionCriteria(v *types.SourceSelectionCriteria, value smithyxml.Value) error { defer value.Close() if v.ReplicaModifications != nil { @@ -12332,6 +12571,37 @@ func awsRestxml_serializeDocumentTargetGrants(v []types.TargetGrant, value smith return nil } +func awsRestxml_serializeDocumentTargetObjectKeyFormat(v *types.TargetObjectKeyFormat, value smithyxml.Value) error { + defer value.Close() + if v.PartitionedPrefix != nil { + rootAttr := []smithyxml.Attr{} + root := smithyxml.StartElement{ + Name: smithyxml.Name{ + Local: "PartitionedPrefix", + }, + Attr: rootAttr, + } + el := value.MemberElement(root) + if err := awsRestxml_serializeDocumentPartitionedPrefix(v.PartitionedPrefix, el); err != nil { + return err + } + } + if v.SimplePrefix != nil { + rootAttr := []smithyxml.Attr{} + root := smithyxml.StartElement{ + Name: smithyxml.Name{ + Local: "SimplePrefix", + }, + Attr: rootAttr, + } + el := value.MemberElement(root) + if err := awsRestxml_serializeDocumentSimplePrefix(v.SimplePrefix, el); err != nil { + return err + } + } + return nil +} + func awsRestxml_serializeDocumentTiering(v *types.Tiering, value smithyxml.Value) error { defer value.Close() if len(v.AccessTier) > 0 { @@ -12345,7 +12615,7 @@ func awsRestxml_serializeDocumentTiering(v *types.Tiering, value smithyxml.Value el := value.MemberElement(root) el.String(string(v.AccessTier)) } - { + if v.Days != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -12354,7 +12624,7 @@ func awsRestxml_serializeDocumentTiering(v *types.Tiering, value smithyxml.Value Attr: rootAttr, } el := value.MemberElement(root) - el.Integer(v.Days) + el.Integer(*v.Days) } return nil } @@ -12455,7 +12725,7 @@ func awsRestxml_serializeDocumentTransition(v *types.Transition, value smithyxml el := value.MemberElement(root) el.String(smithytime.FormatDateTime(*v.Date)) } - if v.Days != 0 { + if v.Days != nil { rootAttr := []smithyxml.Attr{} root := smithyxml.StartElement{ Name: smithyxml.Name{ @@ -12464,7 +12734,7 @@ func awsRestxml_serializeDocumentTransition(v *types.Transition, value smithyxml Attr: rootAttr, } el := value.MemberElement(root) - el.Integer(v.Days) + el.Integer(*v.Days) } if len(v.StorageClass) > 0 { rootAttr := []smithyxml.Attr{} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/types/enums.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/types/enums.go index 613da169d..ea3b9c82a 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/types/enums.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/types/enums.go @@ -86,6 +86,7 @@ const ( BucketLocationConstraintApNortheast2 BucketLocationConstraint = "ap-northeast-2" BucketLocationConstraintApNortheast3 BucketLocationConstraint = "ap-northeast-3" BucketLocationConstraintApSouth1 BucketLocationConstraint = "ap-south-1" + BucketLocationConstraintApSouth2 BucketLocationConstraint = "ap-south-2" BucketLocationConstraintApSoutheast1 BucketLocationConstraint = "ap-southeast-1" BucketLocationConstraintApSoutheast2 BucketLocationConstraint = "ap-southeast-2" BucketLocationConstraintApSoutheast3 BucketLocationConstraint = "ap-southeast-3" @@ -96,6 +97,7 @@ const ( BucketLocationConstraintEuCentral1 BucketLocationConstraint = "eu-central-1" BucketLocationConstraintEuNorth1 BucketLocationConstraint = "eu-north-1" BucketLocationConstraintEuSouth1 BucketLocationConstraint = "eu-south-1" + BucketLocationConstraintEuSouth2 BucketLocationConstraint = "eu-south-2" BucketLocationConstraintEuWest1 BucketLocationConstraint = "eu-west-1" BucketLocationConstraintEuWest2 BucketLocationConstraint = "eu-west-2" BucketLocationConstraintEuWest3 BucketLocationConstraint = "eu-west-3" @@ -106,8 +108,6 @@ const ( BucketLocationConstraintUsGovWest1 BucketLocationConstraint = "us-gov-west-1" BucketLocationConstraintUsWest1 BucketLocationConstraint = "us-west-1" BucketLocationConstraintUsWest2 BucketLocationConstraint = "us-west-2" - BucketLocationConstraintApSouth2 BucketLocationConstraint = "ap-south-2" - BucketLocationConstraintEuSouth2 BucketLocationConstraint = "eu-south-2" ) // Values returns all known values for BucketLocationConstraint. Note that this @@ -121,6 +121,7 @@ func (BucketLocationConstraint) Values() []BucketLocationConstraint { "ap-northeast-2", "ap-northeast-3", "ap-south-1", + "ap-south-2", "ap-southeast-1", "ap-southeast-2", "ap-southeast-3", @@ -131,6 +132,7 @@ func (BucketLocationConstraint) Values() []BucketLocationConstraint { "eu-central-1", "eu-north-1", "eu-south-1", + "eu-south-2", "eu-west-1", "eu-west-2", "eu-west-3", @@ -141,8 +143,6 @@ func (BucketLocationConstraint) Values() []BucketLocationConstraint { "us-gov-west-1", "us-west-1", "us-west-2", - "ap-south-2", - "eu-south-2", } } @@ -166,6 +166,22 @@ func (BucketLogsPermission) Values() []BucketLogsPermission { } } +type BucketType string + +// Enum values for BucketType +const ( + BucketTypeDirectory BucketType = "Directory" +) + +// Values returns all known values for BucketType. Note that this can be expanded +// in the future, and so it is only as up to date as the client. The ordering of +// this slice is not guaranteed to be stable across updates. +func (BucketType) Values() []BucketType { + return []BucketType{ + "Directory", + } +} + type BucketVersioningStatus string // Enum values for BucketVersioningStatus @@ -242,6 +258,22 @@ func (CompressionType) Values() []CompressionType { } } +type DataRedundancy string + +// Enum values for DataRedundancy +const ( + DataRedundancySingleAvailabilityZone DataRedundancy = "SingleAvailabilityZone" +) + +// Values returns all known values for DataRedundancy. Note that this can be +// expanded in the future, and so it is only as up to date as the client. The +// ordering of this slice is not guaranteed to be stable across updates. +func (DataRedundancy) Values() []DataRedundancy { + return []DataRedundancy{ + "SingleAvailabilityZone", + } +} + type DeleteMarkerReplicationStatus string // Enum values for DeleteMarkerReplicationStatus @@ -592,6 +624,22 @@ func (JSONType) Values() []JSONType { } } +type LocationType string + +// Enum values for LocationType +const ( + LocationTypeAvailabilityZone LocationType = "AvailabilityZone" +) + +// Values returns all known values for LocationType. Note that this can be +// expanded in the future, and so it is only as up to date as the client. The +// ordering of this slice is not guaranteed to be stable across updates. +func (LocationType) Values() []LocationType { + return []LocationType{ + "AvailabilityZone", + } +} + type MetadataDirective string // Enum values for MetadataDirective @@ -820,6 +868,7 @@ const ( ObjectStorageClassOutposts ObjectStorageClass = "OUTPOSTS" ObjectStorageClassGlacierIr ObjectStorageClass = "GLACIER_IR" ObjectStorageClassSnow ObjectStorageClass = "SNOW" + ObjectStorageClassExpressOnezone ObjectStorageClass = "EXPRESS_ONEZONE" ) // Values returns all known values for ObjectStorageClass. Note that this can be @@ -837,6 +886,7 @@ func (ObjectStorageClass) Values() []ObjectStorageClass { "OUTPOSTS", "GLACIER_IR", "SNOW", + "EXPRESS_ONEZONE", } } @@ -888,6 +938,24 @@ func (OwnerOverride) Values() []OwnerOverride { } } +type PartitionDateSource string + +// Enum values for PartitionDateSource +const ( + PartitionDateSourceEventTime PartitionDateSource = "EventTime" + PartitionDateSourceDeliveryTime PartitionDateSource = "DeliveryTime" +) + +// Values returns all known values for PartitionDateSource. Note that this can be +// expanded in the future, and so it is only as up to date as the client. The +// ordering of this slice is not guaranteed to be stable across updates. +func (PartitionDateSource) Values() []PartitionDateSource { + return []PartitionDateSource{ + "EventTime", + "DeliveryTime", + } +} + type Payer string // Enum values for Payer @@ -1112,6 +1180,24 @@ func (ServerSideEncryption) Values() []ServerSideEncryption { } } +type SessionMode string + +// Enum values for SessionMode +const ( + SessionModeReadOnly SessionMode = "ReadOnly" + SessionModeReadWrite SessionMode = "ReadWrite" +) + +// Values returns all known values for SessionMode. Note that this can be expanded +// in the future, and so it is only as up to date as the client. The ordering of +// this slice is not guaranteed to be stable across updates. +func (SessionMode) Values() []SessionMode { + return []SessionMode{ + "ReadOnly", + "ReadWrite", + } +} + type SseKmsEncryptedObjectsStatus string // Enum values for SseKmsEncryptedObjectsStatus @@ -1145,6 +1231,7 @@ const ( StorageClassOutposts StorageClass = "OUTPOSTS" StorageClassGlacierIr StorageClass = "GLACIER_IR" StorageClassSnow StorageClass = "SNOW" + StorageClassExpressOnezone StorageClass = "EXPRESS_ONEZONE" ) // Values returns all known values for StorageClass. Note that this can be @@ -1162,6 +1249,7 @@ func (StorageClass) Values() []StorageClass { "OUTPOSTS", "GLACIER_IR", "SNOW", + "EXPRESS_ONEZONE", } } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/types/errors.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/types/errors.go index f3837866d..166484f4e 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/types/errors.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/types/errors.go @@ -64,7 +64,14 @@ func (e *BucketAlreadyOwnedByYou) ErrorCode() string { } func (e *BucketAlreadyOwnedByYou) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } -// Object is archived and inaccessible until restored. +// Object is archived and inaccessible until restored. If the object you are +// retrieving is stored in the S3 Glacier Flexible Retrieval storage class, the S3 +// Glacier Deep Archive storage class, the S3 Intelligent-Tiering Archive Access +// tier, or the S3 Intelligent-Tiering Deep Archive Access tier, before you can +// retrieve the object you must first restore a copy using RestoreObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html) +// . Otherwise, this operation returns an InvalidObjectState error. For +// information about restoring archived objects, see Restoring Archived Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html) +// in the Amazon S3 User Guide. type InvalidObjectState struct { Message *string diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/types/types.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/types/types.go index 3ddea0a24..d3f7593fe 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/types/types.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/types/types.go @@ -16,7 +16,7 @@ type AbortIncompleteMultipartUpload struct { // Specifies the number of days after which Amazon S3 aborts an incomplete // multipart upload. - DaysAfterInitiation int32 + DaysAfterInitiation *int32 noSmithyDocumentSerde } @@ -173,9 +173,7 @@ type AnalyticsS3BucketDestination struct { noSmithyDocumentSerde } -// In terms of implementation, a Bucket is a resource. An Amazon S3 bucket name is -// globally unique, and the namespace is shared by all Amazon Web Services -// accounts. +// In terms of implementation, a Bucket is a resource. type Bucket struct { // Date the bucket was created. This date can change when making changes to your @@ -188,6 +186,21 @@ type Bucket struct { noSmithyDocumentSerde } +// Specifies the information about the bucket that will be created. For more +// information about directory buckets, see Directory buckets (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) +// in the Amazon S3 User Guide. This functionality is only supported by directory +// buckets. +type BucketInfo struct { + + // The number of Availability Zone that's used for redundancy for the bucket. + DataRedundancy DataRedundancy + + // The type of bucket. + Type BucketType + + noSmithyDocumentSerde +} + // Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For // more information, see Object Lifecycle Management (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) // in the Amazon S3 User Guide. @@ -216,30 +229,38 @@ type BucketLoggingStatus struct { type Checksum struct { // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32 *string // The base64-encoded, 32-bit CRC32C checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32C *string // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use the API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA1 *string // The base64-encoded, 256-bit SHA-256 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA256 *string @@ -273,30 +294,38 @@ type CompletedMultipartUpload struct { type CompletedPart struct { // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32 *string // The base64-encoded, 32-bit CRC32C checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32C *string // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use the API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA1 *string // The base64-encoded, 256-bit SHA-256 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA256 *string @@ -305,7 +334,15 @@ type CompletedPart struct { // Part number that identifies the part. This is a positive integer between 1 and // 10,000. - PartNumber int32 + // - General purpose buckets - In CompleteMultipartUpload , when a additional + // checksum (including x-amz-checksum-crc32 , x-amz-checksum-crc32c , + // x-amz-checksum-sha1 , or x-amz-checksum-sha256 ) is applied to each part, the + // PartNumber must start at 1 and the part numbers must be consecutive. + // Otherwise, Amazon S3 generates an HTTP 400 Bad Request status code and an + // InvalidPartOrder error code. + // - Directory buckets - In CompleteMultipartUpload , the PartNumber must start + // at 1 and the part numbers must be consecutive. + PartNumber *int32 noSmithyDocumentSerde } @@ -346,30 +383,26 @@ type ContinuationEvent struct { type CopyObjectResult struct { // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. For more information, see Checking + // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. ChecksumCRC32 *string // The base64-encoded, 32-bit CRC32C checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. For more information, see Checking + // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. ChecksumCRC32C *string // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. For more information, see Checking + // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. ChecksumSHA1 *string // The base64-encoded, 256-bit SHA-256 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. For more information, see Checking + // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. ChecksumSHA256 *string @@ -387,30 +420,38 @@ type CopyObjectResult struct { type CopyPartResult struct { // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32 *string // The base64-encoded, 32-bit CRC32C checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32C *string // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use the API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA1 *string // The base64-encoded, 256-bit SHA-256 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA256 *string @@ -466,7 +507,7 @@ type CORSRule struct { // The time in seconds that your browser is to cache the preflight response for // the specified resource. - MaxAgeSeconds int32 + MaxAgeSeconds *int32 noSmithyDocumentSerde } @@ -474,8 +515,23 @@ type CORSRule struct { // The configuration information for the bucket. type CreateBucketConfiguration struct { - // Specifies the Region where the bucket will be created. If you don't specify a - // Region, the bucket is created in the US East (N. Virginia) Region (us-east-1). + // Specifies the information about the bucket that will be created. This + // functionality is only supported by directory buckets. + Bucket *BucketInfo + + // Specifies the location where the bucket will be created. For directory buckets, + // the location type is Availability Zone. This functionality is only supported by + // directory buckets. + Location *LocationInfo + + // Specifies the Region where the bucket will be created. You might choose a + // Region to optimize latency, minimize costs, or address regulatory requirements. + // For example, if you reside in Europe, you will probably find it advantageous to + // create buckets in the Europe (Ireland) Region. For more information, see + // Accessing a bucket (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html#access-bucket-intro) + // in the Amazon S3 User Guide. If you don't specify a Region, the bucket is + // created in the US East (N. Virginia) Region (us-east-1) by default. This + // functionality is not supported for directory buckets. LocationConstraint BucketLocationConstraint noSmithyDocumentSerde @@ -488,7 +544,7 @@ type CSVInput struct { // Specifies that CSV field values may contain quoted record delimiters and such // records should be allowed. Default value is FALSE. Setting this value to TRUE // may lower performance. - AllowQuotedRecordDelimiter bool + AllowQuotedRecordDelimiter *bool // A single character used to indicate that a row should be ignored when the // character is present at the start of that row. You can specify any character to @@ -563,7 +619,7 @@ type DefaultRetention struct { // The number of days that you want to specify for the default retention period. // Must be used with Mode . - Days int32 + Days *int32 // The default Object Lock retention mode you want to apply to new objects placed // in the specified bucket. Must be used with either Days or Years . @@ -571,7 +627,7 @@ type DefaultRetention struct { // The number of years that you want to specify for the default retention period. // Must be used with Mode . - Years int32 + Years *int32 noSmithyDocumentSerde } @@ -579,14 +635,17 @@ type DefaultRetention struct { // Container for the objects to delete. type Delete struct { - // The object to delete. + // The object to delete. Directory buckets - For directory buckets, an object + // that's composed entirely of whitespace characters is not supported by the + // DeleteObjects API operation. The request will receive a 400 Bad Request error + // and none of the objects in the request will be deleted. // // This member is required. Objects []ObjectIdentifier // Element to enable quiet mode for the request. When you add this element, you - // must set its value to true. - Quiet bool + // must set its value to true . + Quiet *bool noSmithyDocumentSerde } @@ -597,18 +656,21 @@ type DeletedObject struct { // Indicates whether the specified object version that was permanently deleted was // (true) or was not (false) a delete marker before deletion. In a simple DELETE, // this header indicates whether (true) or not (false) the current version of the - // object is a delete marker. - DeleteMarker bool + // object is a delete marker. This functionality is not supported for directory + // buckets. + DeleteMarker *bool // The version ID of the delete marker created as a result of the DELETE // operation. If you delete a specific object version, the value returned by this - // header is the version ID of the object version deleted. + // header is the version ID of the object version deleted. This functionality is + // not supported for directory buckets. DeleteMarkerVersionId *string // The name of the deleted object. Key *string - // The version ID of the deleted object. + // The version ID of the deleted object. This functionality is not supported for + // directory buckets. VersionId *string noSmithyDocumentSerde @@ -619,12 +681,12 @@ type DeleteMarkerEntry struct { // Specifies whether the object is (true) or is not (false) the latest version of // an object. - IsLatest bool + IsLatest *bool // The object key. Key *string - // Date and time the object was last modified. + // Date and time when the object was last modified. LastModified *time.Time // The account that created the delete marker.> @@ -1178,7 +1240,8 @@ type Error struct { // error message. Message *string - // The version ID of the error. + // The version ID of the error. This functionality is not supported for directory + // buckets. VersionId *string noSmithyDocumentSerde @@ -1240,10 +1303,10 @@ type GetObjectAttributesParts struct { // Indicates whether the returned list of parts is truncated. A value of true // indicates that the list was truncated. A list can be truncated if the number of // parts exceeds the limit returned in the MaxParts element. - IsTruncated bool + IsTruncated *bool // The maximum number of parts allowed in the response. - MaxParts int32 + MaxParts *int32 // When a list is truncated, this element specifies the last part in the list, as // well as the value to use for the PartNumberMarker request parameter in a @@ -1255,10 +1318,17 @@ type GetObjectAttributesParts struct { // A container for elements related to a particular part. A response can contain // zero or more Parts elements. + // - General purpose buckets - For GetObjectAttributes , if a additional checksum + // (including x-amz-checksum-crc32 , x-amz-checksum-crc32c , x-amz-checksum-sha1 + // , or x-amz-checksum-sha256 ) isn't applied to the object specified in the + // request, the response doesn't return Part . + // - Directory buckets - For GetObjectAttributes , no matter whether a additional + // checksum is applied to the object specified in the request, the response returns + // Part . Parts []ObjectPart // The total number of parts. - TotalPartsCount int32 + TotalPartsCount *int32 noSmithyDocumentSerde } @@ -1342,11 +1412,15 @@ type IndexDocument struct { // Container element that identifies who initiated the multipart upload. type Initiator struct { - // Name of the Principal. + // Name of the Principal. This functionality is not supported for directory + // buckets. DisplayName *string // If the principal is an Amazon Web Services account, it provides the Canonical // User ID. If the principal is an IAM User, it provides a user ARN value. + // Directory buckets - If the principal is an Amazon Web Services account, it + // provides the Amazon Web Services account ID. If the principal is an IAM User, it + // provides a user ARN value. ID *string noSmithyDocumentSerde @@ -1463,7 +1537,7 @@ type InventoryConfiguration struct { // inventory list is generated. If set to False , no inventory list is generated. // // This member is required. - IsEnabled bool + IsEnabled *bool // Specifies the schedule for generating inventory results. // @@ -1617,13 +1691,13 @@ type LifecycleExpiration struct { // Indicates the lifetime, in days, of the objects that are subject to the rule. // The value must be a non-zero positive integer. - Days int32 + Days *int32 // Indicates whether Amazon S3 will remove a delete marker with no noncurrent // versions. If set to true, the delete marker will be expired; if set to false the // policy takes no action. This cannot be specified with Days or Date in a // Lifecycle Expiration Policy. - ExpiredObjectDeleteMarker bool + ExpiredObjectDeleteMarker *bool noSmithyDocumentSerde } @@ -1693,10 +1767,10 @@ type LifecycleRule struct { type LifecycleRuleAndOperator struct { // Minimum object size to which the rule applies. - ObjectSizeGreaterThan int64 + ObjectSizeGreaterThan *int64 // Maximum object size to which the rule applies. - ObjectSizeLessThan int64 + ObjectSizeLessThan *int64 // Prefix identifying one or more objects to which the rule applies. Prefix *string @@ -1773,6 +1847,24 @@ type LifecycleRuleFilterMemberTag struct { func (*LifecycleRuleFilterMemberTag) isLifecycleRuleFilter() {} +// Specifies the location where the bucket will be created. For directory buckets, +// the location type is Availability Zone. For more information about directory +// buckets, see Directory buckets (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) +// in the Amazon S3 User Guide. This functionality is only supported by directory +// buckets. +type LocationInfo struct { + + // The name of the location where the bucket will be created. For directory + // buckets, the AZ ID of the Availability Zone where the bucket will be created. An + // example AZ ID value is usw2-az2 . + Name *string + + // The type of location where the bucket will be created. + Type LocationType + + noSmithyDocumentSerde +} + // Describes where logs are stored and the prefix that Amazon S3 assigns to all // log object keys for a bucket. For more information, see PUT Bucket logging (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlogging.html) // in the Amazon S3 API Reference. @@ -1801,6 +1893,9 @@ type LoggingEnabled struct { // in the Amazon S3 User Guide. TargetGrants []TargetGrant + // Amazon S3 key format for log objects. + TargetObjectKeyFormat *TargetObjectKeyFormat + noSmithyDocumentSerde } @@ -1941,9 +2036,13 @@ type MultipartUpload struct { Key *string // Specifies the owner of the object that is part of the multipart upload. + // Directory buckets - The bucket owner is returned as the object owner for all the + // objects. Owner *Owner - // The class of storage used to store the object. + // The class of storage used to store the object. Directory buckets - Only the S3 + // Express One Zone storage class is supported by directory buckets to store + // objects. StorageClass StorageClass // Upload ID that identifies the multipart upload. @@ -1959,19 +2058,19 @@ type MultipartUpload struct { // the object's lifetime. type NoncurrentVersionExpiration struct { - // Specifies how many noncurrent versions Amazon S3 will retain. If there are this - // many more recent noncurrent versions, Amazon S3 will take the associated action. - // For more information about noncurrent versions, see Lifecycle configuration - // elements (https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) + // Specifies how many newer noncurrent versions must exist before Amazon S3 can + // perform the associated action on a given version. If there are this many more + // recent noncurrent versions, Amazon S3 will take the associated action. For more + // information about noncurrent versions, see Lifecycle configuration elements (https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) // in the Amazon S3 User Guide. - NewerNoncurrentVersions int32 + NewerNoncurrentVersions *int32 // Specifies the number of days an object is noncurrent before Amazon S3 can // perform the associated action. The value must be a non-zero positive integer. // For information about the noncurrent days calculations, see How Amazon S3 // Calculates When an Object Became Noncurrent (https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) // in the Amazon S3 User Guide. - NoncurrentDays int32 + NoncurrentDays *int32 noSmithyDocumentSerde } @@ -1985,19 +2084,19 @@ type NoncurrentVersionExpiration struct { // specific period in the object's lifetime. type NoncurrentVersionTransition struct { - // Specifies how many noncurrent versions Amazon S3 will retain. If there are this - // many more recent noncurrent versions, Amazon S3 will take the associated action. - // For more information about noncurrent versions, see Lifecycle configuration - // elements (https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) + // Specifies how many newer noncurrent versions must exist before Amazon S3 can + // perform the associated action on a given version. If there are this many more + // recent noncurrent versions, Amazon S3 will take the associated action. For more + // information about noncurrent versions, see Lifecycle configuration elements (https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) // in the Amazon S3 User Guide. - NewerNoncurrentVersions int32 + NewerNoncurrentVersions *int32 // Specifies the number of days an object is noncurrent before Amazon S3 can // perform the associated action. For information about the noncurrent days // calculations, see How Amazon S3 Calculates How Long an Object Has Been // Noncurrent (https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) // in the Amazon S3 User Guide. - NoncurrentDays int32 + NoncurrentDays *int32 // The class of storage used to store the object. StorageClass TransitionStorageClass @@ -2059,6 +2158,7 @@ type Object struct { // encryption. If an object is larger than 16 MB, the Amazon Web Services // Management Console will upload or copy that object as a Multipart Upload, and // therefore the ETag will not be an MD5 digest. + // Directory buckets - MD5 is not supported by directory buckets. ETag *string // The name that you assign to an object. You use the object key to retrieve the @@ -2068,20 +2168,25 @@ type Object struct { // Creation date of the object. LastModified *time.Time - // The owner of the object + // The owner of the object Directory buckets - The bucket owner is returned as the + // object owner. Owner *Owner // Specifies the restoration status of an object. Objects in certain storage // classes must be restored before they can be retrieved. For more information // about these storage classes and how to work with archived objects, see Working // with archived objects (https://docs.aws.amazon.com/AmazonS3/latest/userguide/archived-objects.html) - // in the Amazon S3 User Guide. + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. Only the S3 Express One Zone storage class is supported by directory + // buckets to store objects. RestoreStatus *RestoreStatus // Size in bytes of the object - Size int64 + Size *int64 - // The class of storage used to store the object. + // The class of storage used to store the object. Directory buckets - Only the S3 + // Express One Zone storage class is supported by directory buckets to store + // objects. StorageClass ObjectStorageClass noSmithyDocumentSerde @@ -2098,7 +2203,8 @@ type ObjectIdentifier struct { // This member is required. Key *string - // VersionId for the specific version of the object to delete. + // Version ID for the specific version of the object to delete. This functionality + // is not supported for directory buckets. VersionId *string noSmithyDocumentSerde @@ -2164,32 +2270,38 @@ type ObjectPart struct { ChecksumCRC32 *string // The base64-encoded, 32-bit CRC32C checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32C *string // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use the API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA1 *string // The base64-encoded, 256-bit SHA-256 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA256 *string // The part number identifying the part. This value is a positive integer between // 1 and 10,000. - PartNumber int32 + PartNumber *int32 // The size of the uploaded part in bytes. - Size int64 + Size *int64 noSmithyDocumentSerde } @@ -2205,12 +2317,12 @@ type ObjectVersion struct { // Specifies whether the object is (true) or is not (false) the latest version of // an object. - IsLatest bool + IsLatest *bool // The object key. Key *string - // Date and time the object was last modified. + // Date and time when the object was last modified. LastModified *time.Time // Specifies the owner of the object. @@ -2224,7 +2336,7 @@ type ObjectVersion struct { RestoreStatus *RestoreStatus // Size in bytes of the object. - Size int64 + Size *int64 // The class of storage used to store the object. StorageClass ObjectVersionStorageClass @@ -2269,6 +2381,7 @@ type Owner struct { // - Asia Pacific (Tokyo) // - Europe (Ireland) // - South America (São Paulo) + // This functionality is not supported for directory buckets. DisplayName *string // Container for the ID of the owner. @@ -2299,9 +2412,16 @@ type OwnershipControlsRule struct { // BucketOwnerEnforced - Access control lists (ACLs) are disabled and no longer // affect permissions. The bucket owner automatically owns and has full control // over every object in the bucket. The bucket only accepts PUT requests that don't - // specify an ACL or bucket owner full control ACLs, such as the - // bucket-owner-full-control canned ACL or an equivalent form of this ACL expressed - // in the XML format. + // specify an ACL or specify bucket owner full control ACLs (such as the predefined + // bucket-owner-full-control canned ACL or a custom ACL in XML format that grants + // the same permissions). By default, ObjectOwnership is set to BucketOwnerEnforced + // and ACLs are disabled. We recommend keeping ACLs disabled, except in uncommon + // use cases where you must control access for each object individually. For more + // information about S3 Object Ownership, see Controlling ownership of objects and + // disabling ACLs for your bucket (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) + // in the Amazon S3 User Guide. This functionality is not supported for directory + // buckets. Directory buckets use the bucket owner enforced setting for S3 Object + // Ownership. // // This member is required. ObjectOwnership ObjectOwnership @@ -2325,16 +2445,20 @@ type Part struct { ChecksumCRC32 *string // The base64-encoded, 32-bit CRC32C checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32C *string // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this may not - // be a checksum value of the object. For more information about how checksums are - // calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use the API operation on an + // object that was uploaded using multipart uploads, this value may not be a direct + // checksum value of the full object. Instead, it's a calculation based on the + // checksum values of each individual part. For more information about how + // checksums are calculated with multipart uploads, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA1 *string @@ -2353,10 +2477,23 @@ type Part struct { // Part number identifying the part. This is a positive integer between 1 and // 10,000. - PartNumber int32 + PartNumber *int32 // Size in bytes of the uploaded part data. - Size int64 + Size *int64 + + noSmithyDocumentSerde +} + +// Amazon S3 keys for log objects are partitioned in the following format: +// [DestinationPrefix][SourceAccountId]/[SourceRegion]/[SourceBucket]/[YYYY]/[MM]/[DD]/[YYYY]-[MM]-[DD]-[hh]-[mm]-[ss]-[UniqueString] +// PartitionedPrefix defaults to EventTime delivery when server access logs are +// delivered. +type PartitionedPrefix struct { + + // Specifies the partition date source for the partitioned prefix. + // PartitionDateSource can be EventTime or DeliveryTime. + PartitionDateSource PartitionDateSource noSmithyDocumentSerde } @@ -2366,7 +2503,7 @@ type PolicyStatus struct { // The policy status for this bucket. TRUE indicates that this bucket is public. // FALSE indicates that the bucket is not public. - IsPublic bool + IsPublic *bool noSmithyDocumentSerde } @@ -2375,13 +2512,13 @@ type PolicyStatus struct { type Progress struct { // The current number of uncompressed object bytes processed. - BytesProcessed int64 + BytesProcessed *int64 // The current number of bytes of records payload data returned. - BytesReturned int64 + BytesReturned *int64 // The current number of object bytes scanned. - BytesScanned int64 + BytesScanned *int64 noSmithyDocumentSerde } @@ -2410,20 +2547,20 @@ type PublicAccessBlockConfiguration struct { // - PUT Object calls fail if the request includes a public ACL. // - PUT Bucket calls fail if the request includes a public ACL. // Enabling this setting doesn't affect existing policies or ACLs. - BlockPublicAcls bool + BlockPublicAcls *bool // Specifies whether Amazon S3 should block public bucket policies for this // bucket. Setting this element to TRUE causes Amazon S3 to reject calls to PUT // Bucket policy if the specified bucket policy allows public access. Enabling this // setting doesn't affect existing bucket policies. - BlockPublicPolicy bool + BlockPublicPolicy *bool // Specifies whether Amazon S3 should ignore public ACLs for this bucket and // objects in this bucket. Setting this element to TRUE causes Amazon S3 to ignore // all public ACLs on this bucket and objects in this bucket. Enabling this setting // doesn't affect the persistence of any existing ACLs and doesn't prevent new // public ACLs from being set. - IgnorePublicAcls bool + IgnorePublicAcls *bool // Specifies whether Amazon S3 should restrict public bucket policies for this // bucket. Setting this element to TRUE restricts access to this bucket to only @@ -2432,7 +2569,7 @@ type PublicAccessBlockConfiguration struct { // stored bucket policies, except that public and cross-account access within any // public bucket policy, including non-public delegation to specific accounts, is // blocked. - RestrictPublicBuckets bool + RestrictPublicBuckets *bool noSmithyDocumentSerde } @@ -2622,7 +2759,7 @@ type ReplicationRule struct { // rule with the highest priority. The higher the number, the higher the priority. // For more information, see Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) // in the Amazon S3 User Guide. - Priority int32 + Priority *int32 // A container that describes additional filters for identifying the source // objects that you want to replicate. You can choose to enable or disable the @@ -2729,7 +2866,7 @@ type ReplicationTime struct { type ReplicationTimeValue struct { // Contains an integer specifying time in minutes. Valid value: 15 - Minutes int32 + Minutes *int32 noSmithyDocumentSerde } @@ -2750,7 +2887,7 @@ type RequestProgress struct { // Specifies whether periodic QueryProgress frames should be sent. Valid values: // TRUE, FALSE. Default value: FALSE. - Enabled bool + Enabled *bool noSmithyDocumentSerde } @@ -2761,7 +2898,7 @@ type RestoreRequest struct { // Lifetime of the active copy in days. Do not use with restores that specify // OutputLocation . The Days element is required for regular restores, and must not // be provided for select requests. - Days int32 + Days *int32 // The optional description for the job. Description *string @@ -2789,7 +2926,9 @@ type RestoreRequest struct { // classes must be restored before they can be retrieved. For more information // about these storage classes and how to work with archived objects, see Working // with archived objects (https://docs.aws.amazon.com/AmazonS3/latest/userguide/archived-objects.html) -// in the Amazon S3 User Guide. +// in the Amazon S3 User Guide. This functionality is not supported for directory +// buckets. Only the S3 Express One Zone storage class is supported by directory +// buckets to store objects. type RestoreStatus struct { // Specifies whether the object is currently being restored. If the object @@ -2799,7 +2938,7 @@ type RestoreStatus struct { // x-amz-optional-object-attributes: IsRestoreInProgress="false", // RestoreExpiryDate="2012-12-21T00:00:00.000Z" If the object hasn't been restored, // there is no header response. - IsRestoreInProgress bool + IsRestoreInProgress *bool // Indicates when the restored copy will expire. This value is populated only if // the object has already been restored. For example: @@ -2886,13 +3025,13 @@ type ScanRange struct { // non-negative integers. The default value is one less than the size of the object // being queried. If only the End parameter is supplied, it is interpreted to mean // scan the last N bytes of the file. For example, 50 means scan the last 50 bytes. - End int64 + End *int64 // Specifies the start of the byte range. This parameter is optional. Valid // values: non-negative integers. The default value is 0. If only start is // supplied, it means scan from that point to the end of the file. For example, 50 // means scan from byte 50 until the end of the file. - Start int64 + Start *int64 noSmithyDocumentSerde } @@ -3042,11 +3181,54 @@ type ServerSideEncryptionRule struct { // to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled. For more // information, see Amazon S3 Bucket Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) // in the Amazon S3 User Guide. - BucketKeyEnabled bool + BucketKeyEnabled *bool noSmithyDocumentSerde } +// The established temporary security credentials of the session. Directory +// buckets - These session credentials are only supported for the authentication +// and authorization of Zonal endpoint APIs on directory buckets. +type SessionCredentials struct { + + // A unique identifier that's associated with a secret access key. The access key + // ID and the secret access key are used together to sign programmatic Amazon Web + // Services requests cryptographically. + // + // This member is required. + AccessKeyId *string + + // Temporary security credentials expire after a specified interval. After + // temporary credentials expire, any calls that you make with those credentials + // will fail. So you must generate a new set of temporary credentials. Temporary + // credentials cannot be extended or refreshed beyond the original specified + // interval. + // + // This member is required. + Expiration *time.Time + + // A key that's used with the access key ID to cryptographically sign programmatic + // Amazon Web Services requests. Signing a request identifies the sender and + // prevents the request from being altered. + // + // This member is required. + SecretAccessKey *string + + // A part of the temporary security credentials. The session token is used to + // validate the temporary security credentials. + // + // This member is required. + SessionToken *string + + noSmithyDocumentSerde +} + +// To use simple format for S3 keys for log objects, set SimplePrefix to an empty +// object. [DestinationPrefix][YYYY]-[MM]-[DD]-[hh]-[mm]-[ss]-[UniqueString] +type SimplePrefix struct { + noSmithyDocumentSerde +} + // A container that describes additional filters for identifying the source // objects that you want to replicate. You can choose to enable or disable the // replication of these objects. Currently, Amazon S3 supports only the filter that @@ -3106,13 +3288,13 @@ type SSES3 struct { type Stats struct { // The total number of uncompressed object bytes processed. - BytesProcessed int64 + BytesProcessed *int64 // The total number of bytes of records payload data returned. - BytesReturned int64 + BytesReturned *int64 // The total number of object bytes scanned. - BytesScanned int64 + BytesScanned *int64 noSmithyDocumentSerde } @@ -3196,6 +3378,20 @@ type TargetGrant struct { noSmithyDocumentSerde } +// Amazon S3 key format for log objects. Only one format, PartitionedPrefix or +// SimplePrefix, is allowed. +type TargetObjectKeyFormat struct { + + // Partitioned S3 key for log objects. + PartitionedPrefix *PartitionedPrefix + + // To use the simple format for S3 keys for log objects. To specify SimplePrefix + // format, set SimplePrefix to {}. + SimplePrefix *SimplePrefix + + noSmithyDocumentSerde +} + // The S3 Intelligent-Tiering storage class is designed to optimize storage costs // by automatically moving data to the most cost-effective storage access tier, // without additional operational overhead. @@ -3215,7 +3411,7 @@ type Tiering struct { // days). // // This member is required. - Days int32 + Days *int32 noSmithyDocumentSerde } @@ -3262,7 +3458,7 @@ type Transition struct { // Indicates the number of days after creation when objects are transitioned to // the specified storage class. The value must be a positive integer. - Days int32 + Days *int32 // The storage class to which you want the object to transition. StorageClass TransitionStorageClass diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/validators.go b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/validators.go index ccd845a71..e954b302d 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/s3/validators.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/s3/validators.go @@ -110,6 +110,26 @@ func (m *validateOpCreateMultipartUpload) HandleInitialize(ctx context.Context, return next.HandleInitialize(ctx, in) } +type validateOpCreateSession struct { +} + +func (*validateOpCreateSession) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpCreateSession) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*CreateSessionInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpCreateSessionInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + type validateOpDeleteBucketAnalyticsConfiguration struct { } @@ -1870,6 +1890,10 @@ func addOpCreateMultipartUploadValidationMiddleware(stack *middleware.Stack) err return stack.Initialize.Add(&validateOpCreateMultipartUpload{}, middleware.After) } +func addOpCreateSessionValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpCreateSession{}, middleware.After) +} + func addOpDeleteBucketAnalyticsConfigurationValidationMiddleware(stack *middleware.Stack) error { return stack.Initialize.Add(&validateOpDeleteBucketAnalyticsConfiguration{}, middleware.After) } @@ -2699,6 +2723,9 @@ func validateInventoryConfiguration(v *types.InventoryConfiguration) error { invalidParams.AddNested("Destination", err.(smithy.InvalidParamsError)) } } + if v.IsEnabled == nil { + invalidParams.Add(smithy.NewErrParamRequired("IsEnabled")) + } if v.Filter != nil { if err := validateInventoryFilter(v.Filter); err != nil { invalidParams.AddNested("Filter", err.(smithy.InvalidParamsError)) @@ -3735,6 +3762,9 @@ func validateTiering(v *types.Tiering) error { return nil } invalidParams := smithy.InvalidParamsError{Context: "Tiering"} + if v.Days == nil { + invalidParams.Add(smithy.NewErrParamRequired("Days")) + } if len(v.AccessTier) == 0 { invalidParams.Add(smithy.NewErrParamRequired("AccessTier")) } @@ -3925,6 +3955,21 @@ func validateOpCreateMultipartUploadInput(v *CreateMultipartUploadInput) error { } } +func validateOpCreateSessionInput(v *CreateSessionInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "CreateSessionInput"} + if v.Bucket == nil { + invalidParams.Add(smithy.NewErrParamRequired("Bucket")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + func validateOpDeleteBucketAnalyticsConfigurationInput(v *DeleteBucketAnalyticsConfigurationInput) error { if v == nil { return nil @@ -5444,6 +5489,9 @@ func validateOpUploadPartCopyInput(v *UploadPartCopyInput) error { if v.Key == nil { invalidParams.Add(smithy.NewErrParamRequired("Key")) } + if v.PartNumber == nil { + invalidParams.Add(smithy.NewErrParamRequired("PartNumber")) + } if v.UploadId == nil { invalidParams.Add(smithy.NewErrParamRequired("UploadId")) } @@ -5465,6 +5513,9 @@ func validateOpUploadPartInput(v *UploadPartInput) error { if v.Key == nil { invalidParams.Add(smithy.NewErrParamRequired("Key")) } + if v.PartNumber == nil { + invalidParams.Add(smithy.NewErrParamRequired("PartNumber")) + } if v.UploadId == nil { invalidParams.Add(smithy.NewErrParamRequired("UploadId")) } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/CHANGELOG.md index a4c1d6459..7a4c30c59 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/CHANGELOG.md @@ -1,3 +1,46 @@ +# v1.18.5 (2023-12-08) + +* **Bug Fix**: Reinstate presence of default Retryer in functional options, but still respect max attempts set therein. + +# v1.18.4 (2023-12-07) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.18.3 (2023-12-06) + +* **Bug Fix**: Restore pre-refactor auth behavior where all operations could technically be performed anonymously. + +# v1.18.2 (2023-12-01) + +* **Bug Fix**: Correct wrapping of errors in authentication workflow. +* **Bug Fix**: Correctly recognize cache-wrapped instances of AnonymousCredentials at client construction. +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.18.1 (2023-11-30) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.18.0 (2023-11-29) + +* **Feature**: Expose Options() accessor on service clients. +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.17.5 (2023-11-28.2) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.17.4 (2023-11-28) + +* **Bug Fix**: Respect setting RetryMaxAttempts in functional options at client construction. + +# v1.17.3 (2023-11-20) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.17.2 (2023-11-15) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.17.1 (2023-11-09) * **Dependency Update**: Updated to the latest SDK module versions diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_client.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_client.go index a25792273..e43969925 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_client.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_client.go @@ -11,6 +11,8 @@ import ( "github.com/aws/aws-sdk-go-v2/aws/retry" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http" + internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" + internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" smithydocument "github.com/aws/smithy-go/document" @@ -46,10 +48,22 @@ func New(options Options, optFns ...func(*Options)) *Client { resolveHTTPSignerV4(&options) + resolveEndpointResolverV2(&options) + + resolveAuthSchemeResolver(&options) + for _, fn := range optFns { fn(&options) } + finalizeRetryMaxAttempts(&options) + + ignoreAnonymousAuth(&options) + + wrapWithAnonymousAuth(&options) + + resolveAuthSchemes(&options) + client := &Client{ options: options, } @@ -57,146 +71,25 @@ func New(options Options, optFns ...func(*Options)) *Client { return client } -type Options struct { - // Set of options to modify how an operation is invoked. These apply to all - // operations invoked for this client. Use functional options on operation call to - // modify this list for per operation behavior. - APIOptions []func(*middleware.Stack) error - - // The optional application specific identifier appended to the User-Agent header. - AppID string - - // This endpoint will be given as input to an EndpointResolverV2. It is used for - // providing a custom base endpoint that is subject to modifications by the - // processing EndpointResolverV2. - BaseEndpoint *string - - // Configures the events that will be sent to the configured logger. - ClientLogMode aws.ClientLogMode - - // The credentials object to use when signing requests. - Credentials aws.CredentialsProvider - - // The configuration DefaultsMode that the SDK should use when constructing the - // clients initial default settings. - DefaultsMode aws.DefaultsMode - - // The endpoint options to be used when attempting to resolve an endpoint. - EndpointOptions EndpointResolverOptions - - // The service endpoint resolver. - // - // Deprecated: Deprecated: EndpointResolver and WithEndpointResolver. Providing a - // value for this field will likely prevent you from using any endpoint-related - // service features released after the introduction of EndpointResolverV2 and - // BaseEndpoint. To migrate an EndpointResolver implementation that uses a custom - // endpoint, set the client option BaseEndpoint instead. - EndpointResolver EndpointResolver - - // Resolves the endpoint used for a particular service. This should be used over - // the deprecated EndpointResolver - EndpointResolverV2 EndpointResolverV2 - - // Signature Version 4 (SigV4) Signer - HTTPSignerV4 HTTPSignerV4 - - // The logger writer interface to write logging messages to. - Logger logging.Logger - - // The region to send requests to. (Required) - Region string - - // RetryMaxAttempts specifies the maximum number attempts an API client will call - // an operation that fails with a retryable error. A value of 0 is ignored, and - // will not be used to configure the API client created default retryer, or modify - // per operation call's retry max attempts. When creating a new API Clients this - // member will only be used if the Retryer Options member is nil. This value will - // be ignored if Retryer is not nil. If specified in an operation call's functional - // options with a value that is different than the constructed client's Options, - // the Client's Retryer will be wrapped to use the operation's specific - // RetryMaxAttempts value. - RetryMaxAttempts int - - // RetryMode specifies the retry mode the API client will be created with, if - // Retryer option is not also specified. When creating a new API Clients this - // member will only be used if the Retryer Options member is nil. This value will - // be ignored if Retryer is not nil. Currently does not support per operation call - // overrides, may in the future. - RetryMode aws.RetryMode - - // Retryer guides how HTTP requests should be retried in case of recoverable - // failures. When nil the API client will use a default retryer. The kind of - // default retry created by the API client can be changed with the RetryMode - // option. - Retryer aws.Retryer - - // The RuntimeEnvironment configuration, only populated if the DefaultsMode is set - // to DefaultsModeAuto and is initialized using config.LoadDefaultConfig . You - // should not populate this structure programmatically, or rely on the values here - // within your applications. - RuntimeEnvironment aws.RuntimeEnvironment - - // The initial DefaultsMode used when the client options were constructed. If the - // DefaultsMode was set to aws.DefaultsModeAuto this will store what the resolved - // value was at that point in time. Currently does not support per operation call - // overrides, may in the future. - resolvedDefaultsMode aws.DefaultsMode - - // The HTTP client to invoke API calls with. Defaults to client's default HTTP - // implementation if nil. - HTTPClient HTTPClient +// Options returns a copy of the client configuration. +// +// Callers SHOULD NOT perform mutations on any inner structures within client +// config. Config overrides should instead be made on a per-operation basis through +// functional options. +func (c *Client) Options() Options { + return c.options.Copy() } -// WithAPIOptions returns a functional option for setting the Client's APIOptions -// option. -func WithAPIOptions(optFns ...func(*middleware.Stack) error) func(*Options) { - return func(o *Options) { - o.APIOptions = append(o.APIOptions, optFns...) - } -} - -// Deprecated: EndpointResolver and WithEndpointResolver. Providing a value for -// this field will likely prevent you from using any endpoint-related service -// features released after the introduction of EndpointResolverV2 and BaseEndpoint. -// To migrate an EndpointResolver implementation that uses a custom endpoint, set -// the client option BaseEndpoint instead. -func WithEndpointResolver(v EndpointResolver) func(*Options) { - return func(o *Options) { - o.EndpointResolver = v - } -} - -// WithEndpointResolverV2 returns a functional option for setting the Client's -// EndpointResolverV2 option. -func WithEndpointResolverV2(v EndpointResolverV2) func(*Options) { - return func(o *Options) { - o.EndpointResolverV2 = v - } -} - -type HTTPClient interface { - Do(*http.Request) (*http.Response, error) -} - -// Copy creates a clone where the APIOptions list is deep copied. -func (o Options) Copy() Options { - to := o - to.APIOptions = make([]func(*middleware.Stack) error, len(o.APIOptions)) - copy(to.APIOptions, o.APIOptions) - - return to -} func (c *Client) invokeOperation(ctx context.Context, opID string, params interface{}, optFns []func(*Options), stackFns ...func(*middleware.Stack, Options) error) (result interface{}, metadata middleware.Metadata, err error) { ctx = middleware.ClearStackValues(ctx) stack := middleware.NewStack(opID, smithyhttp.NewStackRequest) options := c.options.Copy() - resolveEndpointResolverV2(&options) for _, fn := range optFns { fn(&options) } - finalizeRetryMaxAttemptOptions(&options, *c) + finalizeOperationRetryMaxAttempts(&options, *c) finalizeClientEndpointResolverOptions(&options) @@ -224,6 +117,63 @@ func (c *Client) invokeOperation(ctx context.Context, opID string, params interf return result, metadata, err } +type operationInputKey struct{} + +func setOperationInput(ctx context.Context, input interface{}) context.Context { + return middleware.WithStackValue(ctx, operationInputKey{}, input) +} + +func getOperationInput(ctx context.Context) interface{} { + return middleware.GetStackValue(ctx, operationInputKey{}) +} + +type setOperationInputMiddleware struct { +} + +func (*setOperationInputMiddleware) ID() string { + return "setOperationInput" +} + +func (m *setOperationInputMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + ctx = setOperationInput(ctx, in.Parameters) + return next.HandleSerialize(ctx, in) +} + +func addProtocolFinalizerMiddlewares(stack *middleware.Stack, options Options, operation string) error { + if err := stack.Finalize.Add(&resolveAuthSchemeMiddleware{operation: operation, options: options}, middleware.Before); err != nil { + return fmt.Errorf("add ResolveAuthScheme: %w", err) + } + if err := stack.Finalize.Insert(&getIdentityMiddleware{options: options}, "ResolveAuthScheme", middleware.After); err != nil { + return fmt.Errorf("add GetIdentity: %v", err) + } + if err := stack.Finalize.Insert(&resolveEndpointV2Middleware{options: options}, "GetIdentity", middleware.After); err != nil { + return fmt.Errorf("add ResolveEndpointV2: %v", err) + } + if err := stack.Finalize.Insert(&signRequestMiddleware{}, "ResolveEndpointV2", middleware.After); err != nil { + return fmt.Errorf("add Signing: %w", err) + } + return nil +} +func resolveAuthSchemeResolver(options *Options) { + if options.AuthSchemeResolver == nil { + options.AuthSchemeResolver = &defaultAuthSchemeResolver{} + } +} + +func resolveAuthSchemes(options *Options) { + if options.AuthSchemes == nil { + options.AuthSchemes = []smithyhttp.AuthScheme{ + internalauth.NewHTTPAuthScheme("aws.auth#sigv4", &internalauthsmithy.V4SignerAdapter{ + Signer: options.HTTPSignerV4, + Logger: options.Logger, + LogSigning: options.ClientLogMode.IsSigning(), + }), + } + } +} + type noSmithyDocumentSerde = smithydocument.NoSerde type legacyEndpointContextSetter struct { @@ -387,7 +337,15 @@ func resolveAWSRetryMaxAttempts(cfg aws.Config, o *Options) { o.RetryMaxAttempts = cfg.RetryMaxAttempts } -func finalizeRetryMaxAttemptOptions(o *Options, client Client) { +func finalizeRetryMaxAttempts(o *Options) { + if o.RetryMaxAttempts == 0 { + return + } + + o.Retryer = retry.AddWithMaxAttempts(o.Retryer, o.RetryMaxAttempts) +} + +func finalizeOperationRetryMaxAttempts(o *Options, client Client) { if v := o.RetryMaxAttempts; v == 0 || v == client.options.RetryMaxAttempts { return } @@ -414,15 +372,6 @@ func addClientUserAgent(stack *middleware.Stack, options Options) error { return nil } -func addHTTPSignerV4Middleware(stack *middleware.Stack, o Options) error { - mw := v4.NewSignHTTPRequestMiddleware(v4.SignHTTPRequestMiddlewareOptions{ - CredentialsProvider: o.Credentials, - Signer: o.HTTPSignerV4, - LogSigning: o.ClientLogMode.IsSigning(), - }) - return stack.Finalize.Add(mw, middleware.After) -} - type HTTPSignerV4 interface { SignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time, optFns ...func(*v4.SignerOptions)) error } @@ -496,31 +445,31 @@ func addRequestResponseLogging(stack *middleware.Stack, o Options) error { }, middleware.After) } -type endpointDisableHTTPSMiddleware struct { - EndpointDisableHTTPS bool +type disableHTTPSMiddleware struct { + DisableHTTPS bool } -func (*endpointDisableHTTPSMiddleware) ID() string { - return "endpointDisableHTTPSMiddleware" +func (*disableHTTPSMiddleware) ID() string { + return "disableHTTPS" } -func (m *endpointDisableHTTPSMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, +func (m *disableHTTPSMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) } - if m.EndpointDisableHTTPS && !smithyhttp.GetHostnameImmutable(ctx) { + if m.DisableHTTPS && !smithyhttp.GetHostnameImmutable(ctx) { req.URL.Scheme = "http" } - return next.HandleSerialize(ctx, in) + return next.HandleFinalize(ctx, in) +} -} -func addendpointDisableHTTPSMiddleware(stack *middleware.Stack, o Options) error { - return stack.Serialize.Insert(&endpointDisableHTTPSMiddleware{ - EndpointDisableHTTPS: o.EndpointOptions.DisableHTTPS, - }, "OperationSerializer", middleware.Before) +func addDisableHTTPSMiddleware(stack *middleware.Stack, o Options) error { + return stack.Finalize.Insert(&disableHTTPSMiddleware{ + DisableHTTPS: o.EndpointOptions.DisableHTTPS, + }, "ResolveEndpointV2", middleware.After) } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_GetRoleCredentials.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_GetRoleCredentials.go index 0383bb0bd..436eadc86 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_GetRoleCredentials.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_GetRoleCredentials.go @@ -4,13 +4,9 @@ package sso import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" "github.com/aws/aws-sdk-go-v2/service/sso/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) @@ -66,6 +62,9 @@ type GetRoleCredentialsOutput struct { } func (c *Client) addOperationGetRoleCredentialsMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestjson1_serializeOpGetRoleCredentials{}, middleware.After) if err != nil { return err @@ -74,6 +73,10 @@ func (c *Client) addOperationGetRoleCredentialsMiddlewares(stack *middleware.Sta if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetRoleCredentials"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -107,7 +110,7 @@ func (c *Client) addOperationGetRoleCredentialsMiddlewares(stack *middleware.Sta if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = addGetRoleCredentialsResolveEndpointMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } if err = addOpGetRoleCredentialsValidationMiddleware(stack); err != nil { @@ -128,7 +131,7 @@ func (c *Client) addOperationGetRoleCredentialsMiddlewares(stack *middleware.Sta if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } return nil @@ -141,126 +144,3 @@ func newServiceMetadataMiddleware_opGetRoleCredentials(region string) *awsmiddle OperationName: "GetRoleCredentials", } } - -type opGetRoleCredentialsResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetRoleCredentialsResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetRoleCredentialsResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "awsssoportal" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "awsssoportal" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("awsssoportal") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetRoleCredentialsResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetRoleCredentialsResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - Endpoint: options.BaseEndpoint, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_ListAccountRoles.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_ListAccountRoles.go index cc28543f8..d81b06770 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_ListAccountRoles.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_ListAccountRoles.go @@ -4,13 +4,9 @@ package sso import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" "github.com/aws/aws-sdk-go-v2/service/sso/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) @@ -71,6 +67,9 @@ type ListAccountRolesOutput struct { } func (c *Client) addOperationListAccountRolesMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestjson1_serializeOpListAccountRoles{}, middleware.After) if err != nil { return err @@ -79,6 +78,10 @@ func (c *Client) addOperationListAccountRolesMiddlewares(stack *middleware.Stack if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "ListAccountRoles"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -112,7 +115,7 @@ func (c *Client) addOperationListAccountRolesMiddlewares(stack *middleware.Stack if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = addListAccountRolesResolveEndpointMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } if err = addOpListAccountRolesValidationMiddleware(stack); err != nil { @@ -133,7 +136,7 @@ func (c *Client) addOperationListAccountRolesMiddlewares(stack *middleware.Stack if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } return nil @@ -236,126 +239,3 @@ func newServiceMetadataMiddleware_opListAccountRoles(region string) *awsmiddlewa OperationName: "ListAccountRoles", } } - -type opListAccountRolesResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opListAccountRolesResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opListAccountRolesResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "awsssoportal" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "awsssoportal" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("awsssoportal") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addListAccountRolesResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opListAccountRolesResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - Endpoint: options.BaseEndpoint, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_ListAccounts.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_ListAccounts.go index 567f6c669..38f8472ae 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_ListAccounts.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_ListAccounts.go @@ -4,13 +4,9 @@ package sso import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" "github.com/aws/aws-sdk-go-v2/service/sso/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) @@ -69,6 +65,9 @@ type ListAccountsOutput struct { } func (c *Client) addOperationListAccountsMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestjson1_serializeOpListAccounts{}, middleware.After) if err != nil { return err @@ -77,6 +76,10 @@ func (c *Client) addOperationListAccountsMiddlewares(stack *middleware.Stack, op if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "ListAccounts"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -110,7 +113,7 @@ func (c *Client) addOperationListAccountsMiddlewares(stack *middleware.Stack, op if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = addListAccountsResolveEndpointMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } if err = addOpListAccountsValidationMiddleware(stack); err != nil { @@ -131,7 +134,7 @@ func (c *Client) addOperationListAccountsMiddlewares(stack *middleware.Stack, op if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } return nil @@ -233,126 +236,3 @@ func newServiceMetadataMiddleware_opListAccounts(region string) *awsmiddleware.R OperationName: "ListAccounts", } } - -type opListAccountsResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opListAccountsResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opListAccountsResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "awsssoportal" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "awsssoportal" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("awsssoportal") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addListAccountsResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opListAccountsResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - Endpoint: options.BaseEndpoint, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_Logout.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_Logout.go index c30da0296..82e98a894 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_Logout.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_Logout.go @@ -4,12 +4,8 @@ package sso import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) @@ -61,6 +57,9 @@ type LogoutOutput struct { } func (c *Client) addOperationLogoutMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestjson1_serializeOpLogout{}, middleware.After) if err != nil { return err @@ -69,6 +68,10 @@ func (c *Client) addOperationLogoutMiddlewares(stack *middleware.Stack, options if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "Logout"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -102,7 +105,7 @@ func (c *Client) addOperationLogoutMiddlewares(stack *middleware.Stack, options if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = addLogoutResolveEndpointMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } if err = addOpLogoutValidationMiddleware(stack); err != nil { @@ -123,7 +126,7 @@ func (c *Client) addOperationLogoutMiddlewares(stack *middleware.Stack, options if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } return nil @@ -136,126 +139,3 @@ func newServiceMetadataMiddleware_opLogout(region string) *awsmiddleware.Registe OperationName: "Logout", } } - -type opLogoutResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opLogoutResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opLogoutResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "awsssoportal" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "awsssoportal" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("awsssoportal") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addLogoutResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opLogoutResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - Endpoint: options.BaseEndpoint, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/auth.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/auth.go new file mode 100644 index 000000000..3b28e825d --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/auth.go @@ -0,0 +1,308 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package sso + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { + params.Region = options.Region +} + +type setLegacyContextSigningOptionsMiddleware struct { +} + +func (*setLegacyContextSigningOptionsMiddleware) ID() string { + return "setLegacyContextSigningOptions" +} + +func (m *setLegacyContextSigningOptionsMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + rscheme := getResolvedAuthScheme(ctx) + schemeID := rscheme.Scheme.SchemeID() + + if sn := awsmiddleware.GetSigningName(ctx); sn != "" { + if schemeID == "aws.auth#sigv4" { + smithyhttp.SetSigV4SigningName(&rscheme.SignerProperties, sn) + } else if schemeID == "aws.auth#sigv4a" { + smithyhttp.SetSigV4ASigningName(&rscheme.SignerProperties, sn) + } + } + + if sr := awsmiddleware.GetSigningRegion(ctx); sr != "" { + if schemeID == "aws.auth#sigv4" { + smithyhttp.SetSigV4SigningRegion(&rscheme.SignerProperties, sr) + } else if schemeID == "aws.auth#sigv4a" { + smithyhttp.SetSigV4ASigningRegions(&rscheme.SignerProperties, []string{sr}) + } + } + + return next.HandleFinalize(ctx, in) +} + +func addSetLegacyContextSigningOptionsMiddleware(stack *middleware.Stack) error { + return stack.Finalize.Insert(&setLegacyContextSigningOptionsMiddleware{}, "Signing", middleware.Before) +} + +type withAnonymous struct { + resolver AuthSchemeResolver +} + +var _ AuthSchemeResolver = (*withAnonymous)(nil) + +func (v *withAnonymous) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) { + opts, err := v.resolver.ResolveAuthSchemes(ctx, params) + if err != nil { + return nil, err + } + + opts = append(opts, &smithyauth.Option{ + SchemeID: smithyauth.SchemeIDAnonymous, + }) + return opts, nil +} + +func wrapWithAnonymousAuth(options *Options) { + if _, ok := options.AuthSchemeResolver.(*defaultAuthSchemeResolver); !ok { + return + } + + options.AuthSchemeResolver = &withAnonymous{ + resolver: options.AuthSchemeResolver, + } +} + +// AuthResolverParameters contains the set of inputs necessary for auth scheme +// resolution. +type AuthResolverParameters struct { + // The name of the operation being invoked. + Operation string + + // The region in which the operation is being invoked. + Region string +} + +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { + params := &AuthResolverParameters{ + Operation: operation, + } + + bindAuthParamsRegion(params, input, options) + + return params +} + +// AuthSchemeResolver returns a set of possible authentication options for an +// operation. +type AuthSchemeResolver interface { + ResolveAuthSchemes(context.Context, *AuthResolverParameters) ([]*smithyauth.Option, error) +} + +type defaultAuthSchemeResolver struct{} + +var _ AuthSchemeResolver = (*defaultAuthSchemeResolver)(nil) + +func (*defaultAuthSchemeResolver) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) { + if overrides, ok := operationAuthOptions[params.Operation]; ok { + return overrides(params), nil + } + return serviceAuthOptions(params), nil +} + +var operationAuthOptions = map[string]func(*AuthResolverParameters) []*smithyauth.Option{ + "GetRoleCredentials": func(params *AuthResolverParameters) []*smithyauth.Option { + return []*smithyauth.Option{ + {SchemeID: smithyauth.SchemeIDAnonymous}, + } + }, + + "ListAccountRoles": func(params *AuthResolverParameters) []*smithyauth.Option { + return []*smithyauth.Option{ + {SchemeID: smithyauth.SchemeIDAnonymous}, + } + }, + + "ListAccounts": func(params *AuthResolverParameters) []*smithyauth.Option { + return []*smithyauth.Option{ + {SchemeID: smithyauth.SchemeIDAnonymous}, + } + }, + + "Logout": func(params *AuthResolverParameters) []*smithyauth.Option { + return []*smithyauth.Option{ + {SchemeID: smithyauth.SchemeIDAnonymous}, + } + }, +} + +func serviceAuthOptions(params *AuthResolverParameters) []*smithyauth.Option { + return []*smithyauth.Option{ + { + SchemeID: smithyauth.SchemeIDSigV4, + SignerProperties: func() smithy.Properties { + var props smithy.Properties + smithyhttp.SetSigV4SigningName(&props, "awsssoportal") + smithyhttp.SetSigV4SigningRegion(&props, params.Region) + return props + }(), + }, + } +} + +type resolveAuthSchemeMiddleware struct { + operation string + options Options +} + +func (*resolveAuthSchemeMiddleware) ID() string { + return "ResolveAuthScheme" +} + +func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) + if err != nil { + return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) + } + + scheme, ok := m.selectScheme(options) + if !ok { + return out, metadata, fmt.Errorf("could not select an auth scheme") + } + + ctx = setResolvedAuthScheme(ctx, scheme) + return next.HandleFinalize(ctx, in) +} + +func (m *resolveAuthSchemeMiddleware) selectScheme(options []*smithyauth.Option) (*resolvedAuthScheme, bool) { + for _, option := range options { + if option.SchemeID == smithyauth.SchemeIDAnonymous { + return newResolvedAuthScheme(smithyhttp.NewAnonymousScheme(), option), true + } + + for _, scheme := range m.options.AuthSchemes { + if scheme.SchemeID() != option.SchemeID { + continue + } + + if scheme.IdentityResolver(m.options) != nil { + return newResolvedAuthScheme(scheme, option), true + } + } + } + + return nil, false +} + +type resolvedAuthSchemeKey struct{} + +type resolvedAuthScheme struct { + Scheme smithyhttp.AuthScheme + IdentityProperties smithy.Properties + SignerProperties smithy.Properties +} + +func newResolvedAuthScheme(scheme smithyhttp.AuthScheme, option *smithyauth.Option) *resolvedAuthScheme { + return &resolvedAuthScheme{ + Scheme: scheme, + IdentityProperties: option.IdentityProperties, + SignerProperties: option.SignerProperties, + } +} + +func setResolvedAuthScheme(ctx context.Context, scheme *resolvedAuthScheme) context.Context { + return middleware.WithStackValue(ctx, resolvedAuthSchemeKey{}, scheme) +} + +func getResolvedAuthScheme(ctx context.Context) *resolvedAuthScheme { + v, _ := middleware.GetStackValue(ctx, resolvedAuthSchemeKey{}).(*resolvedAuthScheme) + return v +} + +type getIdentityMiddleware struct { + options Options +} + +func (*getIdentityMiddleware) ID() string { + return "GetIdentity" +} + +func (m *getIdentityMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + rscheme := getResolvedAuthScheme(ctx) + if rscheme == nil { + return out, metadata, fmt.Errorf("no resolved auth scheme") + } + + resolver := rscheme.Scheme.IdentityResolver(m.options) + if resolver == nil { + return out, metadata, fmt.Errorf("no identity resolver") + } + + identity, err := resolver.GetIdentity(ctx, rscheme.IdentityProperties) + if err != nil { + return out, metadata, fmt.Errorf("get identity: %w", err) + } + + ctx = setIdentity(ctx, identity) + return next.HandleFinalize(ctx, in) +} + +type identityKey struct{} + +func setIdentity(ctx context.Context, identity smithyauth.Identity) context.Context { + return middleware.WithStackValue(ctx, identityKey{}, identity) +} + +func getIdentity(ctx context.Context) smithyauth.Identity { + v, _ := middleware.GetStackValue(ctx, identityKey{}).(smithyauth.Identity) + return v +} + +type signRequestMiddleware struct { +} + +func (*signRequestMiddleware) ID() string { + return "Signing" +} + +func (m *signRequestMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + req, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, fmt.Errorf("unexpected transport type %T", in.Request) + } + + rscheme := getResolvedAuthScheme(ctx) + if rscheme == nil { + return out, metadata, fmt.Errorf("no resolved auth scheme") + } + + identity := getIdentity(ctx) + if identity == nil { + return out, metadata, fmt.Errorf("no identity") + } + + signer := rscheme.Scheme.Signer() + if signer == nil { + return out, metadata, fmt.Errorf("no signer") + } + + if err := signer.SignRequest(ctx, req, identity, rscheme.SignerProperties); err != nil { + return out, metadata, fmt.Errorf("sign request: %w", err) + } + + return next.HandleFinalize(ctx, in) +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/endpoints.go index 115387059..d31380cf2 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/endpoints.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/endpoints.go @@ -9,8 +9,10 @@ import ( "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" + "github.com/aws/aws-sdk-go-v2/internal/endpoints" "github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn" internalendpoints "github.com/aws/aws-sdk-go-v2/service/sso/internal/endpoints" + smithyauth "github.com/aws/smithy-go/auth" smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" "github.com/aws/smithy-go/ptr" @@ -214,72 +216,6 @@ func resolveBaseEndpoint(cfg aws.Config, o *Options) { } } -// Utility function to aid with translating pseudo-regions to classical regions -// with the appropriate setting indicated by the pseudo-region -func mapPseudoRegion(pr string) (region string, fips aws.FIPSEndpointState) { - const fipsInfix = "-fips-" - const fipsPrefix = "fips-" - const fipsSuffix = "-fips" - - if strings.Contains(pr, fipsInfix) || - strings.Contains(pr, fipsPrefix) || - strings.Contains(pr, fipsSuffix) { - region = strings.ReplaceAll(strings.ReplaceAll(strings.ReplaceAll( - pr, fipsInfix, "-"), fipsPrefix, ""), fipsSuffix, "") - fips = aws.FIPSEndpointStateEnabled - } else { - region = pr - } - - return region, fips -} - -// builtInParameterResolver is the interface responsible for resolving BuiltIn -// values during the sourcing of EndpointParameters -type builtInParameterResolver interface { - ResolveBuiltIns(*EndpointParameters) error -} - -// builtInResolver resolves modeled BuiltIn values using only the members defined -// below. -type builtInResolver struct { - // The AWS region used to dispatch the request. - Region string - - // Sourced BuiltIn value in a historical enabled or disabled state. - UseDualStack aws.DualStackEndpointState - - // Sourced BuiltIn value in a historical enabled or disabled state. - UseFIPS aws.FIPSEndpointState - - // Base endpoint that can potentially be modified during Endpoint resolution. - Endpoint *string -} - -// Invoked at runtime to resolve BuiltIn Values. Only resolution code specific to -// each BuiltIn value is generated. -func (b *builtInResolver) ResolveBuiltIns(params *EndpointParameters) error { - - region, _ := mapPseudoRegion(b.Region) - if len(region) == 0 { - return fmt.Errorf("Could not resolve AWS::Region") - } else { - params.Region = aws.String(region) - } - if b.UseDualStack == aws.DualStackEndpointStateEnabled { - params.UseDualStack = aws.Bool(true) - } else { - params.UseDualStack = aws.Bool(false) - } - if b.UseFIPS == aws.FIPSEndpointStateEnabled { - params.UseFIPS = aws.Bool(true) - } else { - params.UseFIPS = aws.Bool(false) - } - params.Endpoint = b.Endpoint - return nil -} - // EndpointParameters provides the parameters that influence how endpoints are // resolved. type EndpointParameters struct { @@ -517,3 +453,76 @@ func (r *resolver) ResolveEndpoint( } return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: Missing Region") } + +type endpointParamsBinder interface { + bindEndpointParams(*EndpointParameters) +} + +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { + params := &EndpointParameters{} + + params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) + params.UseDualStack = aws.Bool(options.EndpointOptions.UseDualStackEndpoint == aws.DualStackEndpointStateEnabled) + params.UseFIPS = aws.Bool(options.EndpointOptions.UseFIPSEndpoint == aws.FIPSEndpointStateEnabled) + params.Endpoint = options.BaseEndpoint + + if b, ok := input.(endpointParamsBinder); ok { + b.bindEndpointParams(params) + } + + return params +} + +type resolveEndpointV2Middleware struct { + options Options +} + +func (*resolveEndpointV2Middleware) ID() string { + return "ResolveEndpointV2" +} + +func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { + return next.HandleFinalize(ctx, in) + } + + req, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) + } + + if m.options.EndpointResolverV2 == nil { + return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") + } + + params := bindEndpointParams(getOperationInput(ctx), m.options) + endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) + if err != nil { + return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) + } + + if endpt.URI.RawPath == "" && req.URL.RawPath != "" { + endpt.URI.RawPath = endpt.URI.Path + } + req.URL.Scheme = endpt.URI.Scheme + req.URL.Host = endpt.URI.Host + req.URL.Path = smithyhttp.JoinPath(endpt.URI.Path, req.URL.Path) + req.URL.RawPath = smithyhttp.JoinPath(endpt.URI.RawPath, req.URL.RawPath) + for k := range endpt.Headers { + req.Header.Set(k, endpt.Headers.Get(k)) + } + + rscheme := getResolvedAuthScheme(ctx) + if rscheme == nil { + return out, metadata, fmt.Errorf("no resolved auth scheme") + } + + opts, _ := smithyauth.GetAuthOptions(&endpt.Properties) + for _, o := range opts { + rscheme.SignerProperties.SetAll(&o.SignerProperties) + } + + return next.HandleFinalize(ctx, in) +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/generated.json b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/generated.json index 8e6184187..53060bccf 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/generated.json +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/generated.json @@ -13,6 +13,7 @@ "api_op_ListAccountRoles.go", "api_op_ListAccounts.go", "api_op_Logout.go", + "auth.go", "deserializers.go", "doc.go", "endpoints.go", @@ -21,6 +22,7 @@ "generated.json", "internal/endpoints/endpoints.go", "internal/endpoints/endpoints_test.go", + "options.go", "protocol_test.go", "serializers.go", "types/errors.go", diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/go_module_metadata.go index cd496510f..52495f1fb 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/go_module_metadata.go @@ -3,4 +3,4 @@ package sso // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.17.1" +const goModuleVersion = "1.18.5" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/options.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/options.go new file mode 100644 index 000000000..5dee7e53f --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/options.go @@ -0,0 +1,217 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package sso + +import ( + "context" + "github.com/aws/aws-sdk-go-v2/aws" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" + smithyauth "github.com/aws/smithy-go/auth" + "github.com/aws/smithy-go/logging" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" + "net/http" +) + +type HTTPClient interface { + Do(*http.Request) (*http.Response, error) +} + +type Options struct { + // Set of options to modify how an operation is invoked. These apply to all + // operations invoked for this client. Use functional options on operation call to + // modify this list for per operation behavior. + APIOptions []func(*middleware.Stack) error + + // The optional application specific identifier appended to the User-Agent header. + AppID string + + // This endpoint will be given as input to an EndpointResolverV2. It is used for + // providing a custom base endpoint that is subject to modifications by the + // processing EndpointResolverV2. + BaseEndpoint *string + + // Configures the events that will be sent to the configured logger. + ClientLogMode aws.ClientLogMode + + // The credentials object to use when signing requests. + Credentials aws.CredentialsProvider + + // The configuration DefaultsMode that the SDK should use when constructing the + // clients initial default settings. + DefaultsMode aws.DefaultsMode + + // The endpoint options to be used when attempting to resolve an endpoint. + EndpointOptions EndpointResolverOptions + + // The service endpoint resolver. + // + // Deprecated: Deprecated: EndpointResolver and WithEndpointResolver. Providing a + // value for this field will likely prevent you from using any endpoint-related + // service features released after the introduction of EndpointResolverV2 and + // BaseEndpoint. To migrate an EndpointResolver implementation that uses a custom + // endpoint, set the client option BaseEndpoint instead. + EndpointResolver EndpointResolver + + // Resolves the endpoint used for a particular service operation. This should be + // used over the deprecated EndpointResolver. + EndpointResolverV2 EndpointResolverV2 + + // Signature Version 4 (SigV4) Signer + HTTPSignerV4 HTTPSignerV4 + + // The logger writer interface to write logging messages to. + Logger logging.Logger + + // The region to send requests to. (Required) + Region string + + // RetryMaxAttempts specifies the maximum number attempts an API client will call + // an operation that fails with a retryable error. A value of 0 is ignored, and + // will not be used to configure the API client created default retryer, or modify + // per operation call's retry max attempts. If specified in an operation call's + // functional options with a value that is different than the constructed client's + // Options, the Client's Retryer will be wrapped to use the operation's specific + // RetryMaxAttempts value. + RetryMaxAttempts int + + // RetryMode specifies the retry mode the API client will be created with, if + // Retryer option is not also specified. When creating a new API Clients this + // member will only be used if the Retryer Options member is nil. This value will + // be ignored if Retryer is not nil. Currently does not support per operation call + // overrides, may in the future. + RetryMode aws.RetryMode + + // Retryer guides how HTTP requests should be retried in case of recoverable + // failures. When nil the API client will use a default retryer. The kind of + // default retry created by the API client can be changed with the RetryMode + // option. + Retryer aws.Retryer + + // The RuntimeEnvironment configuration, only populated if the DefaultsMode is set + // to DefaultsModeAuto and is initialized using config.LoadDefaultConfig . You + // should not populate this structure programmatically, or rely on the values here + // within your applications. + RuntimeEnvironment aws.RuntimeEnvironment + + // The initial DefaultsMode used when the client options were constructed. If the + // DefaultsMode was set to aws.DefaultsModeAuto this will store what the resolved + // value was at that point in time. Currently does not support per operation call + // overrides, may in the future. + resolvedDefaultsMode aws.DefaultsMode + + // The HTTP client to invoke API calls with. Defaults to client's default HTTP + // implementation if nil. + HTTPClient HTTPClient + + // The auth scheme resolver which determines how to authenticate for each + // operation. + AuthSchemeResolver AuthSchemeResolver + + // The list of auth schemes supported by the client. + AuthSchemes []smithyhttp.AuthScheme +} + +// Copy creates a clone where the APIOptions list is deep copied. +func (o Options) Copy() Options { + to := o + to.APIOptions = make([]func(*middleware.Stack) error, len(o.APIOptions)) + copy(to.APIOptions, o.APIOptions) + + return to +} + +func (o Options) GetIdentityResolver(schemeID string) smithyauth.IdentityResolver { + if schemeID == "aws.auth#sigv4" { + return getSigV4IdentityResolver(o) + } + if schemeID == "smithy.api#noAuth" { + return &smithyauth.AnonymousIdentityResolver{} + } + return nil +} + +// WithAPIOptions returns a functional option for setting the Client's APIOptions +// option. +func WithAPIOptions(optFns ...func(*middleware.Stack) error) func(*Options) { + return func(o *Options) { + o.APIOptions = append(o.APIOptions, optFns...) + } +} + +// Deprecated: EndpointResolver and WithEndpointResolver. Providing a value for +// this field will likely prevent you from using any endpoint-related service +// features released after the introduction of EndpointResolverV2 and BaseEndpoint. +// To migrate an EndpointResolver implementation that uses a custom endpoint, set +// the client option BaseEndpoint instead. +func WithEndpointResolver(v EndpointResolver) func(*Options) { + return func(o *Options) { + o.EndpointResolver = v + } +} + +// WithEndpointResolverV2 returns a functional option for setting the Client's +// EndpointResolverV2 option. +func WithEndpointResolverV2(v EndpointResolverV2) func(*Options) { + return func(o *Options) { + o.EndpointResolverV2 = v + } +} + +func getSigV4IdentityResolver(o Options) smithyauth.IdentityResolver { + if o.Credentials != nil { + return &internalauthsmithy.CredentialsProviderAdapter{Provider: o.Credentials} + } + return nil +} + +// WithSigV4SigningName applies an override to the authentication workflow to +// use the given signing name for SigV4-authenticated operations. +// +// This is an advanced setting. The value here is FINAL, taking precedence over +// the resolved signing name from both auth scheme resolution and endpoint +// resolution. +func WithSigV4SigningName(name string) func(*Options) { + fn := func(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, + ) { + return next.HandleInitialize(awsmiddleware.SetSigningName(ctx, name), in) + } + return func(o *Options) { + o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error { + return s.Initialize.Add( + middleware.InitializeMiddlewareFunc("withSigV4SigningName", fn), + middleware.Before, + ) + }) + } +} + +// WithSigV4SigningRegion applies an override to the authentication workflow to +// use the given signing region for SigV4-authenticated operations. +// +// This is an advanced setting. The value here is FINAL, taking precedence over +// the resolved signing region from both auth scheme resolution and endpoint +// resolution. +func WithSigV4SigningRegion(region string) func(*Options) { + fn := func(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, + ) { + return next.HandleInitialize(awsmiddleware.SetSigningRegion(ctx, region), in) + } + return func(o *Options) { + o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error { + return s.Initialize.Add( + middleware.InitializeMiddlewareFunc("withSigV4SigningRegion", fn), + middleware.Before, + ) + }) + } +} + +func ignoreAnonymousAuth(options *Options) { + if aws.IsCredentialsProvider(options.Credentials, (*aws.AnonymousCredentials)(nil)) { + options.Credentials = nil + } +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/CHANGELOG.md index b47827d72..80df3bdde 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/CHANGELOG.md @@ -1,3 +1,50 @@ +# v1.21.5 (2023-12-08) + +* **Bug Fix**: Reinstate presence of default Retryer in functional options, but still respect max attempts set therein. + +# v1.21.4 (2023-12-07) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.21.3 (2023-12-06) + +* **Bug Fix**: Restore pre-refactor auth behavior where all operations could technically be performed anonymously. + +# v1.21.2 (2023-12-01) + +* **Bug Fix**: Correct wrapping of errors in authentication workflow. +* **Bug Fix**: Correctly recognize cache-wrapped instances of AnonymousCredentials at client construction. +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.21.1 (2023-11-30) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.21.0 (2023-11-29) + +* **Feature**: Expose Options() accessor on service clients. +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.20.3 (2023-11-28.2) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.20.2 (2023-11-28) + +* **Bug Fix**: Respect setting RetryMaxAttempts in functional options at client construction. + +# v1.20.1 (2023-11-20) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.20.0 (2023-11-17) + +* **Feature**: Adding support for `sso-oauth:CreateTokenWithIAM`. + +# v1.19.2 (2023-11-15) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.19.1 (2023-11-09) * **Dependency Update**: Updated to the latest SDK module versions diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_client.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_client.go index 6a56093d8..fed089739 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_client.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_client.go @@ -11,6 +11,8 @@ import ( "github.com/aws/aws-sdk-go-v2/aws/retry" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http" + internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" + internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" smithy "github.com/aws/smithy-go" smithydocument "github.com/aws/smithy-go/document" @@ -46,10 +48,22 @@ func New(options Options, optFns ...func(*Options)) *Client { resolveHTTPSignerV4(&options) + resolveEndpointResolverV2(&options) + + resolveAuthSchemeResolver(&options) + for _, fn := range optFns { fn(&options) } + finalizeRetryMaxAttempts(&options) + + ignoreAnonymousAuth(&options) + + wrapWithAnonymousAuth(&options) + + resolveAuthSchemes(&options) + client := &Client{ options: options, } @@ -57,146 +71,25 @@ func New(options Options, optFns ...func(*Options)) *Client { return client } -type Options struct { - // Set of options to modify how an operation is invoked. These apply to all - // operations invoked for this client. Use functional options on operation call to - // modify this list for per operation behavior. - APIOptions []func(*middleware.Stack) error - - // The optional application specific identifier appended to the User-Agent header. - AppID string - - // This endpoint will be given as input to an EndpointResolverV2. It is used for - // providing a custom base endpoint that is subject to modifications by the - // processing EndpointResolverV2. - BaseEndpoint *string - - // Configures the events that will be sent to the configured logger. - ClientLogMode aws.ClientLogMode - - // The credentials object to use when signing requests. - Credentials aws.CredentialsProvider - - // The configuration DefaultsMode that the SDK should use when constructing the - // clients initial default settings. - DefaultsMode aws.DefaultsMode - - // The endpoint options to be used when attempting to resolve an endpoint. - EndpointOptions EndpointResolverOptions - - // The service endpoint resolver. - // - // Deprecated: Deprecated: EndpointResolver and WithEndpointResolver. Providing a - // value for this field will likely prevent you from using any endpoint-related - // service features released after the introduction of EndpointResolverV2 and - // BaseEndpoint. To migrate an EndpointResolver implementation that uses a custom - // endpoint, set the client option BaseEndpoint instead. - EndpointResolver EndpointResolver - - // Resolves the endpoint used for a particular service. This should be used over - // the deprecated EndpointResolver - EndpointResolverV2 EndpointResolverV2 - - // Signature Version 4 (SigV4) Signer - HTTPSignerV4 HTTPSignerV4 - - // The logger writer interface to write logging messages to. - Logger logging.Logger - - // The region to send requests to. (Required) - Region string - - // RetryMaxAttempts specifies the maximum number attempts an API client will call - // an operation that fails with a retryable error. A value of 0 is ignored, and - // will not be used to configure the API client created default retryer, or modify - // per operation call's retry max attempts. When creating a new API Clients this - // member will only be used if the Retryer Options member is nil. This value will - // be ignored if Retryer is not nil. If specified in an operation call's functional - // options with a value that is different than the constructed client's Options, - // the Client's Retryer will be wrapped to use the operation's specific - // RetryMaxAttempts value. - RetryMaxAttempts int - - // RetryMode specifies the retry mode the API client will be created with, if - // Retryer option is not also specified. When creating a new API Clients this - // member will only be used if the Retryer Options member is nil. This value will - // be ignored if Retryer is not nil. Currently does not support per operation call - // overrides, may in the future. - RetryMode aws.RetryMode - - // Retryer guides how HTTP requests should be retried in case of recoverable - // failures. When nil the API client will use a default retryer. The kind of - // default retry created by the API client can be changed with the RetryMode - // option. - Retryer aws.Retryer - - // The RuntimeEnvironment configuration, only populated if the DefaultsMode is set - // to DefaultsModeAuto and is initialized using config.LoadDefaultConfig . You - // should not populate this structure programmatically, or rely on the values here - // within your applications. - RuntimeEnvironment aws.RuntimeEnvironment - - // The initial DefaultsMode used when the client options were constructed. If the - // DefaultsMode was set to aws.DefaultsModeAuto this will store what the resolved - // value was at that point in time. Currently does not support per operation call - // overrides, may in the future. - resolvedDefaultsMode aws.DefaultsMode - - // The HTTP client to invoke API calls with. Defaults to client's default HTTP - // implementation if nil. - HTTPClient HTTPClient +// Options returns a copy of the client configuration. +// +// Callers SHOULD NOT perform mutations on any inner structures within client +// config. Config overrides should instead be made on a per-operation basis through +// functional options. +func (c *Client) Options() Options { + return c.options.Copy() } -// WithAPIOptions returns a functional option for setting the Client's APIOptions -// option. -func WithAPIOptions(optFns ...func(*middleware.Stack) error) func(*Options) { - return func(o *Options) { - o.APIOptions = append(o.APIOptions, optFns...) - } -} - -// Deprecated: EndpointResolver and WithEndpointResolver. Providing a value for -// this field will likely prevent you from using any endpoint-related service -// features released after the introduction of EndpointResolverV2 and BaseEndpoint. -// To migrate an EndpointResolver implementation that uses a custom endpoint, set -// the client option BaseEndpoint instead. -func WithEndpointResolver(v EndpointResolver) func(*Options) { - return func(o *Options) { - o.EndpointResolver = v - } -} - -// WithEndpointResolverV2 returns a functional option for setting the Client's -// EndpointResolverV2 option. -func WithEndpointResolverV2(v EndpointResolverV2) func(*Options) { - return func(o *Options) { - o.EndpointResolverV2 = v - } -} - -type HTTPClient interface { - Do(*http.Request) (*http.Response, error) -} - -// Copy creates a clone where the APIOptions list is deep copied. -func (o Options) Copy() Options { - to := o - to.APIOptions = make([]func(*middleware.Stack) error, len(o.APIOptions)) - copy(to.APIOptions, o.APIOptions) - - return to -} func (c *Client) invokeOperation(ctx context.Context, opID string, params interface{}, optFns []func(*Options), stackFns ...func(*middleware.Stack, Options) error) (result interface{}, metadata middleware.Metadata, err error) { ctx = middleware.ClearStackValues(ctx) stack := middleware.NewStack(opID, smithyhttp.NewStackRequest) options := c.options.Copy() - resolveEndpointResolverV2(&options) for _, fn := range optFns { fn(&options) } - finalizeRetryMaxAttemptOptions(&options, *c) + finalizeOperationRetryMaxAttempts(&options, *c) finalizeClientEndpointResolverOptions(&options) @@ -224,6 +117,63 @@ func (c *Client) invokeOperation(ctx context.Context, opID string, params interf return result, metadata, err } +type operationInputKey struct{} + +func setOperationInput(ctx context.Context, input interface{}) context.Context { + return middleware.WithStackValue(ctx, operationInputKey{}, input) +} + +func getOperationInput(ctx context.Context) interface{} { + return middleware.GetStackValue(ctx, operationInputKey{}) +} + +type setOperationInputMiddleware struct { +} + +func (*setOperationInputMiddleware) ID() string { + return "setOperationInput" +} + +func (m *setOperationInputMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + ctx = setOperationInput(ctx, in.Parameters) + return next.HandleSerialize(ctx, in) +} + +func addProtocolFinalizerMiddlewares(stack *middleware.Stack, options Options, operation string) error { + if err := stack.Finalize.Add(&resolveAuthSchemeMiddleware{operation: operation, options: options}, middleware.Before); err != nil { + return fmt.Errorf("add ResolveAuthScheme: %w", err) + } + if err := stack.Finalize.Insert(&getIdentityMiddleware{options: options}, "ResolveAuthScheme", middleware.After); err != nil { + return fmt.Errorf("add GetIdentity: %v", err) + } + if err := stack.Finalize.Insert(&resolveEndpointV2Middleware{options: options}, "GetIdentity", middleware.After); err != nil { + return fmt.Errorf("add ResolveEndpointV2: %v", err) + } + if err := stack.Finalize.Insert(&signRequestMiddleware{}, "ResolveEndpointV2", middleware.After); err != nil { + return fmt.Errorf("add Signing: %w", err) + } + return nil +} +func resolveAuthSchemeResolver(options *Options) { + if options.AuthSchemeResolver == nil { + options.AuthSchemeResolver = &defaultAuthSchemeResolver{} + } +} + +func resolveAuthSchemes(options *Options) { + if options.AuthSchemes == nil { + options.AuthSchemes = []smithyhttp.AuthScheme{ + internalauth.NewHTTPAuthScheme("aws.auth#sigv4", &internalauthsmithy.V4SignerAdapter{ + Signer: options.HTTPSignerV4, + Logger: options.Logger, + LogSigning: options.ClientLogMode.IsSigning(), + }), + } + } +} + type noSmithyDocumentSerde = smithydocument.NoSerde type legacyEndpointContextSetter struct { @@ -387,7 +337,15 @@ func resolveAWSRetryMaxAttempts(cfg aws.Config, o *Options) { o.RetryMaxAttempts = cfg.RetryMaxAttempts } -func finalizeRetryMaxAttemptOptions(o *Options, client Client) { +func finalizeRetryMaxAttempts(o *Options) { + if o.RetryMaxAttempts == 0 { + return + } + + o.Retryer = retry.AddWithMaxAttempts(o.Retryer, o.RetryMaxAttempts) +} + +func finalizeOperationRetryMaxAttempts(o *Options, client Client) { if v := o.RetryMaxAttempts; v == 0 || v == client.options.RetryMaxAttempts { return } @@ -414,15 +372,6 @@ func addClientUserAgent(stack *middleware.Stack, options Options) error { return nil } -func addHTTPSignerV4Middleware(stack *middleware.Stack, o Options) error { - mw := v4.NewSignHTTPRequestMiddleware(v4.SignHTTPRequestMiddlewareOptions{ - CredentialsProvider: o.Credentials, - Signer: o.HTTPSignerV4, - LogSigning: o.ClientLogMode.IsSigning(), - }) - return stack.Finalize.Add(mw, middleware.After) -} - type HTTPSignerV4 interface { SignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time, optFns ...func(*v4.SignerOptions)) error } @@ -496,31 +445,31 @@ func addRequestResponseLogging(stack *middleware.Stack, o Options) error { }, middleware.After) } -type endpointDisableHTTPSMiddleware struct { - EndpointDisableHTTPS bool +type disableHTTPSMiddleware struct { + DisableHTTPS bool } -func (*endpointDisableHTTPSMiddleware) ID() string { - return "endpointDisableHTTPSMiddleware" +func (*disableHTTPSMiddleware) ID() string { + return "disableHTTPS" } -func (m *endpointDisableHTTPSMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, +func (m *disableHTTPSMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) } - if m.EndpointDisableHTTPS && !smithyhttp.GetHostnameImmutable(ctx) { + if m.DisableHTTPS && !smithyhttp.GetHostnameImmutable(ctx) { req.URL.Scheme = "http" } - return next.HandleSerialize(ctx, in) + return next.HandleFinalize(ctx, in) +} -} -func addendpointDisableHTTPSMiddleware(stack *middleware.Stack, o Options) error { - return stack.Serialize.Insert(&endpointDisableHTTPSMiddleware{ - EndpointDisableHTTPS: o.EndpointOptions.DisableHTTPS, - }, "OperationSerializer", middleware.Before) +func addDisableHTTPSMiddleware(stack *middleware.Stack, o Options) error { + return stack.Finalize.Insert(&disableHTTPSMiddleware{ + DisableHTTPS: o.EndpointOptions.DisableHTTPS, + }, "ResolveEndpointV2", middleware.After) } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_CreateToken.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_CreateToken.go index 43df6256c..424642941 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_CreateToken.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_CreateToken.go @@ -4,19 +4,16 @@ package ssooidc import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) -// Creates and returns an access token for the authorized client. The access token -// issued will be used to fetch short-term credentials for the assigned roles in -// the AWS account. +// Creates and returns access and refresh tokens for clients that are +// authenticated using client secrets. The access token can be used to fetch +// short-term credentials for the assigned AWS accounts or to access application +// APIs using bearer authentication. func (c *Client) CreateToken(ctx context.Context, params *CreateTokenInput, optFns ...func(*Options)) (*CreateTokenOutput, error) { if params == nil { params = &CreateTokenInput{} @@ -34,8 +31,8 @@ func (c *Client) CreateToken(ctx context.Context, params *CreateTokenInput, optF type CreateTokenInput struct { - // The unique identifier string for each client. This value should come from the - // persisted result of the RegisterClient API. + // The unique identifier string for the client or application. This value comes + // from the result of the RegisterClient API. // // This member is required. ClientId *string @@ -46,37 +43,42 @@ type CreateTokenInput struct { // This member is required. ClientSecret *string - // Supports grant types for the authorization code, refresh token, and device code - // request. For device code requests, specify the following value: - // urn:ietf:params:oauth:grant-type:device_code For information about how to - // obtain the device code, see the StartDeviceAuthorization topic. + // Supports the following OAuth grant types: Device Code and Refresh Token. + // Specify either of the following values, depending on the grant type that you + // want: * Device Code - urn:ietf:params:oauth:grant-type:device_code * Refresh + // Token - refresh_token For information about how to obtain the device code, see + // the StartDeviceAuthorization topic. // // This member is required. GrantType *string - // The authorization code received from the authorization service. This parameter - // is required to perform an authorization grant request to get access to a token. + // Used only when calling this API for the Authorization Code grant type. The + // short-term code is used to identify this authorization request. This grant type + // is currently unsupported for the CreateToken API. Code *string - // Used only when calling this API for the device code grant type. This short-term - // code is used to identify this authentication attempt. This should come from an - // in-memory reference to the result of the StartDeviceAuthorization API. + // Used only when calling this API for the Device Code grant type. This short-term + // code is used to identify this authorization request. This comes from the result + // of the StartDeviceAuthorization API. DeviceCode *string - // The location of the application that will receive the authorization code. Users - // authorize the service to send the request to this location. + // Used only when calling this API for the Authorization Code grant type. This + // value specifies the location of the client or application that has registered to + // receive the authorization code. RedirectUri *string - // Currently, refreshToken is not yet implemented and is not supported. For more - // information about the features and limitations of the current IAM Identity - // Center OIDC implementation, see Considerations for Using this Guide in the IAM - // Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html) - // . The token used to obtain an access token in the event that the access token is - // invalid or expired. + // Used only when calling this API for the Refresh Token grant type. This token is + // used to refresh short-term tokens, such as the access token, that might expire. + // For more information about the features and limitations of the current IAM + // Identity Center OIDC implementation, see Considerations for Using this Guide in + // the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html) + // . RefreshToken *string - // The list of scopes that is defined by the client. Upon authorization, this list - // is used to restrict permissions when granting an access token. + // The list of scopes for which authorization is requested. The access token that + // is issued is limited to the scopes that are granted. If this value is not + // specified, IAM Identity Center authorizes all scopes that are configured for the + // client during the call to RegisterClient . Scope []string noSmithyDocumentSerde @@ -84,29 +86,30 @@ type CreateTokenInput struct { type CreateTokenOutput struct { - // An opaque token to access IAM Identity Center resources assigned to a user. + // A bearer token to access AWS accounts and applications assigned to a user. AccessToken *string // Indicates the time in seconds when an access token will expire. ExpiresIn int32 - // Currently, idToken is not yet implemented and is not supported. For more - // information about the features and limitations of the current IAM Identity - // Center OIDC implementation, see Considerations for Using this Guide in the IAM - // Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html) - // . The identifier of the user that associated with the access token, if present. + // The idToken is not implemented or supported. For more information about the + // features and limitations of the current IAM Identity Center OIDC implementation, + // see Considerations for Using this Guide in the IAM Identity Center OIDC API + // Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html) + // . A JSON Web Token (JWT) that identifies who is associated with the issued + // access token. IdToken *string - // Currently, refreshToken is not yet implemented and is not supported. For more - // information about the features and limitations of the current IAM Identity - // Center OIDC implementation, see Considerations for Using this Guide in the IAM - // Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html) - // . A token that, if present, can be used to refresh a previously issued access - // token that might have expired. + // A token that, if present, can be used to refresh a previously issued access + // token that might have expired. For more information about the features and + // limitations of the current IAM Identity Center OIDC implementation, see + // Considerations for Using this Guide in the IAM Identity Center OIDC API + // Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html) + // . RefreshToken *string // Used to notify the client that the returned token is an access token. The - // supported type is BearerToken . + // supported token type is Bearer . TokenType *string // Metadata pertaining to the operation's result. @@ -116,6 +119,9 @@ type CreateTokenOutput struct { } func (c *Client) addOperationCreateTokenMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestjson1_serializeOpCreateToken{}, middleware.After) if err != nil { return err @@ -124,6 +130,10 @@ func (c *Client) addOperationCreateTokenMiddlewares(stack *middleware.Stack, opt if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "CreateToken"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -157,7 +167,7 @@ func (c *Client) addOperationCreateTokenMiddlewares(stack *middleware.Stack, opt if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = addCreateTokenResolveEndpointMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } if err = addOpCreateTokenValidationMiddleware(stack); err != nil { @@ -178,7 +188,7 @@ func (c *Client) addOperationCreateTokenMiddlewares(stack *middleware.Stack, opt if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } return nil @@ -191,126 +201,3 @@ func newServiceMetadataMiddleware_opCreateToken(region string) *awsmiddleware.Re OperationName: "CreateToken", } } - -type opCreateTokenResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opCreateTokenResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opCreateTokenResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "awsssooidc" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "awsssooidc" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("awsssooidc") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addCreateTokenResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opCreateTokenResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - Endpoint: options.BaseEndpoint, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_CreateTokenWithIAM.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_CreateTokenWithIAM.go new file mode 100644 index 000000000..ed4b98f76 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_CreateTokenWithIAM.go @@ -0,0 +1,230 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package ssooidc + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + "github.com/aws/aws-sdk-go-v2/aws/signer/v4" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +// Creates and returns access and refresh tokens for clients and applications that +// are authenticated using IAM entities. The access token can be used to fetch +// short-term credentials for the assigned AWS accounts or to access application +// APIs using bearer authentication. +func (c *Client) CreateTokenWithIAM(ctx context.Context, params *CreateTokenWithIAMInput, optFns ...func(*Options)) (*CreateTokenWithIAMOutput, error) { + if params == nil { + params = &CreateTokenWithIAMInput{} + } + + result, metadata, err := c.invokeOperation(ctx, "CreateTokenWithIAM", params, optFns, c.addOperationCreateTokenWithIAMMiddlewares) + if err != nil { + return nil, err + } + + out := result.(*CreateTokenWithIAMOutput) + out.ResultMetadata = metadata + return out, nil +} + +type CreateTokenWithIAMInput struct { + + // The unique identifier string for the client or application. This value is an + // application ARN that has OAuth grants configured. + // + // This member is required. + ClientId *string + + // Supports the following OAuth grant types: Authorization Code, Refresh Token, + // JWT Bearer, and Token Exchange. Specify one of the following values, depending + // on the grant type that you want: * Authorization Code - authorization_code * + // Refresh Token - refresh_token * JWT Bearer - + // urn:ietf:params:oauth:grant-type:jwt-bearer * Token Exchange - + // urn:ietf:params:oauth:grant-type:token-exchange + // + // This member is required. + GrantType *string + + // Used only when calling this API for the JWT Bearer grant type. This value + // specifies the JSON Web Token (JWT) issued by a trusted token issuer. To + // authorize a trusted token issuer, configure the JWT Bearer GrantOptions for the + // application. + Assertion *string + + // Used only when calling this API for the Authorization Code grant type. This + // short-term code is used to identify this authorization request. The code is + // obtained through a redirect from IAM Identity Center to a redirect URI persisted + // in the Authorization Code GrantOptions for the application. + Code *string + + // Used only when calling this API for the Authorization Code grant type. This + // value specifies the location of the client or application that has registered to + // receive the authorization code. + RedirectUri *string + + // Used only when calling this API for the Refresh Token grant type. This token is + // used to refresh short-term tokens, such as the access token, that might expire. + // For more information about the features and limitations of the current IAM + // Identity Center OIDC implementation, see Considerations for Using this Guide in + // the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html) + // . + RefreshToken *string + + // Used only when calling this API for the Token Exchange grant type. This value + // specifies the type of token that the requester can receive. The following values + // are supported: * Access Token - urn:ietf:params:oauth:token-type:access_token * + // Refresh Token - urn:ietf:params:oauth:token-type:refresh_token + RequestedTokenType *string + + // The list of scopes for which authorization is requested. The access token that + // is issued is limited to the scopes that are granted. If the value is not + // specified, IAM Identity Center authorizes all scopes configured for the + // application, including the following default scopes: openid , aws , + // sts:identity_context . + Scope []string + + // Used only when calling this API for the Token Exchange grant type. This value + // specifies the subject of the exchange. The value of the subject token must be an + // access token issued by IAM Identity Center to a different client or application. + // The access token must have authorized scopes that indicate the requested + // application as a target audience. + SubjectToken *string + + // Used only when calling this API for the Token Exchange grant type. This value + // specifies the type of token that is passed as the subject of the exchange. The + // following value is supported: * Access Token - + // urn:ietf:params:oauth:token-type:access_token + SubjectTokenType *string + + noSmithyDocumentSerde +} + +type CreateTokenWithIAMOutput struct { + + // A bearer token to access AWS accounts and applications assigned to a user. + AccessToken *string + + // Indicates the time in seconds when an access token will expire. + ExpiresIn int32 + + // A JSON Web Token (JWT) that identifies the user associated with the issued + // access token. + IdToken *string + + // Indicates the type of tokens that are issued by IAM Identity Center. The + // following values are supported: * Access Token - + // urn:ietf:params:oauth:token-type:access_token * Refresh Token - + // urn:ietf:params:oauth:token-type:refresh_token + IssuedTokenType *string + + // A token that, if present, can be used to refresh a previously issued access + // token that might have expired. For more information about the features and + // limitations of the current IAM Identity Center OIDC implementation, see + // Considerations for Using this Guide in the IAM Identity Center OIDC API + // Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html) + // . + RefreshToken *string + + // The list of scopes for which authorization is granted. The access token that is + // issued is limited to the scopes that are granted. + Scope []string + + // Used to notify the requester that the returned token is an access token. The + // supported token type is Bearer . + TokenType *string + + // Metadata pertaining to the operation's result. + ResultMetadata middleware.Metadata + + noSmithyDocumentSerde +} + +func (c *Client) addOperationCreateTokenWithIAMMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } + err = stack.Serialize.Add(&awsRestjson1_serializeOpCreateTokenWithIAM{}, middleware.After) + if err != nil { + return err + } + err = stack.Deserialize.Add(&awsRestjson1_deserializeOpCreateTokenWithIAM{}, middleware.After) + if err != nil { + return err + } + if err := addProtocolFinalizerMiddlewares(stack, options, "CreateTokenWithIAM"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + + if err = addlegacyEndpointContextSetter(stack, options); err != nil { + return err + } + if err = addSetLoggerMiddleware(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { + return err + } + if err = addResolveEndpointMiddleware(stack, options); err != nil { + return err + } + if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { + return err + } + if err = addRetryMiddlewares(stack, options); err != nil { + return err + } + if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { + return err + } + if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { + return err + } + if err = addClientUserAgent(stack, options); err != nil { + return err + } + if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { + return err + } + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { + return err + } + if err = addOpCreateTokenWithIAMValidationMiddleware(stack); err != nil { + return err + } + if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateTokenWithIAM(options.Region), middleware.Before); err != nil { + return err + } + if err = awsmiddleware.AddRecursionDetection(stack); err != nil { + return err + } + if err = addRequestIDRetrieverMiddleware(stack); err != nil { + return err + } + if err = addResponseErrorMiddleware(stack); err != nil { + return err + } + if err = addRequestResponseLogging(stack, options); err != nil { + return err + } + if err = addDisableHTTPSMiddleware(stack, options); err != nil { + return err + } + return nil +} + +func newServiceMetadataMiddleware_opCreateTokenWithIAM(region string) *awsmiddleware.RegisterServiceMetadata { + return &awsmiddleware.RegisterServiceMetadata{ + Region: region, + ServiceID: ServiceID, + OperationName: "CreateTokenWithIAM", + } +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_RegisterClient.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_RegisterClient.go index b88ebb706..7aee90491 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_RegisterClient.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_RegisterClient.go @@ -4,12 +4,8 @@ package ssooidc import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) @@ -54,7 +50,7 @@ type RegisterClientInput struct { type RegisterClientOutput struct { - // The endpoint where the client can request authorization. + // An endpoint that the client can use to request authorization. AuthorizationEndpoint *string // The unique identifier string for each client. This client uses this identifier @@ -71,7 +67,7 @@ type RegisterClientOutput struct { // Indicates the time at which the clientId and clientSecret will become invalid. ClientSecretExpiresAt int64 - // The endpoint where the client can get an access token. + // An endpoint that the client can use to create tokens. TokenEndpoint *string // Metadata pertaining to the operation's result. @@ -81,6 +77,9 @@ type RegisterClientOutput struct { } func (c *Client) addOperationRegisterClientMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestjson1_serializeOpRegisterClient{}, middleware.After) if err != nil { return err @@ -89,6 +88,10 @@ func (c *Client) addOperationRegisterClientMiddlewares(stack *middleware.Stack, if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "RegisterClient"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -122,7 +125,7 @@ func (c *Client) addOperationRegisterClientMiddlewares(stack *middleware.Stack, if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = addRegisterClientResolveEndpointMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } if err = addOpRegisterClientValidationMiddleware(stack); err != nil { @@ -143,7 +146,7 @@ func (c *Client) addOperationRegisterClientMiddlewares(stack *middleware.Stack, if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } return nil @@ -156,126 +159,3 @@ func newServiceMetadataMiddleware_opRegisterClient(region string) *awsmiddleware OperationName: "RegisterClient", } } - -type opRegisterClientResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opRegisterClientResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opRegisterClientResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "awsssooidc" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "awsssooidc" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("awsssooidc") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addRegisterClientResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opRegisterClientResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - Endpoint: options.BaseEndpoint, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_StartDeviceAuthorization.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_StartDeviceAuthorization.go index 327da5f73..d30349e6b 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_StartDeviceAuthorization.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_StartDeviceAuthorization.go @@ -4,12 +4,8 @@ package ssooidc import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) @@ -46,8 +42,8 @@ type StartDeviceAuthorizationInput struct { // This member is required. ClientSecret *string - // The URL for the AWS access portal. For more information, see Using the AWS - // access portal (https://docs.aws.amazon.com/singlesignon/latest/userguide/using-the-portal.html) + // The URL for the Amazon Web Services access portal. For more information, see + // Using the Amazon Web Services access portal (https://docs.aws.amazon.com/singlesignon/latest/userguide/using-the-portal.html) // in the IAM Identity Center User Guide. // // This member is required. @@ -89,6 +85,9 @@ type StartDeviceAuthorizationOutput struct { } func (c *Client) addOperationStartDeviceAuthorizationMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsRestjson1_serializeOpStartDeviceAuthorization{}, middleware.After) if err != nil { return err @@ -97,6 +96,10 @@ func (c *Client) addOperationStartDeviceAuthorizationMiddlewares(stack *middlewa if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "StartDeviceAuthorization"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -130,7 +133,7 @@ func (c *Client) addOperationStartDeviceAuthorizationMiddlewares(stack *middlewa if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = addStartDeviceAuthorizationResolveEndpointMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } if err = addOpStartDeviceAuthorizationValidationMiddleware(stack); err != nil { @@ -151,7 +154,7 @@ func (c *Client) addOperationStartDeviceAuthorizationMiddlewares(stack *middlewa if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } return nil @@ -164,126 +167,3 @@ func newServiceMetadataMiddleware_opStartDeviceAuthorization(region string) *aws OperationName: "StartDeviceAuthorization", } } - -type opStartDeviceAuthorizationResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opStartDeviceAuthorizationResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opStartDeviceAuthorizationResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "awsssooidc" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "awsssooidc" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("awsssooidc") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addStartDeviceAuthorizationResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opStartDeviceAuthorizationResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - Endpoint: options.BaseEndpoint, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/auth.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/auth.go new file mode 100644 index 000000000..40b3becb9 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/auth.go @@ -0,0 +1,302 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package ssooidc + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { + params.Region = options.Region +} + +type setLegacyContextSigningOptionsMiddleware struct { +} + +func (*setLegacyContextSigningOptionsMiddleware) ID() string { + return "setLegacyContextSigningOptions" +} + +func (m *setLegacyContextSigningOptionsMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + rscheme := getResolvedAuthScheme(ctx) + schemeID := rscheme.Scheme.SchemeID() + + if sn := awsmiddleware.GetSigningName(ctx); sn != "" { + if schemeID == "aws.auth#sigv4" { + smithyhttp.SetSigV4SigningName(&rscheme.SignerProperties, sn) + } else if schemeID == "aws.auth#sigv4a" { + smithyhttp.SetSigV4ASigningName(&rscheme.SignerProperties, sn) + } + } + + if sr := awsmiddleware.GetSigningRegion(ctx); sr != "" { + if schemeID == "aws.auth#sigv4" { + smithyhttp.SetSigV4SigningRegion(&rscheme.SignerProperties, sr) + } else if schemeID == "aws.auth#sigv4a" { + smithyhttp.SetSigV4ASigningRegions(&rscheme.SignerProperties, []string{sr}) + } + } + + return next.HandleFinalize(ctx, in) +} + +func addSetLegacyContextSigningOptionsMiddleware(stack *middleware.Stack) error { + return stack.Finalize.Insert(&setLegacyContextSigningOptionsMiddleware{}, "Signing", middleware.Before) +} + +type withAnonymous struct { + resolver AuthSchemeResolver +} + +var _ AuthSchemeResolver = (*withAnonymous)(nil) + +func (v *withAnonymous) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) { + opts, err := v.resolver.ResolveAuthSchemes(ctx, params) + if err != nil { + return nil, err + } + + opts = append(opts, &smithyauth.Option{ + SchemeID: smithyauth.SchemeIDAnonymous, + }) + return opts, nil +} + +func wrapWithAnonymousAuth(options *Options) { + if _, ok := options.AuthSchemeResolver.(*defaultAuthSchemeResolver); !ok { + return + } + + options.AuthSchemeResolver = &withAnonymous{ + resolver: options.AuthSchemeResolver, + } +} + +// AuthResolverParameters contains the set of inputs necessary for auth scheme +// resolution. +type AuthResolverParameters struct { + // The name of the operation being invoked. + Operation string + + // The region in which the operation is being invoked. + Region string +} + +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { + params := &AuthResolverParameters{ + Operation: operation, + } + + bindAuthParamsRegion(params, input, options) + + return params +} + +// AuthSchemeResolver returns a set of possible authentication options for an +// operation. +type AuthSchemeResolver interface { + ResolveAuthSchemes(context.Context, *AuthResolverParameters) ([]*smithyauth.Option, error) +} + +type defaultAuthSchemeResolver struct{} + +var _ AuthSchemeResolver = (*defaultAuthSchemeResolver)(nil) + +func (*defaultAuthSchemeResolver) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) { + if overrides, ok := operationAuthOptions[params.Operation]; ok { + return overrides(params), nil + } + return serviceAuthOptions(params), nil +} + +var operationAuthOptions = map[string]func(*AuthResolverParameters) []*smithyauth.Option{ + "CreateToken": func(params *AuthResolverParameters) []*smithyauth.Option { + return []*smithyauth.Option{ + {SchemeID: smithyauth.SchemeIDAnonymous}, + } + }, + + "RegisterClient": func(params *AuthResolverParameters) []*smithyauth.Option { + return []*smithyauth.Option{ + {SchemeID: smithyauth.SchemeIDAnonymous}, + } + }, + + "StartDeviceAuthorization": func(params *AuthResolverParameters) []*smithyauth.Option { + return []*smithyauth.Option{ + {SchemeID: smithyauth.SchemeIDAnonymous}, + } + }, +} + +func serviceAuthOptions(params *AuthResolverParameters) []*smithyauth.Option { + return []*smithyauth.Option{ + { + SchemeID: smithyauth.SchemeIDSigV4, + SignerProperties: func() smithy.Properties { + var props smithy.Properties + smithyhttp.SetSigV4SigningName(&props, "sso-oauth") + smithyhttp.SetSigV4SigningRegion(&props, params.Region) + return props + }(), + }, + } +} + +type resolveAuthSchemeMiddleware struct { + operation string + options Options +} + +func (*resolveAuthSchemeMiddleware) ID() string { + return "ResolveAuthScheme" +} + +func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) + if err != nil { + return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) + } + + scheme, ok := m.selectScheme(options) + if !ok { + return out, metadata, fmt.Errorf("could not select an auth scheme") + } + + ctx = setResolvedAuthScheme(ctx, scheme) + return next.HandleFinalize(ctx, in) +} + +func (m *resolveAuthSchemeMiddleware) selectScheme(options []*smithyauth.Option) (*resolvedAuthScheme, bool) { + for _, option := range options { + if option.SchemeID == smithyauth.SchemeIDAnonymous { + return newResolvedAuthScheme(smithyhttp.NewAnonymousScheme(), option), true + } + + for _, scheme := range m.options.AuthSchemes { + if scheme.SchemeID() != option.SchemeID { + continue + } + + if scheme.IdentityResolver(m.options) != nil { + return newResolvedAuthScheme(scheme, option), true + } + } + } + + return nil, false +} + +type resolvedAuthSchemeKey struct{} + +type resolvedAuthScheme struct { + Scheme smithyhttp.AuthScheme + IdentityProperties smithy.Properties + SignerProperties smithy.Properties +} + +func newResolvedAuthScheme(scheme smithyhttp.AuthScheme, option *smithyauth.Option) *resolvedAuthScheme { + return &resolvedAuthScheme{ + Scheme: scheme, + IdentityProperties: option.IdentityProperties, + SignerProperties: option.SignerProperties, + } +} + +func setResolvedAuthScheme(ctx context.Context, scheme *resolvedAuthScheme) context.Context { + return middleware.WithStackValue(ctx, resolvedAuthSchemeKey{}, scheme) +} + +func getResolvedAuthScheme(ctx context.Context) *resolvedAuthScheme { + v, _ := middleware.GetStackValue(ctx, resolvedAuthSchemeKey{}).(*resolvedAuthScheme) + return v +} + +type getIdentityMiddleware struct { + options Options +} + +func (*getIdentityMiddleware) ID() string { + return "GetIdentity" +} + +func (m *getIdentityMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + rscheme := getResolvedAuthScheme(ctx) + if rscheme == nil { + return out, metadata, fmt.Errorf("no resolved auth scheme") + } + + resolver := rscheme.Scheme.IdentityResolver(m.options) + if resolver == nil { + return out, metadata, fmt.Errorf("no identity resolver") + } + + identity, err := resolver.GetIdentity(ctx, rscheme.IdentityProperties) + if err != nil { + return out, metadata, fmt.Errorf("get identity: %w", err) + } + + ctx = setIdentity(ctx, identity) + return next.HandleFinalize(ctx, in) +} + +type identityKey struct{} + +func setIdentity(ctx context.Context, identity smithyauth.Identity) context.Context { + return middleware.WithStackValue(ctx, identityKey{}, identity) +} + +func getIdentity(ctx context.Context) smithyauth.Identity { + v, _ := middleware.GetStackValue(ctx, identityKey{}).(smithyauth.Identity) + return v +} + +type signRequestMiddleware struct { +} + +func (*signRequestMiddleware) ID() string { + return "Signing" +} + +func (m *signRequestMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + req, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, fmt.Errorf("unexpected transport type %T", in.Request) + } + + rscheme := getResolvedAuthScheme(ctx) + if rscheme == nil { + return out, metadata, fmt.Errorf("no resolved auth scheme") + } + + identity := getIdentity(ctx) + if identity == nil { + return out, metadata, fmt.Errorf("no identity") + } + + signer := rscheme.Scheme.Signer() + if signer == nil { + return out, metadata, fmt.Errorf("no signer") + } + + if err := signer.SignRequest(ctx, req, identity, rscheme.SignerProperties); err != nil { + return out, metadata, fmt.Errorf("sign request: %w", err) + } + + return next.HandleFinalize(ctx, in) +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/deserializers.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/deserializers.go index ca30d22f9..76a1160ec 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/deserializers.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/deserializers.go @@ -239,6 +239,244 @@ func awsRestjson1_deserializeOpDocumentCreateTokenOutput(v **CreateTokenOutput, return nil } +type awsRestjson1_deserializeOpCreateTokenWithIAM struct { +} + +func (*awsRestjson1_deserializeOpCreateTokenWithIAM) ID() string { + return "OperationDeserializer" +} + +func (m *awsRestjson1_deserializeOpCreateTokenWithIAM) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( + out middleware.DeserializeOutput, metadata middleware.Metadata, err error, +) { + out, metadata, err = next.HandleDeserialize(ctx, in) + if err != nil { + return out, metadata, err + } + + response, ok := out.RawResponse.(*smithyhttp.Response) + if !ok { + return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} + } + + if response.StatusCode < 200 || response.StatusCode >= 300 { + return out, metadata, awsRestjson1_deserializeOpErrorCreateTokenWithIAM(response, &metadata) + } + output := &CreateTokenWithIAMOutput{} + out.Result = output + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(response.Body, ringBuffer) + + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return out, metadata, err + } + + err = awsRestjson1_deserializeOpDocumentCreateTokenWithIAMOutput(&output, shape) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + return out, metadata, &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body with invalid JSON, %w", err), + Snapshot: snapshot.Bytes(), + } + } + + return out, metadata, err +} + +func awsRestjson1_deserializeOpErrorCreateTokenWithIAM(response *smithyhttp.Response, metadata *middleware.Metadata) error { + var errorBuffer bytes.Buffer + if _, err := io.Copy(&errorBuffer, response.Body); err != nil { + return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} + } + errorBody := bytes.NewReader(errorBuffer.Bytes()) + + errorCode := "UnknownError" + errorMessage := errorCode + + headerCode := response.Header.Get("X-Amzn-ErrorType") + if len(headerCode) != 0 { + errorCode = restjson.SanitizeErrorCode(headerCode) + } + + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + jsonCode, message, err := restjson.GetErrorInfo(decoder) + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + if len(headerCode) == 0 && len(jsonCode) != 0 { + errorCode = restjson.SanitizeErrorCode(jsonCode) + } + if len(message) != 0 { + errorMessage = message + } + + switch { + case strings.EqualFold("AccessDeniedException", errorCode): + return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody) + + case strings.EqualFold("AuthorizationPendingException", errorCode): + return awsRestjson1_deserializeErrorAuthorizationPendingException(response, errorBody) + + case strings.EqualFold("ExpiredTokenException", errorCode): + return awsRestjson1_deserializeErrorExpiredTokenException(response, errorBody) + + case strings.EqualFold("InternalServerException", errorCode): + return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) + + case strings.EqualFold("InvalidClientException", errorCode): + return awsRestjson1_deserializeErrorInvalidClientException(response, errorBody) + + case strings.EqualFold("InvalidGrantException", errorCode): + return awsRestjson1_deserializeErrorInvalidGrantException(response, errorBody) + + case strings.EqualFold("InvalidRequestException", errorCode): + return awsRestjson1_deserializeErrorInvalidRequestException(response, errorBody) + + case strings.EqualFold("InvalidRequestRegionException", errorCode): + return awsRestjson1_deserializeErrorInvalidRequestRegionException(response, errorBody) + + case strings.EqualFold("InvalidScopeException", errorCode): + return awsRestjson1_deserializeErrorInvalidScopeException(response, errorBody) + + case strings.EqualFold("SlowDownException", errorCode): + return awsRestjson1_deserializeErrorSlowDownException(response, errorBody) + + case strings.EqualFold("UnauthorizedClientException", errorCode): + return awsRestjson1_deserializeErrorUnauthorizedClientException(response, errorBody) + + case strings.EqualFold("UnsupportedGrantTypeException", errorCode): + return awsRestjson1_deserializeErrorUnsupportedGrantTypeException(response, errorBody) + + default: + genericError := &smithy.GenericAPIError{ + Code: errorCode, + Message: errorMessage, + } + return genericError + + } +} + +func awsRestjson1_deserializeOpDocumentCreateTokenWithIAMOutput(v **CreateTokenWithIAMOutput, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *CreateTokenWithIAMOutput + if *v == nil { + sv = &CreateTokenWithIAMOutput{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "accessToken": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected AccessToken to be of type string, got %T instead", value) + } + sv.AccessToken = ptr.String(jtv) + } + + case "expiresIn": + if value != nil { + jtv, ok := value.(json.Number) + if !ok { + return fmt.Errorf("expected ExpirationInSeconds to be json.Number, got %T instead", value) + } + i64, err := jtv.Int64() + if err != nil { + return err + } + sv.ExpiresIn = int32(i64) + } + + case "idToken": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected IdToken to be of type string, got %T instead", value) + } + sv.IdToken = ptr.String(jtv) + } + + case "issuedTokenType": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected TokenTypeURI to be of type string, got %T instead", value) + } + sv.IssuedTokenType = ptr.String(jtv) + } + + case "refreshToken": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected RefreshToken to be of type string, got %T instead", value) + } + sv.RefreshToken = ptr.String(jtv) + } + + case "scope": + if err := awsRestjson1_deserializeDocumentScopes(&sv.Scope, value); err != nil { + return err + } + + case "tokenType": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected TokenType to be of type string, got %T instead", value) + } + sv.TokenType = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + type awsRestjson1_deserializeOpRegisterClient struct { } @@ -956,6 +1194,42 @@ func awsRestjson1_deserializeErrorInvalidRequestException(response *smithyhttp.R return output } +func awsRestjson1_deserializeErrorInvalidRequestRegionException(response *smithyhttp.Response, errorBody *bytes.Reader) error { + output := &types.InvalidRequestRegionException{} + var buff [1024]byte + ringBuffer := smithyio.NewRingBuffer(buff[:]) + + body := io.TeeReader(errorBody, ringBuffer) + decoder := json.NewDecoder(body) + decoder.UseNumber() + var shape interface{} + if err := decoder.Decode(&shape); err != nil && err != io.EOF { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + err := awsRestjson1_deserializeDocumentInvalidRequestRegionException(&output, shape) + + if err != nil { + var snapshot bytes.Buffer + io.Copy(&snapshot, ringBuffer) + err = &smithy.DeserializationError{ + Err: fmt.Errorf("failed to decode response body, %w", err), + Snapshot: snapshot.Bytes(), + } + return err + } + + errorBody.Seek(0, io.SeekStart) + + return output +} + func awsRestjson1_deserializeErrorInvalidScopeException(response *smithyhttp.Response, errorBody *bytes.Reader) error { output := &types.InvalidScopeException{} var buff [1024]byte @@ -1492,6 +1766,73 @@ func awsRestjson1_deserializeDocumentInvalidRequestException(v **types.InvalidRe return nil } +func awsRestjson1_deserializeDocumentInvalidRequestRegionException(v **types.InvalidRequestRegionException, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.(map[string]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var sv *types.InvalidRequestRegionException + if *v == nil { + sv = &types.InvalidRequestRegionException{} + } else { + sv = *v + } + + for key, value := range shape { + switch key { + case "endpoint": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected Location to be of type string, got %T instead", value) + } + sv.Endpoint = ptr.String(jtv) + } + + case "error": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected Error to be of type string, got %T instead", value) + } + sv.Error_ = ptr.String(jtv) + } + + case "error_description": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected ErrorDescription to be of type string, got %T instead", value) + } + sv.Error_description = ptr.String(jtv) + } + + case "region": + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected Region to be of type string, got %T instead", value) + } + sv.Region = ptr.String(jtv) + } + + default: + _, _ = key, value + + } + } + *v = sv + return nil +} + func awsRestjson1_deserializeDocumentInvalidScopeException(v **types.InvalidScopeException, value interface{}) error { if v == nil { return fmt.Errorf("unexpected nil of type %T", v) @@ -1541,6 +1882,42 @@ func awsRestjson1_deserializeDocumentInvalidScopeException(v **types.InvalidScop return nil } +func awsRestjson1_deserializeDocumentScopes(v *[]string, value interface{}) error { + if v == nil { + return fmt.Errorf("unexpected nil of type %T", v) + } + if value == nil { + return nil + } + + shape, ok := value.([]interface{}) + if !ok { + return fmt.Errorf("unexpected JSON type %v", value) + } + + var cv []string + if *v == nil { + cv = []string{} + } else { + cv = *v + } + + for _, value := range shape { + var col string + if value != nil { + jtv, ok := value.(string) + if !ok { + return fmt.Errorf("expected Scope to be of type string, got %T instead", value) + } + col = jtv + } + cv = append(cv, col) + + } + *v = cv + return nil +} + func awsRestjson1_deserializeDocumentSlowDownException(v **types.SlowDownException, value interface{}) error { if v == nil { return fmt.Errorf("unexpected nil of type %T", v) diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/doc.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/doc.go index 2239427d8..53cd4f55a 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/doc.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/doc.go @@ -3,31 +3,33 @@ // Package ssooidc provides the API client, operations, and parameter types for // AWS SSO OIDC. // -// AWS IAM Identity Center (successor to AWS Single Sign-On) OpenID Connect (OIDC) -// is a web service that enables a client (such as AWS CLI or a native application) -// to register with IAM Identity Center. The service also enables the client to -// fetch the user’s access token upon successful authentication and authorization -// with IAM Identity Center. Although AWS Single Sign-On was renamed, the sso and -// identitystore API namespaces will continue to retain their original name for -// backward compatibility purposes. For more information, see IAM Identity Center -// rename (https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html#renamed) -// . Considerations for Using This Guide Before you begin using this guide, we -// recommend that you first review the following important information about how -// the IAM Identity Center OIDC service works. +// IAM Identity Center OpenID Connect (OIDC) is a web service that enables a +// client (such as CLI or a native application) to register with IAM Identity +// Center. The service also enables the client to fetch the user’s access token +// upon successful authentication and authorization with IAM Identity Center. IAM +// Identity Center uses the sso and identitystore API namespaces. Considerations +// for Using This Guide Before you begin using this guide, we recommend that you +// first review the following important information about how the IAM Identity +// Center OIDC service works. // - The IAM Identity Center OIDC service currently implements only the portions // of the OAuth 2.0 Device Authorization Grant standard ( // https://tools.ietf.org/html/rfc8628 (https://tools.ietf.org/html/rfc8628) ) -// that are necessary to enable single sign-on authentication with the AWS CLI. -// Support for other OIDC flows frequently needed for native applications, such as -// Authorization Code Flow (+ PKCE), will be addressed in future releases. -// - The service emits only OIDC access tokens, such that obtaining a new token -// (For example, token refresh) requires explicit user re-authentication. -// - The access tokens provided by this service grant access to all AWS account -// entitlements assigned to an IAM Identity Center user, not just a particular -// application. +// that are necessary to enable single sign-on authentication with the CLI. +// - With older versions of the CLI, the service only emits OIDC access tokens, +// so to obtain a new token, users must explicitly re-authenticate. To access the +// OIDC flow that supports token refresh and doesn’t require re-authentication, +// update to the latest CLI version (1.27.10 for CLI V1 and 2.9.0 for CLI V2) with +// support for OIDC token refresh and configurable IAM Identity Center session +// durations. For more information, see Configure Amazon Web Services access +// portal session duration (https://docs.aws.amazon.com/singlesignon/latest/userguide/configure-user-session.html) +// . +// - The access tokens provided by this service grant access to all Amazon Web +// Services account entitlements assigned to an IAM Identity Center user, not just +// a particular application. // - The documentation in this guide does not describe the mechanism to convert -// the access token into AWS Auth (“sigv4”) credentials for use with IAM-protected -// AWS service endpoints. For more information, see GetRoleCredentials (https://docs.aws.amazon.com/singlesignon/latest/PortalAPIReference/API_GetRoleCredentials.html) +// the access token into Amazon Web Services Auth (“sigv4”) credentials for use +// with IAM-protected Amazon Web Services service endpoints. For more information, +// see GetRoleCredentials (https://docs.aws.amazon.com/singlesignon/latest/PortalAPIReference/API_GetRoleCredentials.html) // in the IAM Identity Center Portal API Reference Guide. // // For general information about IAM Identity Center, see What is IAM Identity diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/endpoints.go index 50b490cbd..85b870890 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/endpoints.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/endpoints.go @@ -9,8 +9,10 @@ import ( "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" + "github.com/aws/aws-sdk-go-v2/internal/endpoints" "github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn" internalendpoints "github.com/aws/aws-sdk-go-v2/service/ssooidc/internal/endpoints" + smithyauth "github.com/aws/smithy-go/auth" smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" "github.com/aws/smithy-go/ptr" @@ -113,7 +115,7 @@ func (m *ResolveEndpoint) HandleSerialize(ctx context.Context, in middleware.Ser if len(awsmiddleware.GetSigningName(ctx)) == 0 { signingName := endpoint.SigningName if len(signingName) == 0 { - signingName = "awsssooidc" + signingName = "sso-oauth" } ctx = awsmiddleware.SetSigningName(ctx, signingName) } @@ -214,72 +216,6 @@ func resolveBaseEndpoint(cfg aws.Config, o *Options) { } } -// Utility function to aid with translating pseudo-regions to classical regions -// with the appropriate setting indicated by the pseudo-region -func mapPseudoRegion(pr string) (region string, fips aws.FIPSEndpointState) { - const fipsInfix = "-fips-" - const fipsPrefix = "fips-" - const fipsSuffix = "-fips" - - if strings.Contains(pr, fipsInfix) || - strings.Contains(pr, fipsPrefix) || - strings.Contains(pr, fipsSuffix) { - region = strings.ReplaceAll(strings.ReplaceAll(strings.ReplaceAll( - pr, fipsInfix, "-"), fipsPrefix, ""), fipsSuffix, "") - fips = aws.FIPSEndpointStateEnabled - } else { - region = pr - } - - return region, fips -} - -// builtInParameterResolver is the interface responsible for resolving BuiltIn -// values during the sourcing of EndpointParameters -type builtInParameterResolver interface { - ResolveBuiltIns(*EndpointParameters) error -} - -// builtInResolver resolves modeled BuiltIn values using only the members defined -// below. -type builtInResolver struct { - // The AWS region used to dispatch the request. - Region string - - // Sourced BuiltIn value in a historical enabled or disabled state. - UseDualStack aws.DualStackEndpointState - - // Sourced BuiltIn value in a historical enabled or disabled state. - UseFIPS aws.FIPSEndpointState - - // Base endpoint that can potentially be modified during Endpoint resolution. - Endpoint *string -} - -// Invoked at runtime to resolve BuiltIn Values. Only resolution code specific to -// each BuiltIn value is generated. -func (b *builtInResolver) ResolveBuiltIns(params *EndpointParameters) error { - - region, _ := mapPseudoRegion(b.Region) - if len(region) == 0 { - return fmt.Errorf("Could not resolve AWS::Region") - } else { - params.Region = aws.String(region) - } - if b.UseDualStack == aws.DualStackEndpointStateEnabled { - params.UseDualStack = aws.Bool(true) - } else { - params.UseDualStack = aws.Bool(false) - } - if b.UseFIPS == aws.FIPSEndpointStateEnabled { - params.UseFIPS = aws.Bool(true) - } else { - params.UseFIPS = aws.Bool(false) - } - params.Endpoint = b.Endpoint - return nil -} - // EndpointParameters provides the parameters that influence how endpoints are // resolved. type EndpointParameters struct { @@ -430,8 +366,8 @@ func (r *resolver) ResolveEndpoint( } } if _UseFIPS == true { - if true == _PartitionResult.SupportsFIPS { - if "aws-us-gov" == _PartitionResult.Name { + if _PartitionResult.SupportsFIPS == true { + if _PartitionResult.Name == "aws-us-gov" { uriString := func() string { var out strings.Builder out.WriteString("https://oidc.") @@ -517,3 +453,76 @@ func (r *resolver) ResolveEndpoint( } return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: Missing Region") } + +type endpointParamsBinder interface { + bindEndpointParams(*EndpointParameters) +} + +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { + params := &EndpointParameters{} + + params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) + params.UseDualStack = aws.Bool(options.EndpointOptions.UseDualStackEndpoint == aws.DualStackEndpointStateEnabled) + params.UseFIPS = aws.Bool(options.EndpointOptions.UseFIPSEndpoint == aws.FIPSEndpointStateEnabled) + params.Endpoint = options.BaseEndpoint + + if b, ok := input.(endpointParamsBinder); ok { + b.bindEndpointParams(params) + } + + return params +} + +type resolveEndpointV2Middleware struct { + options Options +} + +func (*resolveEndpointV2Middleware) ID() string { + return "ResolveEndpointV2" +} + +func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { + return next.HandleFinalize(ctx, in) + } + + req, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) + } + + if m.options.EndpointResolverV2 == nil { + return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") + } + + params := bindEndpointParams(getOperationInput(ctx), m.options) + endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) + if err != nil { + return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) + } + + if endpt.URI.RawPath == "" && req.URL.RawPath != "" { + endpt.URI.RawPath = endpt.URI.Path + } + req.URL.Scheme = endpt.URI.Scheme + req.URL.Host = endpt.URI.Host + req.URL.Path = smithyhttp.JoinPath(endpt.URI.Path, req.URL.Path) + req.URL.RawPath = smithyhttp.JoinPath(endpt.URI.RawPath, req.URL.RawPath) + for k := range endpt.Headers { + req.Header.Set(k, endpt.Headers.Get(k)) + } + + rscheme := getResolvedAuthScheme(ctx) + if rscheme == nil { + return out, metadata, fmt.Errorf("no resolved auth scheme") + } + + opts, _ := smithyauth.GetAuthOptions(&endpt.Properties) + for _, o := range opts { + rscheme.SignerProperties.SetAll(&o.SignerProperties) + } + + return next.HandleFinalize(ctx, in) +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/generated.json b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/generated.json index 403fac7c5..0a6b34935 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/generated.json +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/generated.json @@ -10,8 +10,10 @@ "api_client.go", "api_client_test.go", "api_op_CreateToken.go", + "api_op_CreateTokenWithIAM.go", "api_op_RegisterClient.go", "api_op_StartDeviceAuthorization.go", + "auth.go", "deserializers.go", "doc.go", "endpoints.go", @@ -20,6 +22,7 @@ "generated.json", "internal/endpoints/endpoints.go", "internal/endpoints/endpoints_test.go", + "options.go", "protocol_test.go", "serializers.go", "types/errors.go", diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/go_module_metadata.go index bcd16fdea..98eaaa6d8 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/go_module_metadata.go @@ -3,4 +3,4 @@ package ssooidc // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.19.1" +const goModuleVersion = "1.21.5" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/options.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/options.go new file mode 100644 index 000000000..b964e7e10 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/options.go @@ -0,0 +1,217 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package ssooidc + +import ( + "context" + "github.com/aws/aws-sdk-go-v2/aws" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" + smithyauth "github.com/aws/smithy-go/auth" + "github.com/aws/smithy-go/logging" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" + "net/http" +) + +type HTTPClient interface { + Do(*http.Request) (*http.Response, error) +} + +type Options struct { + // Set of options to modify how an operation is invoked. These apply to all + // operations invoked for this client. Use functional options on operation call to + // modify this list for per operation behavior. + APIOptions []func(*middleware.Stack) error + + // The optional application specific identifier appended to the User-Agent header. + AppID string + + // This endpoint will be given as input to an EndpointResolverV2. It is used for + // providing a custom base endpoint that is subject to modifications by the + // processing EndpointResolverV2. + BaseEndpoint *string + + // Configures the events that will be sent to the configured logger. + ClientLogMode aws.ClientLogMode + + // The credentials object to use when signing requests. + Credentials aws.CredentialsProvider + + // The configuration DefaultsMode that the SDK should use when constructing the + // clients initial default settings. + DefaultsMode aws.DefaultsMode + + // The endpoint options to be used when attempting to resolve an endpoint. + EndpointOptions EndpointResolverOptions + + // The service endpoint resolver. + // + // Deprecated: Deprecated: EndpointResolver and WithEndpointResolver. Providing a + // value for this field will likely prevent you from using any endpoint-related + // service features released after the introduction of EndpointResolverV2 and + // BaseEndpoint. To migrate an EndpointResolver implementation that uses a custom + // endpoint, set the client option BaseEndpoint instead. + EndpointResolver EndpointResolver + + // Resolves the endpoint used for a particular service operation. This should be + // used over the deprecated EndpointResolver. + EndpointResolverV2 EndpointResolverV2 + + // Signature Version 4 (SigV4) Signer + HTTPSignerV4 HTTPSignerV4 + + // The logger writer interface to write logging messages to. + Logger logging.Logger + + // The region to send requests to. (Required) + Region string + + // RetryMaxAttempts specifies the maximum number attempts an API client will call + // an operation that fails with a retryable error. A value of 0 is ignored, and + // will not be used to configure the API client created default retryer, or modify + // per operation call's retry max attempts. If specified in an operation call's + // functional options with a value that is different than the constructed client's + // Options, the Client's Retryer will be wrapped to use the operation's specific + // RetryMaxAttempts value. + RetryMaxAttempts int + + // RetryMode specifies the retry mode the API client will be created with, if + // Retryer option is not also specified. When creating a new API Clients this + // member will only be used if the Retryer Options member is nil. This value will + // be ignored if Retryer is not nil. Currently does not support per operation call + // overrides, may in the future. + RetryMode aws.RetryMode + + // Retryer guides how HTTP requests should be retried in case of recoverable + // failures. When nil the API client will use a default retryer. The kind of + // default retry created by the API client can be changed with the RetryMode + // option. + Retryer aws.Retryer + + // The RuntimeEnvironment configuration, only populated if the DefaultsMode is set + // to DefaultsModeAuto and is initialized using config.LoadDefaultConfig . You + // should not populate this structure programmatically, or rely on the values here + // within your applications. + RuntimeEnvironment aws.RuntimeEnvironment + + // The initial DefaultsMode used when the client options were constructed. If the + // DefaultsMode was set to aws.DefaultsModeAuto this will store what the resolved + // value was at that point in time. Currently does not support per operation call + // overrides, may in the future. + resolvedDefaultsMode aws.DefaultsMode + + // The HTTP client to invoke API calls with. Defaults to client's default HTTP + // implementation if nil. + HTTPClient HTTPClient + + // The auth scheme resolver which determines how to authenticate for each + // operation. + AuthSchemeResolver AuthSchemeResolver + + // The list of auth schemes supported by the client. + AuthSchemes []smithyhttp.AuthScheme +} + +// Copy creates a clone where the APIOptions list is deep copied. +func (o Options) Copy() Options { + to := o + to.APIOptions = make([]func(*middleware.Stack) error, len(o.APIOptions)) + copy(to.APIOptions, o.APIOptions) + + return to +} + +func (o Options) GetIdentityResolver(schemeID string) smithyauth.IdentityResolver { + if schemeID == "aws.auth#sigv4" { + return getSigV4IdentityResolver(o) + } + if schemeID == "smithy.api#noAuth" { + return &smithyauth.AnonymousIdentityResolver{} + } + return nil +} + +// WithAPIOptions returns a functional option for setting the Client's APIOptions +// option. +func WithAPIOptions(optFns ...func(*middleware.Stack) error) func(*Options) { + return func(o *Options) { + o.APIOptions = append(o.APIOptions, optFns...) + } +} + +// Deprecated: EndpointResolver and WithEndpointResolver. Providing a value for +// this field will likely prevent you from using any endpoint-related service +// features released after the introduction of EndpointResolverV2 and BaseEndpoint. +// To migrate an EndpointResolver implementation that uses a custom endpoint, set +// the client option BaseEndpoint instead. +func WithEndpointResolver(v EndpointResolver) func(*Options) { + return func(o *Options) { + o.EndpointResolver = v + } +} + +// WithEndpointResolverV2 returns a functional option for setting the Client's +// EndpointResolverV2 option. +func WithEndpointResolverV2(v EndpointResolverV2) func(*Options) { + return func(o *Options) { + o.EndpointResolverV2 = v + } +} + +func getSigV4IdentityResolver(o Options) smithyauth.IdentityResolver { + if o.Credentials != nil { + return &internalauthsmithy.CredentialsProviderAdapter{Provider: o.Credentials} + } + return nil +} + +// WithSigV4SigningName applies an override to the authentication workflow to +// use the given signing name for SigV4-authenticated operations. +// +// This is an advanced setting. The value here is FINAL, taking precedence over +// the resolved signing name from both auth scheme resolution and endpoint +// resolution. +func WithSigV4SigningName(name string) func(*Options) { + fn := func(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, + ) { + return next.HandleInitialize(awsmiddleware.SetSigningName(ctx, name), in) + } + return func(o *Options) { + o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error { + return s.Initialize.Add( + middleware.InitializeMiddlewareFunc("withSigV4SigningName", fn), + middleware.Before, + ) + }) + } +} + +// WithSigV4SigningRegion applies an override to the authentication workflow to +// use the given signing region for SigV4-authenticated operations. +// +// This is an advanced setting. The value here is FINAL, taking precedence over +// the resolved signing region from both auth scheme resolution and endpoint +// resolution. +func WithSigV4SigningRegion(region string) func(*Options) { + fn := func(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, + ) { + return next.HandleInitialize(awsmiddleware.SetSigningRegion(ctx, region), in) + } + return func(o *Options) { + o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error { + return s.Initialize.Add( + middleware.InitializeMiddlewareFunc("withSigV4SigningRegion", fn), + middleware.Before, + ) + }) + } +} + +func ignoreAnonymousAuth(options *Options) { + if aws.IsCredentialsProvider(options.Credentials, (*aws.AnonymousCredentials)(nil)) { + options.Credentials = nil + } +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/serializers.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/serializers.go index efca8b250..754218b78 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/serializers.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/serializers.go @@ -125,6 +125,128 @@ func awsRestjson1_serializeOpDocumentCreateTokenInput(v *CreateTokenInput, value return nil } +type awsRestjson1_serializeOpCreateTokenWithIAM struct { +} + +func (*awsRestjson1_serializeOpCreateTokenWithIAM) ID() string { + return "OperationSerializer" +} + +func (m *awsRestjson1_serializeOpCreateTokenWithIAM) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} + } + + input, ok := in.Parameters.(*CreateTokenWithIAMInput) + _ = input + if !ok { + return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} + } + + opPath, opQuery := httpbinding.SplitURI("/token?aws_iam=t") + request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) + request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) + request.Method = "POST" + var restEncoder *httpbinding.Encoder + if request.URL.RawPath == "" { + restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) + } else { + request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) + restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) + } + + if err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + restEncoder.SetHeader("Content-Type").String("application/json") + + jsonEncoder := smithyjson.NewEncoder() + if err := awsRestjson1_serializeOpDocumentCreateTokenWithIAMInput(input, jsonEncoder.Value); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + + if request.Request, err = restEncoder.Encode(request.Request); err != nil { + return out, metadata, &smithy.SerializationError{Err: err} + } + in.Request = request + + return next.HandleSerialize(ctx, in) +} +func awsRestjson1_serializeOpHttpBindingsCreateTokenWithIAMInput(v *CreateTokenWithIAMInput, encoder *httpbinding.Encoder) error { + if v == nil { + return fmt.Errorf("unsupported serialization of nil %T", v) + } + + return nil +} + +func awsRestjson1_serializeOpDocumentCreateTokenWithIAMInput(v *CreateTokenWithIAMInput, value smithyjson.Value) error { + object := value.Object() + defer object.Close() + + if v.Assertion != nil { + ok := object.Key("assertion") + ok.String(*v.Assertion) + } + + if v.ClientId != nil { + ok := object.Key("clientId") + ok.String(*v.ClientId) + } + + if v.Code != nil { + ok := object.Key("code") + ok.String(*v.Code) + } + + if v.GrantType != nil { + ok := object.Key("grantType") + ok.String(*v.GrantType) + } + + if v.RedirectUri != nil { + ok := object.Key("redirectUri") + ok.String(*v.RedirectUri) + } + + if v.RefreshToken != nil { + ok := object.Key("refreshToken") + ok.String(*v.RefreshToken) + } + + if v.RequestedTokenType != nil { + ok := object.Key("requestedTokenType") + ok.String(*v.RequestedTokenType) + } + + if v.Scope != nil { + ok := object.Key("scope") + if err := awsRestjson1_serializeDocumentScopes(v.Scope, ok); err != nil { + return err + } + } + + if v.SubjectToken != nil { + ok := object.Key("subjectToken") + ok.String(*v.SubjectToken) + } + + if v.SubjectTokenType != nil { + ok := object.Key("subjectTokenType") + ok.String(*v.SubjectTokenType) + } + + return nil +} + type awsRestjson1_serializeOpRegisterClient struct { } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/types/errors.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/types/errors.go index 115a51a9e..86b62049f 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/types/errors.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/types/errors.go @@ -247,6 +247,38 @@ func (e *InvalidRequestException) ErrorCode() string { } func (e *InvalidRequestException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } +// Indicates that a token provided as input to the request was issued by and is +// only usable by calling IAM Identity Center endpoints in another region. +type InvalidRequestRegionException struct { + Message *string + + ErrorCodeOverride *string + + Error_ *string + Error_description *string + Endpoint *string + Region *string + + noSmithyDocumentSerde +} + +func (e *InvalidRequestRegionException) Error() string { + return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) +} +func (e *InvalidRequestRegionException) ErrorMessage() string { + if e.Message == nil { + return "" + } + return *e.Message +} +func (e *InvalidRequestRegionException) ErrorCode() string { + if e == nil || e.ErrorCodeOverride == nil { + return "InvalidRequestRegionException" + } + return *e.ErrorCodeOverride +} +func (e *InvalidRequestRegionException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } + // Indicates that the scope provided in the request is invalid. type InvalidScopeException struct { Message *string diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/validators.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/validators.go index 5a309484e..9c17e4c8e 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/validators.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/validators.go @@ -29,6 +29,26 @@ func (m *validateOpCreateToken) HandleInitialize(ctx context.Context, in middlew return next.HandleInitialize(ctx, in) } +type validateOpCreateTokenWithIAM struct { +} + +func (*validateOpCreateTokenWithIAM) ID() string { + return "OperationInputValidation" +} + +func (m *validateOpCreateTokenWithIAM) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, +) { + input, ok := in.Parameters.(*CreateTokenWithIAMInput) + if !ok { + return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) + } + if err := validateOpCreateTokenWithIAMInput(input); err != nil { + return out, metadata, err + } + return next.HandleInitialize(ctx, in) +} + type validateOpRegisterClient struct { } @@ -73,6 +93,10 @@ func addOpCreateTokenValidationMiddleware(stack *middleware.Stack) error { return stack.Initialize.Add(&validateOpCreateToken{}, middleware.After) } +func addOpCreateTokenWithIAMValidationMiddleware(stack *middleware.Stack) error { + return stack.Initialize.Add(&validateOpCreateTokenWithIAM{}, middleware.After) +} + func addOpRegisterClientValidationMiddleware(stack *middleware.Stack) error { return stack.Initialize.Add(&validateOpRegisterClient{}, middleware.After) } @@ -102,6 +126,24 @@ func validateOpCreateTokenInput(v *CreateTokenInput) error { } } +func validateOpCreateTokenWithIAMInput(v *CreateTokenWithIAMInput) error { + if v == nil { + return nil + } + invalidParams := smithy.InvalidParamsError{Context: "CreateTokenWithIAMInput"} + if v.ClientId == nil { + invalidParams.Add(smithy.NewErrParamRequired("ClientId")) + } + if v.GrantType == nil { + invalidParams.Add(smithy.NewErrParamRequired("GrantType")) + } + if invalidParams.Len() > 0 { + return invalidParams + } else { + return nil + } +} + func validateOpRegisterClientInput(v *RegisterClientInput) error { if v == nil { return nil diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/CHANGELOG.md index eefcd8730..17dd41f35 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/CHANGELOG.md @@ -1,3 +1,52 @@ +# v1.26.5 (2023-12-08) + +* **Bug Fix**: Reinstate presence of default Retryer in functional options, but still respect max attempts set therein. + +# v1.26.4 (2023-12-07) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.26.3 (2023-12-06) + +* **Bug Fix**: Restore pre-refactor auth behavior where all operations could technically be performed anonymously. +* **Bug Fix**: STS `AssumeRoleWithSAML` and `AssumeRoleWithWebIdentity` would incorrectly attempt to use SigV4 authentication. + +# v1.26.2 (2023-12-01) + +* **Bug Fix**: Correct wrapping of errors in authentication workflow. +* **Bug Fix**: Correctly recognize cache-wrapped instances of AnonymousCredentials at client construction. +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.26.1 (2023-11-30) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.26.0 (2023-11-29) + +* **Feature**: Expose Options() accessor on service clients. +* **Documentation**: Documentation updates for AWS Security Token Service. +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.25.6 (2023-11-28.2) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.25.5 (2023-11-28) + +* **Bug Fix**: Respect setting RetryMaxAttempts in functional options at client construction. + +# v1.25.4 (2023-11-20) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.25.3 (2023-11-17) + +* **Documentation**: API updates for the AWS Security Token Service + +# v1.25.2 (2023-11-15) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.25.1 (2023-11-09) * **Dependency Update**: Updated to the latest SDK module versions diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_client.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_client.go index c29d8cad1..59cc4c70a 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_client.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_client.go @@ -12,7 +12,10 @@ import ( "github.com/aws/aws-sdk-go-v2/aws/retry" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http" + internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" + internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" + acceptencodingcust "github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding" presignedurlcust "github.com/aws/aws-sdk-go-v2/service/internal/presigned-url" smithy "github.com/aws/smithy-go" smithydocument "github.com/aws/smithy-go/document" @@ -49,10 +52,22 @@ func New(options Options, optFns ...func(*Options)) *Client { resolveHTTPSignerV4(&options) + resolveEndpointResolverV2(&options) + + resolveAuthSchemeResolver(&options) + for _, fn := range optFns { fn(&options) } + finalizeRetryMaxAttempts(&options) + + ignoreAnonymousAuth(&options) + + wrapWithAnonymousAuth(&options) + + resolveAuthSchemes(&options) + client := &Client{ options: options, } @@ -60,146 +75,25 @@ func New(options Options, optFns ...func(*Options)) *Client { return client } -type Options struct { - // Set of options to modify how an operation is invoked. These apply to all - // operations invoked for this client. Use functional options on operation call to - // modify this list for per operation behavior. - APIOptions []func(*middleware.Stack) error - - // The optional application specific identifier appended to the User-Agent header. - AppID string - - // This endpoint will be given as input to an EndpointResolverV2. It is used for - // providing a custom base endpoint that is subject to modifications by the - // processing EndpointResolverV2. - BaseEndpoint *string - - // Configures the events that will be sent to the configured logger. - ClientLogMode aws.ClientLogMode - - // The credentials object to use when signing requests. - Credentials aws.CredentialsProvider - - // The configuration DefaultsMode that the SDK should use when constructing the - // clients initial default settings. - DefaultsMode aws.DefaultsMode - - // The endpoint options to be used when attempting to resolve an endpoint. - EndpointOptions EndpointResolverOptions - - // The service endpoint resolver. - // - // Deprecated: Deprecated: EndpointResolver and WithEndpointResolver. Providing a - // value for this field will likely prevent you from using any endpoint-related - // service features released after the introduction of EndpointResolverV2 and - // BaseEndpoint. To migrate an EndpointResolver implementation that uses a custom - // endpoint, set the client option BaseEndpoint instead. - EndpointResolver EndpointResolver - - // Resolves the endpoint used for a particular service. This should be used over - // the deprecated EndpointResolver - EndpointResolverV2 EndpointResolverV2 - - // Signature Version 4 (SigV4) Signer - HTTPSignerV4 HTTPSignerV4 - - // The logger writer interface to write logging messages to. - Logger logging.Logger - - // The region to send requests to. (Required) - Region string - - // RetryMaxAttempts specifies the maximum number attempts an API client will call - // an operation that fails with a retryable error. A value of 0 is ignored, and - // will not be used to configure the API client created default retryer, or modify - // per operation call's retry max attempts. When creating a new API Clients this - // member will only be used if the Retryer Options member is nil. This value will - // be ignored if Retryer is not nil. If specified in an operation call's functional - // options with a value that is different than the constructed client's Options, - // the Client's Retryer will be wrapped to use the operation's specific - // RetryMaxAttempts value. - RetryMaxAttempts int - - // RetryMode specifies the retry mode the API client will be created with, if - // Retryer option is not also specified. When creating a new API Clients this - // member will only be used if the Retryer Options member is nil. This value will - // be ignored if Retryer is not nil. Currently does not support per operation call - // overrides, may in the future. - RetryMode aws.RetryMode - - // Retryer guides how HTTP requests should be retried in case of recoverable - // failures. When nil the API client will use a default retryer. The kind of - // default retry created by the API client can be changed with the RetryMode - // option. - Retryer aws.Retryer - - // The RuntimeEnvironment configuration, only populated if the DefaultsMode is set - // to DefaultsModeAuto and is initialized using config.LoadDefaultConfig . You - // should not populate this structure programmatically, or rely on the values here - // within your applications. - RuntimeEnvironment aws.RuntimeEnvironment - - // The initial DefaultsMode used when the client options were constructed. If the - // DefaultsMode was set to aws.DefaultsModeAuto this will store what the resolved - // value was at that point in time. Currently does not support per operation call - // overrides, may in the future. - resolvedDefaultsMode aws.DefaultsMode - - // The HTTP client to invoke API calls with. Defaults to client's default HTTP - // implementation if nil. - HTTPClient HTTPClient +// Options returns a copy of the client configuration. +// +// Callers SHOULD NOT perform mutations on any inner structures within client +// config. Config overrides should instead be made on a per-operation basis through +// functional options. +func (c *Client) Options() Options { + return c.options.Copy() } -// WithAPIOptions returns a functional option for setting the Client's APIOptions -// option. -func WithAPIOptions(optFns ...func(*middleware.Stack) error) func(*Options) { - return func(o *Options) { - o.APIOptions = append(o.APIOptions, optFns...) - } -} - -// Deprecated: EndpointResolver and WithEndpointResolver. Providing a value for -// this field will likely prevent you from using any endpoint-related service -// features released after the introduction of EndpointResolverV2 and BaseEndpoint. -// To migrate an EndpointResolver implementation that uses a custom endpoint, set -// the client option BaseEndpoint instead. -func WithEndpointResolver(v EndpointResolver) func(*Options) { - return func(o *Options) { - o.EndpointResolver = v - } -} - -// WithEndpointResolverV2 returns a functional option for setting the Client's -// EndpointResolverV2 option. -func WithEndpointResolverV2(v EndpointResolverV2) func(*Options) { - return func(o *Options) { - o.EndpointResolverV2 = v - } -} - -type HTTPClient interface { - Do(*http.Request) (*http.Response, error) -} - -// Copy creates a clone where the APIOptions list is deep copied. -func (o Options) Copy() Options { - to := o - to.APIOptions = make([]func(*middleware.Stack) error, len(o.APIOptions)) - copy(to.APIOptions, o.APIOptions) - - return to -} func (c *Client) invokeOperation(ctx context.Context, opID string, params interface{}, optFns []func(*Options), stackFns ...func(*middleware.Stack, Options) error) (result interface{}, metadata middleware.Metadata, err error) { ctx = middleware.ClearStackValues(ctx) stack := middleware.NewStack(opID, smithyhttp.NewStackRequest) options := c.options.Copy() - resolveEndpointResolverV2(&options) for _, fn := range optFns { fn(&options) } - finalizeRetryMaxAttemptOptions(&options, *c) + finalizeOperationRetryMaxAttempts(&options, *c) finalizeClientEndpointResolverOptions(&options) @@ -227,6 +121,63 @@ func (c *Client) invokeOperation(ctx context.Context, opID string, params interf return result, metadata, err } +type operationInputKey struct{} + +func setOperationInput(ctx context.Context, input interface{}) context.Context { + return middleware.WithStackValue(ctx, operationInputKey{}, input) +} + +func getOperationInput(ctx context.Context) interface{} { + return middleware.GetStackValue(ctx, operationInputKey{}) +} + +type setOperationInputMiddleware struct { +} + +func (*setOperationInputMiddleware) ID() string { + return "setOperationInput" +} + +func (m *setOperationInputMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + ctx = setOperationInput(ctx, in.Parameters) + return next.HandleSerialize(ctx, in) +} + +func addProtocolFinalizerMiddlewares(stack *middleware.Stack, options Options, operation string) error { + if err := stack.Finalize.Add(&resolveAuthSchemeMiddleware{operation: operation, options: options}, middleware.Before); err != nil { + return fmt.Errorf("add ResolveAuthScheme: %w", err) + } + if err := stack.Finalize.Insert(&getIdentityMiddleware{options: options}, "ResolveAuthScheme", middleware.After); err != nil { + return fmt.Errorf("add GetIdentity: %v", err) + } + if err := stack.Finalize.Insert(&resolveEndpointV2Middleware{options: options}, "GetIdentity", middleware.After); err != nil { + return fmt.Errorf("add ResolveEndpointV2: %v", err) + } + if err := stack.Finalize.Insert(&signRequestMiddleware{}, "ResolveEndpointV2", middleware.After); err != nil { + return fmt.Errorf("add Signing: %w", err) + } + return nil +} +func resolveAuthSchemeResolver(options *Options) { + if options.AuthSchemeResolver == nil { + options.AuthSchemeResolver = &defaultAuthSchemeResolver{} + } +} + +func resolveAuthSchemes(options *Options) { + if options.AuthSchemes == nil { + options.AuthSchemes = []smithyhttp.AuthScheme{ + internalauth.NewHTTPAuthScheme("aws.auth#sigv4", &internalauthsmithy.V4SignerAdapter{ + Signer: options.HTTPSignerV4, + Logger: options.Logger, + LogSigning: options.ClientLogMode.IsSigning(), + }), + } + } +} + type noSmithyDocumentSerde = smithydocument.NoSerde type legacyEndpointContextSetter struct { @@ -390,7 +341,15 @@ func resolveAWSRetryMaxAttempts(cfg aws.Config, o *Options) { o.RetryMaxAttempts = cfg.RetryMaxAttempts } -func finalizeRetryMaxAttemptOptions(o *Options, client Client) { +func finalizeRetryMaxAttempts(o *Options) { + if o.RetryMaxAttempts == 0 { + return + } + + o.Retryer = retry.AddWithMaxAttempts(o.Retryer, o.RetryMaxAttempts) +} + +func finalizeOperationRetryMaxAttempts(o *Options, client Client) { if v := o.RetryMaxAttempts; v == 0 || v == client.options.RetryMaxAttempts { return } @@ -417,15 +376,6 @@ func addClientUserAgent(stack *middleware.Stack, options Options) error { return nil } -func addHTTPSignerV4Middleware(stack *middleware.Stack, o Options) error { - mw := v4.NewSignHTTPRequestMiddleware(v4.SignHTTPRequestMiddlewareOptions{ - CredentialsProvider: o.Credentials, - Signer: o.HTTPSignerV4, - LogSigning: o.ClientLogMode.IsSigning(), - }) - return stack.Finalize.Add(mw, middleware.After) -} - type HTTPSignerV4 interface { SignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time, optFns ...func(*v4.SignerOptions)) error } @@ -560,20 +510,61 @@ func withNopHTTPClientAPIOption(o *Options) { o.HTTPClient = smithyhttp.NopClient{} } +type presignContextPolyfillMiddleware struct { +} + +func (*presignContextPolyfillMiddleware) ID() string { + return "presignContextPolyfill" +} + +func (m *presignContextPolyfillMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + rscheme := getResolvedAuthScheme(ctx) + if rscheme == nil { + return out, metadata, fmt.Errorf("no resolved auth scheme") + } + + schemeID := rscheme.Scheme.SchemeID() + + if schemeID == "aws.auth#sigv4" || schemeID == "com.amazonaws.s3#sigv4express" { + if sn, ok := smithyhttp.GetSigV4SigningName(&rscheme.SignerProperties); ok { + ctx = awsmiddleware.SetSigningName(ctx, sn) + } + if sr, ok := smithyhttp.GetSigV4SigningRegion(&rscheme.SignerProperties); ok { + ctx = awsmiddleware.SetSigningRegion(ctx, sr) + } + } else if schemeID == "aws.auth#sigv4a" { + if sn, ok := smithyhttp.GetSigV4ASigningName(&rscheme.SignerProperties); ok { + ctx = awsmiddleware.SetSigningName(ctx, sn) + } + if sr, ok := smithyhttp.GetSigV4ASigningRegions(&rscheme.SignerProperties); ok { + ctx = awsmiddleware.SetSigningRegion(ctx, sr[0]) + } + } + + return next.HandleFinalize(ctx, in) +} + type presignConverter PresignOptions func (c presignConverter) convertToPresignMiddleware(stack *middleware.Stack, options Options) (err error) { - stack.Finalize.Clear() + if _, ok := stack.Finalize.Get((*acceptencodingcust.DisableGzip)(nil).ID()); ok { + stack.Finalize.Remove((*acceptencodingcust.DisableGzip)(nil).ID()) + } stack.Deserialize.Clear() stack.Build.Remove((*awsmiddleware.ClientRequestID)(nil).ID()) stack.Build.Remove("UserAgent") + if err := stack.Finalize.Insert(&presignContextPolyfillMiddleware{}, "Signing", middleware.Before); err != nil { + return err + } + pmw := v4.NewPresignHTTPRequestMiddleware(v4.PresignHTTPRequestMiddlewareOptions{ CredentialsProvider: options.Credentials, Presigner: c.Presigner, LogSigning: options.ClientLogMode.IsSigning(), }) - err = stack.Finalize.Add(pmw, middleware.After) - if err != nil { + if _, err := stack.Finalize.Swap("Signing", pmw); err != nil { return err } if err = smithyhttp.AddNoPayloadDefaultContentTypeRemover(stack); err != nil { @@ -600,31 +591,31 @@ func addRequestResponseLogging(stack *middleware.Stack, o Options) error { }, middleware.After) } -type endpointDisableHTTPSMiddleware struct { - EndpointDisableHTTPS bool +type disableHTTPSMiddleware struct { + DisableHTTPS bool } -func (*endpointDisableHTTPSMiddleware) ID() string { - return "endpointDisableHTTPSMiddleware" +func (*disableHTTPSMiddleware) ID() string { + return "disableHTTPS" } -func (m *endpointDisableHTTPSMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, +func (m *disableHTTPSMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, ) { req, ok := in.Request.(*smithyhttp.Request) if !ok { return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) } - if m.EndpointDisableHTTPS && !smithyhttp.GetHostnameImmutable(ctx) { + if m.DisableHTTPS && !smithyhttp.GetHostnameImmutable(ctx) { req.URL.Scheme = "http" } - return next.HandleSerialize(ctx, in) + return next.HandleFinalize(ctx, in) +} -} -func addendpointDisableHTTPSMiddleware(stack *middleware.Stack, o Options) error { - return stack.Serialize.Insert(&endpointDisableHTTPSMiddleware{ - EndpointDisableHTTPS: o.EndpointOptions.DisableHTTPS, - }, "OperationSerializer", middleware.Before) +func addDisableHTTPSMiddleware(stack *middleware.Stack, o Options) error { + return stack.Finalize.Insert(&disableHTTPSMiddleware{ + DisableHTTPS: o.EndpointOptions.DisableHTTPS, + }, "ResolveEndpointV2", middleware.After) } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRole.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRole.go index 0ef7affc5..2938dac8e 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRole.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRole.go @@ -4,14 +4,10 @@ package sts import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" "github.com/aws/aws-sdk-go-v2/service/sts/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) @@ -204,7 +200,12 @@ type AssumeRoleInput struct { // in the IAM User Guide. PolicyArns []types.PolicyDescriptorType - // Reserved for future use. + // A list of previously acquired trusted context assertions in the format of a + // JSON array. The trusted context assertion is signed and encrypted by Amazon Web + // Services STS. The following is an example of a ProvidedContext value that + // includes a single trusted context assertion and the ARN of the context provider + // from which the trusted context assertion was generated. + // [{"ProviderArn":"arn:aws:iam::aws:contextProvider/IdentityCenter","ContextAssertion":"trusted-context-assertion"}] ProvidedContexts []types.ProvidedContext // The identification number of the MFA device that is associated with the user @@ -327,6 +328,9 @@ type AssumeRoleOutput struct { } func (c *Client) addOperationAssumeRoleMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsAwsquery_serializeOpAssumeRole{}, middleware.After) if err != nil { return err @@ -335,6 +339,10 @@ func (c *Client) addOperationAssumeRoleMiddlewares(stack *middleware.Stack, opti if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "AssumeRole"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -356,9 +364,6 @@ func (c *Client) addOperationAssumeRoleMiddlewares(stack *middleware.Stack, opti if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -374,7 +379,7 @@ func (c *Client) addOperationAssumeRoleMiddlewares(stack *middleware.Stack, opti if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = addAssumeRoleResolveEndpointMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } if err = addOpAssumeRoleValidationMiddleware(stack); err != nil { @@ -395,7 +400,7 @@ func (c *Client) addOperationAssumeRoleMiddlewares(stack *middleware.Stack, opti if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } return nil @@ -405,7 +410,6 @@ func newServiceMetadataMiddleware_opAssumeRole(region string) *awsmiddleware.Reg return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "sts", OperationName: "AssumeRole", } } @@ -433,126 +437,3 @@ func (c *PresignClient) PresignAssumeRole(ctx context.Context, params *AssumeRol out := result.(*v4.PresignedHTTPRequest) return out, nil } - -type opAssumeRoleResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opAssumeRoleResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opAssumeRoleResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "sts" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "sts" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("sts") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addAssumeRoleResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opAssumeRoleResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - Endpoint: options.BaseEndpoint, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoleWithSAML.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoleWithSAML.go index 9c33720d4..ef576b640 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoleWithSAML.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoleWithSAML.go @@ -4,13 +4,9 @@ package sts import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" "github.com/aws/aws-sdk-go-v2/service/sts/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) @@ -281,6 +277,9 @@ type AssumeRoleWithSAMLOutput struct { } func (c *Client) addOperationAssumeRoleWithSAMLMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsAwsquery_serializeOpAssumeRoleWithSAML{}, middleware.After) if err != nil { return err @@ -289,6 +288,10 @@ func (c *Client) addOperationAssumeRoleWithSAMLMiddlewares(stack *middleware.Sta if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "AssumeRoleWithSAML"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -322,7 +325,7 @@ func (c *Client) addOperationAssumeRoleWithSAMLMiddlewares(stack *middleware.Sta if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = addAssumeRoleWithSAMLResolveEndpointMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } if err = addOpAssumeRoleWithSAMLValidationMiddleware(stack); err != nil { @@ -343,7 +346,7 @@ func (c *Client) addOperationAssumeRoleWithSAMLMiddlewares(stack *middleware.Sta if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } return nil @@ -353,130 +356,6 @@ func newServiceMetadataMiddleware_opAssumeRoleWithSAML(region string) *awsmiddle return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "sts", OperationName: "AssumeRoleWithSAML", } } - -type opAssumeRoleWithSAMLResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opAssumeRoleWithSAMLResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opAssumeRoleWithSAMLResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "sts" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "sts" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("sts") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addAssumeRoleWithSAMLResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opAssumeRoleWithSAMLResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - Endpoint: options.BaseEndpoint, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoleWithWebIdentity.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoleWithWebIdentity.go index fa4a60845..b2f126b1d 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoleWithWebIdentity.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoleWithWebIdentity.go @@ -4,13 +4,9 @@ package sts import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" "github.com/aws/aws-sdk-go-v2/service/sts/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) @@ -300,6 +296,9 @@ type AssumeRoleWithWebIdentityOutput struct { } func (c *Client) addOperationAssumeRoleWithWebIdentityMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsAwsquery_serializeOpAssumeRoleWithWebIdentity{}, middleware.After) if err != nil { return err @@ -308,6 +307,10 @@ func (c *Client) addOperationAssumeRoleWithWebIdentityMiddlewares(stack *middlew if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "AssumeRoleWithWebIdentity"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -341,7 +344,7 @@ func (c *Client) addOperationAssumeRoleWithWebIdentityMiddlewares(stack *middlew if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = addAssumeRoleWithWebIdentityResolveEndpointMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } if err = addOpAssumeRoleWithWebIdentityValidationMiddleware(stack); err != nil { @@ -362,7 +365,7 @@ func (c *Client) addOperationAssumeRoleWithWebIdentityMiddlewares(stack *middlew if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } return nil @@ -372,130 +375,6 @@ func newServiceMetadataMiddleware_opAssumeRoleWithWebIdentity(region string) *aw return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "sts", OperationName: "AssumeRoleWithWebIdentity", } } - -type opAssumeRoleWithWebIdentityResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opAssumeRoleWithWebIdentityResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opAssumeRoleWithWebIdentityResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "sts" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "sts" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("sts") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addAssumeRoleWithWebIdentityResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opAssumeRoleWithWebIdentityResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - Endpoint: options.BaseEndpoint, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_DecodeAuthorizationMessage.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_DecodeAuthorizationMessage.go index baf2f9686..97a00b97d 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_DecodeAuthorizationMessage.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_DecodeAuthorizationMessage.go @@ -4,13 +4,9 @@ package sts import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) @@ -78,6 +74,9 @@ type DecodeAuthorizationMessageOutput struct { } func (c *Client) addOperationDecodeAuthorizationMessageMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsAwsquery_serializeOpDecodeAuthorizationMessage{}, middleware.After) if err != nil { return err @@ -86,6 +85,10 @@ func (c *Client) addOperationDecodeAuthorizationMessageMiddlewares(stack *middle if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "DecodeAuthorizationMessage"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -107,9 +110,6 @@ func (c *Client) addOperationDecodeAuthorizationMessageMiddlewares(stack *middle if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -125,7 +125,7 @@ func (c *Client) addOperationDecodeAuthorizationMessageMiddlewares(stack *middle if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = addDecodeAuthorizationMessageResolveEndpointMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } if err = addOpDecodeAuthorizationMessageValidationMiddleware(stack); err != nil { @@ -146,7 +146,7 @@ func (c *Client) addOperationDecodeAuthorizationMessageMiddlewares(stack *middle if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } return nil @@ -156,130 +156,6 @@ func newServiceMetadataMiddleware_opDecodeAuthorizationMessage(region string) *a return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "sts", OperationName: "DecodeAuthorizationMessage", } } - -type opDecodeAuthorizationMessageResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opDecodeAuthorizationMessageResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opDecodeAuthorizationMessageResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "sts" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "sts" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("sts") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addDecodeAuthorizationMessageResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opDecodeAuthorizationMessageResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - Endpoint: options.BaseEndpoint, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetAccessKeyInfo.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetAccessKeyInfo.go index f1dd167da..e01fcebfe 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetAccessKeyInfo.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetAccessKeyInfo.go @@ -4,13 +4,9 @@ package sts import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) @@ -71,6 +67,9 @@ type GetAccessKeyInfoOutput struct { } func (c *Client) addOperationGetAccessKeyInfoMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsAwsquery_serializeOpGetAccessKeyInfo{}, middleware.After) if err != nil { return err @@ -79,6 +78,10 @@ func (c *Client) addOperationGetAccessKeyInfoMiddlewares(stack *middleware.Stack if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetAccessKeyInfo"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -100,9 +103,6 @@ func (c *Client) addOperationGetAccessKeyInfoMiddlewares(stack *middleware.Stack if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -118,7 +118,7 @@ func (c *Client) addOperationGetAccessKeyInfoMiddlewares(stack *middleware.Stack if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = addGetAccessKeyInfoResolveEndpointMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } if err = addOpGetAccessKeyInfoValidationMiddleware(stack); err != nil { @@ -139,7 +139,7 @@ func (c *Client) addOperationGetAccessKeyInfoMiddlewares(stack *middleware.Stack if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } return nil @@ -149,130 +149,6 @@ func newServiceMetadataMiddleware_opGetAccessKeyInfo(region string) *awsmiddlewa return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "sts", OperationName: "GetAccessKeyInfo", } } - -type opGetAccessKeyInfoResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetAccessKeyInfoResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetAccessKeyInfoResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "sts" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "sts" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("sts") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetAccessKeyInfoResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetAccessKeyInfoResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - Endpoint: options.BaseEndpoint, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetCallerIdentity.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetCallerIdentity.go index 66e5d99d4..802969408 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetCallerIdentity.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetCallerIdentity.go @@ -4,13 +4,9 @@ package sts import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) @@ -66,6 +62,9 @@ type GetCallerIdentityOutput struct { } func (c *Client) addOperationGetCallerIdentityMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsAwsquery_serializeOpGetCallerIdentity{}, middleware.After) if err != nil { return err @@ -74,6 +73,10 @@ func (c *Client) addOperationGetCallerIdentityMiddlewares(stack *middleware.Stac if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetCallerIdentity"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -95,9 +98,6 @@ func (c *Client) addOperationGetCallerIdentityMiddlewares(stack *middleware.Stac if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -113,7 +113,7 @@ func (c *Client) addOperationGetCallerIdentityMiddlewares(stack *middleware.Stac if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = addGetCallerIdentityResolveEndpointMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetCallerIdentity(options.Region), middleware.Before); err != nil { @@ -131,7 +131,7 @@ func (c *Client) addOperationGetCallerIdentityMiddlewares(stack *middleware.Stac if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } return nil @@ -141,7 +141,6 @@ func newServiceMetadataMiddleware_opGetCallerIdentity(region string) *awsmiddlew return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "sts", OperationName: "GetCallerIdentity", } } @@ -169,126 +168,3 @@ func (c *PresignClient) PresignGetCallerIdentity(ctx context.Context, params *Ge out := result.(*v4.PresignedHTTPRequest) return out, nil } - -type opGetCallerIdentityResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetCallerIdentityResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetCallerIdentityResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "sts" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "sts" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("sts") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetCallerIdentityResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetCallerIdentityResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - Endpoint: options.BaseEndpoint, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetFederationToken.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetFederationToken.go index d577ef686..efaba119c 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetFederationToken.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetFederationToken.go @@ -4,14 +4,10 @@ package sts import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" "github.com/aws/aws-sdk-go-v2/service/sts/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) @@ -238,6 +234,9 @@ type GetFederationTokenOutput struct { } func (c *Client) addOperationGetFederationTokenMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsAwsquery_serializeOpGetFederationToken{}, middleware.After) if err != nil { return err @@ -246,6 +245,10 @@ func (c *Client) addOperationGetFederationTokenMiddlewares(stack *middleware.Sta if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetFederationToken"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -267,9 +270,6 @@ func (c *Client) addOperationGetFederationTokenMiddlewares(stack *middleware.Sta if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -285,7 +285,7 @@ func (c *Client) addOperationGetFederationTokenMiddlewares(stack *middleware.Sta if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = addGetFederationTokenResolveEndpointMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } if err = addOpGetFederationTokenValidationMiddleware(stack); err != nil { @@ -306,7 +306,7 @@ func (c *Client) addOperationGetFederationTokenMiddlewares(stack *middleware.Sta if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } return nil @@ -316,130 +316,6 @@ func newServiceMetadataMiddleware_opGetFederationToken(region string) *awsmiddle return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "sts", OperationName: "GetFederationToken", } } - -type opGetFederationTokenResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetFederationTokenResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetFederationTokenResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "sts" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "sts" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("sts") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetFederationTokenResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetFederationTokenResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - Endpoint: options.BaseEndpoint, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetSessionToken.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetSessionToken.go index 7a2345e80..7b07435f2 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetSessionToken.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetSessionToken.go @@ -4,14 +4,10 @@ package sts import ( "context" - "errors" "fmt" - "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" "github.com/aws/aws-sdk-go-v2/service/sts/types" - smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" ) @@ -124,6 +120,9 @@ type GetSessionTokenOutput struct { } func (c *Client) addOperationGetSessionTokenMiddlewares(stack *middleware.Stack, options Options) (err error) { + if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { + return err + } err = stack.Serialize.Add(&awsAwsquery_serializeOpGetSessionToken{}, middleware.After) if err != nil { return err @@ -132,6 +131,10 @@ func (c *Client) addOperationGetSessionTokenMiddlewares(stack *middleware.Stack, if err != nil { return err } + if err := addProtocolFinalizerMiddlewares(stack, options, "GetSessionToken"); err != nil { + return fmt.Errorf("add protocol finalizers: %v", err) + } + if err = addlegacyEndpointContextSetter(stack, options); err != nil { return err } @@ -153,9 +156,6 @@ func (c *Client) addOperationGetSessionTokenMiddlewares(stack *middleware.Stack, if err = addRetryMiddlewares(stack, options); err != nil { return err } - if err = addHTTPSignerV4Middleware(stack, options); err != nil { - return err - } if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { return err } @@ -171,7 +171,7 @@ func (c *Client) addOperationGetSessionTokenMiddlewares(stack *middleware.Stack, if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { return err } - if err = addGetSessionTokenResolveEndpointMiddleware(stack, options); err != nil { + if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { return err } if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetSessionToken(options.Region), middleware.Before); err != nil { @@ -189,7 +189,7 @@ func (c *Client) addOperationGetSessionTokenMiddlewares(stack *middleware.Stack, if err = addRequestResponseLogging(stack, options); err != nil { return err } - if err = addendpointDisableHTTPSMiddleware(stack, options); err != nil { + if err = addDisableHTTPSMiddleware(stack, options); err != nil { return err } return nil @@ -199,130 +199,6 @@ func newServiceMetadataMiddleware_opGetSessionToken(region string) *awsmiddlewar return &awsmiddleware.RegisterServiceMetadata{ Region: region, ServiceID: ServiceID, - SigningName: "sts", OperationName: "GetSessionToken", } } - -type opGetSessionTokenResolveEndpointMiddleware struct { - EndpointResolver EndpointResolverV2 - BuiltInResolver builtInParameterResolver -} - -func (*opGetSessionTokenResolveEndpointMiddleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *opGetSessionTokenResolveEndpointMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.EndpointResolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := EndpointParameters{} - - m.BuiltInResolver.ResolveBuiltIns(¶ms) - - var resolvedEndpoint smithyendpoints.Endpoint - resolvedEndpoint, err = m.EndpointResolver.ResolveEndpoint(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL = &resolvedEndpoint.URI - - for k := range resolvedEndpoint.Headers { - req.Header.Set( - k, - resolvedEndpoint.Headers.Get(k), - ) - } - - authSchemes, err := internalauth.GetAuthenticationSchemes(&resolvedEndpoint.Properties) - if err != nil { - var nfe *internalauth.NoAuthenticationSchemesFoundError - if errors.As(err, &nfe) { - // if no auth scheme is found, default to sigv4 - signingName := "sts" - signingRegion := m.BuiltInResolver.(*builtInResolver).Region - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - - } - var ue *internalauth.UnSupportedAuthenticationSchemeSpecifiedError - if errors.As(err, &ue) { - return out, metadata, fmt.Errorf( - "This operation requests signer version(s) %v but the client only supports %v", - ue.UnsupportedSchemes, - internalauth.SupportedSchemes, - ) - } - } - - for _, authScheme := range authSchemes { - switch authScheme.(type) { - case *internalauth.AuthenticationSchemeV4: - v4Scheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4) - var signingName, signingRegion string - if v4Scheme.SigningName == nil { - signingName = "sts" - } else { - signingName = *v4Scheme.SigningName - } - if v4Scheme.SigningRegion == nil { - signingRegion = m.BuiltInResolver.(*builtInResolver).Region - } else { - signingRegion = *v4Scheme.SigningRegion - } - if v4Scheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4Scheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - ctx = awsmiddleware.SetSigningRegion(ctx, signingRegion) - break - case *internalauth.AuthenticationSchemeV4A: - v4aScheme, _ := authScheme.(*internalauth.AuthenticationSchemeV4A) - if v4aScheme.SigningName == nil { - v4aScheme.SigningName = aws.String("sts") - } - if v4aScheme.DisableDoubleEncoding != nil { - // The signer sets an equivalent value at client initialization time. - // Setting this context value will cause the signer to extract it - // and override the value set at client initialization time. - ctx = internalauth.SetDisableDoubleEncoding(ctx, *v4aScheme.DisableDoubleEncoding) - } - ctx = awsmiddleware.SetSigningName(ctx, *v4aScheme.SigningName) - ctx = awsmiddleware.SetSigningRegion(ctx, v4aScheme.SigningRegionSet[0]) - break - case *internalauth.AuthenticationSchemeNone: - break - } - } - - return next.HandleSerialize(ctx, in) -} - -func addGetSessionTokenResolveEndpointMiddleware(stack *middleware.Stack, options Options) error { - return stack.Serialize.Insert(&opGetSessionTokenResolveEndpointMiddleware{ - EndpointResolver: options.EndpointResolverV2, - BuiltInResolver: &builtInResolver{ - Region: options.Region, - UseDualStack: options.EndpointOptions.UseDualStackEndpoint, - UseFIPS: options.EndpointOptions.UseFIPSEndpoint, - Endpoint: options.BaseEndpoint, - }, - }, "ResolveEndpoint", middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/auth.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/auth.go new file mode 100644 index 000000000..9db5bfd43 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/auth.go @@ -0,0 +1,296 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package sts + +import ( + "context" + "fmt" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" +) + +func bindAuthParamsRegion(params *AuthResolverParameters, _ interface{}, options Options) { + params.Region = options.Region +} + +type setLegacyContextSigningOptionsMiddleware struct { +} + +func (*setLegacyContextSigningOptionsMiddleware) ID() string { + return "setLegacyContextSigningOptions" +} + +func (m *setLegacyContextSigningOptionsMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + rscheme := getResolvedAuthScheme(ctx) + schemeID := rscheme.Scheme.SchemeID() + + if sn := awsmiddleware.GetSigningName(ctx); sn != "" { + if schemeID == "aws.auth#sigv4" { + smithyhttp.SetSigV4SigningName(&rscheme.SignerProperties, sn) + } else if schemeID == "aws.auth#sigv4a" { + smithyhttp.SetSigV4ASigningName(&rscheme.SignerProperties, sn) + } + } + + if sr := awsmiddleware.GetSigningRegion(ctx); sr != "" { + if schemeID == "aws.auth#sigv4" { + smithyhttp.SetSigV4SigningRegion(&rscheme.SignerProperties, sr) + } else if schemeID == "aws.auth#sigv4a" { + smithyhttp.SetSigV4ASigningRegions(&rscheme.SignerProperties, []string{sr}) + } + } + + return next.HandleFinalize(ctx, in) +} + +func addSetLegacyContextSigningOptionsMiddleware(stack *middleware.Stack) error { + return stack.Finalize.Insert(&setLegacyContextSigningOptionsMiddleware{}, "Signing", middleware.Before) +} + +type withAnonymous struct { + resolver AuthSchemeResolver +} + +var _ AuthSchemeResolver = (*withAnonymous)(nil) + +func (v *withAnonymous) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) { + opts, err := v.resolver.ResolveAuthSchemes(ctx, params) + if err != nil { + return nil, err + } + + opts = append(opts, &smithyauth.Option{ + SchemeID: smithyauth.SchemeIDAnonymous, + }) + return opts, nil +} + +func wrapWithAnonymousAuth(options *Options) { + if _, ok := options.AuthSchemeResolver.(*defaultAuthSchemeResolver); !ok { + return + } + + options.AuthSchemeResolver = &withAnonymous{ + resolver: options.AuthSchemeResolver, + } +} + +// AuthResolverParameters contains the set of inputs necessary for auth scheme +// resolution. +type AuthResolverParameters struct { + // The name of the operation being invoked. + Operation string + + // The region in which the operation is being invoked. + Region string +} + +func bindAuthResolverParams(operation string, input interface{}, options Options) *AuthResolverParameters { + params := &AuthResolverParameters{ + Operation: operation, + } + + bindAuthParamsRegion(params, input, options) + + return params +} + +// AuthSchemeResolver returns a set of possible authentication options for an +// operation. +type AuthSchemeResolver interface { + ResolveAuthSchemes(context.Context, *AuthResolverParameters) ([]*smithyauth.Option, error) +} + +type defaultAuthSchemeResolver struct{} + +var _ AuthSchemeResolver = (*defaultAuthSchemeResolver)(nil) + +func (*defaultAuthSchemeResolver) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) { + if overrides, ok := operationAuthOptions[params.Operation]; ok { + return overrides(params), nil + } + return serviceAuthOptions(params), nil +} + +var operationAuthOptions = map[string]func(*AuthResolverParameters) []*smithyauth.Option{ + "AssumeRoleWithSAML": func(params *AuthResolverParameters) []*smithyauth.Option { + return []*smithyauth.Option{ + {SchemeID: smithyauth.SchemeIDAnonymous}, + } + }, + + "AssumeRoleWithWebIdentity": func(params *AuthResolverParameters) []*smithyauth.Option { + return []*smithyauth.Option{ + {SchemeID: smithyauth.SchemeIDAnonymous}, + } + }, +} + +func serviceAuthOptions(params *AuthResolverParameters) []*smithyauth.Option { + return []*smithyauth.Option{ + { + SchemeID: smithyauth.SchemeIDSigV4, + SignerProperties: func() smithy.Properties { + var props smithy.Properties + smithyhttp.SetSigV4SigningName(&props, "sts") + smithyhttp.SetSigV4SigningRegion(&props, params.Region) + return props + }(), + }, + } +} + +type resolveAuthSchemeMiddleware struct { + operation string + options Options +} + +func (*resolveAuthSchemeMiddleware) ID() string { + return "ResolveAuthScheme" +} + +func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + params := bindAuthResolverParams(m.operation, getOperationInput(ctx), m.options) + options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) + if err != nil { + return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) + } + + scheme, ok := m.selectScheme(options) + if !ok { + return out, metadata, fmt.Errorf("could not select an auth scheme") + } + + ctx = setResolvedAuthScheme(ctx, scheme) + return next.HandleFinalize(ctx, in) +} + +func (m *resolveAuthSchemeMiddleware) selectScheme(options []*smithyauth.Option) (*resolvedAuthScheme, bool) { + for _, option := range options { + if option.SchemeID == smithyauth.SchemeIDAnonymous { + return newResolvedAuthScheme(smithyhttp.NewAnonymousScheme(), option), true + } + + for _, scheme := range m.options.AuthSchemes { + if scheme.SchemeID() != option.SchemeID { + continue + } + + if scheme.IdentityResolver(m.options) != nil { + return newResolvedAuthScheme(scheme, option), true + } + } + } + + return nil, false +} + +type resolvedAuthSchemeKey struct{} + +type resolvedAuthScheme struct { + Scheme smithyhttp.AuthScheme + IdentityProperties smithy.Properties + SignerProperties smithy.Properties +} + +func newResolvedAuthScheme(scheme smithyhttp.AuthScheme, option *smithyauth.Option) *resolvedAuthScheme { + return &resolvedAuthScheme{ + Scheme: scheme, + IdentityProperties: option.IdentityProperties, + SignerProperties: option.SignerProperties, + } +} + +func setResolvedAuthScheme(ctx context.Context, scheme *resolvedAuthScheme) context.Context { + return middleware.WithStackValue(ctx, resolvedAuthSchemeKey{}, scheme) +} + +func getResolvedAuthScheme(ctx context.Context) *resolvedAuthScheme { + v, _ := middleware.GetStackValue(ctx, resolvedAuthSchemeKey{}).(*resolvedAuthScheme) + return v +} + +type getIdentityMiddleware struct { + options Options +} + +func (*getIdentityMiddleware) ID() string { + return "GetIdentity" +} + +func (m *getIdentityMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + rscheme := getResolvedAuthScheme(ctx) + if rscheme == nil { + return out, metadata, fmt.Errorf("no resolved auth scheme") + } + + resolver := rscheme.Scheme.IdentityResolver(m.options) + if resolver == nil { + return out, metadata, fmt.Errorf("no identity resolver") + } + + identity, err := resolver.GetIdentity(ctx, rscheme.IdentityProperties) + if err != nil { + return out, metadata, fmt.Errorf("get identity: %w", err) + } + + ctx = setIdentity(ctx, identity) + return next.HandleFinalize(ctx, in) +} + +type identityKey struct{} + +func setIdentity(ctx context.Context, identity smithyauth.Identity) context.Context { + return middleware.WithStackValue(ctx, identityKey{}, identity) +} + +func getIdentity(ctx context.Context) smithyauth.Identity { + v, _ := middleware.GetStackValue(ctx, identityKey{}).(smithyauth.Identity) + return v +} + +type signRequestMiddleware struct { +} + +func (*signRequestMiddleware) ID() string { + return "Signing" +} + +func (m *signRequestMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + req, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, fmt.Errorf("unexpected transport type %T", in.Request) + } + + rscheme := getResolvedAuthScheme(ctx) + if rscheme == nil { + return out, metadata, fmt.Errorf("no resolved auth scheme") + } + + identity := getIdentity(ctx) + if identity == nil { + return out, metadata, fmt.Errorf("no identity") + } + + signer := rscheme.Scheme.Signer() + if signer == nil { + return out, metadata, fmt.Errorf("no signer") + } + + if err := signer.SignRequest(ctx, req, identity, rscheme.SignerProperties); err != nil { + return out, metadata, fmt.Errorf("sign request: %w", err) + } + + return next.HandleFinalize(ctx, in) +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/endpoints.go index cb5d56fd9..9f7932f9a 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/endpoints.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/endpoints.go @@ -9,9 +9,11 @@ import ( "github.com/aws/aws-sdk-go-v2/aws" awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" + "github.com/aws/aws-sdk-go-v2/internal/endpoints" "github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn" internalendpoints "github.com/aws/aws-sdk-go-v2/service/sts/internal/endpoints" smithy "github.com/aws/smithy-go" + smithyauth "github.com/aws/smithy-go/auth" smithyendpoints "github.com/aws/smithy-go/endpoints" "github.com/aws/smithy-go/middleware" "github.com/aws/smithy-go/ptr" @@ -215,77 +217,6 @@ func resolveBaseEndpoint(cfg aws.Config, o *Options) { } } -// Utility function to aid with translating pseudo-regions to classical regions -// with the appropriate setting indicated by the pseudo-region -func mapPseudoRegion(pr string) (region string, fips aws.FIPSEndpointState) { - const fipsInfix = "-fips-" - const fipsPrefix = "fips-" - const fipsSuffix = "-fips" - - if strings.Contains(pr, fipsInfix) || - strings.Contains(pr, fipsPrefix) || - strings.Contains(pr, fipsSuffix) { - region = strings.ReplaceAll(strings.ReplaceAll(strings.ReplaceAll( - pr, fipsInfix, "-"), fipsPrefix, ""), fipsSuffix, "") - fips = aws.FIPSEndpointStateEnabled - } else { - region = pr - } - - return region, fips -} - -// builtInParameterResolver is the interface responsible for resolving BuiltIn -// values during the sourcing of EndpointParameters -type builtInParameterResolver interface { - ResolveBuiltIns(*EndpointParameters) error -} - -// builtInResolver resolves modeled BuiltIn values using only the members defined -// below. -type builtInResolver struct { - // The AWS region used to dispatch the request. - Region string - - // Sourced BuiltIn value in a historical enabled or disabled state. - UseDualStack aws.DualStackEndpointState - - // Sourced BuiltIn value in a historical enabled or disabled state. - UseFIPS aws.FIPSEndpointState - - // Base endpoint that can potentially be modified during Endpoint resolution. - Endpoint *string - - // Whether the global endpoint should be used, rather then the regional endpoint - // for us-east-1. - UseGlobalEndpoint bool -} - -// Invoked at runtime to resolve BuiltIn Values. Only resolution code specific to -// each BuiltIn value is generated. -func (b *builtInResolver) ResolveBuiltIns(params *EndpointParameters) error { - - region, _ := mapPseudoRegion(b.Region) - if len(region) == 0 { - return fmt.Errorf("Could not resolve AWS::Region") - } else { - params.Region = aws.String(region) - } - if b.UseDualStack == aws.DualStackEndpointStateEnabled { - params.UseDualStack = aws.Bool(true) - } else { - params.UseDualStack = aws.Bool(false) - } - if b.UseFIPS == aws.FIPSEndpointStateEnabled { - params.UseFIPS = aws.Bool(true) - } else { - params.UseFIPS = aws.Bool(false) - } - params.Endpoint = b.Endpoint - params.UseGlobalEndpoint = aws.Bool(b.UseGlobalEndpoint) - return nil -} - // EndpointParameters provides the parameters that influence how endpoints are // resolved. type EndpointParameters struct { @@ -422,11 +353,17 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "name": "sigv4", - "signingName": "sts", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetSigV4SigningName(&sp, "sts") + smithyhttp.SetSigV4ASigningName(&sp, "sts") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -446,11 +383,17 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "name": "sigv4", - "signingName": "sts", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetSigV4SigningName(&sp, "sts") + smithyhttp.SetSigV4ASigningName(&sp, "sts") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -470,11 +413,17 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "name": "sigv4", - "signingName": "sts", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetSigV4SigningName(&sp, "sts") + smithyhttp.SetSigV4ASigningName(&sp, "sts") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -494,11 +443,17 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "name": "sigv4", - "signingName": "sts", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetSigV4SigningName(&sp, "sts") + smithyhttp.SetSigV4ASigningName(&sp, "sts") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -518,11 +473,17 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "name": "sigv4", - "signingName": "sts", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetSigV4SigningName(&sp, "sts") + smithyhttp.SetSigV4ASigningName(&sp, "sts") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -542,11 +503,17 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "name": "sigv4", - "signingName": "sts", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetSigV4SigningName(&sp, "sts") + smithyhttp.SetSigV4ASigningName(&sp, "sts") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -566,11 +533,17 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "name": "sigv4", - "signingName": "sts", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetSigV4SigningName(&sp, "sts") + smithyhttp.SetSigV4ASigningName(&sp, "sts") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -590,11 +563,17 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "name": "sigv4", - "signingName": "sts", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetSigV4SigningName(&sp, "sts") + smithyhttp.SetSigV4ASigningName(&sp, "sts") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -614,11 +593,17 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "name": "sigv4", - "signingName": "sts", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetSigV4SigningName(&sp, "sts") + smithyhttp.SetSigV4ASigningName(&sp, "sts") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -638,11 +623,17 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "name": "sigv4", - "signingName": "sts", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetSigV4SigningName(&sp, "sts") + smithyhttp.SetSigV4ASigningName(&sp, "sts") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -662,11 +653,17 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "name": "sigv4", - "signingName": "sts", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetSigV4SigningName(&sp, "sts") + smithyhttp.SetSigV4ASigningName(&sp, "sts") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -686,11 +683,17 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "name": "sigv4", - "signingName": "sts", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetSigV4SigningName(&sp, "sts") + smithyhttp.SetSigV4ASigningName(&sp, "sts") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -710,11 +713,17 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "name": "sigv4", - "signingName": "sts", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetSigV4SigningName(&sp, "sts") + smithyhttp.SetSigV4ASigningName(&sp, "sts") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -734,11 +743,17 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "name": "sigv4", - "signingName": "sts", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetSigV4SigningName(&sp, "sts") + smithyhttp.SetSigV4ASigningName(&sp, "sts") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -758,11 +773,17 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "name": "sigv4", - "signingName": "sts", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetSigV4SigningName(&sp, "sts") + smithyhttp.SetSigV4ASigningName(&sp, "sts") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -782,11 +803,17 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "name": "sigv4", - "signingName": "sts", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetSigV4SigningName(&sp, "sts") + smithyhttp.SetSigV4ASigningName(&sp, "sts") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -812,11 +839,17 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "name": "sigv4", - "signingName": "sts", - "signingRegion": _Region, + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetSigV4SigningName(&sp, "sts") + smithyhttp.SetSigV4ASigningName(&sp, "sts") + + smithyhttp.SetSigV4SigningRegion(&sp, _Region) + return sp + }(), }, }) return out @@ -883,8 +916,8 @@ func (r *resolver) ResolveEndpoint( } } if _UseFIPS == true { - if true == _PartitionResult.SupportsFIPS { - if "aws-us-gov" == _PartitionResult.Name { + if _PartitionResult.SupportsFIPS == true { + if _PartitionResult.Name == "aws-us-gov" { uriString := func() string { var out strings.Builder out.WriteString("https://sts.") @@ -960,11 +993,17 @@ func (r *resolver) ResolveEndpoint( Headers: http.Header{}, Properties: func() smithy.Properties { var out smithy.Properties - out.Set("authSchemes", []interface{}{ - map[string]interface{}{ - "name": "sigv4", - "signingName": "sts", - "signingRegion": "us-east-1", + smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ + { + SchemeID: "aws.auth#sigv4", + SignerProperties: func() smithy.Properties { + var sp smithy.Properties + smithyhttp.SetSigV4SigningName(&sp, "sts") + smithyhttp.SetSigV4ASigningName(&sp, "sts") + + smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") + return sp + }(), }, }) return out @@ -994,3 +1033,76 @@ func (r *resolver) ResolveEndpoint( } return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: Missing Region") } + +type endpointParamsBinder interface { + bindEndpointParams(*EndpointParameters) +} + +func bindEndpointParams(input interface{}, options Options) *EndpointParameters { + params := &EndpointParameters{} + + params.Region = aws.String(endpoints.MapFIPSRegion(options.Region)) + params.UseDualStack = aws.Bool(options.EndpointOptions.UseDualStackEndpoint == aws.DualStackEndpointStateEnabled) + params.UseFIPS = aws.Bool(options.EndpointOptions.UseFIPSEndpoint == aws.FIPSEndpointStateEnabled) + params.Endpoint = options.BaseEndpoint + + if b, ok := input.(endpointParamsBinder); ok { + b.bindEndpointParams(params) + } + + return params +} + +type resolveEndpointV2Middleware struct { + options Options +} + +func (*resolveEndpointV2Middleware) ID() string { + return "ResolveEndpointV2" +} + +func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( + out middleware.FinalizeOutput, metadata middleware.Metadata, err error, +) { + if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { + return next.HandleFinalize(ctx, in) + } + + req, ok := in.Request.(*smithyhttp.Request) + if !ok { + return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) + } + + if m.options.EndpointResolverV2 == nil { + return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") + } + + params := bindEndpointParams(getOperationInput(ctx), m.options) + endpt, err := m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) + if err != nil { + return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) + } + + if endpt.URI.RawPath == "" && req.URL.RawPath != "" { + endpt.URI.RawPath = endpt.URI.Path + } + req.URL.Scheme = endpt.URI.Scheme + req.URL.Host = endpt.URI.Host + req.URL.Path = smithyhttp.JoinPath(endpt.URI.Path, req.URL.Path) + req.URL.RawPath = smithyhttp.JoinPath(endpt.URI.RawPath, req.URL.RawPath) + for k := range endpt.Headers { + req.Header.Set(k, endpt.Headers.Get(k)) + } + + rscheme := getResolvedAuthScheme(ctx) + if rscheme == nil { + return out, metadata, fmt.Errorf("no resolved auth scheme") + } + + opts, _ := smithyauth.GetAuthOptions(&endpt.Properties) + for _, o := range opts { + rscheme.SignerProperties.SetAll(&o.SignerProperties) + } + + return next.HandleFinalize(ctx, in) +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/generated.json b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/generated.json index e44e7d149..d90b8bce4 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/generated.json +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/generated.json @@ -3,6 +3,7 @@ "github.com/aws/aws-sdk-go-v2": "v1.4.0", "github.com/aws/aws-sdk-go-v2/internal/configsources": "v0.0.0-00010101000000-000000000000", "github.com/aws/aws-sdk-go-v2/internal/endpoints/v2": "v2.0.0-00010101000000-000000000000", + "github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding": "v1.0.5", "github.com/aws/aws-sdk-go-v2/service/internal/presigned-url": "v1.0.7", "github.com/aws/smithy-go": "v1.4.0", "github.com/google/go-cmp": "v0.5.4" @@ -18,6 +19,7 @@ "api_op_GetCallerIdentity.go", "api_op_GetFederationToken.go", "api_op_GetSessionToken.go", + "auth.go", "deserializers.go", "doc.go", "endpoints.go", @@ -26,6 +28,7 @@ "generated.json", "internal/endpoints/endpoints.go", "internal/endpoints/endpoints_test.go", + "options.go", "protocol_test.go", "serializers.go", "types/errors.go", diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/go_module_metadata.go index f934c18f6..61667eb2c 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/go_module_metadata.go @@ -3,4 +3,4 @@ package sts // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.25.1" +const goModuleVersion = "1.26.5" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/options.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/options.go new file mode 100644 index 000000000..5c1be79f8 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/options.go @@ -0,0 +1,217 @@ +// Code generated by smithy-go-codegen DO NOT EDIT. + +package sts + +import ( + "context" + "github.com/aws/aws-sdk-go-v2/aws" + awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" + internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" + smithyauth "github.com/aws/smithy-go/auth" + "github.com/aws/smithy-go/logging" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" + "net/http" +) + +type HTTPClient interface { + Do(*http.Request) (*http.Response, error) +} + +type Options struct { + // Set of options to modify how an operation is invoked. These apply to all + // operations invoked for this client. Use functional options on operation call to + // modify this list for per operation behavior. + APIOptions []func(*middleware.Stack) error + + // The optional application specific identifier appended to the User-Agent header. + AppID string + + // This endpoint will be given as input to an EndpointResolverV2. It is used for + // providing a custom base endpoint that is subject to modifications by the + // processing EndpointResolverV2. + BaseEndpoint *string + + // Configures the events that will be sent to the configured logger. + ClientLogMode aws.ClientLogMode + + // The credentials object to use when signing requests. + Credentials aws.CredentialsProvider + + // The configuration DefaultsMode that the SDK should use when constructing the + // clients initial default settings. + DefaultsMode aws.DefaultsMode + + // The endpoint options to be used when attempting to resolve an endpoint. + EndpointOptions EndpointResolverOptions + + // The service endpoint resolver. + // + // Deprecated: Deprecated: EndpointResolver and WithEndpointResolver. Providing a + // value for this field will likely prevent you from using any endpoint-related + // service features released after the introduction of EndpointResolverV2 and + // BaseEndpoint. To migrate an EndpointResolver implementation that uses a custom + // endpoint, set the client option BaseEndpoint instead. + EndpointResolver EndpointResolver + + // Resolves the endpoint used for a particular service operation. This should be + // used over the deprecated EndpointResolver. + EndpointResolverV2 EndpointResolverV2 + + // Signature Version 4 (SigV4) Signer + HTTPSignerV4 HTTPSignerV4 + + // The logger writer interface to write logging messages to. + Logger logging.Logger + + // The region to send requests to. (Required) + Region string + + // RetryMaxAttempts specifies the maximum number attempts an API client will call + // an operation that fails with a retryable error. A value of 0 is ignored, and + // will not be used to configure the API client created default retryer, or modify + // per operation call's retry max attempts. If specified in an operation call's + // functional options with a value that is different than the constructed client's + // Options, the Client's Retryer will be wrapped to use the operation's specific + // RetryMaxAttempts value. + RetryMaxAttempts int + + // RetryMode specifies the retry mode the API client will be created with, if + // Retryer option is not also specified. When creating a new API Clients this + // member will only be used if the Retryer Options member is nil. This value will + // be ignored if Retryer is not nil. Currently does not support per operation call + // overrides, may in the future. + RetryMode aws.RetryMode + + // Retryer guides how HTTP requests should be retried in case of recoverable + // failures. When nil the API client will use a default retryer. The kind of + // default retry created by the API client can be changed with the RetryMode + // option. + Retryer aws.Retryer + + // The RuntimeEnvironment configuration, only populated if the DefaultsMode is set + // to DefaultsModeAuto and is initialized using config.LoadDefaultConfig . You + // should not populate this structure programmatically, or rely on the values here + // within your applications. + RuntimeEnvironment aws.RuntimeEnvironment + + // The initial DefaultsMode used when the client options were constructed. If the + // DefaultsMode was set to aws.DefaultsModeAuto this will store what the resolved + // value was at that point in time. Currently does not support per operation call + // overrides, may in the future. + resolvedDefaultsMode aws.DefaultsMode + + // The HTTP client to invoke API calls with. Defaults to client's default HTTP + // implementation if nil. + HTTPClient HTTPClient + + // The auth scheme resolver which determines how to authenticate for each + // operation. + AuthSchemeResolver AuthSchemeResolver + + // The list of auth schemes supported by the client. + AuthSchemes []smithyhttp.AuthScheme +} + +// Copy creates a clone where the APIOptions list is deep copied. +func (o Options) Copy() Options { + to := o + to.APIOptions = make([]func(*middleware.Stack) error, len(o.APIOptions)) + copy(to.APIOptions, o.APIOptions) + + return to +} + +func (o Options) GetIdentityResolver(schemeID string) smithyauth.IdentityResolver { + if schemeID == "aws.auth#sigv4" { + return getSigV4IdentityResolver(o) + } + if schemeID == "smithy.api#noAuth" { + return &smithyauth.AnonymousIdentityResolver{} + } + return nil +} + +// WithAPIOptions returns a functional option for setting the Client's APIOptions +// option. +func WithAPIOptions(optFns ...func(*middleware.Stack) error) func(*Options) { + return func(o *Options) { + o.APIOptions = append(o.APIOptions, optFns...) + } +} + +// Deprecated: EndpointResolver and WithEndpointResolver. Providing a value for +// this field will likely prevent you from using any endpoint-related service +// features released after the introduction of EndpointResolverV2 and BaseEndpoint. +// To migrate an EndpointResolver implementation that uses a custom endpoint, set +// the client option BaseEndpoint instead. +func WithEndpointResolver(v EndpointResolver) func(*Options) { + return func(o *Options) { + o.EndpointResolver = v + } +} + +// WithEndpointResolverV2 returns a functional option for setting the Client's +// EndpointResolverV2 option. +func WithEndpointResolverV2(v EndpointResolverV2) func(*Options) { + return func(o *Options) { + o.EndpointResolverV2 = v + } +} + +func getSigV4IdentityResolver(o Options) smithyauth.IdentityResolver { + if o.Credentials != nil { + return &internalauthsmithy.CredentialsProviderAdapter{Provider: o.Credentials} + } + return nil +} + +// WithSigV4SigningName applies an override to the authentication workflow to +// use the given signing name for SigV4-authenticated operations. +// +// This is an advanced setting. The value here is FINAL, taking precedence over +// the resolved signing name from both auth scheme resolution and endpoint +// resolution. +func WithSigV4SigningName(name string) func(*Options) { + fn := func(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, + ) { + return next.HandleInitialize(awsmiddleware.SetSigningName(ctx, name), in) + } + return func(o *Options) { + o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error { + return s.Initialize.Add( + middleware.InitializeMiddlewareFunc("withSigV4SigningName", fn), + middleware.Before, + ) + }) + } +} + +// WithSigV4SigningRegion applies an override to the authentication workflow to +// use the given signing region for SigV4-authenticated operations. +// +// This is an advanced setting. The value here is FINAL, taking precedence over +// the resolved signing region from both auth scheme resolution and endpoint +// resolution. +func WithSigV4SigningRegion(region string) func(*Options) { + fn := func(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( + out middleware.InitializeOutput, metadata middleware.Metadata, err error, + ) { + return next.HandleInitialize(awsmiddleware.SetSigningRegion(ctx, region), in) + } + return func(o *Options) { + o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error { + return s.Initialize.Add( + middleware.InitializeMiddlewareFunc("withSigV4SigningRegion", fn), + middleware.Before, + ) + }) + } +} + +func ignoreAnonymousAuth(options *Options) { + if aws.IsCredentialsProvider(options.Credentials, (*aws.AnonymousCredentials)(nil)) { + options.Credentials = nil + } +} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/types/types.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/types/types.go index 572a70512..e3701d11d 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/types/types.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/types/types.go @@ -89,13 +89,17 @@ type PolicyDescriptorType struct { noSmithyDocumentSerde } -// Reserved for future use. +// Contains information about the provided context. This includes the signed and +// encrypted trusted context assertion and the context provider ARN from which the +// trusted context assertion was generated. type ProvidedContext struct { - // Reserved for future use. + // The signed and encrypted trusted context assertion generated by the context + // provider. The trusted context assertion is signed and encrypted by Amazon Web + // Services STS. ContextAssertion *string - // Reserved for future use. + // The context provider ARN from which the trusted context assertion was generated. ProviderArn *string noSmithyDocumentSerde diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go index ee86c50ee..cdf456abe 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go @@ -755,6 +755,13 @@ var awsPartition = partition{ }, }, }, + "agreement-marketplace": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + }, + }, "airflow": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -1040,6 +1047,21 @@ var awsPartition = partition{ endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.detective-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-central-1-fips", + }: endpoint{ + Hostname: "api.detective-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -3977,6 +3999,12 @@ var awsPartition = partition{ endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.ca-central-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -4001,6 +4029,51 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "autoscaling-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "autoscaling-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "autoscaling-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "autoscaling-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "autoscaling-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "il-central-1", }: endpoint{}, @@ -4016,15 +4089,39 @@ var awsPartition = partition{ endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.us-east-2.amazonaws.com", + }, endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.us-west-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.us-west-2.amazonaws.com", + }, }, }, "autoscaling-plans": service{ @@ -7653,6 +7750,18 @@ var awsPartition = partition{ }, }, }, + "cost-optimization-hub": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "cost-optimization-hub.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + }, + }, "cur": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -11672,6 +11781,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -11744,6 +11856,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -11790,6 +11905,9 @@ var awsPartition = partition{ }, "emr-serverless": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, endpointKey{ Region: "ap-east-1", }: endpoint{}, @@ -11799,6 +11917,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -11808,6 +11929,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -11823,6 +11947,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -17977,6 +18104,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -18270,6 +18400,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -18737,46 +18870,6 @@ var awsPartition = partition{ }: endpoint{}, }, }, - "macie": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "macie-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "macie-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "macie-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "macie-fips.us-west-2.amazonaws.com", - }, - }, - }, "macie2": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -21342,12 +21435,21 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -22393,6 +22495,161 @@ var awsPartition = partition{ }: endpoint{}, }, }, + "qbusiness": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ + Hostname: "qbusiness.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "qbusiness.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "qbusiness.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "qbusiness.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "qbusiness.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "qbusiness.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "qbusiness.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "qbusiness.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "qbusiness.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "qbusiness.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "qbusiness.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "qbusiness.ca-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "qbusiness.eu-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "qbusiness.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "qbusiness.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{ + Hostname: "qbusiness.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "qbusiness.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "qbusiness.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "qbusiness.eu-west-2.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "qbusiness.eu-west-3.api.aws", + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "qbusiness.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "qbusiness.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "qbusiness.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "qbusiness.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "qbusiness.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "qbusiness.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "qbusiness.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "qbusiness.us-west-2.api.aws", + }, + }, + }, "qldb": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -25586,55 +25843,123 @@ var awsPartition = partition{ endpointKey{ Region: "af-south-1", }: endpoint{}, + endpointKey{ + Region: "af-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-east-1", }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-northeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ca-central-1", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "fips-ca-central-1", }: endpoint{ @@ -25668,40 +25993,84 @@ var awsPartition = partition{ endpointKey{ Region: "il-central-1", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, + endpointKey{ + Region: "me-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-1", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-2", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-1", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-2", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, }, }, "sagemaker-geospatial": service{ @@ -25930,160 +26299,267 @@ var awsPartition = partition{ endpointKey{ Region: "af-south-1", }: endpoint{}, + endpointKey{ + Region: "af-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-east-1", }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-northeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-south-2", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-southeast-4", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ca-central-1", Variant: fipsVariant, - }: endpoint{ - Hostname: "secretsmanager-fips.ca-central-1.amazonaws.com", - }, + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ca-central-1-fips", }: endpoint{ - Hostname: "secretsmanager-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-central-2", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-south-2", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "il-central-1", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, + endpointKey{ + Region: "me-central-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, + endpointKey{ + Region: "me-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-1", Variant: fipsVariant, - }: endpoint{ - Hostname: "secretsmanager-fips.us-east-1.amazonaws.com", - }, + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-1-fips", }: endpoint{ - Hostname: "secretsmanager-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-2", Variant: fipsVariant, - }: endpoint{ - Hostname: "secretsmanager-fips.us-east-2.amazonaws.com", - }, + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-2-fips", }: endpoint{ - Hostname: "secretsmanager-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-1", Variant: fipsVariant, - }: endpoint{ - Hostname: "secretsmanager-fips.us-west-1.amazonaws.com", - }, + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-1-fips", }: endpoint{ - Hostname: "secretsmanager-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-2", Variant: fipsVariant, - }: endpoint{ - Hostname: "secretsmanager-fips.us-west-2.amazonaws.com", - }, + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-2-fips", }: endpoint{ - Hostname: "secretsmanager-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, + Deprecated: boxedTrue, }, }, @@ -26651,6 +27127,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -27352,6 +27831,38 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-verification-us-east-1", + }: endpoint{ + Hostname: "verification.signer-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "fips-verification-us-east-2", + }: endpoint{ + Hostname: "verification.signer-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + endpointKey{ + Region: "fips-verification-us-west-1", + }: endpoint{ + Hostname: "verification.signer-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + endpointKey{ + Region: "fips-verification-us-west-2", + }: endpoint{ + Hostname: "verification.signer-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -27394,6 +27905,166 @@ var awsPartition = partition{ }: endpoint{ Hostname: "signer-fips.us-west-2.amazonaws.com", }, + endpointKey{ + Region: "verification-af-south-1", + }: endpoint{ + Hostname: "verification.signer.af-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "af-south-1", + }, + }, + endpointKey{ + Region: "verification-ap-east-1", + }: endpoint{ + Hostname: "verification.signer.ap-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-east-1", + }, + }, + endpointKey{ + Region: "verification-ap-northeast-1", + }: endpoint{ + Hostname: "verification.signer.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "verification-ap-northeast-2", + }: endpoint{ + Hostname: "verification.signer.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + endpointKey{ + Region: "verification-ap-south-1", + }: endpoint{ + Hostname: "verification.signer.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + endpointKey{ + Region: "verification-ap-southeast-1", + }: endpoint{ + Hostname: "verification.signer.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "verification-ap-southeast-2", + }: endpoint{ + Hostname: "verification.signer.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + endpointKey{ + Region: "verification-ca-central-1", + }: endpoint{ + Hostname: "verification.signer.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + endpointKey{ + Region: "verification-eu-central-1", + }: endpoint{ + Hostname: "verification.signer.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "verification-eu-north-1", + }: endpoint{ + Hostname: "verification.signer.eu-north-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + }, + endpointKey{ + Region: "verification-eu-south-1", + }: endpoint{ + Hostname: "verification.signer.eu-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-1", + }, + }, + endpointKey{ + Region: "verification-eu-west-1", + }: endpoint{ + Hostname: "verification.signer.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "verification-eu-west-2", + }: endpoint{ + Hostname: "verification.signer.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + endpointKey{ + Region: "verification-eu-west-3", + }: endpoint{ + Hostname: "verification.signer.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + }, + endpointKey{ + Region: "verification-me-south-1", + }: endpoint{ + Hostname: "verification.signer.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + }, + endpointKey{ + Region: "verification-sa-east-1", + }: endpoint{ + Hostname: "verification.signer.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + }, + endpointKey{ + Region: "verification-us-east-1", + }: endpoint{ + Hostname: "verification.signer.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "verification-us-east-2", + }: endpoint{ + Hostname: "verification.signer.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + endpointKey{ + Region: "verification-us-west-1", + }: endpoint{ + Hostname: "verification.signer.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + endpointKey{ + Region: "verification-us-west-2", + }: endpoint{ + Hostname: "verification.signer.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, }, }, "simspaceweaver": service{ @@ -29869,6 +30540,31 @@ var awsPartition = partition{ }, }, }, + "thinclient": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, "tnb": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -32504,6 +33200,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -34100,6 +34799,31 @@ var awscnPartition = partition{ }, }, }, + "qbusiness": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.amazonwebservices.com.cn", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.amazonwebservices.com.cn", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "qbusiness.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "qbusiness.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, "ram": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -34140,6 +34864,13 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "redshift-serverless": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + }, + }, "resource-explorer-2": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{ @@ -34352,9 +35083,17 @@ var awscnPartition = partition{ endpointKey{ Region: "cn-north-1", }: endpoint{}, + endpointKey{ + Region: "cn-north-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "cn-northwest-1", }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + Variant: dualStackVariant, + }: endpoint{}, }, }, "securityhub": service{ @@ -34441,6 +35180,22 @@ var awscnPartition = partition{ endpointKey{ Region: "cn-northwest-1", }: endpoint{}, + endpointKey{ + Region: "verification-cn-north-1", + }: endpoint{ + Hostname: "verification.signer.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "verification-cn-northwest-1", + }: endpoint{ + Hostname: "verification.signer.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, }, }, "sms": service{ @@ -35504,6 +36259,16 @@ var awsusgovPartition = partition{ }, }, }, + "arc-zonal-shift": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, "athena": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -36624,6 +37389,46 @@ var awsusgovPartition = partition{ }, }, }, + "drs": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "drs-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "drs-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "drs-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "drs-fips.us-gov-west-1.amazonaws.com", + }, + }, + }, "ds": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -37668,7 +38473,21 @@ var awsusgovPartition = partition{ }, }, "health": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + SSLCommonName: "health.us-gov-west-1.amazonaws.com", + Protocols: []string{"https"}, + }, + }, Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-us-gov-global", + }: endpoint{ + Hostname: "global.health.us-gov.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, endpointKey{ Region: "fips-us-gov-west-1", }: endpoint{ @@ -39154,6 +39973,31 @@ var awsusgovPartition = partition{ }, }, }, + "qbusiness": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "qbusiness.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "qbusiness.us-gov-west-1.api.aws", + }, + }, + }, "quicksight": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -39885,17 +40729,33 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-east-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-gov-east-1", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-gov-west-1", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, }, }, "secretsmanager": service{ @@ -39903,37 +40763,43 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-east-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-gov-east-1", Variant: fipsVariant, - }: endpoint{ - Hostname: "secretsmanager-fips.us-gov-east-1.amazonaws.com", - }, + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-gov-east-1-fips", }: endpoint{ - Hostname: "secretsmanager-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-gov-west-1", Variant: fipsVariant, - }: endpoint{ - Hostname: "secretsmanager-fips.us-gov-west-1.amazonaws.com", - }, + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-gov-west-1-fips", }: endpoint{ - Hostname: "secretsmanager-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, + Deprecated: boxedTrue, }, }, @@ -40232,20 +41098,40 @@ var awsusgovPartition = partition{ "simspaceweaver": service{ Endpoints: serviceEndpoints{ endpointKey{ - Region: "us-gov-east-1", + Region: "fips-us-gov-east-1", }: endpoint{ Hostname: "simspaceweaver.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, endpointKey{ - Region: "us-gov-west-1", + Region: "fips-us-gov-west-1", }: endpoint{ Hostname: "simspaceweaver.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "simspaceweaver.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "simspaceweaver.us-gov-west-1.amazonaws.com", }, }, }, @@ -40464,6 +41350,24 @@ var awsusgovPartition = partition{ Region: "us-gov-east-1", }, }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sso.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "sso.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{ @@ -40472,6 +41376,24 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sso.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "sso.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "states": service{ @@ -41381,6 +42303,28 @@ var awsisoPartition = partition{ }: endpoint{}, }, }, + "datasync": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-iso-west-1", + }: endpoint{ + Hostname: "datasync-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datasync-fips.us-iso-west-1.c2s.ic.gov", + }, + }, + }, "directconnect": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -41503,6 +42447,9 @@ var awsisoPartition = partition{ endpointKey{ Region: "us-iso-east-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "ec2": service{ @@ -41894,22 +42841,136 @@ var awsisoPartition = partition{ }, "rds": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "rds-fips.us-iso-east-1", + }: endpoint{ + Hostname: "rds-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds-fips.us-iso-west-1", + }: endpoint{ + Hostname: "rds-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-iso-east-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-iso-west-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-iso-east-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-iso-east-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-east-1-fips", + }: endpoint{ + Hostname: "rds-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-iso-west-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-iso-west-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-west-1-fips", + }: endpoint{ + Hostname: "rds-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "redshift": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-iso-east-1", + }: endpoint{ + Hostname: "redshift-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-iso-west-1", + }: endpoint{ + Hostname: "redshift-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-iso-east-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-fips.us-iso-east-1.c2s.ic.gov", + }, endpointKey{ Region: "us-iso-west-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-fips.us-iso-west-1.c2s.ic.gov", + }, }, }, "resource-groups": service{ @@ -42629,16 +43690,73 @@ var awsisobPartition = partition{ }, "rds": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "rds-fips.us-isob-east-1", + }: endpoint{ + Hostname: "rds-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-isob-east-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-isob-east-1", }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-isob-east-1.sc2s.sgov.gov", + }, + endpointKey{ + Region: "us-isob-east-1-fips", + }: endpoint{ + Hostname: "rds-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, }, }, "redshift": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-isob-east-1", + }: endpoint{ + Hostname: "redshift-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-isob-east-1", }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-fips.us-isob-east-1.sc2s.sgov.gov", + }, }, }, "resource-groups": service{ diff --git a/vendor/github.com/aws/aws-sdk-go/aws/version.go b/vendor/github.com/aws/aws-sdk-go/aws/version.go index 7fa477b83..ce20301dc 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/version.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.47.11" +const SDKVersion = "1.48.16" diff --git a/vendor/github.com/aws/aws-sdk-go/service/ssooidc/api.go b/vendor/github.com/aws/aws-sdk-go/service/ssooidc/api.go index c743913c5..04f6c811b 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ssooidc/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ssooidc/api.go @@ -56,9 +56,10 @@ func (c *SSOOIDC) CreateTokenRequest(input *CreateTokenInput) (req *request.Requ // CreateToken API operation for AWS SSO OIDC. // -// Creates and returns an access token for the authorized client. The access -// token issued will be used to fetch short-term credentials for the assigned -// roles in the AWS account. +// Creates and returns access and refresh tokens for clients that are authenticated +// using client secrets. The access token can be used to fetch short-term credentials +// for the assigned AWS accounts or to access application APIs using bearer +// authentication. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -133,6 +134,131 @@ func (c *SSOOIDC) CreateTokenWithContext(ctx aws.Context, input *CreateTokenInpu return out, req.Send() } +const opCreateTokenWithIAM = "CreateTokenWithIAM" + +// CreateTokenWithIAMRequest generates a "aws/request.Request" representing the +// client's request for the CreateTokenWithIAM operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateTokenWithIAM for more information on using the CreateTokenWithIAM +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateTokenWithIAMRequest method. +// req, resp := client.CreateTokenWithIAMRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateTokenWithIAM +func (c *SSOOIDC) CreateTokenWithIAMRequest(input *CreateTokenWithIAMInput) (req *request.Request, output *CreateTokenWithIAMOutput) { + op := &request.Operation{ + Name: opCreateTokenWithIAM, + HTTPMethod: "POST", + HTTPPath: "/token?aws_iam=t", + } + + if input == nil { + input = &CreateTokenWithIAMInput{} + } + + output = &CreateTokenWithIAMOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateTokenWithIAM API operation for AWS SSO OIDC. +// +// Creates and returns access and refresh tokens for clients and applications +// that are authenticated using IAM entities. The access token can be used to +// fetch short-term credentials for the assigned AWS accounts or to access application +// APIs using bearer authentication. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS SSO OIDC's +// API operation CreateTokenWithIAM for usage and error information. +// +// Returned Error Types: +// +// - InvalidRequestException +// Indicates that something is wrong with the input to the request. For example, +// a required parameter might be missing or out of range. +// +// - InvalidClientException +// Indicates that the clientId or clientSecret in the request is invalid. For +// example, this can occur when a client sends an incorrect clientId or an expired +// clientSecret. +// +// - InvalidGrantException +// Indicates that a request contains an invalid grant. This can occur if a client +// makes a CreateToken request with an invalid grant type. +// +// - UnauthorizedClientException +// Indicates that the client is not currently authorized to make the request. +// This can happen when a clientId is not issued for a public client. +// +// - UnsupportedGrantTypeException +// Indicates that the grant type in the request is not supported by the service. +// +// - InvalidScopeException +// Indicates that the scope provided in the request is invalid. +// +// - AuthorizationPendingException +// Indicates that a request to authorize a client with an access user session +// token is pending. +// +// - SlowDownException +// Indicates that the client is making the request too frequently and is more +// than the service can handle. +// +// - AccessDeniedException +// You do not have sufficient access to perform this action. +// +// - ExpiredTokenException +// Indicates that the token issued by the service is expired and is no longer +// valid. +// +// - InternalServerException +// Indicates that an error from the service occurred while trying to process +// a request. +// +// - InvalidRequestRegionException +// Indicates that a token provided as input to the request was issued by and +// is only usable by calling IAM Identity Center endpoints in another region. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateTokenWithIAM +func (c *SSOOIDC) CreateTokenWithIAM(input *CreateTokenWithIAMInput) (*CreateTokenWithIAMOutput, error) { + req, out := c.CreateTokenWithIAMRequest(input) + return out, req.Send() +} + +// CreateTokenWithIAMWithContext is the same as CreateTokenWithIAM with the addition of +// the ability to pass a context and additional request options. +// +// See CreateTokenWithIAM for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSOOIDC) CreateTokenWithIAMWithContext(ctx aws.Context, input *CreateTokenWithIAMInput, opts ...request.Option) (*CreateTokenWithIAMOutput, error) { + req, out := c.CreateTokenWithIAMRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opRegisterClient = "RegisterClient" // RegisterClientRequest generates a "aws/request.Request" representing the @@ -331,8 +457,11 @@ type AccessDeniedException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + // Single error code. For this exception the value will be access_denied. Error_ *string `locationName:"error" type:"string"` + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. Error_description *string `locationName:"error_description" type:"string"` Message_ *string `locationName:"message" type:"string"` @@ -400,8 +529,11 @@ type AuthorizationPendingException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + // Single error code. For this exception the value will be authorization_pending. Error_ *string `locationName:"error" type:"string"` + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. Error_description *string `locationName:"error_description" type:"string"` Message_ *string `locationName:"message" type:"string"` @@ -466,8 +598,8 @@ func (s *AuthorizationPendingException) RequestID() string { type CreateTokenInput struct { _ struct{} `type:"structure"` - // The unique identifier string for each client. This value should come from - // the persisted result of the RegisterClient API. + // The unique identifier string for the client or application. This value comes + // from the result of the RegisterClient API. // // ClientId is a required field ClientId *string `locationName:"clientId" type:"string" required:"true"` @@ -475,23 +607,30 @@ type CreateTokenInput struct { // A secret string generated for the client. This value should come from the // persisted result of the RegisterClient API. // + // ClientSecret is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenInput's + // String and GoString methods. + // // ClientSecret is a required field - ClientSecret *string `locationName:"clientSecret" type:"string" required:"true"` + ClientSecret *string `locationName:"clientSecret" type:"string" required:"true" sensitive:"true"` - // The authorization code received from the authorization service. This parameter - // is required to perform an authorization grant request to get access to a - // token. + // Used only when calling this API for the Authorization Code grant type. The + // short-term code is used to identify this authorization request. This grant + // type is currently unsupported for the CreateToken API. Code *string `locationName:"code" type:"string"` - // Used only when calling this API for the device code grant type. This short-term - // code is used to identify this authentication attempt. This should come from - // an in-memory reference to the result of the StartDeviceAuthorization API. + // Used only when calling this API for the Device Code grant type. This short-term + // code is used to identify this authorization request. This comes from the + // result of the StartDeviceAuthorization API. DeviceCode *string `locationName:"deviceCode" type:"string"` - // Supports grant types for the authorization code, refresh token, and device - // code request. For device code requests, specify the following value: + // Supports the following OAuth grant types: Device Code and Refresh Token. + // Specify either of the following values, depending on the grant type that + // you want: // - // urn:ietf:params:oauth:grant-type:device_code + // * Device Code - urn:ietf:params:oauth:grant-type:device_code + // + // * Refresh Token - refresh_token // // For information about how to obtain the device code, see the StartDeviceAuthorization // topic. @@ -499,21 +638,28 @@ type CreateTokenInput struct { // GrantType is a required field GrantType *string `locationName:"grantType" type:"string" required:"true"` - // The location of the application that will receive the authorization code. - // Users authorize the service to send the request to this location. + // Used only when calling this API for the Authorization Code grant type. This + // value specifies the location of the client or application that has registered + // to receive the authorization code. RedirectUri *string `locationName:"redirectUri" type:"string"` - // Currently, refreshToken is not yet implemented and is not supported. For - // more information about the features and limitations of the current IAM Identity - // Center OIDC implementation, see Considerations for Using this Guide in the - // IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). + // Used only when calling this API for the Refresh Token grant type. This token + // is used to refresh short-term tokens, such as the access token, that might + // expire. // - // The token used to obtain an access token in the event that the access token - // is invalid or expired. - RefreshToken *string `locationName:"refreshToken" type:"string"` + // For more information about the features and limitations of the current IAM + // Identity Center OIDC implementation, see Considerations for Using this Guide + // in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). + // + // RefreshToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenInput's + // String and GoString methods. + RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"` - // The list of scopes that is defined by the client. Upon authorization, this - // list is used to restrict permissions when granting an access token. + // The list of scopes for which authorization is requested. The access token + // that is issued is limited to the scopes that are granted. If this value is + // not specified, IAM Identity Center authorizes all scopes that are configured + // for the client during the call to RegisterClient. Scope []*string `locationName:"scope" type:"list"` } @@ -605,31 +751,43 @@ func (s *CreateTokenInput) SetScope(v []*string) *CreateTokenInput { type CreateTokenOutput struct { _ struct{} `type:"structure"` - // An opaque token to access IAM Identity Center resources assigned to a user. - AccessToken *string `locationName:"accessToken" type:"string"` + // A bearer token to access AWS accounts and applications assigned to a user. + // + // AccessToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenOutput's + // String and GoString methods. + AccessToken *string `locationName:"accessToken" type:"string" sensitive:"true"` // Indicates the time in seconds when an access token will expire. ExpiresIn *int64 `locationName:"expiresIn" type:"integer"` - // Currently, idToken is not yet implemented and is not supported. For more - // information about the features and limitations of the current IAM Identity - // Center OIDC implementation, see Considerations for Using this Guide in the - // IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). + // The idToken is not implemented or supported. For more information about the + // features and limitations of the current IAM Identity Center OIDC implementation, + // see Considerations for Using this Guide in the IAM Identity Center OIDC API + // Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). // - // The identifier of the user that associated with the access token, if present. - IdToken *string `locationName:"idToken" type:"string"` + // A JSON Web Token (JWT) that identifies who is associated with the issued + // access token. + // + // IdToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenOutput's + // String and GoString methods. + IdToken *string `locationName:"idToken" type:"string" sensitive:"true"` - // Currently, refreshToken is not yet implemented and is not supported. For - // more information about the features and limitations of the current IAM Identity - // Center OIDC implementation, see Considerations for Using this Guide in the - // IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). - // // A token that, if present, can be used to refresh a previously issued access // token that might have expired. - RefreshToken *string `locationName:"refreshToken" type:"string"` + // + // For more information about the features and limitations of the current IAM + // Identity Center OIDC implementation, see Considerations for Using this Guide + // in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). + // + // RefreshToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenOutput's + // String and GoString methods. + RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"` // Used to notify the client that the returned token is an access token. The - // supported type is BearerToken. + // supported token type is Bearer. TokenType *string `locationName:"tokenType" type:"string"` } @@ -681,14 +839,312 @@ func (s *CreateTokenOutput) SetTokenType(v string) *CreateTokenOutput { return s } +type CreateTokenWithIAMInput struct { + _ struct{} `type:"structure"` + + // Used only when calling this API for the JWT Bearer grant type. This value + // specifies the JSON Web Token (JWT) issued by a trusted token issuer. To authorize + // a trusted token issuer, configure the JWT Bearer GrantOptions for the application. + // + // Assertion is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMInput's + // String and GoString methods. + Assertion *string `locationName:"assertion" type:"string" sensitive:"true"` + + // The unique identifier string for the client or application. This value is + // an application ARN that has OAuth grants configured. + // + // ClientId is a required field + ClientId *string `locationName:"clientId" type:"string" required:"true"` + + // Used only when calling this API for the Authorization Code grant type. This + // short-term code is used to identify this authorization request. The code + // is obtained through a redirect from IAM Identity Center to a redirect URI + // persisted in the Authorization Code GrantOptions for the application. + Code *string `locationName:"code" type:"string"` + + // Supports the following OAuth grant types: Authorization Code, Refresh Token, + // JWT Bearer, and Token Exchange. Specify one of the following values, depending + // on the grant type that you want: + // + // * Authorization Code - authorization_code + // + // * Refresh Token - refresh_token + // + // * JWT Bearer - urn:ietf:params:oauth:grant-type:jwt-bearer + // + // * Token Exchange - urn:ietf:params:oauth:grant-type:token-exchange + // + // GrantType is a required field + GrantType *string `locationName:"grantType" type:"string" required:"true"` + + // Used only when calling this API for the Authorization Code grant type. This + // value specifies the location of the client or application that has registered + // to receive the authorization code. + RedirectUri *string `locationName:"redirectUri" type:"string"` + + // Used only when calling this API for the Refresh Token grant type. This token + // is used to refresh short-term tokens, such as the access token, that might + // expire. + // + // For more information about the features and limitations of the current IAM + // Identity Center OIDC implementation, see Considerations for Using this Guide + // in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). + // + // RefreshToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMInput's + // String and GoString methods. + RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"` + + // Used only when calling this API for the Token Exchange grant type. This value + // specifies the type of token that the requester can receive. The following + // values are supported: + // + // * Access Token - urn:ietf:params:oauth:token-type:access_token + // + // * Refresh Token - urn:ietf:params:oauth:token-type:refresh_token + RequestedTokenType *string `locationName:"requestedTokenType" type:"string"` + + // The list of scopes for which authorization is requested. The access token + // that is issued is limited to the scopes that are granted. If the value is + // not specified, IAM Identity Center authorizes all scopes configured for the + // application, including the following default scopes: openid, aws, sts:identity_context. + Scope []*string `locationName:"scope" type:"list"` + + // Used only when calling this API for the Token Exchange grant type. This value + // specifies the subject of the exchange. The value of the subject token must + // be an access token issued by IAM Identity Center to a different client or + // application. The access token must have authorized scopes that indicate the + // requested application as a target audience. + // + // SubjectToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMInput's + // String and GoString methods. + SubjectToken *string `locationName:"subjectToken" type:"string" sensitive:"true"` + + // Used only when calling this API for the Token Exchange grant type. This value + // specifies the type of token that is passed as the subject of the exchange. + // The following value is supported: + // + // * Access Token - urn:ietf:params:oauth:token-type:access_token + SubjectTokenType *string `locationName:"subjectTokenType" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenWithIAMInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenWithIAMInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateTokenWithIAMInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateTokenWithIAMInput"} + if s.ClientId == nil { + invalidParams.Add(request.NewErrParamRequired("ClientId")) + } + if s.GrantType == nil { + invalidParams.Add(request.NewErrParamRequired("GrantType")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAssertion sets the Assertion field's value. +func (s *CreateTokenWithIAMInput) SetAssertion(v string) *CreateTokenWithIAMInput { + s.Assertion = &v + return s +} + +// SetClientId sets the ClientId field's value. +func (s *CreateTokenWithIAMInput) SetClientId(v string) *CreateTokenWithIAMInput { + s.ClientId = &v + return s +} + +// SetCode sets the Code field's value. +func (s *CreateTokenWithIAMInput) SetCode(v string) *CreateTokenWithIAMInput { + s.Code = &v + return s +} + +// SetGrantType sets the GrantType field's value. +func (s *CreateTokenWithIAMInput) SetGrantType(v string) *CreateTokenWithIAMInput { + s.GrantType = &v + return s +} + +// SetRedirectUri sets the RedirectUri field's value. +func (s *CreateTokenWithIAMInput) SetRedirectUri(v string) *CreateTokenWithIAMInput { + s.RedirectUri = &v + return s +} + +// SetRefreshToken sets the RefreshToken field's value. +func (s *CreateTokenWithIAMInput) SetRefreshToken(v string) *CreateTokenWithIAMInput { + s.RefreshToken = &v + return s +} + +// SetRequestedTokenType sets the RequestedTokenType field's value. +func (s *CreateTokenWithIAMInput) SetRequestedTokenType(v string) *CreateTokenWithIAMInput { + s.RequestedTokenType = &v + return s +} + +// SetScope sets the Scope field's value. +func (s *CreateTokenWithIAMInput) SetScope(v []*string) *CreateTokenWithIAMInput { + s.Scope = v + return s +} + +// SetSubjectToken sets the SubjectToken field's value. +func (s *CreateTokenWithIAMInput) SetSubjectToken(v string) *CreateTokenWithIAMInput { + s.SubjectToken = &v + return s +} + +// SetSubjectTokenType sets the SubjectTokenType field's value. +func (s *CreateTokenWithIAMInput) SetSubjectTokenType(v string) *CreateTokenWithIAMInput { + s.SubjectTokenType = &v + return s +} + +type CreateTokenWithIAMOutput struct { + _ struct{} `type:"structure"` + + // A bearer token to access AWS accounts and applications assigned to a user. + // + // AccessToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMOutput's + // String and GoString methods. + AccessToken *string `locationName:"accessToken" type:"string" sensitive:"true"` + + // Indicates the time in seconds when an access token will expire. + ExpiresIn *int64 `locationName:"expiresIn" type:"integer"` + + // A JSON Web Token (JWT) that identifies the user associated with the issued + // access token. + // + // IdToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMOutput's + // String and GoString methods. + IdToken *string `locationName:"idToken" type:"string" sensitive:"true"` + + // Indicates the type of tokens that are issued by IAM Identity Center. The + // following values are supported: + // + // * Access Token - urn:ietf:params:oauth:token-type:access_token + // + // * Refresh Token - urn:ietf:params:oauth:token-type:refresh_token + IssuedTokenType *string `locationName:"issuedTokenType" type:"string"` + + // A token that, if present, can be used to refresh a previously issued access + // token that might have expired. + // + // For more information about the features and limitations of the current IAM + // Identity Center OIDC implementation, see Considerations for Using this Guide + // in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). + // + // RefreshToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMOutput's + // String and GoString methods. + RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"` + + // The list of scopes for which authorization is granted. The access token that + // is issued is limited to the scopes that are granted. + Scope []*string `locationName:"scope" type:"list"` + + // Used to notify the requester that the returned token is an access token. + // The supported token type is Bearer. + TokenType *string `locationName:"tokenType" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenWithIAMOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenWithIAMOutput) GoString() string { + return s.String() +} + +// SetAccessToken sets the AccessToken field's value. +func (s *CreateTokenWithIAMOutput) SetAccessToken(v string) *CreateTokenWithIAMOutput { + s.AccessToken = &v + return s +} + +// SetExpiresIn sets the ExpiresIn field's value. +func (s *CreateTokenWithIAMOutput) SetExpiresIn(v int64) *CreateTokenWithIAMOutput { + s.ExpiresIn = &v + return s +} + +// SetIdToken sets the IdToken field's value. +func (s *CreateTokenWithIAMOutput) SetIdToken(v string) *CreateTokenWithIAMOutput { + s.IdToken = &v + return s +} + +// SetIssuedTokenType sets the IssuedTokenType field's value. +func (s *CreateTokenWithIAMOutput) SetIssuedTokenType(v string) *CreateTokenWithIAMOutput { + s.IssuedTokenType = &v + return s +} + +// SetRefreshToken sets the RefreshToken field's value. +func (s *CreateTokenWithIAMOutput) SetRefreshToken(v string) *CreateTokenWithIAMOutput { + s.RefreshToken = &v + return s +} + +// SetScope sets the Scope field's value. +func (s *CreateTokenWithIAMOutput) SetScope(v []*string) *CreateTokenWithIAMOutput { + s.Scope = v + return s +} + +// SetTokenType sets the TokenType field's value. +func (s *CreateTokenWithIAMOutput) SetTokenType(v string) *CreateTokenWithIAMOutput { + s.TokenType = &v + return s +} + // Indicates that the token issued by the service is expired and is no longer // valid. type ExpiredTokenException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + // Single error code. For this exception the value will be expired_token. Error_ *string `locationName:"error" type:"string"` + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. Error_description *string `locationName:"error_description" type:"string"` Message_ *string `locationName:"message" type:"string"` @@ -756,8 +1212,11 @@ type InternalServerException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + // Single error code. For this exception the value will be server_error. Error_ *string `locationName:"error" type:"string"` + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. Error_description *string `locationName:"error_description" type:"string"` Message_ *string `locationName:"message" type:"string"` @@ -826,8 +1285,11 @@ type InvalidClientException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + // Single error code. For this exception the value will be invalid_client. Error_ *string `locationName:"error" type:"string"` + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. Error_description *string `locationName:"error_description" type:"string"` Message_ *string `locationName:"message" type:"string"` @@ -895,8 +1357,11 @@ type InvalidClientMetadataException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + // Single error code. For this exception the value will be invalid_client_metadata. Error_ *string `locationName:"error" type:"string"` + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. Error_description *string `locationName:"error_description" type:"string"` Message_ *string `locationName:"message" type:"string"` @@ -964,8 +1429,11 @@ type InvalidGrantException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + // Single error code. For this exception the value will be invalid_grant. Error_ *string `locationName:"error" type:"string"` + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. Error_description *string `locationName:"error_description" type:"string"` Message_ *string `locationName:"message" type:"string"` @@ -1033,8 +1501,11 @@ type InvalidRequestException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + // Single error code. For this exception the value will be invalid_request. Error_ *string `locationName:"error" type:"string"` + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. Error_description *string `locationName:"error_description" type:"string"` Message_ *string `locationName:"message" type:"string"` @@ -1096,13 +1567,95 @@ func (s *InvalidRequestException) RequestID() string { return s.RespMetadata.RequestID } +// Indicates that a token provided as input to the request was issued by and +// is only usable by calling IAM Identity Center endpoints in another region. +type InvalidRequestRegionException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Indicates the IAM Identity Center endpoint which the requester may call with + // this token. + Endpoint *string `locationName:"endpoint" type:"string"` + + // Single error code. For this exception the value will be invalid_request. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` + + // Indicates the region which the requester may call with this token. + Region *string `locationName:"region" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidRequestRegionException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidRequestRegionException) GoString() string { + return s.String() +} + +func newErrorInvalidRequestRegionException(v protocol.ResponseMetadata) error { + return &InvalidRequestRegionException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidRequestRegionException) Code() string { + return "InvalidRequestRegionException" +} + +// Message returns the exception's message. +func (s *InvalidRequestRegionException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidRequestRegionException) OrigErr() error { + return nil +} + +func (s *InvalidRequestRegionException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidRequestRegionException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidRequestRegionException) RequestID() string { + return s.RespMetadata.RequestID +} + // Indicates that the scope provided in the request is invalid. type InvalidScopeException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + // Single error code. For this exception the value will be invalid_scope. Error_ *string `locationName:"error" type:"string"` + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. Error_description *string `locationName:"error_description" type:"string"` Message_ *string `locationName:"message" type:"string"` @@ -1238,7 +1791,7 @@ func (s *RegisterClientInput) SetScopes(v []*string) *RegisterClientInput { type RegisterClientOutput struct { _ struct{} `type:"structure"` - // The endpoint where the client can request authorization. + // An endpoint that the client can use to request authorization. AuthorizationEndpoint *string `locationName:"authorizationEndpoint" type:"string"` // The unique identifier string for each client. This client uses this identifier @@ -1250,12 +1803,16 @@ type RegisterClientOutput struct { // A secret string generated for the client. The client will use this string // to get authenticated by the service in subsequent calls. - ClientSecret *string `locationName:"clientSecret" type:"string"` + // + // ClientSecret is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by RegisterClientOutput's + // String and GoString methods. + ClientSecret *string `locationName:"clientSecret" type:"string" sensitive:"true"` // Indicates the time at which the clientId and clientSecret will become invalid. ClientSecretExpiresAt *int64 `locationName:"clientSecretExpiresAt" type:"long"` - // The endpoint where the client can get an access token. + // An endpoint that the client can use to create tokens. TokenEndpoint *string `locationName:"tokenEndpoint" type:"string"` } @@ -1319,8 +1876,11 @@ type SlowDownException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + // Single error code. For this exception the value will be slow_down. Error_ *string `locationName:"error" type:"string"` + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. Error_description *string `locationName:"error_description" type:"string"` Message_ *string `locationName:"message" type:"string"` @@ -1395,11 +1955,15 @@ type StartDeviceAuthorizationInput struct { // A secret string that is generated for the client. This value should come // from the persisted result of the RegisterClient API operation. // + // ClientSecret is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by StartDeviceAuthorizationInput's + // String and GoString methods. + // // ClientSecret is a required field - ClientSecret *string `locationName:"clientSecret" type:"string" required:"true"` + ClientSecret *string `locationName:"clientSecret" type:"string" required:"true" sensitive:"true"` - // The URL for the AWS access portal. For more information, see Using the AWS - // access portal (https://docs.aws.amazon.com/singlesignon/latest/userguide/using-the-portal.html) + // The URL for the Amazon Web Services access portal. For more information, + // see Using the Amazon Web Services access portal (https://docs.aws.amazon.com/singlesignon/latest/userguide/using-the-portal.html) // in the IAM Identity Center User Guide. // // StartUrl is a required field @@ -1550,8 +2114,11 @@ type UnauthorizedClientException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + // Single error code. For this exception the value will be unauthorized_client. Error_ *string `locationName:"error" type:"string"` + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. Error_description *string `locationName:"error_description" type:"string"` Message_ *string `locationName:"message" type:"string"` @@ -1618,8 +2185,11 @@ type UnsupportedGrantTypeException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + // Single error code. For this exception the value will be unsupported_grant_type. Error_ *string `locationName:"error" type:"string"` + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. Error_description *string `locationName:"error_description" type:"string"` Message_ *string `locationName:"message" type:"string"` diff --git a/vendor/github.com/aws/aws-sdk-go/service/ssooidc/doc.go b/vendor/github.com/aws/aws-sdk-go/service/ssooidc/doc.go index 8b5ee6019..083568c61 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ssooidc/doc.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ssooidc/doc.go @@ -3,15 +3,13 @@ // Package ssooidc provides the client and types for making API // requests to AWS SSO OIDC. // -// AWS IAM Identity Center (successor to AWS Single Sign-On) OpenID Connect -// (OIDC) is a web service that enables a client (such as AWS CLI or a native -// application) to register with IAM Identity Center. The service also enables -// the client to fetch the user’s access token upon successful authentication -// and authorization with IAM Identity Center. +// IAM Identity Center OpenID Connect (OIDC) is a web service that enables a +// client (such as CLI or a native application) to register with IAM Identity +// Center. The service also enables the client to fetch the user’s access +// token upon successful authentication and authorization with IAM Identity +// Center. // -// Although AWS Single Sign-On was renamed, the sso and identitystore API namespaces -// will continue to retain their original name for backward compatibility purposes. -// For more information, see IAM Identity Center rename (https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html#renamed). +// IAM Identity Center uses the sso and identitystore API namespaces. // // # Considerations for Using This Guide // @@ -22,21 +20,24 @@ // - The IAM Identity Center OIDC service currently implements only the portions // of the OAuth 2.0 Device Authorization Grant standard (https://tools.ietf.org/html/rfc8628 // (https://tools.ietf.org/html/rfc8628)) that are necessary to enable single -// sign-on authentication with the AWS CLI. Support for other OIDC flows -// frequently needed for native applications, such as Authorization Code -// Flow (+ PKCE), will be addressed in future releases. +// sign-on authentication with the CLI. // -// - The service emits only OIDC access tokens, such that obtaining a new -// token (For example, token refresh) requires explicit user re-authentication. +// - With older versions of the CLI, the service only emits OIDC access tokens, +// so to obtain a new token, users must explicitly re-authenticate. To access +// the OIDC flow that supports token refresh and doesn’t require re-authentication, +// update to the latest CLI version (1.27.10 for CLI V1 and 2.9.0 for CLI +// V2) with support for OIDC token refresh and configurable IAM Identity +// Center session durations. For more information, see Configure Amazon Web +// Services access portal session duration (https://docs.aws.amazon.com/singlesignon/latest/userguide/configure-user-session.html). // -// - The access tokens provided by this service grant access to all AWS account -// entitlements assigned to an IAM Identity Center user, not just a particular -// application. +// - The access tokens provided by this service grant access to all Amazon +// Web Services account entitlements assigned to an IAM Identity Center user, +// not just a particular application. // // - The documentation in this guide does not describe the mechanism to convert -// the access token into AWS Auth (“sigv4”) credentials for use with -// IAM-protected AWS service endpoints. For more information, see GetRoleCredentials -// (https://docs.aws.amazon.com/singlesignon/latest/PortalAPIReference/API_GetRoleCredentials.html) +// the access token into Amazon Web Services Auth (“sigv4”) credentials +// for use with IAM-protected Amazon Web Services service endpoints. For +// more information, see GetRoleCredentials (https://docs.aws.amazon.com/singlesignon/latest/PortalAPIReference/API_GetRoleCredentials.html) // in the IAM Identity Center Portal API Reference Guide. // // For general information about IAM Identity Center, see What is IAM Identity diff --git a/vendor/github.com/aws/aws-sdk-go/service/ssooidc/errors.go b/vendor/github.com/aws/aws-sdk-go/service/ssooidc/errors.go index 698377012..e6242e492 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ssooidc/errors.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ssooidc/errors.go @@ -64,6 +64,13 @@ const ( // a required parameter might be missing or out of range. ErrCodeInvalidRequestException = "InvalidRequestException" + // ErrCodeInvalidRequestRegionException for service response error code + // "InvalidRequestRegionException". + // + // Indicates that a token provided as input to the request was issued by and + // is only usable by calling IAM Identity Center endpoints in another region. + ErrCodeInvalidRequestRegionException = "InvalidRequestRegionException" + // ErrCodeInvalidScopeException for service response error code // "InvalidScopeException". // @@ -100,6 +107,7 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ "InvalidClientMetadataException": newErrorInvalidClientMetadataException, "InvalidGrantException": newErrorInvalidGrantException, "InvalidRequestException": newErrorInvalidRequestException, + "InvalidRequestRegionException": newErrorInvalidRequestRegionException, "InvalidScopeException": newErrorInvalidScopeException, "SlowDownException": newErrorSlowDownException, "UnauthorizedClientException": newErrorUnauthorizedClientException, diff --git a/vendor/github.com/aws/aws-sdk-go/service/ssooidc/service.go b/vendor/github.com/aws/aws-sdk-go/service/ssooidc/service.go index 969f33c37..782bae369 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ssooidc/service.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ssooidc/service.go @@ -51,7 +51,7 @@ const ( func New(p client.ConfigProvider, cfgs ...*aws.Config) *SSOOIDC { c := p.ClientConfig(EndpointsID, cfgs...) if c.SigningNameDerived || len(c.SigningName) == 0 { - c.SigningName = "awsssooidc" + c.SigningName = "sso-oauth" } return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName, c.ResolvedRegion) } diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/api.go b/vendor/github.com/aws/aws-sdk-go/service/sts/api.go index 11af63b4d..2c395f5f6 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/sts/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/sts/api.go @@ -1460,7 +1460,15 @@ type AssumeRoleInput struct { // in the IAM User Guide. PolicyArns []*PolicyDescriptorType `type:"list"` - // Reserved for future use. + // A list of previously acquired trusted context assertions in the format of + // a JSON array. The trusted context assertion is signed and encrypted by Amazon + // Web Services STS. + // + // The following is an example of a ProvidedContext value that includes a single + // trusted context assertion and the ARN of the context provider from which + // the trusted context assertion was generated. + // + // [{"ProviderArn":"arn:aws:iam::aws:contextProvider/IdentityCenter","ContextAssertion":"trusted-context-assertion"}] ProvidedContexts []*ProvidedContext `type:"list"` // The Amazon Resource Name (ARN) of the role to assume. @@ -3405,14 +3413,18 @@ func (s *PolicyDescriptorType) SetArn(v string) *PolicyDescriptorType { return s } -// Reserved for future use. +// Contains information about the provided context. This includes the signed +// and encrypted trusted context assertion and the context provider ARN from +// which the trusted context assertion was generated. type ProvidedContext struct { _ struct{} `type:"structure"` - // Reserved for future use. + // The signed and encrypted trusted context assertion generated by the context + // provider. The trusted context assertion is signed and encrypted by Amazon + // Web Services STS. ContextAssertion *string `min:"4" type:"string"` - // Reserved for future use. + // The context provider ARN from which the trusted context assertion was generated. ProviderArn *string `min:"20" type:"string"` } diff --git a/vendor/github.com/aws/smithy-go/CHANGELOG.md b/vendor/github.com/aws/smithy-go/CHANGELOG.md index 9cca07b55..46b115083 100644 --- a/vendor/github.com/aws/smithy-go/CHANGELOG.md +++ b/vendor/github.com/aws/smithy-go/CHANGELOG.md @@ -1,3 +1,25 @@ +# Release (2023-12-07) + +## Module Highlights +* `github.com/aws/smithy-go`: v1.19.0 + * **Feature**: Support modeled request compression. + +# Release (2023-11-30) + +* No change notes available for this release. + +# Release (2023-11-29) + +## Module Highlights +* `github.com/aws/smithy-go`: v1.18.0 + * **Feature**: Expose Options() method on generated service clients. + +# Release (2023-11-15) + +## Module Highlights +* `github.com/aws/smithy-go`: v1.17.0 + * **Feature**: Support identity/auth components of client reference architecture. + # Release (2023-10-31) ## Module Highlights diff --git a/vendor/github.com/aws/smithy-go/auth/auth.go b/vendor/github.com/aws/smithy-go/auth/auth.go new file mode 100644 index 000000000..5bdb70c9a --- /dev/null +++ b/vendor/github.com/aws/smithy-go/auth/auth.go @@ -0,0 +1,3 @@ +// Package auth defines protocol-agnostic authentication types for smithy +// clients. +package auth diff --git a/vendor/github.com/aws/smithy-go/auth/identity.go b/vendor/github.com/aws/smithy-go/auth/identity.go new file mode 100644 index 000000000..ba8cf70d4 --- /dev/null +++ b/vendor/github.com/aws/smithy-go/auth/identity.go @@ -0,0 +1,47 @@ +package auth + +import ( + "context" + "time" + + "github.com/aws/smithy-go" +) + +// Identity contains information that identifies who the user making the +// request is. +type Identity interface { + Expiration() time.Time +} + +// IdentityResolver defines the interface through which an Identity is +// retrieved. +type IdentityResolver interface { + GetIdentity(context.Context, smithy.Properties) (Identity, error) +} + +// IdentityResolverOptions defines the interface through which an entity can be +// queried to retrieve an IdentityResolver for a given auth scheme. +type IdentityResolverOptions interface { + GetIdentityResolver(schemeID string) IdentityResolver +} + +// AnonymousIdentity is a sentinel to indicate no identity. +type AnonymousIdentity struct{} + +var _ Identity = (*AnonymousIdentity)(nil) + +// Expiration returns the zero value for time, as anonymous identity never +// expires. +func (*AnonymousIdentity) Expiration() time.Time { + return time.Time{} +} + +// AnonymousIdentityResolver returns AnonymousIdentity. +type AnonymousIdentityResolver struct{} + +var _ IdentityResolver = (*AnonymousIdentityResolver)(nil) + +// GetIdentity returns AnonymousIdentity. +func (*AnonymousIdentityResolver) GetIdentity(_ context.Context, _ smithy.Properties) (Identity, error) { + return &AnonymousIdentity{}, nil +} diff --git a/vendor/github.com/aws/smithy-go/auth/option.go b/vendor/github.com/aws/smithy-go/auth/option.go new file mode 100644 index 000000000..d5dabff04 --- /dev/null +++ b/vendor/github.com/aws/smithy-go/auth/option.go @@ -0,0 +1,25 @@ +package auth + +import "github.com/aws/smithy-go" + +type ( + authOptionsKey struct{} +) + +// Option represents a possible authentication method for an operation. +type Option struct { + SchemeID string + IdentityProperties smithy.Properties + SignerProperties smithy.Properties +} + +// GetAuthOptions gets auth Options from Properties. +func GetAuthOptions(p *smithy.Properties) ([]*Option, bool) { + v, ok := p.Get(authOptionsKey{}).([]*Option) + return v, ok +} + +// SetAuthOptions sets auth Options on Properties. +func SetAuthOptions(p *smithy.Properties, options []*Option) { + p.Set(authOptionsKey{}, options) +} diff --git a/vendor/github.com/aws/smithy-go/auth/scheme_id.go b/vendor/github.com/aws/smithy-go/auth/scheme_id.go new file mode 100644 index 000000000..fb6a57c64 --- /dev/null +++ b/vendor/github.com/aws/smithy-go/auth/scheme_id.go @@ -0,0 +1,20 @@ +package auth + +// Anonymous +const ( + SchemeIDAnonymous = "smithy.api#noAuth" +) + +// HTTP auth schemes +const ( + SchemeIDHTTPBasic = "smithy.api#httpBasicAuth" + SchemeIDHTTPDigest = "smithy.api#httpDigestAuth" + SchemeIDHTTPBearer = "smithy.api#httpBearerAuth" + SchemeIDHTTPAPIKey = "smithy.api#httpApiKeyAuth" +) + +// AWS auth schemes +const ( + SchemeIDSigV4 = "aws.auth#sigv4" + SchemeIDSigV4A = "aws.auth#sigv4a" +) diff --git a/vendor/github.com/aws/smithy-go/container/private/cache/cache.go b/vendor/github.com/aws/smithy-go/container/private/cache/cache.go new file mode 100644 index 000000000..69af87751 --- /dev/null +++ b/vendor/github.com/aws/smithy-go/container/private/cache/cache.go @@ -0,0 +1,19 @@ +// Package cache defines the interface for a key-based data store. +// +// This package is designated as private and is intended for use only by the +// smithy client runtime. The exported API therein is not considered stable and +// is subject to breaking changes without notice. +package cache + +// Cache defines the interface for an opaquely-typed, key-based data store. +// +// The thread-safety of this interface is undefined and is dictated by +// implementations. +type Cache interface { + // Retrieve the value associated with the given key. The returned boolean + // indicates whether the cache held a value for the given key. + Get(k interface{}) (interface{}, bool) + + // Store a value under the given key. + Put(k interface{}, v interface{}) +} diff --git a/vendor/github.com/aws/smithy-go/container/private/cache/lru/lru.go b/vendor/github.com/aws/smithy-go/container/private/cache/lru/lru.go new file mode 100644 index 000000000..02ecb0a32 --- /dev/null +++ b/vendor/github.com/aws/smithy-go/container/private/cache/lru/lru.go @@ -0,0 +1,63 @@ +// Package lru implements [cache.Cache] with an LRU eviction policy. +// +// This implementation is NOT thread-safe. +// +// This package is designated as private and is intended for use only by the +// smithy client runtime. The exported API therein is not considered stable and +// is subject to breaking changes without notice. +package lru + +import ( + "container/list" + + "github.com/aws/smithy-go/container/private/cache" +) + +// New creates a new LRU cache with the given capacity. +func New(cap int) cache.Cache { + return &lru{ + entries: make(map[interface{}]*list.Element, cap), + cap: cap, + mru: list.New(), + } +} + +type lru struct { + entries map[interface{}]*list.Element + cap int + + mru *list.List // least-recently used is at the back +} + +type element struct { + key interface{} + value interface{} +} + +func (l *lru) Get(k interface{}) (interface{}, bool) { + e, ok := l.entries[k] + if !ok { + return nil, false + } + + l.mru.MoveToFront(e) + return e.Value.(*element).value, true +} + +func (l *lru) Put(k interface{}, v interface{}) { + if len(l.entries) == l.cap { + l.evict() + } + + ev := &element{ + key: k, + value: v, + } + e := l.mru.PushFront(ev) + l.entries[k] = e +} + +func (l *lru) evict() { + e := l.mru.Remove(l.mru.Back()) + delete(l.entries, e.(*element).key) +} diff --git a/vendor/github.com/aws/smithy-go/endpoints/private/rulesfn/strings.go b/vendor/github.com/aws/smithy-go/endpoints/private/rulesfn/strings.go index 8e230783e..5cf4a7b02 100644 --- a/vendor/github.com/aws/smithy-go/endpoints/private/rulesfn/strings.go +++ b/vendor/github.com/aws/smithy-go/endpoints/private/rulesfn/strings.go @@ -1,6 +1,5 @@ package rulesfn - // Substring returns the substring of the input provided. If the start or stop // indexes are not valid for the input nil will be returned. If errors occur // they will be added to the provided [ErrorCollector]. diff --git a/vendor/github.com/aws/smithy-go/go_module_metadata.go b/vendor/github.com/aws/smithy-go/go_module_metadata.go index d96be806d..cd6f7fa45 100644 --- a/vendor/github.com/aws/smithy-go/go_module_metadata.go +++ b/vendor/github.com/aws/smithy-go/go_module_metadata.go @@ -3,4 +3,4 @@ package smithy // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.16.0" +const goModuleVersion = "1.19.0" diff --git a/vendor/github.com/aws/smithy-go/private/requestcompression/gzip.go b/vendor/github.com/aws/smithy-go/private/requestcompression/gzip.go new file mode 100644 index 000000000..004d78f21 --- /dev/null +++ b/vendor/github.com/aws/smithy-go/private/requestcompression/gzip.go @@ -0,0 +1,30 @@ +package requestcompression + +import ( + "bytes" + "compress/gzip" + "fmt" + "io" +) + +func gzipCompress(input io.Reader) ([]byte, error) { + var b bytes.Buffer + w, err := gzip.NewWriterLevel(&b, gzip.DefaultCompression) + if err != nil { + return nil, fmt.Errorf("failed to create gzip writer, %v", err) + } + + inBytes, err := io.ReadAll(input) + if err != nil { + return nil, fmt.Errorf("failed read payload to compress, %v", err) + } + + if _, err = w.Write(inBytes); err != nil { + return nil, fmt.Errorf("failed to write payload to be compressed, %v", err) + } + if err = w.Close(); err != nil { + return nil, fmt.Errorf("failed to flush payload being compressed, %v", err) + } + + return b.Bytes(), nil +} diff --git a/vendor/github.com/aws/smithy-go/private/requestcompression/middleware_capture_request_compression.go b/vendor/github.com/aws/smithy-go/private/requestcompression/middleware_capture_request_compression.go new file mode 100644 index 000000000..06c16afc1 --- /dev/null +++ b/vendor/github.com/aws/smithy-go/private/requestcompression/middleware_capture_request_compression.go @@ -0,0 +1,52 @@ +package requestcompression + +import ( + "bytes" + "context" + "fmt" + "github.com/aws/smithy-go/middleware" + smithyhttp "github.com/aws/smithy-go/transport/http" + "io" + "net/http" +) + +const captureUncompressedRequestID = "CaptureUncompressedRequest" + +// AddCaptureUncompressedRequestMiddleware captures http request before compress encoding for check +func AddCaptureUncompressedRequestMiddleware(stack *middleware.Stack, buf *bytes.Buffer) error { + return stack.Serialize.Insert(&captureUncompressedRequestMiddleware{ + buf: buf, + }, "RequestCompression", middleware.Before) +} + +type captureUncompressedRequestMiddleware struct { + req *http.Request + buf *bytes.Buffer + bytes []byte +} + +// ID returns id of the captureUncompressedRequestMiddleware +func (*captureUncompressedRequestMiddleware) ID() string { + return captureUncompressedRequestID +} + +// HandleSerialize captures request payload before it is compressed by request compression middleware +func (m *captureUncompressedRequestMiddleware) HandleSerialize(ctx context.Context, input middleware.SerializeInput, next middleware.SerializeHandler, +) ( + output middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + request, ok := input.Request.(*smithyhttp.Request) + if !ok { + return output, metadata, fmt.Errorf("error when retrieving http request") + } + + _, err = io.Copy(m.buf, request.GetStream()) + if err != nil { + return output, metadata, fmt.Errorf("error when copying http request stream: %q", err) + } + if err = request.RewindStream(); err != nil { + return output, metadata, fmt.Errorf("error when rewinding request stream: %q", err) + } + + return next.HandleSerialize(ctx, input) +} diff --git a/vendor/github.com/aws/smithy-go/private/requestcompression/request_compression.go b/vendor/github.com/aws/smithy-go/private/requestcompression/request_compression.go new file mode 100644 index 000000000..7c4147603 --- /dev/null +++ b/vendor/github.com/aws/smithy-go/private/requestcompression/request_compression.go @@ -0,0 +1,103 @@ +// Package requestcompression implements runtime support for smithy-modeled +// request compression. +// +// This package is designated as private and is intended for use only by the +// smithy client runtime. The exported API therein is not considered stable and +// is subject to breaking changes without notice. +package requestcompression + +import ( + "bytes" + "context" + "fmt" + "github.com/aws/smithy-go/middleware" + "github.com/aws/smithy-go/transport/http" + "io" +) + +const MaxRequestMinCompressSizeBytes = 10485760 + +// Enumeration values for supported compress Algorithms. +const ( + GZIP = "gzip" +) + +type compressFunc func(io.Reader) ([]byte, error) + +var allowedAlgorithms = map[string]compressFunc{ + GZIP: gzipCompress, +} + +// AddRequestCompression add requestCompression middleware to op stack +func AddRequestCompression(stack *middleware.Stack, disabled bool, minBytes int64, algorithms []string) error { + return stack.Serialize.Add(&requestCompression{ + disableRequestCompression: disabled, + requestMinCompressSizeBytes: minBytes, + compressAlgorithms: algorithms, + }, middleware.After) +} + +type requestCompression struct { + disableRequestCompression bool + requestMinCompressSizeBytes int64 + compressAlgorithms []string +} + +// ID returns the ID of the middleware +func (m requestCompression) ID() string { + return "RequestCompression" +} + +// HandleSerialize gzip compress the request's stream/body if enabled by config fields +func (m requestCompression) HandleSerialize( + ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler, +) ( + out middleware.SerializeOutput, metadata middleware.Metadata, err error, +) { + if m.disableRequestCompression { + return next.HandleSerialize(ctx, in) + } + // still need to check requestMinCompressSizeBytes in case it is out of range after service client config + if m.requestMinCompressSizeBytes < 0 || m.requestMinCompressSizeBytes > MaxRequestMinCompressSizeBytes { + return out, metadata, fmt.Errorf("invalid range for min request compression size bytes %d, must be within 0 and 10485760 inclusively", m.requestMinCompressSizeBytes) + } + + req, ok := in.Request.(*http.Request) + if !ok { + return out, metadata, fmt.Errorf("unknown request type %T", req) + } + + for _, algorithm := range m.compressAlgorithms { + compressFunc := allowedAlgorithms[algorithm] + if compressFunc != nil { + if stream := req.GetStream(); stream != nil { + size, found, err := req.StreamLength() + if err != nil { + return out, metadata, fmt.Errorf("error while finding request stream length, %v", err) + } else if !found || size < m.requestMinCompressSizeBytes { + return next.HandleSerialize(ctx, in) + } + + compressedBytes, err := compressFunc(stream) + if err != nil { + return out, metadata, fmt.Errorf("failed to compress request stream, %v", err) + } + + var newReq *http.Request + if newReq, err = req.SetStream(bytes.NewReader(compressedBytes)); err != nil { + return out, metadata, fmt.Errorf("failed to set request stream, %v", err) + } + *req = *newReq + + if val := req.Header.Get("Content-Encoding"); val != "" { + req.Header.Set("Content-Encoding", fmt.Sprintf("%s, %s", val, algorithm)) + } else { + req.Header.Set("Content-Encoding", algorithm) + } + } + break + } + } + + return next.HandleSerialize(ctx, in) +} diff --git a/vendor/github.com/aws/smithy-go/properties.go b/vendor/github.com/aws/smithy-go/properties.go index 17d659c53..c9af66c0e 100644 --- a/vendor/github.com/aws/smithy-go/properties.go +++ b/vendor/github.com/aws/smithy-go/properties.go @@ -7,12 +7,10 @@ type PropertiesReader interface { } // Properties provides storing and reading metadata values. Keys may be any -// comparable value type. Get and set will panic if key is not a comparable -// value type. +// comparable value type. Get and Set will panic if a key is not comparable. // -// Properties uses lazy initialization, and Set method must be called as an -// addressable value, or pointer. Not doing so may cause key/value pair to not -// be set. +// The zero value for a Properties instance is ready for reads/writes without +// any additional initialization. type Properties struct { values map[interface{}]interface{} } @@ -22,21 +20,16 @@ type Properties struct { // // Panics if key type is not comparable. func (m *Properties) Get(key interface{}) interface{} { + m.lazyInit() return m.values[key] } // Set stores the value pointed to by the key. If a value already exists at // that key it will be replaced with the new value. // -// Set method must be called as an addressable value, or pointer. If Set is not -// called as an addressable value or pointer, the key value pair being set may -// be lost. -// // Panics if the key type is not comparable. func (m *Properties) Set(key, value interface{}) { - if m.values == nil { - m.values = map[interface{}]interface{}{} - } + m.lazyInit() m.values[key] = value } @@ -44,9 +37,26 @@ func (m *Properties) Set(key, value interface{}) { // // Panics if the key type is not comparable. func (m *Properties) Has(key interface{}) bool { - if m.values == nil { - return false - } + m.lazyInit() _, ok := m.values[key] return ok } + +// SetAll accepts all of the given Properties into the receiver, overwriting +// any existing keys in the case of conflicts. +func (m *Properties) SetAll(other *Properties) { + if other.values == nil { + return + } + + m.lazyInit() + for k, v := range other.values { + m.values[k] = v + } +} + +func (m *Properties) lazyInit() { + if m.values == nil { + m.values = map[interface{}]interface{}{} + } +} diff --git a/vendor/github.com/aws/smithy-go/transport/http/auth.go b/vendor/github.com/aws/smithy-go/transport/http/auth.go new file mode 100644 index 000000000..58e1ab5ef --- /dev/null +++ b/vendor/github.com/aws/smithy-go/transport/http/auth.go @@ -0,0 +1,21 @@ +package http + +import ( + "context" + + smithy "github.com/aws/smithy-go" + "github.com/aws/smithy-go/auth" +) + +// AuthScheme defines an HTTP authentication scheme. +type AuthScheme interface { + SchemeID() string + IdentityResolver(auth.IdentityResolverOptions) auth.IdentityResolver + Signer() Signer +} + +// Signer defines the interface through which HTTP requests are supplemented +// with an Identity. +type Signer interface { + SignRequest(context.Context, *Request, auth.Identity, smithy.Properties) error +} diff --git a/vendor/github.com/aws/smithy-go/transport/http/auth_schemes.go b/vendor/github.com/aws/smithy-go/transport/http/auth_schemes.go new file mode 100644 index 000000000..d60cf2a60 --- /dev/null +++ b/vendor/github.com/aws/smithy-go/transport/http/auth_schemes.go @@ -0,0 +1,45 @@ +package http + +import ( + "context" + + smithy "github.com/aws/smithy-go" + "github.com/aws/smithy-go/auth" +) + +// NewAnonymousScheme returns the anonymous HTTP auth scheme. +func NewAnonymousScheme() AuthScheme { + return &authScheme{ + schemeID: auth.SchemeIDAnonymous, + signer: &nopSigner{}, + } +} + +// authScheme is parameterized to generically implement the exported AuthScheme +// interface +type authScheme struct { + schemeID string + signer Signer +} + +var _ AuthScheme = (*authScheme)(nil) + +func (s *authScheme) SchemeID() string { + return s.schemeID +} + +func (s *authScheme) IdentityResolver(o auth.IdentityResolverOptions) auth.IdentityResolver { + return o.GetIdentityResolver(s.schemeID) +} + +func (s *authScheme) Signer() Signer { + return s.signer +} + +type nopSigner struct{} + +var _ Signer = (*nopSigner)(nil) + +func (*nopSigner) SignRequest(context.Context, *Request, auth.Identity, smithy.Properties) error { + return nil +} diff --git a/vendor/github.com/aws/smithy-go/transport/http/properties.go b/vendor/github.com/aws/smithy-go/transport/http/properties.go new file mode 100644 index 000000000..c65aa3932 --- /dev/null +++ b/vendor/github.com/aws/smithy-go/transport/http/properties.go @@ -0,0 +1,80 @@ +package http + +import smithy "github.com/aws/smithy-go" + +type ( + sigV4SigningNameKey struct{} + sigV4SigningRegionKey struct{} + + sigV4ASigningNameKey struct{} + sigV4ASigningRegionsKey struct{} + + isUnsignedPayloadKey struct{} + disableDoubleEncodingKey struct{} +) + +// GetSigV4SigningName gets the signing name from Properties. +func GetSigV4SigningName(p *smithy.Properties) (string, bool) { + v, ok := p.Get(sigV4SigningNameKey{}).(string) + return v, ok +} + +// SetSigV4SigningName sets the signing name on Properties. +func SetSigV4SigningName(p *smithy.Properties, name string) { + p.Set(sigV4SigningNameKey{}, name) +} + +// GetSigV4SigningRegion gets the signing region from Properties. +func GetSigV4SigningRegion(p *smithy.Properties) (string, bool) { + v, ok := p.Get(sigV4SigningRegionKey{}).(string) + return v, ok +} + +// SetSigV4SigningRegion sets the signing region on Properties. +func SetSigV4SigningRegion(p *smithy.Properties, region string) { + p.Set(sigV4SigningRegionKey{}, region) +} + +// GetSigV4ASigningName gets the v4a signing name from Properties. +func GetSigV4ASigningName(p *smithy.Properties) (string, bool) { + v, ok := p.Get(sigV4ASigningNameKey{}).(string) + return v, ok +} + +// SetSigV4ASigningName sets the signing name on Properties. +func SetSigV4ASigningName(p *smithy.Properties, name string) { + p.Set(sigV4ASigningNameKey{}, name) +} + +// GetSigV4ASigningRegion gets the v4a signing region set from Properties. +func GetSigV4ASigningRegions(p *smithy.Properties) ([]string, bool) { + v, ok := p.Get(sigV4ASigningRegionsKey{}).([]string) + return v, ok +} + +// SetSigV4ASigningRegions sets the v4a signing region set on Properties. +func SetSigV4ASigningRegions(p *smithy.Properties, regions []string) { + p.Set(sigV4ASigningRegionsKey{}, regions) +} + +// GetIsUnsignedPayload gets whether the payload is unsigned from Properties. +func GetIsUnsignedPayload(p *smithy.Properties) (bool, bool) { + v, ok := p.Get(isUnsignedPayloadKey{}).(bool) + return v, ok +} + +// SetIsUnsignedPayload sets whether the payload is unsigned on Properties. +func SetIsUnsignedPayload(p *smithy.Properties, isUnsignedPayload bool) { + p.Set(isUnsignedPayloadKey{}, isUnsignedPayload) +} + +// GetDisableDoubleEncoding gets whether the payload is unsigned from Properties. +func GetDisableDoubleEncoding(p *smithy.Properties) (bool, bool) { + v, ok := p.Get(disableDoubleEncodingKey{}).(bool) + return v, ok +} + +// SetDisableDoubleEncoding sets whether the payload is unsigned on Properties. +func SetDisableDoubleEncoding(p *smithy.Properties, disableDoubleEncoding bool) { + p.Set(disableDoubleEncodingKey{}, disableDoubleEncoding) +} diff --git a/vendor/github.com/golang-jwt/jwt/v5/MIGRATION_GUIDE.md b/vendor/github.com/golang-jwt/jwt/v5/MIGRATION_GUIDE.md index 6ad1c22bb..ff9c57e1d 100644 --- a/vendor/github.com/golang-jwt/jwt/v5/MIGRATION_GUIDE.md +++ b/vendor/github.com/golang-jwt/jwt/v5/MIGRATION_GUIDE.md @@ -17,7 +17,7 @@ and corresponding updates for existing programs. ## Parsing and Validation Options -Under the hood, a new `validator` struct takes care of validating the claims. A +Under the hood, a new `Validator` struct takes care of validating the claims. A long awaited feature has been the option to fine-tune the validation of tokens. This is now possible with several `ParserOption` functions that can be appended to most `Parse` functions, such as `ParseWithClaims`. The most important options @@ -68,6 +68,16 @@ type Claims interface { } ``` +Users that previously directly called the `Valid` function on their claims, +e.g., to perform validation independently of parsing/verifying a token, can now +use the `jwt.NewValidator` function to create a `Validator` independently of the +`Parser`. + +```go +var v = jwt.NewValidator(jwt.WithLeeway(5*time.Second)) +v.Validate(myClaims) +``` + ### Supported Claim Types and Removal of `StandardClaims` The two standard claim types supported by this library, `MapClaims` and @@ -169,7 +179,7 @@ be a drop-in replacement, if you're having troubles migrating, please open an issue. You can replace all occurrences of `github.com/dgrijalva/jwt-go` or -`github.com/golang-jwt/jwt` with `github.com/golang-jwt/jwt/v5`, either manually +`github.com/golang-jwt/jwt` with `github.com/golang-jwt/jwt/v4`, either manually or by using tools such as `sed` or `gofmt`. And then you'd typically run: diff --git a/vendor/github.com/golang-jwt/jwt/v5/ecdsa.go b/vendor/github.com/golang-jwt/jwt/v5/ecdsa.go index 4ccae2a85..ca85659ba 100644 --- a/vendor/github.com/golang-jwt/jwt/v5/ecdsa.go +++ b/vendor/github.com/golang-jwt/jwt/v5/ecdsa.go @@ -62,7 +62,7 @@ func (m *SigningMethodECDSA) Verify(signingString string, sig []byte, key interf case *ecdsa.PublicKey: ecdsaKey = k default: - return ErrInvalidKeyType + return newError("ECDSA verify expects *ecsda.PublicKey", ErrInvalidKeyType) } if len(sig) != 2*m.KeySize { @@ -96,7 +96,7 @@ func (m *SigningMethodECDSA) Sign(signingString string, key interface{}) ([]byte case *ecdsa.PrivateKey: ecdsaKey = k default: - return nil, ErrInvalidKeyType + return nil, newError("ECDSA sign expects *ecsda.PrivateKey", ErrInvalidKeyType) } // Create the hasher diff --git a/vendor/github.com/golang-jwt/jwt/v5/ed25519.go b/vendor/github.com/golang-jwt/jwt/v5/ed25519.go index eb6bdf01d..c2138119e 100644 --- a/vendor/github.com/golang-jwt/jwt/v5/ed25519.go +++ b/vendor/github.com/golang-jwt/jwt/v5/ed25519.go @@ -38,7 +38,7 @@ func (m *SigningMethodEd25519) Verify(signingString string, sig []byte, key inte var ok bool if ed25519Key, ok = key.(ed25519.PublicKey); !ok { - return ErrInvalidKeyType + return newError("Ed25519 verify expects ed25519.PublicKey", ErrInvalidKeyType) } if len(ed25519Key) != ed25519.PublicKeySize { @@ -60,7 +60,7 @@ func (m *SigningMethodEd25519) Sign(signingString string, key interface{}) ([]by var ok bool if ed25519Key, ok = key.(crypto.Signer); !ok { - return nil, ErrInvalidKeyType + return nil, newError("Ed25519 sign expects crypto.Signer", ErrInvalidKeyType) } if _, ok := ed25519Key.Public().(ed25519.PublicKey); !ok { diff --git a/vendor/github.com/golang-jwt/jwt/v5/hmac.go b/vendor/github.com/golang-jwt/jwt/v5/hmac.go index 91b688ba9..96c62722d 100644 --- a/vendor/github.com/golang-jwt/jwt/v5/hmac.go +++ b/vendor/github.com/golang-jwt/jwt/v5/hmac.go @@ -59,7 +59,7 @@ func (m *SigningMethodHMAC) Verify(signingString string, sig []byte, key interfa // Verify the key is the right type keyBytes, ok := key.([]byte) if !ok { - return ErrInvalidKeyType + return newError("HMAC verify expects []byte", ErrInvalidKeyType) } // Can we use the specified hashing method? @@ -91,7 +91,7 @@ func (m *SigningMethodHMAC) Verify(signingString string, sig []byte, key interfa func (m *SigningMethodHMAC) Sign(signingString string, key interface{}) ([]byte, error) { if keyBytes, ok := key.([]byte); ok { if !m.Hash.Available() { - return nil, ErrHashUnavailable + return nil, newError("HMAC sign expects []byte", ErrInvalidKeyType) } hasher := hmac.New(m.Hash.New, keyBytes) diff --git a/vendor/github.com/golang-jwt/jwt/v5/parser.go b/vendor/github.com/golang-jwt/jwt/v5/parser.go index 1ed2e4e4d..ecf99af78 100644 --- a/vendor/github.com/golang-jwt/jwt/v5/parser.go +++ b/vendor/github.com/golang-jwt/jwt/v5/parser.go @@ -18,7 +18,7 @@ type Parser struct { // Skip claims validation during token parsing. skipClaimsValidation bool - validator *validator + validator *Validator decodeStrict bool @@ -28,7 +28,7 @@ type Parser struct { // NewParser creates a new Parser with the specified options func NewParser(options ...ParserOption) *Parser { p := &Parser{ - validator: &validator{}, + validator: &Validator{}, } // Loop through our parsing options and apply them @@ -115,7 +115,7 @@ func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyf if !p.skipClaimsValidation { // Make sure we have at least a default validator if p.validator == nil { - p.validator = newValidator() + p.validator = NewValidator() } if err := p.validator.Validate(claims); err != nil { diff --git a/vendor/github.com/golang-jwt/jwt/v5/rsa.go b/vendor/github.com/golang-jwt/jwt/v5/rsa.go index daff09431..83cbee6ae 100644 --- a/vendor/github.com/golang-jwt/jwt/v5/rsa.go +++ b/vendor/github.com/golang-jwt/jwt/v5/rsa.go @@ -51,7 +51,7 @@ func (m *SigningMethodRSA) Verify(signingString string, sig []byte, key interfac var ok bool if rsaKey, ok = key.(*rsa.PublicKey); !ok { - return ErrInvalidKeyType + return newError("RSA verify expects *rsa.PublicKey", ErrInvalidKeyType) } // Create hasher @@ -73,7 +73,7 @@ func (m *SigningMethodRSA) Sign(signingString string, key interface{}) ([]byte, // Validate type of key if rsaKey, ok = key.(*rsa.PrivateKey); !ok { - return nil, ErrInvalidKey + return nil, newError("RSA sign expects *rsa.PrivateKey", ErrInvalidKeyType) } // Create the hasher diff --git a/vendor/github.com/golang-jwt/jwt/v5/rsa_pss.go b/vendor/github.com/golang-jwt/jwt/v5/rsa_pss.go index 9599f0a46..28c386ec4 100644 --- a/vendor/github.com/golang-jwt/jwt/v5/rsa_pss.go +++ b/vendor/github.com/golang-jwt/jwt/v5/rsa_pss.go @@ -88,7 +88,7 @@ func (m *SigningMethodRSAPSS) Verify(signingString string, sig []byte, key inter case *rsa.PublicKey: rsaKey = k default: - return ErrInvalidKey + return newError("RSA-PSS verify expects *rsa.PublicKey", ErrInvalidKeyType) } // Create hasher @@ -115,7 +115,7 @@ func (m *SigningMethodRSAPSS) Sign(signingString string, key interface{}) ([]byt case *rsa.PrivateKey: rsaKey = k default: - return nil, ErrInvalidKeyType + return nil, newError("RSA-PSS sign expects *rsa.PrivateKey", ErrInvalidKeyType) } // Create the hasher diff --git a/vendor/github.com/golang-jwt/jwt/v5/validator.go b/vendor/github.com/golang-jwt/jwt/v5/validator.go index 3082c8c7e..008ecd871 100644 --- a/vendor/github.com/golang-jwt/jwt/v5/validator.go +++ b/vendor/github.com/golang-jwt/jwt/v5/validator.go @@ -28,13 +28,12 @@ type ClaimsValidator interface { Validate() error } -// validator is the core of the new Validation API. It is automatically used by +// Validator is the core of the new Validation API. It is automatically used by // a [Parser] during parsing and can be modified with various parser options. // -// Note: This struct is intentionally not exported (yet) as we want to -// internally finalize its API. In the future, we might make it publicly -// available. -type validator struct { +// The [NewValidator] function should be used to create an instance of this +// struct. +type Validator struct { // leeway is an optional leeway that can be provided to account for clock skew. leeway time.Duration @@ -65,16 +64,28 @@ type validator struct { expectedSub string } -// newValidator can be used to create a stand-alone validator with the supplied +// NewValidator can be used to create a stand-alone validator with the supplied // options. This validator can then be used to validate already parsed claims. -func newValidator(opts ...ParserOption) *validator { +// +// Note: Under normal circumstances, explicitly creating a validator is not +// needed and can potentially be dangerous; instead functions of the [Parser] +// class should be used. +// +// The [Validator] is only checking the *validity* of the claims, such as its +// expiration time, but it does NOT perform *signature verification* of the +// token. +func NewValidator(opts ...ParserOption) *Validator { p := NewParser(opts...) return p.validator } // Validate validates the given claims. It will also perform any custom // validation if claims implements the [ClaimsValidator] interface. -func (v *validator) Validate(claims Claims) error { +// +// Note: It will NOT perform any *signature verification* on the token that +// contains the claims and expects that the [Claim] was already successfully +// verified. +func (v *Validator) Validate(claims Claims) error { var ( now time.Time errs []error = make([]error, 0, 6) @@ -153,7 +164,7 @@ func (v *validator) Validate(claims Claims) error { // // Additionally, if any error occurs while retrieving the claim, e.g., when its // the wrong type, an ErrTokenUnverifiable error will be returned. -func (v *validator) verifyExpiresAt(claims Claims, cmp time.Time, required bool) error { +func (v *Validator) verifyExpiresAt(claims Claims, cmp time.Time, required bool) error { exp, err := claims.GetExpirationTime() if err != nil { return err @@ -174,7 +185,7 @@ func (v *validator) verifyExpiresAt(claims Claims, cmp time.Time, required bool) // // Additionally, if any error occurs while retrieving the claim, e.g., when its // the wrong type, an ErrTokenUnverifiable error will be returned. -func (v *validator) verifyIssuedAt(claims Claims, cmp time.Time, required bool) error { +func (v *Validator) verifyIssuedAt(claims Claims, cmp time.Time, required bool) error { iat, err := claims.GetIssuedAt() if err != nil { return err @@ -195,7 +206,7 @@ func (v *validator) verifyIssuedAt(claims Claims, cmp time.Time, required bool) // // Additionally, if any error occurs while retrieving the claim, e.g., when its // the wrong type, an ErrTokenUnverifiable error will be returned. -func (v *validator) verifyNotBefore(claims Claims, cmp time.Time, required bool) error { +func (v *Validator) verifyNotBefore(claims Claims, cmp time.Time, required bool) error { nbf, err := claims.GetNotBefore() if err != nil { return err @@ -215,7 +226,7 @@ func (v *validator) verifyNotBefore(claims Claims, cmp time.Time, required bool) // // Additionally, if any error occurs while retrieving the claim, e.g., when its // the wrong type, an ErrTokenUnverifiable error will be returned. -func (v *validator) verifyAudience(claims Claims, cmp string, required bool) error { +func (v *Validator) verifyAudience(claims Claims, cmp string, required bool) error { aud, err := claims.GetAudience() if err != nil { return err @@ -251,7 +262,7 @@ func (v *validator) verifyAudience(claims Claims, cmp string, required bool) err // // Additionally, if any error occurs while retrieving the claim, e.g., when its // the wrong type, an ErrTokenUnverifiable error will be returned. -func (v *validator) verifyIssuer(claims Claims, cmp string, required bool) error { +func (v *Validator) verifyIssuer(claims Claims, cmp string, required bool) error { iss, err := claims.GetIssuer() if err != nil { return err @@ -271,7 +282,7 @@ func (v *validator) verifyIssuer(claims Claims, cmp string, required bool) error // // Additionally, if any error occurs while retrieving the claim, e.g., when its // the wrong type, an ErrTokenUnverifiable error will be returned. -func (v *validator) verifySubject(claims Claims, cmp string, required bool) error { +func (v *Validator) verifySubject(claims Claims, cmp string, required bool) error { sub, err := claims.GetSubject() if err != nil { return err diff --git a/vendor/github.com/klauspost/compress/README.md b/vendor/github.com/klauspost/compress/README.md index 43de48677..7e83f583c 100644 --- a/vendor/github.com/klauspost/compress/README.md +++ b/vendor/github.com/klauspost/compress/README.md @@ -16,6 +16,14 @@ This package provides various compression algorithms. # changelog +* Oct 22nd, 2023 - [v1.17.2](https://github.com/klauspost/compress/releases/tag/v1.17.2) + * zstd: Fix rare *CORRUPTION* output in "best" mode. See https://github.com/klauspost/compress/pull/876 + +* Oct 14th, 2023 - [v1.17.1](https://github.com/klauspost/compress/releases/tag/v1.17.1) + * s2: Fix S2 "best" dictionary wrong encoding by @klauspost in https://github.com/klauspost/compress/pull/871 + * flate: Reduce allocations in decompressor and minor code improvements by @fakefloordiv in https://github.com/klauspost/compress/pull/869 + * s2: Fix EstimateBlockSize on 6&7 length input by @klauspost in https://github.com/klauspost/compress/pull/867 + * Sept 19th, 2023 - [v1.17.0](https://github.com/klauspost/compress/releases/tag/v1.17.0) * Add experimental dictionary builder https://github.com/klauspost/compress/pull/853 * Add xerial snappy read/writer https://github.com/klauspost/compress/pull/838 diff --git a/vendor/github.com/klauspost/compress/fse/compress.go b/vendor/github.com/klauspost/compress/fse/compress.go index 65d777357..074018d8f 100644 --- a/vendor/github.com/klauspost/compress/fse/compress.go +++ b/vendor/github.com/klauspost/compress/fse/compress.go @@ -212,7 +212,7 @@ func (s *Scratch) writeCount() error { previous0 bool charnum uint16 - maxHeaderSize = ((int(s.symbolLen) * int(tableLog)) >> 3) + 3 + maxHeaderSize = ((int(s.symbolLen)*int(tableLog) + 4 + 2) >> 3) + 3 // Write Table Size bitStream = uint32(tableLog - minTablelog) diff --git a/vendor/github.com/klauspost/compress/gzip/gunzip.go b/vendor/github.com/klauspost/compress/gzip/gunzip.go index dc2362a63..00a0a2c38 100644 --- a/vendor/github.com/klauspost/compress/gzip/gunzip.go +++ b/vendor/github.com/klauspost/compress/gzip/gunzip.go @@ -238,6 +238,11 @@ func (z *Reader) readHeader() (hdr Header, err error) { } } + // Reserved FLG bits must be zero. + if flg>>5 != 0 { + return hdr, ErrHeader + } + z.digest = 0 if z.decompressor == nil { z.decompressor = flate.NewReader(z.r) diff --git a/vendor/github.com/klauspost/compress/huff0/bytereader.go b/vendor/github.com/klauspost/compress/huff0/bytereader.go deleted file mode 100644 index 4dcab8d23..000000000 --- a/vendor/github.com/klauspost/compress/huff0/bytereader.go +++ /dev/null @@ -1,44 +0,0 @@ -// Copyright 2018 Klaus Post. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. -// Based on work Copyright (c) 2013, Yann Collet, released under BSD License. - -package huff0 - -// byteReader provides a byte reader that reads -// little endian values from a byte stream. -// The input stream is manually advanced. -// The reader performs no bounds checks. -type byteReader struct { - b []byte - off int -} - -// init will initialize the reader and set the input. -func (b *byteReader) init(in []byte) { - b.b = in - b.off = 0 -} - -// Int32 returns a little endian int32 starting at current offset. -func (b byteReader) Int32() int32 { - v3 := int32(b.b[b.off+3]) - v2 := int32(b.b[b.off+2]) - v1 := int32(b.b[b.off+1]) - v0 := int32(b.b[b.off]) - return (v3 << 24) | (v2 << 16) | (v1 << 8) | v0 -} - -// Uint32 returns a little endian uint32 starting at current offset. -func (b byteReader) Uint32() uint32 { - v3 := uint32(b.b[b.off+3]) - v2 := uint32(b.b[b.off+2]) - v1 := uint32(b.b[b.off+1]) - v0 := uint32(b.b[b.off]) - return (v3 << 24) | (v2 << 16) | (v1 << 8) | v0 -} - -// remain will return the number of bytes remaining. -func (b byteReader) remain() int { - return len(b.b) - b.off -} diff --git a/vendor/github.com/klauspost/compress/huff0/compress.go b/vendor/github.com/klauspost/compress/huff0/compress.go index 518436cf3..84aa3d12f 100644 --- a/vendor/github.com/klauspost/compress/huff0/compress.go +++ b/vendor/github.com/klauspost/compress/huff0/compress.go @@ -350,6 +350,7 @@ func (s *Scratch) compress4Xp(src []byte) ([]byte, error) { // Does not update s.clearCount. func (s *Scratch) countSimple(in []byte) (max int, reuse bool) { reuse = true + _ = s.count // Assert that s != nil to speed up the following loop. for _, v := range in { s.count[v]++ } @@ -415,7 +416,7 @@ func (s *Scratch) validateTable(c cTable) bool { // minTableLog provides the minimum logSize to safely represent a distribution. func (s *Scratch) minTableLog() uint8 { - minBitsSrc := highBit32(uint32(s.br.remain())) + 1 + minBitsSrc := highBit32(uint32(s.srcLen)) + 1 minBitsSymbols := highBit32(uint32(s.symbolLen-1)) + 2 if minBitsSrc < minBitsSymbols { return uint8(minBitsSrc) @@ -427,7 +428,7 @@ func (s *Scratch) minTableLog() uint8 { func (s *Scratch) optimalTableLog() { tableLog := s.TableLog minBits := s.minTableLog() - maxBitsSrc := uint8(highBit32(uint32(s.br.remain()-1))) - 1 + maxBitsSrc := uint8(highBit32(uint32(s.srcLen-1))) - 1 if maxBitsSrc < tableLog { // Accuracy can be reduced tableLog = maxBitsSrc diff --git a/vendor/github.com/klauspost/compress/huff0/huff0.go b/vendor/github.com/klauspost/compress/huff0/huff0.go index e8ad17ad0..77ecd68e0 100644 --- a/vendor/github.com/klauspost/compress/huff0/huff0.go +++ b/vendor/github.com/klauspost/compress/huff0/huff0.go @@ -88,7 +88,7 @@ type Scratch struct { // Decoders will return ErrMaxDecodedSizeExceeded is this limit is exceeded. MaxDecodedSize int - br byteReader + srcLen int // MaxSymbolValue will override the maximum symbol value of the next block. MaxSymbolValue uint8 @@ -170,7 +170,7 @@ func (s *Scratch) prepare(in []byte) (*Scratch, error) { if s.fse == nil { s.fse = &fse.Scratch{} } - s.br.init(in) + s.srcLen = len(in) return s, nil } diff --git a/vendor/github.com/klauspost/compress/zstd/README.md b/vendor/github.com/klauspost/compress/zstd/README.md index bdd49c8b2..92e2347bb 100644 --- a/vendor/github.com/klauspost/compress/zstd/README.md +++ b/vendor/github.com/klauspost/compress/zstd/README.md @@ -259,7 +259,7 @@ nyc-taxi-data-10M.csv gzkp 1 3325605752 922273214 13929 227.68 ## Decompressor -Staus: STABLE - there may still be subtle bugs, but a wide variety of content has been tested. +Status: STABLE - there may still be subtle bugs, but a wide variety of content has been tested. This library is being continuously [fuzz-tested](https://github.com/klauspost/compress-fuzz), kindly supplied by [fuzzit.dev](https://fuzzit.dev/). diff --git a/vendor/github.com/klauspost/compress/zstd/enc_best.go b/vendor/github.com/klauspost/compress/zstd/enc_best.go index 858f8f43a..c81a15357 100644 --- a/vendor/github.com/klauspost/compress/zstd/enc_best.go +++ b/vendor/github.com/klauspost/compress/zstd/enc_best.go @@ -43,7 +43,7 @@ func (m *match) estBits(bitsPerByte int32) { if m.rep < 0 { ofc = ofCode(uint32(m.s-m.offset) + 3) } else { - ofc = ofCode(uint32(m.rep)) + ofc = ofCode(uint32(m.rep) & 3) } // Cost, excluding ofTT, mlTT := fsePredefEnc[tableOffsets].ct.symbolTT[ofc], fsePredefEnc[tableMatchLengths].ct.symbolTT[mlc] @@ -227,7 +227,7 @@ encodeLoop: } } l := 4 + e.matchlen(s+4, offset+4, src) - if rep < 0 { + if true { // Extend candidate match backwards as far as possible. tMin := s - e.maxMatchOff if tMin < 0 { @@ -282,6 +282,7 @@ encodeLoop: // Load next and check... e.longTable[nextHashL] = prevEntry{offset: s + e.cur, prev: candidateL.offset} e.table[nextHashS] = prevEntry{offset: s + e.cur, prev: candidateS.offset} + index0 := s + 1 // Look far ahead, unless we have a really long match already... if best.length < goodEnough { @@ -357,19 +358,16 @@ encodeLoop: blk.sequences = append(blk.sequences, seq) // Index old s + 1 -> s - 1 - index0 := s + 1 s = best.s + best.length - nextEmit = s - if s >= sLimit { - if debugEncoder { - println("repeat ended", s, best.length) - } - break encodeLoop - } + // Index skipped... + end := s + if s > sLimit+4 { + end = sLimit + 4 + } off := index0 + e.cur - for index0 < s { + for index0 < end { cv0 := load6432(src, index0) h0 := hashLen(cv0, bestLongTableBits, bestLongLen) h1 := hashLen(cv0, bestShortTableBits, bestShortLen) @@ -378,6 +376,7 @@ encodeLoop: off++ index0++ } + switch best.rep { case 2, 4 | 1: offset1, offset2 = offset2, offset1 @@ -386,12 +385,17 @@ encodeLoop: case 4 | 3: offset1, offset2, offset3 = offset1-1, offset1, offset2 } + if s >= sLimit { + if debugEncoder { + println("repeat ended", s, best.length) + } + break encodeLoop + } continue } // A 4-byte match has been found. Update recent offsets. // We'll later see if more than 4 bytes. - index0 := s + 1 s = best.s t := best.offset offset1, offset2, offset3 = s-t, offset1, offset2 @@ -419,19 +423,25 @@ encodeLoop: } blk.sequences = append(blk.sequences, seq) nextEmit = s - if s >= sLimit { - break encodeLoop + + // Index old s + 1 -> s - 1 or sLimit + end := s + if s > sLimit-4 { + end = sLimit - 4 } - // Index old s + 1 -> s - 1 - for index0 < s { + off := index0 + e.cur + for index0 < end { cv0 := load6432(src, index0) h0 := hashLen(cv0, bestLongTableBits, bestLongLen) h1 := hashLen(cv0, bestShortTableBits, bestShortLen) - off := index0 + e.cur e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset} e.table[h1] = prevEntry{offset: off, prev: e.table[h1].offset} index0++ + off++ + } + if s >= sLimit { + break encodeLoop } } diff --git a/vendor/github.com/klauspost/compress/zstd/enc_better.go b/vendor/github.com/klauspost/compress/zstd/enc_better.go index 8582f31a7..20d25b0e0 100644 --- a/vendor/github.com/klauspost/compress/zstd/enc_better.go +++ b/vendor/github.com/klauspost/compress/zstd/enc_better.go @@ -145,7 +145,7 @@ encodeLoop: var t int32 // We allow the encoder to optionally turn off repeat offsets across blocks canRepeat := len(blk.sequences) > 2 - var matched int32 + var matched, index0 int32 for { if debugAsserts && canRepeat && offset1 == 0 { @@ -162,6 +162,7 @@ encodeLoop: off := s + e.cur e.longTable[nextHashL] = prevEntry{offset: off, prev: candidateL.offset} e.table[nextHashS] = tableEntry{offset: off, val: uint32(cv)} + index0 = s + 1 if canRepeat { if repIndex >= 0 && load3232(src, repIndex) == uint32(cv>>(repOff*8)) { @@ -258,7 +259,6 @@ encodeLoop: } blk.sequences = append(blk.sequences, seq) - index0 := s + repOff2 s += lenght + repOff2 nextEmit = s if s >= sLimit { @@ -498,15 +498,15 @@ encodeLoop: } // Index match start+1 (long) -> s - 1 - index0 := s - l + 1 + off := index0 + e.cur for index0 < s-1 { cv0 := load6432(src, index0) cv1 := cv0 >> 8 h0 := hashLen(cv0, betterLongTableBits, betterLongLen) - off := index0 + e.cur e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset} e.table[hashLen(cv1, betterShortTableBits, betterShortLen)] = tableEntry{offset: off + 1, val: uint32(cv1)} index0 += 2 + off += 2 } cv = load6432(src, s) @@ -672,7 +672,7 @@ encodeLoop: var t int32 // We allow the encoder to optionally turn off repeat offsets across blocks canRepeat := len(blk.sequences) > 2 - var matched int32 + var matched, index0 int32 for { if debugAsserts && canRepeat && offset1 == 0 { @@ -691,6 +691,7 @@ encodeLoop: e.markLongShardDirty(nextHashL) e.table[nextHashS] = tableEntry{offset: off, val: uint32(cv)} e.markShortShardDirty(nextHashS) + index0 = s + 1 if canRepeat { if repIndex >= 0 && load3232(src, repIndex) == uint32(cv>>(repOff*8)) { @@ -726,7 +727,6 @@ encodeLoop: blk.sequences = append(blk.sequences, seq) // Index match start+1 (long) -> s - 1 - index0 := s + repOff s += lenght + repOff nextEmit = s @@ -790,7 +790,6 @@ encodeLoop: } blk.sequences = append(blk.sequences, seq) - index0 := s + repOff2 s += lenght + repOff2 nextEmit = s if s >= sLimit { @@ -1024,18 +1023,18 @@ encodeLoop: } // Index match start+1 (long) -> s - 1 - index0 := s - l + 1 + off := index0 + e.cur for index0 < s-1 { cv0 := load6432(src, index0) cv1 := cv0 >> 8 h0 := hashLen(cv0, betterLongTableBits, betterLongLen) - off := index0 + e.cur e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset} e.markLongShardDirty(h0) h1 := hashLen(cv1, betterShortTableBits, betterShortLen) e.table[h1] = tableEntry{offset: off + 1, val: uint32(cv1)} e.markShortShardDirty(h1) index0 += 2 + off += 2 } cv = load6432(src, s) diff --git a/vendor/github.com/prometheus/prometheus/config/config.go b/vendor/github.com/prometheus/prometheus/config/config.go index 7f7595dcd..f0b359d8e 100644 --- a/vendor/github.com/prometheus/prometheus/config/config.go +++ b/vendor/github.com/prometheus/prometheus/config/config.go @@ -484,6 +484,8 @@ type ScrapeConfig struct { HonorLabels bool `yaml:"honor_labels,omitempty"` // Indicator whether the scraped timestamps should be respected. HonorTimestamps bool `yaml:"honor_timestamps"` + // Indicator whether to track the staleness of the scraped timestamps. + TrackTimestampsStaleness bool `yaml:"track_timestamps_staleness"` // A set of query parameters with which the target is scraped. Params url.Values `yaml:"params,omitempty"` // How frequently to scrape the targets of this scrape config. @@ -819,6 +821,7 @@ type AlertmanagerConfig struct { ServiceDiscoveryConfigs discovery.Configs `yaml:"-"` HTTPClientConfig config.HTTPClientConfig `yaml:",inline"` + SigV4Config *sigv4.SigV4Config `yaml:"sigv4,omitempty"` // The URL scheme to use when talking to Alertmanagers. Scheme string `yaml:"scheme,omitempty"` @@ -854,6 +857,13 @@ func (c *AlertmanagerConfig) UnmarshalYAML(unmarshal func(interface{}) error) er return err } + httpClientConfigAuthEnabled := c.HTTPClientConfig.BasicAuth != nil || + c.HTTPClientConfig.Authorization != nil || c.HTTPClientConfig.OAuth2 != nil + + if httpClientConfigAuthEnabled && c.SigV4Config != nil { + return fmt.Errorf("at most one of basic_auth, authorization, oauth2, & sigv4 must be configured") + } + // Check for users putting URLs in target groups. if len(c.RelabelConfigs) == 0 { if err := checkStaticTargets(c.ServiceDiscoveryConfigs); err != nil { diff --git a/vendor/github.com/prometheus/prometheus/discovery/manager.go b/vendor/github.com/prometheus/prometheus/discovery/manager.go index 8b304a0fa..4d6027691 100644 --- a/vendor/github.com/prometheus/prometheus/discovery/manager.go +++ b/vendor/github.com/prometheus/prometheus/discovery/manager.go @@ -180,11 +180,9 @@ func (m *Manager) Providers() []*Provider { // Run starts the background processing. func (m *Manager) Run() error { go m.sender() - for range m.ctx.Done() { - m.cancelDiscoverers() - return m.ctx.Err() - } - return nil + <-m.ctx.Done() + m.cancelDiscoverers() + return m.ctx.Err() } // SyncCh returns a read only channel used by all the clients to receive target updates. diff --git a/vendor/github.com/prometheus/prometheus/model/labels/labels.go b/vendor/github.com/prometheus/prometheus/model/labels/labels.go index 0c27e15c7..3dc3049b1 100644 --- a/vendor/github.com/prometheus/prometheus/model/labels/labels.go +++ b/vendor/github.com/prometheus/prometheus/model/labels/labels.go @@ -19,6 +19,7 @@ import ( "bytes" "encoding/json" "strconv" + "strings" "github.com/cespare/xxhash/v2" "github.com/prometheus/common/model" @@ -362,7 +363,7 @@ func EmptyLabels() Labels { func New(ls ...Label) Labels { set := make(Labels, 0, len(ls)) set = append(set, ls...) - slices.SortFunc(set, func(a, b Label) bool { return a.Name < b.Name }) + slices.SortFunc(set, func(a, b Label) int { return strings.Compare(a.Name, b.Name) }) return set } @@ -386,7 +387,7 @@ func FromStrings(ss ...string) Labels { res = append(res, Label{Name: ss[i], Value: ss[i+1]}) } - slices.SortFunc(res, func(a, b Label) bool { return a.Name < b.Name }) + slices.SortFunc(res, func(a, b Label) int { return strings.Compare(a.Name, b.Name) }) return res } @@ -591,7 +592,7 @@ func (b *Builder) Labels() Labels { } if len(b.add) > 0 { // Base is already in order, so we only need to sort if we add to it. res = append(res, b.add...) - slices.SortFunc(res, func(a, b Label) bool { return a.Name < b.Name }) + slices.SortFunc(res, func(a, b Label) int { return strings.Compare(a.Name, b.Name) }) } return res } @@ -618,7 +619,7 @@ func (b *ScratchBuilder) Add(name, value string) { // Sort the labels added so far by name. func (b *ScratchBuilder) Sort() { - slices.SortFunc(b.add, func(a, b Label) bool { return a.Name < b.Name }) + slices.SortFunc(b.add, func(a, b Label) int { return strings.Compare(a.Name, b.Name) }) } // Assign is for when you already have a Labels which you want this ScratchBuilder to return. diff --git a/vendor/github.com/prometheus/prometheus/model/labels/labels_stringlabels.go b/vendor/github.com/prometheus/prometheus/model/labels/labels_stringlabels.go index a87545a26..cc6bfcc70 100644 --- a/vendor/github.com/prometheus/prometheus/model/labels/labels_stringlabels.go +++ b/vendor/github.com/prometheus/prometheus/model/labels/labels_stringlabels.go @@ -20,6 +20,7 @@ import ( "encoding/json" "reflect" "strconv" + "strings" "unsafe" "github.com/cespare/xxhash/v2" @@ -412,7 +413,7 @@ func yoloBytes(s string) (b []byte) { // New returns a sorted Labels from the given labels. // The caller has to guarantee that all label names are unique. func New(ls ...Label) Labels { - slices.SortFunc(ls, func(a, b Label) bool { return a.Name < b.Name }) + slices.SortFunc(ls, func(a, b Label) int { return strings.Compare(a.Name, b.Name) }) size := labelsSize(ls) buf := make([]byte, size) marshalLabelsToSizedBuffer(ls, buf) @@ -671,7 +672,7 @@ func (b *Builder) Labels() Labels { return b.base } - slices.SortFunc(b.add, func(a, b Label) bool { return a.Name < b.Name }) + slices.SortFunc(b.add, func(a, b Label) int { return strings.Compare(a.Name, b.Name) }) slices.Sort(b.del) a, d := 0, 0 @@ -830,7 +831,7 @@ func (b *ScratchBuilder) Add(name, value string) { // Sort the labels added so far by name. func (b *ScratchBuilder) Sort() { - slices.SortFunc(b.add, func(a, b Label) bool { return a.Name < b.Name }) + slices.SortFunc(b.add, func(a, b Label) int { return strings.Compare(a.Name, b.Name) }) } // Assign is for when you already have a Labels which you want this ScratchBuilder to return. diff --git a/vendor/github.com/prometheus/prometheus/model/textparse/openmetricsparse.go b/vendor/github.com/prometheus/prometheus/model/textparse/openmetricsparse.go index e0833636f..5623e6833 100644 --- a/vendor/github.com/prometheus/prometheus/model/textparse/openmetricsparse.go +++ b/vendor/github.com/prometheus/prometheus/model/textparse/openmetricsparse.go @@ -338,7 +338,7 @@ func (p *OpenMetricsParser) Next() (Entry, error) { var ts float64 // A float is enough to hold what we need for millisecond resolution. if ts, err = parseFloat(yoloString(p.l.buf()[1:])); err != nil { - return EntryInvalid, fmt.Errorf("%v while parsing: %q", err, p.l.b[p.start:p.l.i]) + return EntryInvalid, fmt.Errorf("%w while parsing: %q", err, p.l.b[p.start:p.l.i]) } if math.IsNaN(ts) || math.IsInf(ts, 0) { return EntryInvalid, fmt.Errorf("invalid timestamp %f", ts) @@ -391,7 +391,7 @@ func (p *OpenMetricsParser) parseComment() error { var ts float64 // A float is enough to hold what we need for millisecond resolution. if ts, err = parseFloat(yoloString(p.l.buf()[1:])); err != nil { - return fmt.Errorf("%v while parsing: %q", err, p.l.b[p.start:p.l.i]) + return fmt.Errorf("%w while parsing: %q", err, p.l.b[p.start:p.l.i]) } if math.IsNaN(ts) || math.IsInf(ts, 0) { return fmt.Errorf("invalid exemplar timestamp %f", ts) @@ -461,7 +461,7 @@ func (p *OpenMetricsParser) getFloatValue(t token, after string) (float64, error } val, err := parseFloat(yoloString(p.l.buf()[1:])) if err != nil { - return 0, fmt.Errorf("%v while parsing: %q", err, p.l.b[p.start:p.l.i]) + return 0, fmt.Errorf("%w while parsing: %q", err, p.l.b[p.start:p.l.i]) } // Ensure canonical NaN value. if math.IsNaN(p.exemplarVal) { diff --git a/vendor/github.com/prometheus/prometheus/model/textparse/promparse.go b/vendor/github.com/prometheus/prometheus/model/textparse/promparse.go index 94338a666..04c295dd0 100644 --- a/vendor/github.com/prometheus/prometheus/model/textparse/promparse.go +++ b/vendor/github.com/prometheus/prometheus/model/textparse/promparse.go @@ -348,7 +348,7 @@ func (p *PromParser) Next() (Entry, error) { return EntryInvalid, p.parseError("expected value after metric", t2) } if p.val, err = parseFloat(yoloString(p.l.buf())); err != nil { - return EntryInvalid, fmt.Errorf("%v while parsing: %q", err, p.l.b[p.start:p.l.i]) + return EntryInvalid, fmt.Errorf("%w while parsing: %q", err, p.l.b[p.start:p.l.i]) } // Ensure canonical NaN value. if math.IsNaN(p.val) { @@ -361,7 +361,7 @@ func (p *PromParser) Next() (Entry, error) { case tTimestamp: p.hasTS = true if p.ts, err = strconv.ParseInt(yoloString(p.l.buf()), 10, 64); err != nil { - return EntryInvalid, fmt.Errorf("%v while parsing: %q", err, p.l.b[p.start:p.l.i]) + return EntryInvalid, fmt.Errorf("%w while parsing: %q", err, p.l.b[p.start:p.l.i]) } if t2 := p.nextToken(); t2 != tLinebreak { return EntryInvalid, p.parseError("expected next entry after timestamp", t2) diff --git a/vendor/github.com/prometheus/prometheus/prompb/io/prometheus/client/metrics.pb.go b/vendor/github.com/prometheus/prometheus/prompb/io/prometheus/client/metrics.pb.go index 83a7da779..05d25747b 100644 --- a/vendor/github.com/prometheus/prometheus/prompb/io/prometheus/client/metrics.pb.go +++ b/vendor/github.com/prometheus/prometheus/prompb/io/prometheus/client/metrics.pb.go @@ -172,11 +172,12 @@ func (m *Gauge) GetValue() float64 { } type Counter struct { - Value float64 `protobuf:"fixed64,1,opt,name=value,proto3" json:"value,omitempty"` - Exemplar *Exemplar `protobuf:"bytes,2,opt,name=exemplar,proto3" json:"exemplar,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + Value float64 `protobuf:"fixed64,1,opt,name=value,proto3" json:"value,omitempty"` + Exemplar *Exemplar `protobuf:"bytes,2,opt,name=exemplar,proto3" json:"exemplar,omitempty"` + CreatedTimestamp *types.Timestamp `protobuf:"bytes,3,opt,name=created_timestamp,json=createdTimestamp,proto3" json:"created_timestamp,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } func (m *Counter) Reset() { *m = Counter{} } @@ -226,6 +227,13 @@ func (m *Counter) GetExemplar() *Exemplar { return nil } +func (m *Counter) GetCreatedTimestamp() *types.Timestamp { + if m != nil { + return m.CreatedTimestamp + } + return nil +} + type Quantile struct { Quantile float64 `protobuf:"fixed64,1,opt,name=quantile,proto3" json:"quantile,omitempty"` Value float64 `protobuf:"fixed64,2,opt,name=value,proto3" json:"value,omitempty"` @@ -282,12 +290,13 @@ func (m *Quantile) GetValue() float64 { } type Summary struct { - SampleCount uint64 `protobuf:"varint,1,opt,name=sample_count,json=sampleCount,proto3" json:"sample_count,omitempty"` - SampleSum float64 `protobuf:"fixed64,2,opt,name=sample_sum,json=sampleSum,proto3" json:"sample_sum,omitempty"` - Quantile []Quantile `protobuf:"bytes,3,rep,name=quantile,proto3" json:"quantile"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + SampleCount uint64 `protobuf:"varint,1,opt,name=sample_count,json=sampleCount,proto3" json:"sample_count,omitempty"` + SampleSum float64 `protobuf:"fixed64,2,opt,name=sample_sum,json=sampleSum,proto3" json:"sample_sum,omitempty"` + Quantile []Quantile `protobuf:"bytes,3,rep,name=quantile,proto3" json:"quantile"` + CreatedTimestamp *types.Timestamp `protobuf:"bytes,4,opt,name=created_timestamp,json=createdTimestamp,proto3" json:"created_timestamp,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } func (m *Summary) Reset() { *m = Summary{} } @@ -344,6 +353,13 @@ func (m *Summary) GetQuantile() []Quantile { return nil } +func (m *Summary) GetCreatedTimestamp() *types.Timestamp { + if m != nil { + return m.CreatedTimestamp + } + return nil +} + type Untyped struct { Value float64 `protobuf:"fixed64,1,opt,name=value,proto3" json:"value,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` @@ -396,7 +412,8 @@ type Histogram struct { SampleCountFloat float64 `protobuf:"fixed64,4,opt,name=sample_count_float,json=sampleCountFloat,proto3" json:"sample_count_float,omitempty"` SampleSum float64 `protobuf:"fixed64,2,opt,name=sample_sum,json=sampleSum,proto3" json:"sample_sum,omitempty"` // Buckets for the conventional histogram. - Bucket []Bucket `protobuf:"bytes,3,rep,name=bucket,proto3" json:"bucket"` + Bucket []Bucket `protobuf:"bytes,3,rep,name=bucket,proto3" json:"bucket"` + CreatedTimestamp *types.Timestamp `protobuf:"bytes,15,opt,name=created_timestamp,json=createdTimestamp,proto3" json:"created_timestamp,omitempty"` // schema defines the bucket schema. Currently, valid numbers are -4 <= n <= 8. // They are all for base-2 bucket schemas, where 1 is a bucket boundary in each case, and // then each power of two is divided into 2^n logarithmic buckets. @@ -489,6 +506,13 @@ func (m *Histogram) GetBucket() []Bucket { return nil } +func (m *Histogram) GetCreatedTimestamp() *types.Timestamp { + if m != nil { + return m.CreatedTimestamp + } + return nil +} + func (m *Histogram) GetSchema() int32 { if m != nil { return m.Schema @@ -941,65 +965,68 @@ func init() { } var fileDescriptor_d1e5ddb18987a258 = []byte{ - // 923 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x56, 0xdd, 0x8e, 0xdb, 0x44, - 0x18, 0xad, 0x1b, 0xe7, 0xc7, 0x5f, 0x36, 0xdb, 0x74, 0x88, 0x2a, 0x6b, 0x61, 0x37, 0xc1, 0x12, - 0xd2, 0x82, 0x50, 0x22, 0xa0, 0x08, 0x54, 0x40, 0x62, 0xb7, 0xdd, 0x6e, 0x51, 0x49, 0x5b, 0x26, - 0xc9, 0x45, 0xe1, 0xc2, 0x9a, 0x64, 0x67, 0x1d, 0x0b, 0xdb, 0x63, 0xec, 0x71, 0xc5, 0x72, 0xcf, - 0x25, 0xd7, 0xbc, 0x02, 0x4f, 0x82, 0x7a, 0xc9, 0x13, 0x20, 0xb4, 0xef, 0xc0, 0x3d, 0x9a, 0x3f, - 0x3b, 0x5b, 0x39, 0x85, 0x15, 0x77, 0x33, 0xc7, 0xe7, 0xfb, 0xe6, 0x9c, 0x99, 0xc9, 0x99, 0x80, - 0x17, 0xb2, 0x49, 0x9a, 0xb1, 0x98, 0xf2, 0x35, 0x2d, 0xf2, 0xc9, 0x2a, 0x0a, 0x69, 0xc2, 0x27, - 0x31, 0xe5, 0x59, 0xb8, 0xca, 0xc7, 0x69, 0xc6, 0x38, 0x43, 0x83, 0x90, 0x8d, 0x2b, 0xce, 0x58, - 0x71, 0xf6, 0x06, 0x01, 0x0b, 0x98, 0x24, 0x4c, 0xc4, 0x48, 0x71, 0xf7, 0x86, 0x01, 0x63, 0x41, - 0x44, 0x27, 0x72, 0xb6, 0x2c, 0xce, 0x27, 0x3c, 0x8c, 0x69, 0xce, 0x49, 0x9c, 0x2a, 0x82, 0xf7, - 0x31, 0x38, 0x5f, 0x93, 0x25, 0x8d, 0x9e, 0x91, 0x30, 0x43, 0x08, 0xec, 0x84, 0xc4, 0xd4, 0xb5, - 0x46, 0xd6, 0xa1, 0x83, 0xe5, 0x18, 0x0d, 0xa0, 0xf9, 0x82, 0x44, 0x05, 0x75, 0x6f, 0x4a, 0x50, - 0x4d, 0xbc, 0x7d, 0x68, 0x9e, 0x92, 0x22, 0xd8, 0xf8, 0x2c, 0x6a, 0x2c, 0xf3, 0xf9, 0x3b, 0x68, - 0xdf, 0x67, 0x45, 0xc2, 0x69, 0x56, 0x4f, 0x40, 0xf7, 0xa0, 0x43, 0x7f, 0xa4, 0x71, 0x1a, 0x91, - 0x4c, 0x36, 0xee, 0x7e, 0x78, 0x30, 0xae, 0xb3, 0x35, 0x3e, 0xd1, 0x2c, 0x5c, 0xf2, 0xbd, 0xcf, - 0xa1, 0xf3, 0x4d, 0x41, 0x12, 0x1e, 0x46, 0x14, 0xed, 0x41, 0xe7, 0x07, 0x3d, 0xd6, 0x0b, 0x94, - 0xf3, 0xab, 0xca, 0x4b, 0x69, 0xbf, 0x58, 0xd0, 0x9e, 0x15, 0x71, 0x4c, 0xb2, 0x0b, 0xf4, 0x36, - 0xec, 0xe4, 0x24, 0x4e, 0x23, 0xea, 0xaf, 0x84, 0x5a, 0xd9, 0xc1, 0xc6, 0x5d, 0x85, 0x49, 0x03, - 0x68, 0x1f, 0x40, 0x53, 0xf2, 0x22, 0xd6, 0x9d, 0x1c, 0x85, 0xcc, 0x8a, 0x18, 0x7d, 0xb9, 0xb1, - 0x7e, 0x63, 0xd4, 0xd8, 0xee, 0xc3, 0x28, 0x3e, 0xb6, 0x5f, 0xfe, 0x39, 0xbc, 0x51, 0xa9, 0xf4, - 0x86, 0xd0, 0x5e, 0x24, 0xfc, 0x22, 0xa5, 0x67, 0x5b, 0xf6, 0xf2, 0x6f, 0x1b, 0x9c, 0x47, 0x61, - 0xce, 0x59, 0x90, 0x91, 0xf8, 0xbf, 0x48, 0x7e, 0x1f, 0xd0, 0x26, 0xc5, 0x3f, 0x8f, 0x18, 0xe1, - 0xae, 0x2d, 0x7b, 0xf6, 0x37, 0x88, 0x0f, 0x05, 0xfe, 0x6f, 0x06, 0xef, 0x41, 0x6b, 0x59, 0xac, - 0xbe, 0xa7, 0x5c, 0xdb, 0x7b, 0xab, 0xde, 0xde, 0xb1, 0xe4, 0x68, 0x73, 0xba, 0x02, 0xdd, 0x81, - 0x56, 0xbe, 0x5a, 0xd3, 0x98, 0xb8, 0xcd, 0x91, 0x75, 0x78, 0x1b, 0xeb, 0x19, 0x7a, 0x07, 0x76, - 0x7f, 0xa2, 0x19, 0xf3, 0xf9, 0x3a, 0xa3, 0xf9, 0x9a, 0x45, 0x67, 0x6e, 0x4b, 0x2e, 0xdb, 0x13, - 0xe8, 0xdc, 0x80, 0x42, 0x99, 0xa4, 0x29, 0xa3, 0x6d, 0x69, 0xd4, 0x11, 0x88, 0xb2, 0x79, 0x08, - 0xfd, 0xea, 0xb3, 0x36, 0xd9, 0x91, 0x7d, 0x76, 0x4b, 0x92, 0xb2, 0xf8, 0x18, 0x7a, 0x09, 0x0d, - 0x08, 0x0f, 0x5f, 0x50, 0x3f, 0x4f, 0x49, 0xe2, 0x3a, 0xd2, 0xca, 0xe8, 0x75, 0x56, 0x66, 0x29, - 0x49, 0xb4, 0x9d, 0x1d, 0x53, 0x2c, 0x30, 0x21, 0xbe, 0x6c, 0x76, 0x46, 0x23, 0x4e, 0x5c, 0x18, - 0x35, 0x0e, 0x11, 0x2e, 0x97, 0x78, 0x20, 0xc0, 0x2b, 0x34, 0x65, 0xa0, 0x3b, 0x6a, 0x08, 0x8f, - 0x06, 0x55, 0x26, 0x1e, 0x43, 0x2f, 0x65, 0x79, 0x58, 0x49, 0xdb, 0xb9, 0x9e, 0x34, 0x53, 0x6c, - 0xa4, 0x95, 0xcd, 0x94, 0xb4, 0x9e, 0x92, 0x66, 0xd0, 0x52, 0x5a, 0x49, 0x53, 0xd2, 0x76, 0x95, - 0x34, 0x83, 0x4a, 0x69, 0xde, 0xef, 0x16, 0xb4, 0xd4, 0x82, 0xe8, 0x5d, 0xe8, 0xaf, 0x8a, 0xb8, - 0x88, 0x36, 0xed, 0xa8, 0x8b, 0x77, 0xab, 0xc2, 0x95, 0xa1, 0xbb, 0x70, 0xe7, 0x55, 0xea, 0x95, - 0x0b, 0x38, 0x78, 0xa5, 0x40, 0x9d, 0xd0, 0x10, 0xba, 0x45, 0x9a, 0xd2, 0xcc, 0x5f, 0xb2, 0x22, - 0x39, 0xd3, 0xb7, 0x10, 0x24, 0x74, 0x2c, 0x90, 0x2b, 0x79, 0xd1, 0xb8, 0x76, 0x5e, 0x40, 0xb5, - 0x71, 0xe2, 0x52, 0xb2, 0xf3, 0xf3, 0x9c, 0x2a, 0x07, 0xb7, 0xb1, 0x9e, 0x09, 0x3c, 0xa2, 0x49, - 0xc0, 0xd7, 0x72, 0xf5, 0x1e, 0xd6, 0x33, 0xef, 0x57, 0x0b, 0x3a, 0xa6, 0x29, 0xfa, 0x0c, 0x9a, - 0x91, 0x48, 0x4b, 0xd7, 0x92, 0xc7, 0x34, 0xac, 0xd7, 0x50, 0x06, 0xaa, 0x3e, 0x25, 0x55, 0x53, - 0x9f, 0x47, 0xe8, 0x53, 0x70, 0xca, 0x4c, 0xd6, 0xd6, 0xf6, 0xc6, 0x2a, 0xb5, 0xc7, 0x26, 0xb5, - 0xc7, 0x73, 0xc3, 0xc0, 0x15, 0xd9, 0xfb, 0xb9, 0x01, 0xad, 0xa9, 0x7c, 0x19, 0xfe, 0x9f, 0xae, - 0x0f, 0xa0, 0x19, 0x88, 0x2c, 0xd7, 0x41, 0xfc, 0x66, 0x7d, 0xb1, 0x8c, 0x7b, 0xac, 0x98, 0xe8, - 0x13, 0x68, 0xaf, 0x54, 0xbe, 0x6b, 0xc9, 0xfb, 0xf5, 0x45, 0xfa, 0x11, 0xc0, 0x86, 0x2d, 0x0a, - 0x73, 0x15, 0xbe, 0xf2, 0x3e, 0x6c, 0x2d, 0xd4, 0x09, 0x8d, 0x0d, 0x5b, 0x14, 0x16, 0x2a, 0x26, - 0x65, 0x98, 0x6c, 0x2d, 0xd4, 0x59, 0x8a, 0x0d, 0x1b, 0x7d, 0x01, 0xce, 0xda, 0xa4, 0xa7, 0x0c, - 0x91, 0xad, 0xdb, 0x53, 0x86, 0x2c, 0xae, 0x2a, 0x44, 0xde, 0x96, 0x3b, 0xee, 0xc7, 0xb9, 0x4c, - 0xaa, 0x06, 0xee, 0x96, 0xd8, 0x34, 0xf7, 0x7e, 0xb3, 0x60, 0x47, 0x9d, 0xc3, 0x43, 0x12, 0x87, - 0xd1, 0x45, 0xed, 0x33, 0x8a, 0xc0, 0x5e, 0xd3, 0x28, 0xd5, 0xaf, 0xa8, 0x1c, 0xa3, 0xbb, 0x60, - 0x0b, 0x8d, 0x72, 0x0b, 0x77, 0xb7, 0xfd, 0xe6, 0x55, 0xe7, 0xf9, 0x45, 0x4a, 0xb1, 0x64, 0x8b, - 0x44, 0x56, 0xff, 0x07, 0x5c, 0xfb, 0x75, 0x89, 0xac, 0xea, 0x4c, 0x22, 0xab, 0x8a, 0xf7, 0x96, - 0x00, 0x55, 0x3f, 0xd4, 0x85, 0xf6, 0xfd, 0xa7, 0x8b, 0x27, 0xf3, 0x13, 0xdc, 0xbf, 0x81, 0x1c, - 0x68, 0x9e, 0x1e, 0x2d, 0x4e, 0x4f, 0xfa, 0x96, 0xc0, 0x67, 0x8b, 0xe9, 0xf4, 0x08, 0x3f, 0xef, - 0xdf, 0x14, 0x93, 0xc5, 0x93, 0xf9, 0xf3, 0x67, 0x27, 0x0f, 0xfa, 0x0d, 0xd4, 0x03, 0xe7, 0xd1, - 0x57, 0xb3, 0xf9, 0xd3, 0x53, 0x7c, 0x34, 0xed, 0xdb, 0xe8, 0x0d, 0xb8, 0x25, 0x6b, 0xfc, 0x0a, - 0x6c, 0x1e, 0x7b, 0x2f, 0x2f, 0x0f, 0xac, 0x3f, 0x2e, 0x0f, 0xac, 0xbf, 0x2e, 0x0f, 0xac, 0x6f, - 0x07, 0x21, 0xf3, 0x2b, 0x71, 0xbe, 0x12, 0xb7, 0x6c, 0xc9, 0x9b, 0xfd, 0xd1, 0x3f, 0x01, 0x00, - 0x00, 0xff, 0xff, 0x52, 0x2d, 0xb5, 0x31, 0xef, 0x08, 0x00, 0x00, + // 963 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x56, 0xdd, 0x6e, 0x1b, 0x45, + 0x14, 0xee, 0x76, 0xfd, 0x93, 0x3d, 0x8e, 0x93, 0xcd, 0x60, 0x55, 0xab, 0x40, 0x62, 0xb3, 0x12, + 0x52, 0x40, 0xc8, 0x16, 0x50, 0x04, 0x2a, 0x45, 0x22, 0x69, 0xd3, 0x14, 0x15, 0xb7, 0x65, 0x6c, + 0x5f, 0x94, 0x9b, 0xd5, 0xd8, 0x9e, 0xac, 0x57, 0xec, 0xee, 0x2c, 0xfb, 0x53, 0x11, 0xee, 0x79, + 0x06, 0x5e, 0x01, 0xf1, 0x1c, 0x08, 0xf5, 0x92, 0x07, 0x40, 0x08, 0xe5, 0x49, 0xd0, 0xfc, 0xed, + 0x3a, 0xd5, 0xba, 0x90, 0xf6, 0x6e, 0xe6, 0xf3, 0x77, 0xce, 0x7c, 0xe7, 0x9b, 0xf1, 0x39, 0x0b, + 0x6e, 0xc0, 0x46, 0x49, 0xca, 0x22, 0x9a, 0xaf, 0x68, 0x91, 0x8d, 0x16, 0x61, 0x40, 0xe3, 0x7c, + 0x14, 0xd1, 0x3c, 0x0d, 0x16, 0xd9, 0x30, 0x49, 0x59, 0xce, 0x50, 0x2f, 0x60, 0xc3, 0x8a, 0x33, + 0x94, 0x9c, 0xfd, 0x9e, 0xcf, 0x7c, 0x26, 0x08, 0x23, 0xbe, 0x92, 0xdc, 0xfd, 0xbe, 0xcf, 0x98, + 0x1f, 0xd2, 0x91, 0xd8, 0xcd, 0x8b, 0xf3, 0x51, 0x1e, 0x44, 0x34, 0xcb, 0x49, 0x94, 0x48, 0x82, + 0xfb, 0x29, 0x58, 0xdf, 0x90, 0x39, 0x0d, 0x9f, 0x92, 0x20, 0x45, 0x08, 0x1a, 0x31, 0x89, 0xa8, + 0x63, 0x0c, 0x8c, 0x23, 0x0b, 0x8b, 0x35, 0xea, 0x41, 0xf3, 0x39, 0x09, 0x0b, 0xea, 0xdc, 0x14, + 0xa0, 0xdc, 0xb8, 0x07, 0xd0, 0x3c, 0x23, 0x85, 0xbf, 0xf6, 0x33, 0x8f, 0x31, 0xf4, 0xcf, 0xbf, + 0x19, 0xd0, 0xbe, 0xc7, 0x8a, 0x38, 0xa7, 0x69, 0x3d, 0x03, 0xdd, 0x81, 0x2d, 0xfa, 0x23, 0x8d, + 0x92, 0x90, 0xa4, 0x22, 0x73, 0xe7, 0xe3, 0xc3, 0x61, 0x5d, 0x5d, 0xc3, 0x53, 0xc5, 0xc2, 0x25, + 0x1f, 0x8d, 0x61, 0x6f, 0x91, 0x52, 0x92, 0xd3, 0xa5, 0x57, 0x96, 0xe3, 0x98, 0x22, 0xc9, 0xfe, + 0x50, 0x16, 0x3c, 0xd4, 0x05, 0x0f, 0xa7, 0x9a, 0x71, 0xd2, 0x78, 0xf1, 0x77, 0xdf, 0xc0, 0xb6, + 0x0a, 0x2d, 0x71, 0xf7, 0x2e, 0x6c, 0x7d, 0x5b, 0x90, 0x38, 0x0f, 0x42, 0x8a, 0xf6, 0x61, 0xeb, + 0x07, 0xb5, 0x56, 0x7a, 0xcb, 0xfd, 0x55, 0x27, 0xca, 0x52, 0xff, 0x32, 0xa0, 0x3d, 0x29, 0xa2, + 0x88, 0xa4, 0x17, 0xe8, 0x5d, 0xd8, 0xce, 0x48, 0x94, 0x84, 0xd4, 0x5b, 0xf0, 0xe2, 0x45, 0x86, + 0x06, 0xee, 0x48, 0x4c, 0xf8, 0x81, 0x0e, 0x00, 0x14, 0x25, 0x2b, 0x22, 0x95, 0xc9, 0x92, 0xc8, + 0xa4, 0x88, 0xd0, 0x57, 0x6b, 0xe7, 0x9b, 0x03, 0x73, 0xb3, 0x2d, 0x5a, 0xb1, 0xa8, 0xea, 0xc6, + 0x9a, 0xca, 0x5a, 0x73, 0x1a, 0xaf, 0x6d, 0x4e, 0x1f, 0xda, 0xb3, 0x38, 0xbf, 0x48, 0xe8, 0x72, + 0xc3, 0x55, 0xff, 0xde, 0x04, 0xeb, 0x61, 0x90, 0xe5, 0xcc, 0x4f, 0x49, 0xf4, 0x7f, 0x1c, 0xf8, + 0x10, 0xd0, 0x3a, 0xc5, 0x3b, 0x0f, 0x19, 0xc9, 0x85, 0x42, 0x03, 0xdb, 0x6b, 0xc4, 0x07, 0x1c, + 0xff, 0x2f, 0xbf, 0xee, 0x40, 0x6b, 0x5e, 0x2c, 0xbe, 0xa7, 0xb9, 0x72, 0xeb, 0x9d, 0x7a, 0xb7, + 0x4e, 0x04, 0x47, 0x79, 0xa5, 0x22, 0xea, 0x9d, 0xda, 0x7d, 0x5d, 0xa7, 0xd0, 0x2d, 0x68, 0x65, + 0x8b, 0x15, 0x8d, 0x88, 0xd3, 0x1c, 0x18, 0x47, 0x7b, 0x58, 0xed, 0xd0, 0x7b, 0xb0, 0xf3, 0x13, + 0x4d, 0x99, 0x97, 0xaf, 0x52, 0x9a, 0xad, 0x58, 0xb8, 0x74, 0x5a, 0xa2, 0x8a, 0x2e, 0x47, 0xa7, + 0x1a, 0xe4, 0x85, 0x0a, 0x9a, 0xf4, 0xad, 0x2d, 0x7c, 0xb3, 0x38, 0x22, 0x5d, 0x3b, 0x02, 0xbb, + 0xfa, 0x59, 0x79, 0xb6, 0x25, 0xf2, 0xec, 0x94, 0x24, 0xe9, 0xd8, 0x23, 0xe8, 0xc6, 0xd4, 0x27, + 0x79, 0xf0, 0x9c, 0x7a, 0x59, 0x42, 0x62, 0xc7, 0x12, 0xce, 0x0c, 0x5e, 0xe5, 0xcc, 0x24, 0x21, + 0xb1, 0x72, 0x67, 0x5b, 0x07, 0x73, 0x8c, 0x8b, 0x2f, 0x93, 0x2d, 0x69, 0x98, 0x13, 0x07, 0x06, + 0xe6, 0x11, 0xc2, 0xe5, 0x11, 0xf7, 0x39, 0x78, 0x85, 0x26, 0x0b, 0xe8, 0x0c, 0x4c, 0x5e, 0xa3, + 0x46, 0x65, 0x11, 0x8f, 0xa0, 0x9b, 0xb0, 0x2c, 0xa8, 0xa4, 0x6d, 0x5f, 0x4f, 0x9a, 0x0e, 0xd6, + 0xd2, 0xca, 0x64, 0x52, 0x5a, 0x57, 0x4a, 0xd3, 0x68, 0x29, 0xad, 0xa4, 0x49, 0x69, 0x3b, 0x52, + 0x9a, 0x46, 0x85, 0x34, 0xf7, 0x0f, 0x03, 0x5a, 0xf2, 0x40, 0xf4, 0x3e, 0xd8, 0x8b, 0x22, 0x2a, + 0xc2, 0xf5, 0x72, 0xe4, 0x3b, 0xde, 0xad, 0x70, 0x59, 0xd0, 0x6d, 0xb8, 0xf5, 0x32, 0xf5, 0xca, + 0x7b, 0xee, 0xbd, 0x14, 0x20, 0x6f, 0xa8, 0x0f, 0x9d, 0x22, 0x49, 0x68, 0xea, 0xcd, 0x59, 0x11, + 0x2f, 0xd5, 0xa3, 0x06, 0x01, 0x9d, 0x70, 0xe4, 0x4a, 0x73, 0x34, 0xaf, 0xd7, 0x1c, 0xdd, 0xbb, + 0x00, 0x95, 0x71, 0xfc, 0x51, 0xb2, 0xf3, 0xf3, 0x8c, 0xca, 0x0a, 0xf6, 0xb0, 0xda, 0x71, 0x3c, + 0xa4, 0xb1, 0x9f, 0xaf, 0xc4, 0xe9, 0x5d, 0xac, 0x76, 0xee, 0x2f, 0x06, 0x6c, 0xe9, 0xa4, 0xe8, + 0x0b, 0x68, 0x86, 0x7c, 0x36, 0x38, 0x86, 0xb8, 0xa6, 0x7e, 0xbd, 0x86, 0x72, 0x7c, 0xa8, 0x5b, + 0x92, 0x31, 0xf5, 0xdd, 0x12, 0x7d, 0x0e, 0xd6, 0x35, 0x5a, 0x36, 0xae, 0xc8, 0xee, 0xcf, 0x26, + 0xb4, 0xc6, 0x62, 0x0e, 0xbe, 0x99, 0xae, 0x8f, 0xa0, 0xe9, 0xf3, 0xc9, 0xa5, 0xa6, 0xce, 0xdb, + 0xf5, 0xc1, 0x62, 0xb8, 0x61, 0xc9, 0x44, 0x9f, 0x41, 0x7b, 0x21, 0x87, 0x99, 0x92, 0x7c, 0x50, + 0x1f, 0xa4, 0x26, 0x1e, 0xd6, 0x6c, 0x1e, 0x98, 0xc9, 0xd1, 0xa0, 0x3a, 0xf0, 0x86, 0x40, 0x35, + 0x3f, 0xb0, 0x66, 0xf3, 0xc0, 0x42, 0x76, 0x5d, 0xd1, 0x4c, 0x36, 0x06, 0xaa, 0xd6, 0x8c, 0x35, + 0x1b, 0x7d, 0x09, 0xd6, 0x4a, 0x37, 0x63, 0xd1, 0x44, 0x36, 0xda, 0x53, 0xf6, 0x6c, 0x5c, 0x45, + 0xf0, 0xf6, 0x5d, 0x3a, 0xee, 0x45, 0x99, 0xe8, 0x54, 0x26, 0xee, 0x94, 0xd8, 0x38, 0x73, 0x7f, + 0x35, 0x60, 0x5b, 0xde, 0xc3, 0x03, 0x12, 0x05, 0xe1, 0x45, 0xed, 0x47, 0x03, 0x82, 0xc6, 0x8a, + 0x86, 0x89, 0xfa, 0x66, 0x10, 0x6b, 0x74, 0x1b, 0x1a, 0x5c, 0xa3, 0xb0, 0x70, 0x67, 0xd3, 0x7f, + 0x5e, 0x66, 0x9e, 0x5e, 0x24, 0x14, 0x0b, 0x36, 0x6f, 0xf0, 0xf2, 0xeb, 0xc7, 0x69, 0xbc, 0xaa, + 0xc1, 0xcb, 0x38, 0xdd, 0xe0, 0x65, 0xc4, 0x07, 0x73, 0x80, 0x2a, 0x1f, 0xea, 0x40, 0xfb, 0xde, + 0x93, 0xd9, 0xe3, 0xe9, 0x29, 0xb6, 0x6f, 0x20, 0x0b, 0x9a, 0x67, 0xc7, 0xb3, 0xb3, 0x53, 0xdb, + 0xe0, 0xf8, 0x64, 0x36, 0x1e, 0x1f, 0xe3, 0x67, 0xf6, 0x4d, 0xbe, 0x99, 0x3d, 0x9e, 0x3e, 0x7b, + 0x7a, 0x7a, 0xdf, 0x36, 0x51, 0x17, 0xac, 0x87, 0x5f, 0x4f, 0xa6, 0x4f, 0xce, 0xf0, 0xf1, 0xd8, + 0x6e, 0xa0, 0xb7, 0x60, 0x57, 0xc4, 0x78, 0x15, 0xd8, 0x3c, 0x71, 0x5f, 0x5c, 0x1e, 0x1a, 0x7f, + 0x5e, 0x1e, 0x1a, 0xff, 0x5c, 0x1e, 0x1a, 0xdf, 0xf5, 0x02, 0xe6, 0x55, 0xe2, 0x3c, 0x29, 0x6e, + 0xde, 0x12, 0x2f, 0xfb, 0x93, 0x7f, 0x03, 0x00, 0x00, 0xff, 0xff, 0x68, 0x3f, 0xd9, 0x07, 0xdd, + 0x09, 0x00, 0x00, } func (m *LabelPair) Marshal() (dAtA []byte, err error) { @@ -1100,6 +1127,18 @@ func (m *Counter) MarshalToSizedBuffer(dAtA []byte) (int, error) { i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } + if m.CreatedTimestamp != nil { + { + size, err := m.CreatedTimestamp.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintMetrics(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x1a + } if m.Exemplar != nil { { size, err := m.Exemplar.MarshalToSizedBuffer(dAtA[:i]) @@ -1184,6 +1223,18 @@ func (m *Summary) MarshalToSizedBuffer(dAtA []byte) (int, error) { i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } + if m.CreatedTimestamp != nil { + { + size, err := m.CreatedTimestamp.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintMetrics(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x22 + } if len(m.Quantile) > 0 { for iNdEx := len(m.Quantile) - 1; iNdEx >= 0; iNdEx-- { { @@ -1269,32 +1320,44 @@ func (m *Histogram) MarshalToSizedBuffer(dAtA []byte) (int, error) { i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } + if m.CreatedTimestamp != nil { + { + size, err := m.CreatedTimestamp.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintMetrics(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x7a + } if len(m.PositiveCount) > 0 { for iNdEx := len(m.PositiveCount) - 1; iNdEx >= 0; iNdEx-- { - f2 := math.Float64bits(float64(m.PositiveCount[iNdEx])) + f5 := math.Float64bits(float64(m.PositiveCount[iNdEx])) i -= 8 - encoding_binary.LittleEndian.PutUint64(dAtA[i:], uint64(f2)) + encoding_binary.LittleEndian.PutUint64(dAtA[i:], uint64(f5)) } i = encodeVarintMetrics(dAtA, i, uint64(len(m.PositiveCount)*8)) i-- dAtA[i] = 0x72 } if len(m.PositiveDelta) > 0 { - var j3 int - dAtA5 := make([]byte, len(m.PositiveDelta)*10) + var j6 int + dAtA8 := make([]byte, len(m.PositiveDelta)*10) for _, num := range m.PositiveDelta { - x4 := (uint64(num) << 1) ^ uint64((num >> 63)) - for x4 >= 1<<7 { - dAtA5[j3] = uint8(uint64(x4)&0x7f | 0x80) - j3++ - x4 >>= 7 + x7 := (uint64(num) << 1) ^ uint64((num >> 63)) + for x7 >= 1<<7 { + dAtA8[j6] = uint8(uint64(x7)&0x7f | 0x80) + j6++ + x7 >>= 7 } - dAtA5[j3] = uint8(x4) - j3++ + dAtA8[j6] = uint8(x7) + j6++ } - i -= j3 - copy(dAtA[i:], dAtA5[:j3]) - i = encodeVarintMetrics(dAtA, i, uint64(j3)) + i -= j6 + copy(dAtA[i:], dAtA8[:j6]) + i = encodeVarintMetrics(dAtA, i, uint64(j6)) i-- dAtA[i] = 0x6a } @@ -1314,30 +1377,30 @@ func (m *Histogram) MarshalToSizedBuffer(dAtA []byte) (int, error) { } if len(m.NegativeCount) > 0 { for iNdEx := len(m.NegativeCount) - 1; iNdEx >= 0; iNdEx-- { - f6 := math.Float64bits(float64(m.NegativeCount[iNdEx])) + f9 := math.Float64bits(float64(m.NegativeCount[iNdEx])) i -= 8 - encoding_binary.LittleEndian.PutUint64(dAtA[i:], uint64(f6)) + encoding_binary.LittleEndian.PutUint64(dAtA[i:], uint64(f9)) } i = encodeVarintMetrics(dAtA, i, uint64(len(m.NegativeCount)*8)) i-- dAtA[i] = 0x5a } if len(m.NegativeDelta) > 0 { - var j7 int - dAtA9 := make([]byte, len(m.NegativeDelta)*10) + var j10 int + dAtA12 := make([]byte, len(m.NegativeDelta)*10) for _, num := range m.NegativeDelta { - x8 := (uint64(num) << 1) ^ uint64((num >> 63)) - for x8 >= 1<<7 { - dAtA9[j7] = uint8(uint64(x8)&0x7f | 0x80) - j7++ - x8 >>= 7 + x11 := (uint64(num) << 1) ^ uint64((num >> 63)) + for x11 >= 1<<7 { + dAtA12[j10] = uint8(uint64(x11)&0x7f | 0x80) + j10++ + x11 >>= 7 } - dAtA9[j7] = uint8(x8) - j7++ + dAtA12[j10] = uint8(x11) + j10++ } - i -= j7 - copy(dAtA[i:], dAtA9[:j7]) - i = encodeVarintMetrics(dAtA, i, uint64(j7)) + i -= j10 + copy(dAtA[i:], dAtA12[:j10]) + i = encodeVarintMetrics(dAtA, i, uint64(j10)) i-- dAtA[i] = 0x52 } @@ -1788,6 +1851,10 @@ func (m *Counter) Size() (n int) { l = m.Exemplar.Size() n += 1 + l + sovMetrics(uint64(l)) } + if m.CreatedTimestamp != nil { + l = m.CreatedTimestamp.Size() + n += 1 + l + sovMetrics(uint64(l)) + } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -1830,6 +1897,10 @@ func (m *Summary) Size() (n int) { n += 1 + l + sovMetrics(uint64(l)) } } + if m.CreatedTimestamp != nil { + l = m.CreatedTimestamp.Size() + n += 1 + l + sovMetrics(uint64(l)) + } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -1916,6 +1987,10 @@ func (m *Histogram) Size() (n int) { if len(m.PositiveCount) > 0 { n += 1 + sovMetrics(uint64(len(m.PositiveCount)*8)) + len(m.PositiveCount)*8 } + if m.CreatedTimestamp != nil { + l = m.CreatedTimestamp.Size() + n += 1 + l + sovMetrics(uint64(l)) + } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -2319,6 +2394,42 @@ func (m *Counter) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field CreatedTimestamp", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowMetrics + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthMetrics + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthMetrics + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.CreatedTimestamp == nil { + m.CreatedTimestamp = &types.Timestamp{} + } + if err := m.CreatedTimestamp.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipMetrics(dAtA[iNdEx:]) @@ -2507,6 +2618,42 @@ func (m *Summary) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex + case 4: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field CreatedTimestamp", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowMetrics + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthMetrics + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthMetrics + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.CreatedTimestamp == nil { + m.CreatedTimestamp = &types.Timestamp{} + } + if err := m.CreatedTimestamp.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipMetrics(dAtA[iNdEx:]) @@ -3089,6 +3236,42 @@ func (m *Histogram) Unmarshal(dAtA []byte) error { } else { return fmt.Errorf("proto: wrong wireType = %d for field PositiveCount", wireType) } + case 15: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field CreatedTimestamp", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowMetrics + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthMetrics + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthMetrics + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.CreatedTimestamp == nil { + m.CreatedTimestamp = &types.Timestamp{} + } + if err := m.CreatedTimestamp.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipMetrics(dAtA[iNdEx:]) diff --git a/vendor/github.com/prometheus/prometheus/prompb/io/prometheus/client/metrics.proto b/vendor/github.com/prometheus/prometheus/prompb/io/prometheus/client/metrics.proto index 3fef2b6d0..8e225bb3b 100644 --- a/vendor/github.com/prometheus/prometheus/prompb/io/prometheus/client/metrics.proto +++ b/vendor/github.com/prometheus/prometheus/prompb/io/prometheus/client/metrics.proto @@ -51,6 +51,8 @@ message Gauge { message Counter { double value = 1; Exemplar exemplar = 2; + + google.protobuf.Timestamp created_timestamp = 3 [(gogoproto.nullable) = true]; } message Quantile { @@ -62,6 +64,8 @@ message Summary { uint64 sample_count = 1; double sample_sum = 2; repeated Quantile quantile = 3 [(gogoproto.nullable) = false]; + + google.protobuf.Timestamp created_timestamp = 4 [(gogoproto.nullable) = true]; } message Untyped { @@ -75,6 +79,8 @@ message Histogram { // Buckets for the conventional histogram. repeated Bucket bucket = 3 [(gogoproto.nullable) = false]; // Ordered in increasing order of upper_bound, +Inf bucket is optional. + google.protobuf.Timestamp created_timestamp = 15 [(gogoproto.nullable) = true]; + // Everything below here is for native histograms (also known as sparse histograms). // Native histograms are an experimental feature without stability guarantees. @@ -147,4 +153,4 @@ message MetricFamily { string help = 2; MetricType type = 3; repeated Metric metric = 4 [(gogoproto.nullable) = false]; -} +} \ No newline at end of file diff --git a/vendor/github.com/prometheus/prometheus/promql/parser/posrange/posrange.go b/vendor/github.com/prometheus/prometheus/promql/parser/posrange/posrange.go new file mode 100644 index 000000000..531fd8a30 --- /dev/null +++ b/vendor/github.com/prometheus/prometheus/promql/parser/posrange/posrange.go @@ -0,0 +1,54 @@ +// Copyright 2023 The Prometheus Authors +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// posrange is used to report a position in query strings for error +// and warning messages. +package posrange + +import "fmt" + +// Pos is the position in a string. +// Negative numbers indicate undefined positions. +type Pos int + +// PositionRange describes a position in the input string of the parser. +type PositionRange struct { + Start Pos + End Pos +} + +// StartPosInput uses the query string to convert the PositionRange into a +// line:col string, indicating when this is not possible if the query is empty +// or the position is invalid. When this is used to convert ParseErr to a string, +// lineOffset is an additional line offset to be added, and is only used inside +// unit tests. +func (p PositionRange) StartPosInput(query string, lineOffset int) string { + if query == "" { + return "unknown position" + } + pos := int(p.Start) + if pos < 0 || pos > len(query) { + return "invalid position" + } + + lastLineBreak := -1 + line := lineOffset + 1 + for i, c := range query[:pos] { + if c == '\n' { + lastLineBreak = i + line++ + } + } + col := pos - lastLineBreak + return fmt.Sprintf("%d:%d", line, col) +} diff --git a/vendor/github.com/prometheus/prometheus/scrape/scrape.go b/vendor/github.com/prometheus/prometheus/scrape/scrape.go index b52616a01..5db309008 100644 --- a/vendor/github.com/prometheus/prometheus/scrape/scrape.go +++ b/vendor/github.com/prometheus/prometheus/scrape/scrape.go @@ -261,18 +261,19 @@ type labelLimits struct { } type scrapeLoopOptions struct { - target *Target - scraper scraper - sampleLimit int - bucketLimit int - labelLimits *labelLimits - honorLabels bool - honorTimestamps bool - interval time.Duration - timeout time.Duration - scrapeClassicHistograms bool - mrc []*relabel.Config - cache *scrapeCache + target *Target + scraper scraper + sampleLimit int + bucketLimit int + labelLimits *labelLimits + honorLabels bool + honorTimestamps bool + trackTimestampsStaleness bool + interval time.Duration + timeout time.Duration + scrapeClassicHistograms bool + mrc []*relabel.Config + cache *scrapeCache } const maxAheadTime = 10 * time.Minute @@ -328,6 +329,7 @@ func newScrapePool(cfg *config.ScrapeConfig, app storage.Appendable, offsetSeed cache, offsetSeed, opts.honorTimestamps, + opts.trackTimestampsStaleness, opts.sampleLimit, opts.bucketLimit, opts.labelLimits, @@ -437,9 +439,10 @@ func (sp *scrapePool) reload(cfg *config.ScrapeConfig) error { labelNameLengthLimit: int(sp.config.LabelNameLengthLimit), labelValueLengthLimit: int(sp.config.LabelValueLengthLimit), } - honorLabels = sp.config.HonorLabels - honorTimestamps = sp.config.HonorTimestamps - mrc = sp.config.MetricRelabelConfigs + honorLabels = sp.config.HonorLabels + honorTimestamps = sp.config.HonorTimestamps + trackTimestampsStaleness = sp.config.TrackTimestampsStaleness + mrc = sp.config.MetricRelabelConfigs ) sp.targetMtx.Lock() @@ -463,17 +466,18 @@ func (sp *scrapePool) reload(cfg *config.ScrapeConfig) error { var ( s = &targetScraper{Target: t, client: sp.client, timeout: timeout, bodySizeLimit: bodySizeLimit, acceptHeader: acceptHeader} newLoop = sp.newLoop(scrapeLoopOptions{ - target: t, - scraper: s, - sampleLimit: sampleLimit, - bucketLimit: bucketLimit, - labelLimits: labelLimits, - honorLabels: honorLabels, - honorTimestamps: honorTimestamps, - mrc: mrc, - cache: cache, - interval: interval, - timeout: timeout, + target: t, + scraper: s, + sampleLimit: sampleLimit, + bucketLimit: bucketLimit, + labelLimits: labelLimits, + honorLabels: honorLabels, + honorTimestamps: honorTimestamps, + trackTimestampsStaleness: trackTimestampsStaleness, + mrc: mrc, + cache: cache, + interval: interval, + timeout: timeout, }) ) if err != nil { @@ -561,10 +565,11 @@ func (sp *scrapePool) sync(targets []*Target) { labelNameLengthLimit: int(sp.config.LabelNameLengthLimit), labelValueLengthLimit: int(sp.config.LabelValueLengthLimit), } - honorLabels = sp.config.HonorLabels - honorTimestamps = sp.config.HonorTimestamps - mrc = sp.config.MetricRelabelConfigs - scrapeClassicHistograms = sp.config.ScrapeClassicHistograms + honorLabels = sp.config.HonorLabels + honorTimestamps = sp.config.HonorTimestamps + trackTimestampsStaleness = sp.config.TrackTimestampsStaleness + mrc = sp.config.MetricRelabelConfigs + scrapeClassicHistograms = sp.config.ScrapeClassicHistograms ) sp.targetMtx.Lock() @@ -583,17 +588,18 @@ func (sp *scrapePool) sync(targets []*Target) { } s := &targetScraper{Target: t, client: sp.client, timeout: timeout, bodySizeLimit: bodySizeLimit, acceptHeader: acceptHeader} l := sp.newLoop(scrapeLoopOptions{ - target: t, - scraper: s, - sampleLimit: sampleLimit, - bucketLimit: bucketLimit, - labelLimits: labelLimits, - honorLabels: honorLabels, - honorTimestamps: honorTimestamps, - mrc: mrc, - interval: interval, - timeout: timeout, - scrapeClassicHistograms: scrapeClassicHistograms, + target: t, + scraper: s, + sampleLimit: sampleLimit, + bucketLimit: bucketLimit, + labelLimits: labelLimits, + honorLabels: honorLabels, + honorTimestamps: honorTimestamps, + trackTimestampsStaleness: trackTimestampsStaleness, + mrc: mrc, + interval: interval, + timeout: timeout, + scrapeClassicHistograms: scrapeClassicHistograms, }) if err != nil { l.setForcedError(err) @@ -732,8 +738,8 @@ func mutateSampleLabels(lset labels.Labels, target *Target, honor bool, rc []*re } func resolveConflictingExposedLabels(lb *labels.Builder, conflictingExposedLabels []labels.Label) { - slices.SortStableFunc(conflictingExposedLabels, func(a, b labels.Label) bool { - return len(a.Name) < len(b.Name) + slices.SortStableFunc(conflictingExposedLabels, func(a, b labels.Label) int { + return len(a.Name) - len(b.Name) }) for _, l := range conflictingExposedLabels { @@ -785,7 +791,8 @@ func appender(app storage.Appender, sampleLimit, bucketLimit int) storage.Append // A scraper retrieves samples and accepts a status report at the end. type scraper interface { - scrape(ctx context.Context, w io.Writer) (string, error) + scrape(ctx context.Context) (*http.Response, error) + readResponse(ctx context.Context, resp *http.Response, w io.Writer) (string, error) Report(start time.Time, dur time.Duration, err error) offset(interval time.Duration, offsetSeed uint64) time.Duration } @@ -814,11 +821,11 @@ const ( var UserAgent = fmt.Sprintf("Prometheus/%s", version.Version) -func (s *targetScraper) scrape(ctx context.Context, w io.Writer) (string, error) { +func (s *targetScraper) scrape(ctx context.Context) (*http.Response, error) { if s.req == nil { req, err := http.NewRequest("GET", s.URL().String(), nil) if err != nil { - return "", err + return nil, err } req.Header.Add("Accept", s.acceptHeader) req.Header.Add("Accept-Encoding", "gzip") @@ -828,10 +835,10 @@ func (s *targetScraper) scrape(ctx context.Context, w io.Writer) (string, error) s.req = req } - resp, err := s.client.Do(s.req.WithContext(ctx)) - if err != nil { - return "", err - } + return s.client.Do(s.req.WithContext(ctx)) +} + +func (s *targetScraper) readResponse(ctx context.Context, resp *http.Response, w io.Writer) (string, error) { defer func() { io.Copy(io.Discard, resp.Body) resp.Body.Close() @@ -858,13 +865,14 @@ func (s *targetScraper) scrape(ctx context.Context, w io.Writer) (string, error) if s.gzipr == nil { s.buf = bufio.NewReader(resp.Body) + var err error s.gzipr, err = gzip.NewReader(s.buf) if err != nil { return "", err } } else { s.buf.Reset(resp.Body) - if err = s.gzipr.Reset(s.buf); err != nil { + if err := s.gzipr.Reset(s.buf); err != nil { return "", err } } @@ -898,21 +906,22 @@ type cacheEntry struct { } type scrapeLoop struct { - scraper scraper - l log.Logger - cache *scrapeCache - lastScrapeSize int - buffers *pool.Pool - offsetSeed uint64 - honorTimestamps bool - forcedErr error - forcedErrMtx sync.Mutex - sampleLimit int - bucketLimit int - labelLimits *labelLimits - interval time.Duration - timeout time.Duration - scrapeClassicHistograms bool + scraper scraper + l log.Logger + cache *scrapeCache + lastScrapeSize int + buffers *pool.Pool + offsetSeed uint64 + honorTimestamps bool + trackTimestampsStaleness bool + forcedErr error + forcedErrMtx sync.Mutex + sampleLimit int + bucketLimit int + labelLimits *labelLimits + interval time.Duration + timeout time.Duration + scrapeClassicHistograms bool appender func(ctx context.Context) storage.Appender sampleMutator labelsMutator @@ -1189,6 +1198,7 @@ func newScrapeLoop(ctx context.Context, cache *scrapeCache, offsetSeed uint64, honorTimestamps bool, + trackTimestampsStaleness bool, sampleLimit int, bucketLimit int, labelLimits *labelLimits, @@ -1222,26 +1232,27 @@ func newScrapeLoop(ctx context.Context, } sl := &scrapeLoop{ - scraper: sc, - buffers: buffers, - cache: cache, - appender: appender, - sampleMutator: sampleMutator, - reportSampleMutator: reportSampleMutator, - stopped: make(chan struct{}), - offsetSeed: offsetSeed, - l: l, - parentCtx: ctx, - appenderCtx: appenderCtx, - honorTimestamps: honorTimestamps, - sampleLimit: sampleLimit, - bucketLimit: bucketLimit, - labelLimits: labelLimits, - interval: interval, - timeout: timeout, - scrapeClassicHistograms: scrapeClassicHistograms, - reportExtraMetrics: reportExtraMetrics, - appendMetadataToWAL: appendMetadataToWAL, + scraper: sc, + buffers: buffers, + cache: cache, + appender: appender, + sampleMutator: sampleMutator, + reportSampleMutator: reportSampleMutator, + stopped: make(chan struct{}), + offsetSeed: offsetSeed, + l: l, + parentCtx: ctx, + appenderCtx: appenderCtx, + honorTimestamps: honorTimestamps, + trackTimestampsStaleness: trackTimestampsStaleness, + sampleLimit: sampleLimit, + bucketLimit: bucketLimit, + labelLimits: labelLimits, + interval: interval, + timeout: timeout, + scrapeClassicHistograms: scrapeClassicHistograms, + reportExtraMetrics: reportExtraMetrics, + appendMetadataToWAL: appendMetadataToWAL, } sl.ctx, sl.cancel = context.WithCancel(ctx) @@ -1326,11 +1337,7 @@ func (sl *scrapeLoop) scrapeAndReport(last, appendTime time.Time, errc chan<- er ) } - b := sl.buffers.Get(sl.lastScrapeSize).([]byte) - defer sl.buffers.Put(b) - buf := bytes.NewBuffer(b) - - var total, added, seriesAdded, bytes int + var total, added, seriesAdded, bytesRead int var err, appErr, scrapeErr error app := sl.appender(sl.appenderCtx) @@ -1346,7 +1353,7 @@ func (sl *scrapeLoop) scrapeAndReport(last, appendTime time.Time, errc chan<- er }() defer func() { - if err = sl.report(app, appendTime, time.Since(start), total, added, seriesAdded, bytes, scrapeErr); err != nil { + if err = sl.report(app, appendTime, time.Since(start), total, added, seriesAdded, bytesRead, scrapeErr); err != nil { level.Warn(sl.l).Log("msg", "Appending scrape report failed", "err", err) } }() @@ -1367,8 +1374,17 @@ func (sl *scrapeLoop) scrapeAndReport(last, appendTime time.Time, errc chan<- er } var contentType string + var resp *http.Response + var b []byte + var buf *bytes.Buffer scrapeCtx, cancel := context.WithTimeout(sl.parentCtx, sl.timeout) - contentType, scrapeErr = sl.scraper.scrape(scrapeCtx, buf) + resp, scrapeErr = sl.scraper.scrape(scrapeCtx) + if scrapeErr == nil { + b = sl.buffers.Get(sl.lastScrapeSize).([]byte) + defer sl.buffers.Put(b) + buf = bytes.NewBuffer(b) + contentType, scrapeErr = sl.scraper.readResponse(scrapeCtx, resp, buf) + } cancel() if scrapeErr == nil { @@ -1379,14 +1395,14 @@ func (sl *scrapeLoop) scrapeAndReport(last, appendTime time.Time, errc chan<- er if len(b) > 0 { sl.lastScrapeSize = len(b) } - bytes = len(b) + bytesRead = len(b) } else { level.Debug(sl.l).Log("msg", "Scrape failed", "err", scrapeErr) if errc != nil { errc <- scrapeErr } if errors.Is(scrapeErr, errBodySizeLimit) { - bytes = -1 + bytesRead = -1 } } @@ -1525,6 +1541,7 @@ func (sl *scrapeLoop) append(app storage.Appender, b []byte, contentType string, appErrs = appendErrors{} sampleLimitErr error bucketLimitErr error + lset labels.Labels // escapes to heap so hoisted out of loop e exemplar.Exemplar // escapes to heap so hoisted out of loop meta metadata.Metadata metadataChanged bool @@ -1622,7 +1639,6 @@ loop: ce, ok := sl.cache.get(met) var ( ref storage.SeriesRef - lset labels.Labels hash uint64 ) @@ -1683,7 +1699,7 @@ loop: } if !ok { - if parsedTimestamp == nil { + if parsedTimestamp == nil || sl.trackTimestampsStaleness { // Bypass staleness logic if there is an explicit timestamp. sl.cache.trackStaleness(hash, lset) } @@ -1764,7 +1780,7 @@ loop: func (sl *scrapeLoop) checkAddError(ce *cacheEntry, met []byte, tp *int64, err error, sampleLimitErr, bucketLimitErr *error, appErrs *appendErrors) (bool, error) { switch errors.Cause(err) { case nil: - if tp == nil && ce != nil { + if (tp == nil || sl.trackTimestampsStaleness) && ce != nil { sl.cache.trackStaleness(ce.hash, ce.lset) } return true, nil diff --git a/vendor/github.com/prometheus/prometheus/storage/buffer.go b/vendor/github.com/prometheus/prometheus/storage/buffer.go index b1b5f8148..d2d89e042 100644 --- a/vendor/github.com/prometheus/prometheus/storage/buffer.go +++ b/vendor/github.com/prometheus/prometheus/storage/buffer.go @@ -42,7 +42,6 @@ func NewBuffer(delta int64) *BufferedSeriesIterator { // NewBufferIterator returns a new iterator that buffers the values within the // time range of the current element and the duration of delta before. func NewBufferIterator(it chunkenc.Iterator, delta int64) *BufferedSeriesIterator { - // TODO(codesome): based on encoding, allocate different buffer. bit := &BufferedSeriesIterator{ buf: newSampleRing(delta, 0, chunkenc.ValNone), delta: delta, @@ -92,12 +91,8 @@ func (b *BufferedSeriesIterator) Seek(t int64) chunkenc.ValueType { switch b.valueType { case chunkenc.ValNone: return chunkenc.ValNone - case chunkenc.ValFloat: - b.lastTime, _ = b.At() - case chunkenc.ValHistogram: - b.lastTime, _ = b.AtHistogram() - case chunkenc.ValFloatHistogram: - b.lastTime, _ = b.AtFloatHistogram() + case chunkenc.ValFloat, chunkenc.ValHistogram, chunkenc.ValFloatHistogram: + b.lastTime = b.AtT() default: panic(fmt.Errorf("BufferedSeriesIterator: unknown value type %v", b.valueType)) } @@ -289,7 +284,8 @@ func newSampleRing(delta int64, size int, typ chunkenc.ValueType) *sampleRing { case chunkenc.ValFloatHistogram: r.fhBuf = make([]fhSample, size) default: - r.iBuf = make([]chunks.Sample, size) + // Do not initialize anything because the 1st sample will be + // added to one of the other bufs anyway. } return r } @@ -299,6 +295,12 @@ func (r *sampleRing) reset() { r.i = -1 r.f = 0 r.bufInUse = noBuf + + // The first sample after the reset will always go to a specialized + // buffer. If we later need to change to the interface buffer, we'll + // copy from the specialized buffer to the interface buffer. For that to + // work properly, we have to reset the interface buffer here, too. + r.iBuf = r.iBuf[:0] } // Returns the current iterator. Invalidates previously returned iterators. @@ -446,6 +448,7 @@ func (r *sampleRing) add(s chunks.Sample) { } // The new sample isn't a fit for the already existing // ones. Copy the latter into the interface buffer where needed. + // The interface buffer is assumed to be of length zero at this point. switch r.bufInUse { case fBuf: for _, s := range r.fBuf { diff --git a/vendor/github.com/prometheus/prometheus/storage/fanout.go b/vendor/github.com/prometheus/prometheus/storage/fanout.go index a9db4f628..33257046f 100644 --- a/vendor/github.com/prometheus/prometheus/storage/fanout.go +++ b/vendor/github.com/prometheus/prometheus/storage/fanout.go @@ -72,15 +72,15 @@ func (f *fanout) StartTime() (int64, error) { return firstTime, nil } -func (f *fanout) Querier(ctx context.Context, mint, maxt int64) (Querier, error) { - primary, err := f.primary.Querier(ctx, mint, maxt) +func (f *fanout) Querier(mint, maxt int64) (Querier, error) { + primary, err := f.primary.Querier(mint, maxt) if err != nil { return nil, err } secondaries := make([]Querier, 0, len(f.secondaries)) for _, storage := range f.secondaries { - querier, err := storage.Querier(ctx, mint, maxt) + querier, err := storage.Querier(mint, maxt) if err != nil { // Close already open Queriers, append potential errors to returned error. errs := tsdb_errors.NewMulti(err, primary.Close()) @@ -94,15 +94,15 @@ func (f *fanout) Querier(ctx context.Context, mint, maxt int64) (Querier, error) return NewMergeQuerier([]Querier{primary}, secondaries, ChainedSeriesMerge), nil } -func (f *fanout) ChunkQuerier(ctx context.Context, mint, maxt int64) (ChunkQuerier, error) { - primary, err := f.primary.ChunkQuerier(ctx, mint, maxt) +func (f *fanout) ChunkQuerier(mint, maxt int64) (ChunkQuerier, error) { + primary, err := f.primary.ChunkQuerier(mint, maxt) if err != nil { return nil, err } secondaries := make([]ChunkQuerier, 0, len(f.secondaries)) for _, storage := range f.secondaries { - querier, err := storage.ChunkQuerier(ctx, mint, maxt) + querier, err := storage.ChunkQuerier(mint, maxt) if err != nil { // Close already open Queriers, append potential errors to returned error. errs := tsdb_errors.NewMulti(err, primary.Close()) diff --git a/vendor/github.com/prometheus/prometheus/storage/generic.go b/vendor/github.com/prometheus/prometheus/storage/generic.go index 6762f32a1..e5f4b4d03 100644 --- a/vendor/github.com/prometheus/prometheus/storage/generic.go +++ b/vendor/github.com/prometheus/prometheus/storage/generic.go @@ -17,19 +17,22 @@ package storage import ( + "context" + "github.com/prometheus/prometheus/model/labels" + "github.com/prometheus/prometheus/util/annotations" ) type genericQuerier interface { LabelQuerier - Select(bool, *SelectHints, ...*labels.Matcher) genericSeriesSet + Select(context.Context, bool, *SelectHints, ...*labels.Matcher) genericSeriesSet } type genericSeriesSet interface { Next() bool At() Labels Err() error - Warnings() Warnings + Warnings() annotations.Annotations } type genericSeriesMergeFunc func(...Labels) Labels @@ -58,11 +61,11 @@ type genericQuerierAdapter struct { cq ChunkQuerier } -func (q *genericQuerierAdapter) Select(sortSeries bool, hints *SelectHints, matchers ...*labels.Matcher) genericSeriesSet { +func (q *genericQuerierAdapter) Select(ctx context.Context, sortSeries bool, hints *SelectHints, matchers ...*labels.Matcher) genericSeriesSet { if q.q != nil { - return &genericSeriesSetAdapter{q.q.Select(sortSeries, hints, matchers...)} + return &genericSeriesSetAdapter{q.q.Select(ctx, sortSeries, hints, matchers...)} } - return &genericChunkSeriesSetAdapter{q.cq.Select(sortSeries, hints, matchers...)} + return &genericChunkSeriesSetAdapter{q.cq.Select(ctx, sortSeries, hints, matchers...)} } func newGenericQuerierFrom(q Querier) genericQuerier { @@ -85,8 +88,8 @@ func (a *seriesSetAdapter) At() Series { return a.genericSeriesSet.At().(Series) } -func (q *querierAdapter) Select(sortSeries bool, hints *SelectHints, matchers ...*labels.Matcher) SeriesSet { - return &seriesSetAdapter{q.genericQuerier.Select(sortSeries, hints, matchers...)} +func (q *querierAdapter) Select(ctx context.Context, sortSeries bool, hints *SelectHints, matchers ...*labels.Matcher) SeriesSet { + return &seriesSetAdapter{q.genericQuerier.Select(ctx, sortSeries, hints, matchers...)} } type chunkQuerierAdapter struct { @@ -101,8 +104,8 @@ func (a *chunkSeriesSetAdapter) At() ChunkSeries { return a.genericSeriesSet.At().(ChunkSeries) } -func (q *chunkQuerierAdapter) Select(sortSeries bool, hints *SelectHints, matchers ...*labels.Matcher) ChunkSeriesSet { - return &chunkSeriesSetAdapter{q.genericQuerier.Select(sortSeries, hints, matchers...)} +func (q *chunkQuerierAdapter) Select(ctx context.Context, sortSeries bool, hints *SelectHints, matchers ...*labels.Matcher) ChunkSeriesSet { + return &chunkSeriesSetAdapter{q.genericQuerier.Select(ctx, sortSeries, hints, matchers...)} } type seriesMergerAdapter struct { @@ -137,4 +140,4 @@ func (noopGenericSeriesSet) At() Labels { return nil } func (noopGenericSeriesSet) Err() error { return nil } -func (noopGenericSeriesSet) Warnings() Warnings { return nil } +func (noopGenericSeriesSet) Warnings() annotations.Annotations { return nil } diff --git a/vendor/github.com/prometheus/prometheus/storage/interface.go b/vendor/github.com/prometheus/prometheus/storage/interface.go index b282f1fc6..79ca658eb 100644 --- a/vendor/github.com/prometheus/prometheus/storage/interface.go +++ b/vendor/github.com/prometheus/prometheus/storage/interface.go @@ -24,6 +24,7 @@ import ( "github.com/prometheus/prometheus/model/metadata" "github.com/prometheus/prometheus/tsdb/chunkenc" "github.com/prometheus/prometheus/tsdb/chunks" + "github.com/prometheus/prometheus/util/annotations" ) // The errors exposed. @@ -91,7 +92,7 @@ type ExemplarStorage interface { // Use it when you need to have access to all samples without chunk encoding abstraction e.g promQL. type Queryable interface { // Querier returns a new Querier on the storage. - Querier(ctx context.Context, mint, maxt int64) (Querier, error) + Querier(mint, maxt int64) (Querier, error) } // A MockQueryable is used for testing purposes so that a mock Querier can be used. @@ -99,7 +100,7 @@ type MockQueryable struct { MockQuerier Querier } -func (q *MockQueryable) Querier(context.Context, int64, int64) (Querier, error) { +func (q *MockQueryable) Querier(int64, int64) (Querier, error) { return q.MockQuerier, nil } @@ -110,7 +111,7 @@ type Querier interface { // Select returns a set of series that matches the given label matchers. // Caller can specify if it requires returned series to be sorted. Prefer not requiring sorting for better performance. // It allows passing hints that can help in optimising select, but it's up to implementation how this is used if used at all. - Select(sortSeries bool, hints *SelectHints, matchers ...*labels.Matcher) SeriesSet + Select(ctx context.Context, sortSeries bool, hints *SelectHints, matchers ...*labels.Matcher) SeriesSet } // MockQuerier is used for test purposes to mock the selected series that is returned. @@ -118,11 +119,11 @@ type MockQuerier struct { SelectMockFunction func(sortSeries bool, hints *SelectHints, matchers ...*labels.Matcher) SeriesSet } -func (q *MockQuerier) LabelValues(string, ...*labels.Matcher) ([]string, Warnings, error) { +func (q *MockQuerier) LabelValues(context.Context, string, ...*labels.Matcher) ([]string, annotations.Annotations, error) { return nil, nil, nil } -func (q *MockQuerier) LabelNames(...*labels.Matcher) ([]string, Warnings, error) { +func (q *MockQuerier) LabelNames(context.Context, ...*labels.Matcher) ([]string, annotations.Annotations, error) { return nil, nil, nil } @@ -130,7 +131,7 @@ func (q *MockQuerier) Close() error { return nil } -func (q *MockQuerier) Select(sortSeries bool, hints *SelectHints, matchers ...*labels.Matcher) SeriesSet { +func (q *MockQuerier) Select(_ context.Context, sortSeries bool, hints *SelectHints, matchers ...*labels.Matcher) SeriesSet { return q.SelectMockFunction(sortSeries, hints, matchers...) } @@ -138,7 +139,7 @@ func (q *MockQuerier) Select(sortSeries bool, hints *SelectHints, matchers ...*l // Use it when you need to have access to samples in encoded format. type ChunkQueryable interface { // ChunkQuerier returns a new ChunkQuerier on the storage. - ChunkQuerier(ctx context.Context, mint, maxt int64) (ChunkQuerier, error) + ChunkQuerier(mint, maxt int64) (ChunkQuerier, error) } // ChunkQuerier provides querying access over time series data of a fixed time range. @@ -148,7 +149,7 @@ type ChunkQuerier interface { // Select returns a set of series that matches the given label matchers. // Caller can specify if it requires returned series to be sorted. Prefer not requiring sorting for better performance. // It allows passing hints that can help in optimising select, but it's up to implementation how this is used if used at all. - Select(sortSeries bool, hints *SelectHints, matchers ...*labels.Matcher) ChunkSeriesSet + Select(ctx context.Context, sortSeries bool, hints *SelectHints, matchers ...*labels.Matcher) ChunkSeriesSet } // LabelQuerier provides querying access over labels. @@ -157,12 +158,12 @@ type LabelQuerier interface { // It is not safe to use the strings beyond the lifetime of the querier. // If matchers are specified the returned result set is reduced // to label values of metrics matching the matchers. - LabelValues(name string, matchers ...*labels.Matcher) ([]string, Warnings, error) + LabelValues(ctx context.Context, name string, matchers ...*labels.Matcher) ([]string, annotations.Annotations, error) // LabelNames returns all the unique label names present in the block in sorted order. // If matchers are specified the returned result set is reduced // to label names of metrics matching the matchers. - LabelNames(matchers ...*labels.Matcher) ([]string, Warnings, error) + LabelNames(ctx context.Context, matchers ...*labels.Matcher) ([]string, annotations.Annotations, error) // Close releases the resources of the Querier. Close() error @@ -202,11 +203,11 @@ type SelectHints struct { // TODO(bwplotka): Move to promql/engine_test.go? // QueryableFunc is an adapter to allow the use of ordinary functions as // Queryables. It follows the idea of http.HandlerFunc. -type QueryableFunc func(ctx context.Context, mint, maxt int64) (Querier, error) +type QueryableFunc func(mint, maxt int64) (Querier, error) // Querier calls f() with the given parameters. -func (f QueryableFunc) Querier(ctx context.Context, mint, maxt int64) (Querier, error) { - return f(ctx, mint, maxt) +func (f QueryableFunc) Querier(mint, maxt int64) (Querier, error) { + return f(mint, maxt) } // Appender provides batched appends against a storage. @@ -307,7 +308,7 @@ type SeriesSet interface { Err() error // A collection of warnings for the whole set. // Warnings could be return even iteration has not failed with error. - Warnings() Warnings + Warnings() annotations.Annotations } var emptySeriesSet = errSeriesSet{} @@ -321,10 +322,10 @@ type testSeriesSet struct { series Series } -func (s testSeriesSet) Next() bool { return true } -func (s testSeriesSet) At() Series { return s.series } -func (s testSeriesSet) Err() error { return nil } -func (s testSeriesSet) Warnings() Warnings { return nil } +func (s testSeriesSet) Next() bool { return true } +func (s testSeriesSet) At() Series { return s.series } +func (s testSeriesSet) Err() error { return nil } +func (s testSeriesSet) Warnings() annotations.Annotations { return nil } // TestSeriesSet returns a mock series set func TestSeriesSet(series Series) SeriesSet { @@ -335,10 +336,10 @@ type errSeriesSet struct { err error } -func (s errSeriesSet) Next() bool { return false } -func (s errSeriesSet) At() Series { return nil } -func (s errSeriesSet) Err() error { return s.err } -func (s errSeriesSet) Warnings() Warnings { return nil } +func (s errSeriesSet) Next() bool { return false } +func (s errSeriesSet) At() Series { return nil } +func (s errSeriesSet) Err() error { return s.err } +func (s errSeriesSet) Warnings() annotations.Annotations { return nil } // ErrSeriesSet returns a series set that wraps an error. func ErrSeriesSet(err error) SeriesSet { @@ -356,10 +357,10 @@ type errChunkSeriesSet struct { err error } -func (s errChunkSeriesSet) Next() bool { return false } -func (s errChunkSeriesSet) At() ChunkSeries { return nil } -func (s errChunkSeriesSet) Err() error { return s.err } -func (s errChunkSeriesSet) Warnings() Warnings { return nil } +func (s errChunkSeriesSet) Next() bool { return false } +func (s errChunkSeriesSet) At() ChunkSeries { return nil } +func (s errChunkSeriesSet) Err() error { return s.err } +func (s errChunkSeriesSet) Warnings() annotations.Annotations { return nil } // ErrChunkSeriesSet returns a chunk series set that wraps an error. func ErrChunkSeriesSet(err error) ChunkSeriesSet { @@ -405,7 +406,7 @@ type ChunkSeriesSet interface { Err() error // A collection of warnings for the whole set. // Warnings could be return even iteration has not failed with error. - Warnings() Warnings + Warnings() annotations.Annotations } // ChunkSeries exposes a single time series and allows iterating over chunks. @@ -433,5 +434,3 @@ type ChunkIterable interface { // chunks of the series, sorted by min time. Iterator(chunks.Iterator) chunks.Iterator } - -type Warnings []error diff --git a/vendor/github.com/prometheus/prometheus/storage/lazy.go b/vendor/github.com/prometheus/prometheus/storage/lazy.go index 62f76cb6a..fab974c28 100644 --- a/vendor/github.com/prometheus/prometheus/storage/lazy.go +++ b/vendor/github.com/prometheus/prometheus/storage/lazy.go @@ -13,6 +13,10 @@ package storage +import ( + "github.com/prometheus/prometheus/util/annotations" +) + // lazyGenericSeriesSet is a wrapped series set that is initialised on first call to Next(). type lazyGenericSeriesSet struct { init func() (genericSeriesSet, bool) @@ -43,25 +47,25 @@ func (c *lazyGenericSeriesSet) At() Labels { return nil } -func (c *lazyGenericSeriesSet) Warnings() Warnings { +func (c *lazyGenericSeriesSet) Warnings() annotations.Annotations { if c.set != nil { return c.set.Warnings() } return nil } -type warningsOnlySeriesSet Warnings +type warningsOnlySeriesSet annotations.Annotations -func (warningsOnlySeriesSet) Next() bool { return false } -func (warningsOnlySeriesSet) Err() error { return nil } -func (warningsOnlySeriesSet) At() Labels { return nil } -func (c warningsOnlySeriesSet) Warnings() Warnings { return Warnings(c) } +func (warningsOnlySeriesSet) Next() bool { return false } +func (warningsOnlySeriesSet) Err() error { return nil } +func (warningsOnlySeriesSet) At() Labels { return nil } +func (c warningsOnlySeriesSet) Warnings() annotations.Annotations { return annotations.Annotations(c) } type errorOnlySeriesSet struct { err error } -func (errorOnlySeriesSet) Next() bool { return false } -func (errorOnlySeriesSet) At() Labels { return nil } -func (s errorOnlySeriesSet) Err() error { return s.err } -func (errorOnlySeriesSet) Warnings() Warnings { return nil } +func (errorOnlySeriesSet) Next() bool { return false } +func (errorOnlySeriesSet) At() Labels { return nil } +func (s errorOnlySeriesSet) Err() error { return s.err } +func (errorOnlySeriesSet) Warnings() annotations.Annotations { return nil } diff --git a/vendor/github.com/prometheus/prometheus/storage/merge.go b/vendor/github.com/prometheus/prometheus/storage/merge.go index c0665d720..1e29374e5 100644 --- a/vendor/github.com/prometheus/prometheus/storage/merge.go +++ b/vendor/github.com/prometheus/prometheus/storage/merge.go @@ -16,6 +16,7 @@ package storage import ( "bytes" "container/heap" + "context" "fmt" "math" "sync" @@ -27,6 +28,7 @@ import ( "github.com/prometheus/prometheus/tsdb/chunkenc" "github.com/prometheus/prometheus/tsdb/chunks" tsdb_errors "github.com/prometheus/prometheus/tsdb/errors" + "github.com/prometheus/prometheus/util/annotations" ) type mergeGenericQuerier struct { @@ -97,19 +99,19 @@ func NewMergeChunkQuerier(primaries, secondaries []ChunkQuerier, mergeFn Vertica } // Select returns a set of series that matches the given label matchers. -func (q *mergeGenericQuerier) Select(sortSeries bool, hints *SelectHints, matchers ...*labels.Matcher) genericSeriesSet { +func (q *mergeGenericQuerier) Select(ctx context.Context, sortSeries bool, hints *SelectHints, matchers ...*labels.Matcher) genericSeriesSet { if len(q.queriers) == 0 { return noopGenericSeriesSet{} } if len(q.queriers) == 1 { - return q.queriers[0].Select(sortSeries, hints, matchers...) + return q.queriers[0].Select(ctx, sortSeries, hints, matchers...) } seriesSets := make([]genericSeriesSet, 0, len(q.queriers)) if !q.concurrentSelect { for _, querier := range q.queriers { // We need to sort for merge to work. - seriesSets = append(seriesSets, querier.Select(true, hints, matchers...)) + seriesSets = append(seriesSets, querier.Select(ctx, true, hints, matchers...)) } return &lazyGenericSeriesSet{init: func() (genericSeriesSet, bool) { s := newGenericMergeSeriesSet(seriesSets, q.mergeFn) @@ -128,7 +130,7 @@ func (q *mergeGenericQuerier) Select(sortSeries bool, hints *SelectHints, matche defer wg.Done() // We need to sort for NewMergeSeriesSet to work. - seriesSetChan <- qr.Select(true, hints, matchers...) + seriesSetChan <- qr.Select(ctx, true, hints, matchers...) }(querier) } go func() { @@ -157,8 +159,8 @@ func (l labelGenericQueriers) SplitByHalf() (labelGenericQueriers, labelGenericQ // LabelValues returns all potential values for a label name. // If matchers are specified the returned result set is reduced // to label values of metrics matching the matchers. -func (q *mergeGenericQuerier) LabelValues(name string, matchers ...*labels.Matcher) ([]string, Warnings, error) { - res, ws, err := q.lvals(q.queriers, name, matchers...) +func (q *mergeGenericQuerier) LabelValues(ctx context.Context, name string, matchers ...*labels.Matcher) ([]string, annotations.Annotations, error) { + res, ws, err := q.lvals(ctx, q.queriers, name, matchers...) if err != nil { return nil, nil, fmt.Errorf("LabelValues() from merge generic querier for label %s: %w", name, err) } @@ -166,23 +168,23 @@ func (q *mergeGenericQuerier) LabelValues(name string, matchers ...*labels.Match } // lvals performs merge sort for LabelValues from multiple queriers. -func (q *mergeGenericQuerier) lvals(lq labelGenericQueriers, n string, matchers ...*labels.Matcher) ([]string, Warnings, error) { +func (q *mergeGenericQuerier) lvals(ctx context.Context, lq labelGenericQueriers, n string, matchers ...*labels.Matcher) ([]string, annotations.Annotations, error) { if lq.Len() == 0 { return nil, nil, nil } if lq.Len() == 1 { - return lq.Get(0).LabelValues(n, matchers...) + return lq.Get(0).LabelValues(ctx, n, matchers...) } a, b := lq.SplitByHalf() - var ws Warnings - s1, w, err := q.lvals(a, n, matchers...) - ws = append(ws, w...) + var ws annotations.Annotations + s1, w, err := q.lvals(ctx, a, n, matchers...) + ws.Merge(w) if err != nil { return nil, ws, err } - s2, ws, err := q.lvals(b, n, matchers...) - ws = append(ws, w...) + s2, ws, err := q.lvals(ctx, b, n, matchers...) + ws.Merge(w) if err != nil { return nil, ws, err } @@ -217,16 +219,16 @@ func mergeStrings(a, b []string) []string { } // LabelNames returns all the unique label names present in all queriers in sorted order. -func (q *mergeGenericQuerier) LabelNames(matchers ...*labels.Matcher) ([]string, Warnings, error) { +func (q *mergeGenericQuerier) LabelNames(ctx context.Context, matchers ...*labels.Matcher) ([]string, annotations.Annotations, error) { var ( labelNamesMap = make(map[string]struct{}) - warnings Warnings + warnings annotations.Annotations ) for _, querier := range q.queriers { - names, wrn, err := querier.LabelNames(matchers...) + names, wrn, err := querier.LabelNames(ctx, matchers...) if wrn != nil { // TODO(bwplotka): We could potentially wrap warnings. - warnings = append(warnings, wrn...) + warnings.Merge(wrn) } if err != nil { return nil, nil, fmt.Errorf("LabelNames() from merge generic querier: %w", err) @@ -345,7 +347,7 @@ func (c *genericMergeSeriesSet) Next() bool { } // Now, pop items of the heap that have equal label sets. - c.currentSets = nil + c.currentSets = c.currentSets[:0] c.currentLabels = c.heap[0].At().Labels() for len(c.heap) > 0 && labels.Equal(c.currentLabels, c.heap[0].At().Labels()) { set := heap.Pop(&c.heap).(genericSeriesSet) @@ -381,10 +383,10 @@ func (c *genericMergeSeriesSet) Err() error { return nil } -func (c *genericMergeSeriesSet) Warnings() Warnings { - var ws Warnings +func (c *genericMergeSeriesSet) Warnings() annotations.Annotations { + var ws annotations.Annotations for _, set := range c.sets { - ws = append(ws, set.Warnings()...) + ws.Merge(set.Warnings()) } return ws } @@ -521,8 +523,12 @@ func (c *chainSampleIterator) AtHistogram() (int64, *histogram.Histogram) { } t, h := c.curr.AtHistogram() // If the current sample is not consecutive with the previous one, we - // cannot be sure anymore that there was no counter reset. - if !c.consecutive && h.CounterResetHint == histogram.NotCounterReset { + // cannot be sure anymore about counter resets for counter histograms. + // TODO(beorn7): If a `NotCounterReset` sample is followed by a + // non-consecutive `CounterReset` sample, we could keep the hint as + // `CounterReset`. But then we needed to track the previous sample + // in more detail, which might not be worth it. + if !c.consecutive && h.CounterResetHint != histogram.GaugeType { h.CounterResetHint = histogram.UnknownCounterReset } return t, h diff --git a/vendor/github.com/prometheus/prometheus/storage/noop.go b/vendor/github.com/prometheus/prometheus/storage/noop.go index 83953ca43..be5741ddd 100644 --- a/vendor/github.com/prometheus/prometheus/storage/noop.go +++ b/vendor/github.com/prometheus/prometheus/storage/noop.go @@ -14,7 +14,10 @@ package storage import ( + "context" + "github.com/prometheus/prometheus/model/labels" + "github.com/prometheus/prometheus/util/annotations" ) type noopQuerier struct{} @@ -24,15 +27,15 @@ func NoopQuerier() Querier { return noopQuerier{} } -func (noopQuerier) Select(bool, *SelectHints, ...*labels.Matcher) SeriesSet { +func (noopQuerier) Select(context.Context, bool, *SelectHints, ...*labels.Matcher) SeriesSet { return NoopSeriesSet() } -func (noopQuerier) LabelValues(string, ...*labels.Matcher) ([]string, Warnings, error) { +func (noopQuerier) LabelValues(context.Context, string, ...*labels.Matcher) ([]string, annotations.Annotations, error) { return nil, nil, nil } -func (noopQuerier) LabelNames(...*labels.Matcher) ([]string, Warnings, error) { +func (noopQuerier) LabelNames(context.Context, ...*labels.Matcher) ([]string, annotations.Annotations, error) { return nil, nil, nil } @@ -47,15 +50,15 @@ func NoopChunkedQuerier() ChunkQuerier { return noopChunkQuerier{} } -func (noopChunkQuerier) Select(bool, *SelectHints, ...*labels.Matcher) ChunkSeriesSet { +func (noopChunkQuerier) Select(context.Context, bool, *SelectHints, ...*labels.Matcher) ChunkSeriesSet { return NoopChunkedSeriesSet() } -func (noopChunkQuerier) LabelValues(string, ...*labels.Matcher) ([]string, Warnings, error) { +func (noopChunkQuerier) LabelValues(context.Context, string, ...*labels.Matcher) ([]string, annotations.Annotations, error) { return nil, nil, nil } -func (noopChunkQuerier) LabelNames(...*labels.Matcher) ([]string, Warnings, error) { +func (noopChunkQuerier) LabelNames(context.Context, ...*labels.Matcher) ([]string, annotations.Annotations, error) { return nil, nil, nil } @@ -76,7 +79,7 @@ func (noopSeriesSet) At() Series { return nil } func (noopSeriesSet) Err() error { return nil } -func (noopSeriesSet) Warnings() Warnings { return nil } +func (noopSeriesSet) Warnings() annotations.Annotations { return nil } type noopChunkedSeriesSet struct{} @@ -91,4 +94,4 @@ func (noopChunkedSeriesSet) At() ChunkSeries { return nil } func (noopChunkedSeriesSet) Err() error { return nil } -func (noopChunkedSeriesSet) Warnings() Warnings { return nil } +func (noopChunkedSeriesSet) Warnings() annotations.Annotations { return nil } diff --git a/vendor/github.com/prometheus/prometheus/storage/remote/azuread/azuread.go b/vendor/github.com/prometheus/prometheus/storage/remote/azuread/azuread.go index 94b6144da..cb4587b02 100644 --- a/vendor/github.com/prometheus/prometheus/storage/remote/azuread/azuread.go +++ b/vendor/github.com/prometheus/prometheus/storage/remote/azuread/azuread.go @@ -22,7 +22,10 @@ import ( "sync" "time" + "github.com/grafana/regexp" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/cloud" "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" "github.com/Azure/azure-sdk-for-go/sdk/azidentity" "github.com/google/uuid" @@ -46,11 +49,26 @@ type ManagedIdentityConfig struct { ClientID string `yaml:"client_id,omitempty"` } +// OAuthConfig is used to store azure oauth config values. +type OAuthConfig struct { + // ClientID is the clientId of the azure active directory application that is being used to authenticate. + ClientID string `yaml:"client_id,omitempty"` + + // ClientSecret is the clientSecret of the azure active directory application that is being used to authenticate. + ClientSecret string `yaml:"client_secret,omitempty"` + + // TenantID is the tenantId of the azure active directory application that is being used to authenticate. + TenantID string `yaml:"tenant_id,omitempty"` +} + // AzureADConfig is used to store the config values. type AzureADConfig struct { // nolint:revive // ManagedIdentity is the managed identity that is being used to authenticate. ManagedIdentity *ManagedIdentityConfig `yaml:"managed_identity,omitempty"` + // OAuth is the oauth config that is being used to authenticate. + OAuth *OAuthConfig `yaml:"oauth,omitempty"` + // Cloud is the Azure cloud in which the service is running. Example: AzurePublic/AzureGovernment/AzureChina. Cloud string `yaml:"cloud,omitempty"` } @@ -84,18 +102,47 @@ func (c *AzureADConfig) Validate() error { return fmt.Errorf("must provide a cloud in the Azure AD config") } - if c.ManagedIdentity == nil { - return fmt.Errorf("must provide an Azure Managed Identity in the Azure AD config") + if c.ManagedIdentity == nil && c.OAuth == nil { + return fmt.Errorf("must provide an Azure Managed Identity or Azure OAuth in the Azure AD config") } - if c.ManagedIdentity.ClientID == "" { - return fmt.Errorf("must provide an Azure Managed Identity client_id in the Azure AD config") + if c.ManagedIdentity != nil && c.OAuth != nil { + return fmt.Errorf("cannot provide both Azure Managed Identity and Azure OAuth in the Azure AD config") } - _, err := uuid.Parse(c.ManagedIdentity.ClientID) - if err != nil { - return fmt.Errorf("the provided Azure Managed Identity client_id provided is invalid") + if c.ManagedIdentity != nil { + if c.ManagedIdentity.ClientID == "" { + return fmt.Errorf("must provide an Azure Managed Identity client_id in the Azure AD config") + } + + _, err := uuid.Parse(c.ManagedIdentity.ClientID) + if err != nil { + return fmt.Errorf("the provided Azure Managed Identity client_id is invalid") + } } + + if c.OAuth != nil { + if c.OAuth.ClientID == "" { + return fmt.Errorf("must provide an Azure OAuth client_id in the Azure AD config") + } + if c.OAuth.ClientSecret == "" { + return fmt.Errorf("must provide an Azure OAuth client_secret in the Azure AD config") + } + if c.OAuth.TenantID == "" { + return fmt.Errorf("must provide an Azure OAuth tenant_id in the Azure AD config") + } + + var err error + _, err = uuid.Parse(c.OAuth.ClientID) + if err != nil { + return fmt.Errorf("the provided Azure OAuth client_id is invalid") + } + _, err = regexp.MatchString("^[0-9a-zA-Z-.]+$", c.OAuth.TenantID) + if err != nil { + return fmt.Errorf("the provided Azure OAuth tenant_id is invalid") + } + } + return nil } @@ -146,21 +193,54 @@ func (rt *azureADRoundTripper) RoundTrip(req *http.Request) (*http.Response, err // newTokenCredential returns a TokenCredential of different kinds like Azure Managed Identity and Azure AD application. func newTokenCredential(cfg *AzureADConfig) (azcore.TokenCredential, error) { - cred, err := newManagedIdentityTokenCredential(cfg.ManagedIdentity.ClientID) + var cred azcore.TokenCredential + var err error + cloudConfiguration, err := getCloudConfiguration(cfg.Cloud) if err != nil { return nil, err } + clientOpts := &azcore.ClientOptions{ + Cloud: cloudConfiguration, + } + + if cfg.ManagedIdentity != nil { + managedIdentityConfig := &ManagedIdentityConfig{ + ClientID: cfg.ManagedIdentity.ClientID, + } + cred, err = newManagedIdentityTokenCredential(clientOpts, managedIdentityConfig) + if err != nil { + return nil, err + } + } + + if cfg.OAuth != nil { + oAuthConfig := &OAuthConfig{ + ClientID: cfg.OAuth.ClientID, + ClientSecret: cfg.OAuth.ClientSecret, + TenantID: cfg.OAuth.TenantID, + } + cred, err = newOAuthTokenCredential(clientOpts, oAuthConfig) + if err != nil { + return nil, err + } + } return cred, nil } // newManagedIdentityTokenCredential returns new Managed Identity token credential. -func newManagedIdentityTokenCredential(managedIdentityClientID string) (azcore.TokenCredential, error) { - clientID := azidentity.ClientID(managedIdentityClientID) - opts := &azidentity.ManagedIdentityCredentialOptions{ID: clientID} +func newManagedIdentityTokenCredential(clientOpts *azcore.ClientOptions, managedIdentityConfig *ManagedIdentityConfig) (azcore.TokenCredential, error) { + clientID := azidentity.ClientID(managedIdentityConfig.ClientID) + opts := &azidentity.ManagedIdentityCredentialOptions{ClientOptions: *clientOpts, ID: clientID} return azidentity.NewManagedIdentityCredential(opts) } +// newOAuthTokenCredential returns new OAuth token credential +func newOAuthTokenCredential(clientOpts *azcore.ClientOptions, oAuthConfig *OAuthConfig) (azcore.TokenCredential, error) { + opts := &azidentity.ClientSecretCredentialOptions{ClientOptions: *clientOpts} + return azidentity.NewClientSecretCredential(oAuthConfig.TenantID, oAuthConfig.ClientID, oAuthConfig.ClientSecret, opts) +} + // newTokenProvider helps to fetch accessToken for different types of credential. This also takes care of // refreshing the accessToken before expiry. This accessToken is attached to the Authorization header while making requests. func newTokenProvider(cfg *AzureADConfig, cred azcore.TokenCredential) (*tokenProvider, error) { @@ -245,3 +325,17 @@ func getAudience(cloud string) (string, error) { return "", errors.New("Cloud is not specified or is incorrect: " + cloud) } } + +// getCloudConfiguration returns the cloud Configuration which contains AAD endpoint for different clouds +func getCloudConfiguration(c string) (cloud.Configuration, error) { + switch strings.ToLower(c) { + case strings.ToLower(AzureChina): + return cloud.AzureChina, nil + case strings.ToLower(AzureGovernment): + return cloud.AzureGovernment, nil + case strings.ToLower(AzurePublic): + return cloud.AzurePublic, nil + default: + return cloud.Configuration{}, errors.New("Cloud is not specified or is incorrect: " + c) + } +} diff --git a/vendor/github.com/prometheus/prometheus/storage/remote/client.go b/vendor/github.com/prometheus/prometheus/storage/remote/client.go index 33774203c..fbb680498 100644 --- a/vendor/github.com/prometheus/prometheus/storage/remote/client.go +++ b/vendor/github.com/prometheus/prometheus/storage/remote/client.go @@ -195,7 +195,7 @@ type RecoverableError struct { // Store sends a batch of samples to the HTTP endpoint, the request is the proto marshalled // and encoded bytes from codec.go. -func (c *Client) Store(ctx context.Context, req []byte) error { +func (c *Client) Store(ctx context.Context, req []byte, attempt int) error { httpReq, err := http.NewRequest("POST", c.urlString, bytes.NewReader(req)) if err != nil { // Errors from NewRequest are from unparsable URLs, so are not @@ -207,6 +207,10 @@ func (c *Client) Store(ctx context.Context, req []byte) error { httpReq.Header.Set("Content-Type", "application/x-protobuf") httpReq.Header.Set("User-Agent", UserAgent) httpReq.Header.Set("X-Prometheus-Remote-Write-Version", "0.1.0") + if attempt > 0 { + httpReq.Header.Set("Retry-Attempt", strconv.Itoa(attempt)) + } + ctx, cancel := context.WithTimeout(ctx, c.timeout) defer cancel() @@ -232,10 +236,8 @@ func (c *Client) Store(ctx context.Context, req []byte) error { } err = fmt.Errorf("server returned HTTP status %s: %s", httpResp.Status, line) } - if httpResp.StatusCode/100 == 5 { - return RecoverableError{err, defaultBackoff} - } - if c.retryOnRateLimit && httpResp.StatusCode == http.StatusTooManyRequests { + if httpResp.StatusCode/100 == 5 || + (c.retryOnRateLimit && httpResp.StatusCode == http.StatusTooManyRequests) { return RecoverableError{err, retryAfterDuration(httpResp.Header.Get("Retry-After"))} } return err diff --git a/vendor/github.com/prometheus/prometheus/storage/remote/codec.go b/vendor/github.com/prometheus/prometheus/storage/remote/codec.go index 4927c16fd..4c190f2a4 100644 --- a/vendor/github.com/prometheus/prometheus/storage/remote/codec.go +++ b/vendor/github.com/prometheus/prometheus/storage/remote/codec.go @@ -38,6 +38,7 @@ import ( "github.com/prometheus/prometheus/storage" "github.com/prometheus/prometheus/tsdb/chunkenc" "github.com/prometheus/prometheus/tsdb/chunks" + "github.com/prometheus/prometheus/util/annotations" ) const ( @@ -122,7 +123,7 @@ func ToQuery(from, to int64, matchers []*labels.Matcher, hints *storage.SelectHi } // ToQueryResult builds a QueryResult proto. -func ToQueryResult(ss storage.SeriesSet, sampleLimit int) (*prompb.QueryResult, storage.Warnings, error) { +func ToQueryResult(ss storage.SeriesSet, sampleLimit int) (*prompb.QueryResult, annotations.Annotations, error) { numSamples := 0 resp := &prompb.QueryResult{} var iter chunkenc.Iterator @@ -186,8 +187,8 @@ func FromQueryResult(sortSeries bool, res *prompb.QueryResult) storage.SeriesSet } if sortSeries { - slices.SortFunc(series, func(a, b storage.Series) bool { - return labels.Compare(a.Labels(), b.Labels()) < 0 + slices.SortFunc(series, func(a, b storage.Series) int { + return labels.Compare(a.Labels(), b.Labels()) }) } return &concreteSeriesSet{ @@ -224,7 +225,7 @@ func StreamChunkedReadResponses( sortedExternalLabels []prompb.Label, maxBytesInFrame int, marshalPool *sync.Pool, -) (storage.Warnings, error) { +) (annotations.Annotations, error) { var ( chks []prompb.Chunk lbls []prompb.Label @@ -340,7 +341,7 @@ func (e errSeriesSet) Err() error { return e.err } -func (e errSeriesSet) Warnings() storage.Warnings { return nil } +func (e errSeriesSet) Warnings() annotations.Annotations { return nil } // concreteSeriesSet implements storage.SeriesSet. type concreteSeriesSet struct { @@ -361,7 +362,7 @@ func (c *concreteSeriesSet) Err() error { return nil } -func (c *concreteSeriesSet) Warnings() storage.Warnings { return nil } +func (c *concreteSeriesSet) Warnings() annotations.Annotations { return nil } // concreteSeries implements storage.Series. type concreteSeries struct { diff --git a/vendor/github.com/prometheus/prometheus/storage/remote/queue_manager.go b/vendor/github.com/prometheus/prometheus/storage/remote/queue_manager.go index 1c834db77..a25c7d90c 100644 --- a/vendor/github.com/prometheus/prometheus/storage/remote/queue_manager.go +++ b/vendor/github.com/prometheus/prometheus/storage/remote/queue_manager.go @@ -29,7 +29,7 @@ import ( "github.com/prometheus/common/model" "go.opentelemetry.io/otel" "go.opentelemetry.io/otel/attribute" - semconv "go.opentelemetry.io/otel/semconv/v1.17.0" + semconv "go.opentelemetry.io/otel/semconv/v1.21.0" "go.uber.org/atomic" "github.com/prometheus/prometheus/config" @@ -380,7 +380,7 @@ func (m *queueManagerMetrics) unregister() { // external timeseries database. type WriteClient interface { // Store stores the given samples in the remote storage. - Store(context.Context, []byte) error + Store(context.Context, []byte, int) error // Name uniquely identifies the remote storage. Name() string // Endpoint is the remote read or write endpoint for the storage client. @@ -552,7 +552,7 @@ func (t *QueueManager) sendMetadataWithBackoff(ctx context.Context, metadata []p } begin := time.Now() - err := t.storeClient.Store(ctx, req) + err := t.storeClient.Store(ctx, req, try) t.metrics.sentBatchDuration.Observe(time.Since(begin).Seconds()) if err != nil { @@ -1526,7 +1526,7 @@ func (s *shards) sendSamplesWithBackoff(ctx context.Context, samples []prompb.Ti s.qm.metrics.samplesTotal.Add(float64(sampleCount)) s.qm.metrics.exemplarsTotal.Add(float64(exemplarCount)) s.qm.metrics.histogramsTotal.Add(float64(histogramCount)) - err := s.qm.client().Store(ctx, *buf) + err := s.qm.client().Store(ctx, *buf, try) s.qm.metrics.sentBatchDuration.Observe(time.Since(begin).Seconds()) if err != nil { diff --git a/vendor/github.com/prometheus/prometheus/storage/remote/read.go b/vendor/github.com/prometheus/prometheus/storage/remote/read.go index af61334f4..723030091 100644 --- a/vendor/github.com/prometheus/prometheus/storage/remote/read.go +++ b/vendor/github.com/prometheus/prometheus/storage/remote/read.go @@ -20,6 +20,7 @@ import ( "github.com/prometheus/prometheus/model/labels" "github.com/prometheus/prometheus/storage" + "github.com/prometheus/prometheus/util/annotations" ) type sampleAndChunkQueryableClient struct { @@ -48,9 +49,8 @@ func NewSampleAndChunkQueryableClient( } } -func (c *sampleAndChunkQueryableClient) Querier(ctx context.Context, mint, maxt int64) (storage.Querier, error) { +func (c *sampleAndChunkQueryableClient) Querier(mint, maxt int64) (storage.Querier, error) { q := &querier{ - ctx: ctx, mint: mint, maxt: maxt, client: c.client, @@ -75,10 +75,9 @@ func (c *sampleAndChunkQueryableClient) Querier(ctx context.Context, mint, maxt return q, nil } -func (c *sampleAndChunkQueryableClient) ChunkQuerier(ctx context.Context, mint, maxt int64) (storage.ChunkQuerier, error) { +func (c *sampleAndChunkQueryableClient) ChunkQuerier(mint, maxt int64) (storage.ChunkQuerier, error) { cq := &chunkQuerier{ querier: querier{ - ctx: ctx, mint: mint, maxt: maxt, client: c.client, @@ -125,7 +124,6 @@ func (c *sampleAndChunkQueryableClient) preferLocalStorage(mint, maxt int64) (cm } type querier struct { - ctx context.Context mint, maxt int64 client ReadClient @@ -140,7 +138,7 @@ type querier struct { // // If requiredMatchers are given, select returns a NoopSeriesSet if the given matchers don't match the label set of the // requiredMatchers. Otherwise it'll just call remote endpoint. -func (q *querier) Select(sortSeries bool, hints *storage.SelectHints, matchers ...*labels.Matcher) storage.SeriesSet { +func (q *querier) Select(ctx context.Context, sortSeries bool, hints *storage.SelectHints, matchers ...*labels.Matcher) storage.SeriesSet { if len(q.requiredMatchers) > 0 { // Copy to not modify slice configured by user. requiredMatchers := append([]*labels.Matcher{}, q.requiredMatchers...) @@ -167,7 +165,7 @@ func (q *querier) Select(sortSeries bool, hints *storage.SelectHints, matchers . return storage.ErrSeriesSet(fmt.Errorf("toQuery: %w", err)) } - res, err := q.client.Read(q.ctx, query) + res, err := q.client.Read(ctx, query) if err != nil { return storage.ErrSeriesSet(fmt.Errorf("remote_read: %w", err)) } @@ -212,13 +210,13 @@ func (q querier) addExternalLabels(ms []*labels.Matcher) ([]*labels.Matcher, []s } // LabelValues implements storage.Querier and is a noop. -func (q *querier) LabelValues(string, ...*labels.Matcher) ([]string, storage.Warnings, error) { +func (q *querier) LabelValues(context.Context, string, ...*labels.Matcher) ([]string, annotations.Annotations, error) { // TODO: Implement: https://github.com/prometheus/prometheus/issues/3351 return nil, nil, errors.New("not implemented") } // LabelNames implements storage.Querier and is a noop. -func (q *querier) LabelNames(...*labels.Matcher) ([]string, storage.Warnings, error) { +func (q *querier) LabelNames(context.Context, ...*labels.Matcher) ([]string, annotations.Annotations, error) { // TODO: Implement: https://github.com/prometheus/prometheus/issues/3351 return nil, nil, errors.New("not implemented") } @@ -235,9 +233,9 @@ type chunkQuerier struct { // Select implements storage.ChunkQuerier and uses the given matchers to read chunk series sets from the client. // It uses remote.querier.Select so it supports external labels and required matchers if specified. -func (q *chunkQuerier) Select(sortSeries bool, hints *storage.SelectHints, matchers ...*labels.Matcher) storage.ChunkSeriesSet { +func (q *chunkQuerier) Select(ctx context.Context, sortSeries bool, hints *storage.SelectHints, matchers ...*labels.Matcher) storage.ChunkSeriesSet { // TODO(bwplotka) Support remote read chunked and allow returning chunks directly (TODO ticket). - return storage.NewSeriesSetToChunkSet(q.querier.Select(sortSeries, hints, matchers...)) + return storage.NewSeriesSetToChunkSet(q.querier.Select(ctx, sortSeries, hints, matchers...)) } // Note strings in toFilter must be sorted. diff --git a/vendor/github.com/prometheus/prometheus/storage/remote/read_handler.go b/vendor/github.com/prometheus/prometheus/storage/remote/read_handler.go index aca4d7dd5..e2702c9f7 100644 --- a/vendor/github.com/prometheus/prometheus/storage/remote/read_handler.go +++ b/vendor/github.com/prometheus/prometheus/storage/remote/read_handler.go @@ -16,6 +16,7 @@ package remote import ( "context" "net/http" + "strings" "sync" "github.com/go-kit/log" @@ -27,6 +28,7 @@ import ( "github.com/prometheus/prometheus/model/labels" "github.com/prometheus/prometheus/prompb" "github.com/prometheus/prometheus/storage" + "github.com/prometheus/prometheus/util/annotations" "github.com/prometheus/prometheus/util/gate" ) @@ -92,8 +94,8 @@ func (h *readHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { Value: value, }) } - slices.SortFunc(sortedExternalLabels, func(a, b prompb.Label) bool { - return a.Name < b.Name + slices.SortFunc(sortedExternalLabels, func(a, b prompb.Label) int { + return strings.Compare(a.Name, b.Name) }) responseType, err := NegotiateResponseType(req.AcceptedResponseTypes) @@ -131,7 +133,7 @@ func (h *readHandler) remoteReadSamples( return err } - querier, err := h.queryable.Querier(ctx, query.StartTimestampMs, query.EndTimestampMs) + querier, err := h.queryable.Querier(query.StartTimestampMs, query.EndTimestampMs) if err != nil { return err } @@ -154,8 +156,8 @@ func (h *readHandler) remoteReadSamples( } } - var ws storage.Warnings - resp.Results[i], ws, err = ToQueryResult(querier.Select(false, hints, filteredMatchers...), h.remoteReadSampleLimit) + var ws annotations.Annotations + resp.Results[i], ws, err = ToQueryResult(querier.Select(ctx, false, hints, filteredMatchers...), h.remoteReadSampleLimit) if err != nil { return err } @@ -198,7 +200,7 @@ func (h *readHandler) remoteReadStreamedXORChunks(ctx context.Context, w http.Re return err } - querier, err := h.queryable.ChunkQuerier(ctx, query.StartTimestampMs, query.EndTimestampMs) + querier, err := h.queryable.ChunkQuerier(query.StartTimestampMs, query.EndTimestampMs) if err != nil { return err } @@ -225,7 +227,7 @@ func (h *readHandler) remoteReadStreamedXORChunks(ctx context.Context, w http.Re NewChunkedWriter(w, f), int64(i), // The streaming API has to provide the series sorted. - querier.Select(true, hints, filteredMatchers...), + querier.Select(ctx, true, hints, filteredMatchers...), sortedExternalLabels, h.remoteReadMaxBytesInFrame, h.marshalPool, diff --git a/vendor/github.com/prometheus/prometheus/storage/remote/storage.go b/vendor/github.com/prometheus/prometheus/storage/remote/storage.go index d01f96b3b..b6533f927 100644 --- a/vendor/github.com/prometheus/prometheus/storage/remote/storage.go +++ b/vendor/github.com/prometheus/prometheus/storage/remote/storage.go @@ -152,14 +152,14 @@ func (s *Storage) StartTime() (int64, error) { // Returned querier will never return error as all queryables are assumed best effort. // Additionally all returned queriers ensure that its Select's SeriesSets have ready data after first `Next` invoke. // This is because Prometheus (fanout and secondary queries) can't handle the stream failing half way through by design. -func (s *Storage) Querier(ctx context.Context, mint, maxt int64) (storage.Querier, error) { +func (s *Storage) Querier(mint, maxt int64) (storage.Querier, error) { s.mtx.Lock() queryables := s.queryables s.mtx.Unlock() queriers := make([]storage.Querier, 0, len(queryables)) for _, queryable := range queryables { - q, err := queryable.Querier(ctx, mint, maxt) + q, err := queryable.Querier(mint, maxt) if err != nil { return nil, err } @@ -170,14 +170,14 @@ func (s *Storage) Querier(ctx context.Context, mint, maxt int64) (storage.Querie // ChunkQuerier returns a storage.MergeQuerier combining the remote client queriers // of each configured remote read endpoint. -func (s *Storage) ChunkQuerier(ctx context.Context, mint, maxt int64) (storage.ChunkQuerier, error) { +func (s *Storage) ChunkQuerier(mint, maxt int64) (storage.ChunkQuerier, error) { s.mtx.Lock() queryables := s.queryables s.mtx.Unlock() queriers := make([]storage.ChunkQuerier, 0, len(queryables)) for _, queryable := range queryables { - q, err := queryable.ChunkQuerier(ctx, mint, maxt) + q, err := queryable.ChunkQuerier(mint, maxt) if err != nil { return nil, err } diff --git a/vendor/github.com/prometheus/prometheus/storage/secondary.go b/vendor/github.com/prometheus/prometheus/storage/secondary.go index d66a28617..44d978183 100644 --- a/vendor/github.com/prometheus/prometheus/storage/secondary.go +++ b/vendor/github.com/prometheus/prometheus/storage/secondary.go @@ -14,9 +14,11 @@ package storage import ( + "context" "sync" "github.com/prometheus/prometheus/model/labels" + "github.com/prometheus/prometheus/util/annotations" ) // secondaryQuerier is a wrapper that allows a querier to be treated in a best effort manner. @@ -47,28 +49,28 @@ func newSecondaryQuerierFromChunk(cq ChunkQuerier) genericQuerier { return &secondaryQuerier{genericQuerier: newGenericQuerierFromChunk(cq)} } -func (s *secondaryQuerier) LabelValues(name string, matchers ...*labels.Matcher) ([]string, Warnings, error) { - vals, w, err := s.genericQuerier.LabelValues(name, matchers...) +func (s *secondaryQuerier) LabelValues(ctx context.Context, name string, matchers ...*labels.Matcher) ([]string, annotations.Annotations, error) { + vals, w, err := s.genericQuerier.LabelValues(ctx, name, matchers...) if err != nil { - return nil, append([]error{err}, w...), nil + return nil, w.Add(err), nil } return vals, w, nil } -func (s *secondaryQuerier) LabelNames(matchers ...*labels.Matcher) ([]string, Warnings, error) { - names, w, err := s.genericQuerier.LabelNames(matchers...) +func (s *secondaryQuerier) LabelNames(ctx context.Context, matchers ...*labels.Matcher) ([]string, annotations.Annotations, error) { + names, w, err := s.genericQuerier.LabelNames(ctx, matchers...) if err != nil { - return nil, append([]error{err}, w...), nil + return nil, w.Add(err), nil } return names, w, nil } -func (s *secondaryQuerier) Select(sortSeries bool, hints *SelectHints, matchers ...*labels.Matcher) genericSeriesSet { +func (s *secondaryQuerier) Select(ctx context.Context, sortSeries bool, hints *SelectHints, matchers ...*labels.Matcher) genericSeriesSet { if s.done { panic("secondaryQuerier: Select invoked after first Next of any returned SeriesSet was done") } - s.asyncSets = append(s.asyncSets, s.genericQuerier.Select(sortSeries, hints, matchers...)) + s.asyncSets = append(s.asyncSets, s.genericQuerier.Select(ctx, sortSeries, hints, matchers...)) curr := len(s.asyncSets) - 1 return &lazyGenericSeriesSet{init: func() (genericSeriesSet, bool) { s.once.Do(func() { @@ -82,7 +84,7 @@ func (s *secondaryQuerier) Select(sortSeries bool, hints *SelectHints, matchers if err := set.Err(); err != nil { // One of the sets failed, ensure current one returning errors as warnings, and rest of the sets return nothing. // (All or nothing logic). - s.asyncSets[curr] = warningsOnlySeriesSet(append([]error{err}, ws...)) + s.asyncSets[curr] = warningsOnlySeriesSet(ws.Add(err)) for i := range s.asyncSets { if curr == i { continue diff --git a/vendor/github.com/prometheus/prometheus/tsdb/block.go b/vendor/github.com/prometheus/prometheus/tsdb/block.go index d7b344ab5..13a389970 100644 --- a/vendor/github.com/prometheus/prometheus/tsdb/block.go +++ b/vendor/github.com/prometheus/prometheus/tsdb/block.go @@ -15,6 +15,7 @@ package tsdb import ( + "context" "encoding/json" "io" "os" @@ -64,16 +65,16 @@ type IndexReader interface { Symbols() index.StringIter // SortedLabelValues returns sorted possible label values. - SortedLabelValues(name string, matchers ...*labels.Matcher) ([]string, error) + SortedLabelValues(ctx context.Context, name string, matchers ...*labels.Matcher) ([]string, error) // LabelValues returns possible label values which may not be sorted. - LabelValues(name string, matchers ...*labels.Matcher) ([]string, error) + LabelValues(ctx context.Context, name string, matchers ...*labels.Matcher) ([]string, error) // Postings returns the postings list iterator for the label pairs. // The Postings here contain the offsets to the series inside the index. // Found IDs are not strictly required to point to a valid Series, e.g. // during background garbage collections. - Postings(name string, values ...string) (index.Postings, error) + Postings(ctx context.Context, name string, values ...string) (index.Postings, error) // SortedPostings returns a postings list that is reordered to be sorted // by the label set of the underlying series. @@ -85,16 +86,16 @@ type IndexReader interface { Series(ref storage.SeriesRef, builder *labels.ScratchBuilder, chks *[]chunks.Meta) error // LabelNames returns all the unique label names present in the index in sorted order. - LabelNames(matchers ...*labels.Matcher) ([]string, error) + LabelNames(ctx context.Context, matchers ...*labels.Matcher) ([]string, error) // LabelValueFor returns label value for the given label name in the series referred to by ID. // If the series couldn't be found or the series doesn't have the requested label a // storage.ErrNotFound is returned as error. - LabelValueFor(id storage.SeriesRef, label string) (string, error) + LabelValueFor(ctx context.Context, id storage.SeriesRef, label string) (string, error) // LabelNamesFor returns all the label names for the series referred to by IDs. // The names returned are sorted. - LabelNamesFor(ids ...storage.SeriesRef) ([]string, error) + LabelNamesFor(ctx context.Context, ids ...storage.SeriesRef) ([]string, error) // Close releases the underlying resources of the reader. Close() error @@ -454,14 +455,14 @@ func (r blockIndexReader) Symbols() index.StringIter { return r.ir.Symbols() } -func (r blockIndexReader) SortedLabelValues(name string, matchers ...*labels.Matcher) ([]string, error) { +func (r blockIndexReader) SortedLabelValues(ctx context.Context, name string, matchers ...*labels.Matcher) ([]string, error) { var st []string var err error if len(matchers) == 0 { - st, err = r.ir.SortedLabelValues(name) + st, err = r.ir.SortedLabelValues(ctx, name) } else { - st, err = r.LabelValues(name, matchers...) + st, err = r.LabelValues(ctx, name, matchers...) if err == nil { slices.Sort(st) } @@ -470,25 +471,25 @@ func (r blockIndexReader) SortedLabelValues(name string, matchers ...*labels.Mat return st, errors.Wrapf(err, "block: %s", r.b.Meta().ULID) } -func (r blockIndexReader) LabelValues(name string, matchers ...*labels.Matcher) ([]string, error) { +func (r blockIndexReader) LabelValues(ctx context.Context, name string, matchers ...*labels.Matcher) ([]string, error) { if len(matchers) == 0 { - st, err := r.ir.LabelValues(name) + st, err := r.ir.LabelValues(ctx, name) return st, errors.Wrapf(err, "block: %s", r.b.Meta().ULID) } - return labelValuesWithMatchers(r.ir, name, matchers...) + return labelValuesWithMatchers(ctx, r.ir, name, matchers...) } -func (r blockIndexReader) LabelNames(matchers ...*labels.Matcher) ([]string, error) { +func (r blockIndexReader) LabelNames(ctx context.Context, matchers ...*labels.Matcher) ([]string, error) { if len(matchers) == 0 { - return r.b.LabelNames() + return r.b.LabelNames(ctx) } - return labelNamesWithMatchers(r.ir, matchers...) + return labelNamesWithMatchers(ctx, r.ir, matchers...) } -func (r blockIndexReader) Postings(name string, values ...string) (index.Postings, error) { - p, err := r.ir.Postings(name, values...) +func (r blockIndexReader) Postings(ctx context.Context, name string, values ...string) (index.Postings, error) { + p, err := r.ir.Postings(ctx, name, values...) if err != nil { return p, errors.Wrapf(err, "block: %s", r.b.Meta().ULID) } @@ -512,14 +513,14 @@ func (r blockIndexReader) Close() error { } // LabelValueFor returns label value for the given label name in the series referred to by ID. -func (r blockIndexReader) LabelValueFor(id storage.SeriesRef, label string) (string, error) { - return r.ir.LabelValueFor(id, label) +func (r blockIndexReader) LabelValueFor(ctx context.Context, id storage.SeriesRef, label string) (string, error) { + return r.ir.LabelValueFor(ctx, id, label) } // LabelNamesFor returns all the label names for the series referred to by IDs. // The names returned are sorted. -func (r blockIndexReader) LabelNamesFor(ids ...storage.SeriesRef) ([]string, error) { - return r.ir.LabelNamesFor(ids...) +func (r blockIndexReader) LabelNamesFor(ctx context.Context, ids ...storage.SeriesRef) ([]string, error) { + return r.ir.LabelNamesFor(ctx, ids...) } type blockTombstoneReader struct { @@ -543,7 +544,7 @@ func (r blockChunkReader) Close() error { } // Delete matching series between mint and maxt in the block. -func (pb *Block) Delete(mint, maxt int64, ms ...*labels.Matcher) error { +func (pb *Block) Delete(ctx context.Context, mint, maxt int64, ms ...*labels.Matcher) error { pb.mtx.Lock() defer pb.mtx.Unlock() @@ -551,7 +552,7 @@ func (pb *Block) Delete(mint, maxt int64, ms ...*labels.Matcher) error { return ErrClosing } - p, err := PostingsForMatchers(pb.indexr, ms...) + p, err := PostingsForMatchers(ctx, pb.indexr, ms...) if err != nil { return errors.Wrap(err, "select series") } @@ -685,8 +686,8 @@ func (pb *Block) OverlapsClosedInterval(mint, maxt int64) bool { } // LabelNames returns all the unique label names present in the Block in sorted order. -func (pb *Block) LabelNames() ([]string, error) { - return pb.indexr.LabelNames() +func (pb *Block) LabelNames(ctx context.Context) ([]string, error) { + return pb.indexr.LabelNames(ctx) } func clampInterval(a, b, mint, maxt int64) (int64, int64) { diff --git a/vendor/github.com/prometheus/prometheus/tsdb/chunkenc/float_histogram.go b/vendor/github.com/prometheus/prometheus/tsdb/chunkenc/float_histogram.go index 31b3a09de..505d11245 100644 --- a/vendor/github.com/prometheus/prometheus/tsdb/chunkenc/float_histogram.go +++ b/vendor/github.com/prometheus/prometheus/tsdb/chunkenc/float_histogram.go @@ -233,6 +233,11 @@ func (a *FloatHistogramAppender) appendable(h *histogram.FloatHistogram) ( if a.NumSamples() > 0 && a.GetCounterResetHeader() == GaugeType { return } + if h.CounterResetHint == histogram.CounterReset { + // Always honor the explicit counter reset hint. + counterReset = true + return + } if value.IsStaleNaN(h.Sum) { // This is a stale sample whose buckets and spans don't matter. okToAppend = true @@ -579,7 +584,11 @@ func (a *FloatHistogramAppender) AppendFloatHistogram(prev *FloatHistogramAppend return nil, false, a, nil } - if prev != nil && h.CounterResetHint != histogram.CounterReset { + switch { + case h.CounterResetHint == histogram.CounterReset: + // Always honor the explicit counter reset hint. + a.setCounterResetHeader(CounterReset) + case prev != nil: // This is a new chunk, but continued from a previous one. We need to calculate the reset header unless already set. _, _, _, counterReset := prev.appendable(h) if counterReset { @@ -587,9 +596,6 @@ func (a *FloatHistogramAppender) AppendFloatHistogram(prev *FloatHistogramAppend } else { a.setCounterResetHeader(NotCounterReset) } - } else { - // Honor the explicit counter reset hint. - a.setCounterResetHeader(CounterResetHeader(h.CounterResetHint)) } return nil, false, a, nil } diff --git a/vendor/github.com/prometheus/prometheus/tsdb/chunkenc/histogram.go b/vendor/github.com/prometheus/prometheus/tsdb/chunkenc/histogram.go index e14e25df1..847d89376 100644 --- a/vendor/github.com/prometheus/prometheus/tsdb/chunkenc/histogram.go +++ b/vendor/github.com/prometheus/prometheus/tsdb/chunkenc/histogram.go @@ -253,6 +253,11 @@ func (a *HistogramAppender) appendable(h *histogram.Histogram) ( if a.NumSamples() > 0 && a.GetCounterResetHeader() == GaugeType { return } + if h.CounterResetHint == histogram.CounterReset { + // Always honor the explicit counter reset hint. + counterReset = true + return + } if value.IsStaleNaN(h.Sum) { // This is a stale sample whose buckets and spans don't matter. okToAppend = true @@ -614,7 +619,11 @@ func (a *HistogramAppender) AppendHistogram(prev *HistogramAppender, t int64, h return nil, false, a, nil } - if prev != nil && h.CounterResetHint != histogram.CounterReset { + switch { + case h.CounterResetHint == histogram.CounterReset: + // Always honor the explicit counter reset hint. + a.setCounterResetHeader(CounterReset) + case prev != nil: // This is a new chunk, but continued from a previous one. We need to calculate the reset header unless already set. _, _, _, counterReset := prev.appendable(h) if counterReset { @@ -622,9 +631,6 @@ func (a *HistogramAppender) AppendHistogram(prev *HistogramAppender, t int64, h } else { a.setCounterResetHeader(NotCounterReset) } - } else { - // Honor the explicit counter reset hint. - a.setCounterResetHeader(CounterResetHeader(h.CounterResetHint)) } return nil, false, a, nil } diff --git a/vendor/github.com/prometheus/prometheus/tsdb/chunks/chunks.go b/vendor/github.com/prometheus/prometheus/tsdb/chunks/chunks.go index 88fc5924b..05fd24a06 100644 --- a/vendor/github.com/prometheus/prometheus/tsdb/chunks/chunks.go +++ b/vendor/github.com/prometheus/prometheus/tsdb/chunks/chunks.go @@ -207,6 +207,34 @@ func PopulatedChunk(numSamples int, minTime int64) (Meta, error) { return ChunkFromSamples(samples) } +// ChunkMetasToSamples converts a slice of chunk meta data to a slice of samples. +// Used in tests to compare the content of chunks. +func ChunkMetasToSamples(chunks []Meta) (result []Sample) { + if len(chunks) == 0 { + return + } + + for _, chunk := range chunks { + it := chunk.Chunk.Iterator(nil) + for vt := it.Next(); vt != chunkenc.ValNone; vt = it.Next() { + switch vt { + case chunkenc.ValFloat: + t, v := it.At() + result = append(result, sample{t: t, f: v}) + case chunkenc.ValHistogram: + t, h := it.AtHistogram() + result = append(result, sample{t: t, h: h}) + case chunkenc.ValFloatHistogram: + t, fh := it.AtFloatHistogram() + result = append(result, sample{t: t, fh: fh}) + default: + panic("unexpected value type") + } + } + } + return +} + // Iterator iterates over the chunks of a single time series. type Iterator interface { // At returns the current meta. diff --git a/vendor/github.com/prometheus/prometheus/tsdb/compact.go b/vendor/github.com/prometheus/prometheus/tsdb/compact.go index 0d42f627f..ca3a95096 100644 --- a/vendor/github.com/prometheus/prometheus/tsdb/compact.go +++ b/vendor/github.com/prometheus/prometheus/tsdb/compact.go @@ -200,8 +200,8 @@ func (c *LeveledCompactor) Plan(dir string) ([]string, error) { } func (c *LeveledCompactor) plan(dms []dirMeta) ([]string, error) { - slices.SortFunc(dms, func(a, b dirMeta) bool { - return a.meta.MinTime < b.meta.MinTime + slices.SortFunc(dms, func(a, b dirMeta) int { + return int(a.meta.MinTime - b.meta.MinTime) }) res := c.selectOverlappingDirs(dms) @@ -380,8 +380,8 @@ func CompactBlockMetas(uid ulid.ULID, blocks ...*BlockMeta) *BlockMeta { for s := range sources { res.Compaction.Sources = append(res.Compaction.Sources, s) } - slices.SortFunc(res.Compaction.Sources, func(a, b ulid.ULID) bool { - return a.Compare(b) < 0 + slices.SortFunc(res.Compaction.Sources, func(a, b ulid.ULID) int { + return a.Compare(b) }) res.MinTime = mint @@ -731,7 +731,7 @@ func (c DefaultBlockPopulator) PopulateBlock(ctx context.Context, metrics *Compa closers = append(closers, tombsr) k, v := index.AllPostingsKey() - all, err := indexr.Postings(k, v) + all, err := indexr.Postings(ctx, k, v) if err != nil { return err } diff --git a/vendor/github.com/prometheus/prometheus/tsdb/db.go b/vendor/github.com/prometheus/prometheus/tsdb/db.go index 58ba6900b..ce8ef1f9a 100644 --- a/vendor/github.com/prometheus/prometheus/tsdb/db.go +++ b/vendor/github.com/prometheus/prometheus/tsdb/db.go @@ -526,22 +526,22 @@ func (db *DBReadOnly) loadDataAsQueryable(maxt int64) (storage.SampleAndChunkQue // Querier loads the blocks and wal and returns a new querier over the data partition for the given time range. // Current implementation doesn't support multiple Queriers. -func (db *DBReadOnly) Querier(ctx context.Context, mint, maxt int64) (storage.Querier, error) { +func (db *DBReadOnly) Querier(mint, maxt int64) (storage.Querier, error) { q, err := db.loadDataAsQueryable(maxt) if err != nil { return nil, err } - return q.Querier(ctx, mint, maxt) + return q.Querier(mint, maxt) } // ChunkQuerier loads blocks and the wal and returns a new chunk querier over the data partition for the given time range. // Current implementation doesn't support multiple ChunkQueriers. -func (db *DBReadOnly) ChunkQuerier(ctx context.Context, mint, maxt int64) (storage.ChunkQuerier, error) { +func (db *DBReadOnly) ChunkQuerier(mint, maxt int64) (storage.ChunkQuerier, error) { q, err := db.loadDataAsQueryable(maxt) if err != nil { return nil, err } - return q.ChunkQuerier(ctx, mint, maxt) + return q.ChunkQuerier(mint, maxt) } // Blocks returns a slice of block readers for persisted blocks. @@ -579,8 +579,8 @@ func (db *DBReadOnly) Blocks() ([]BlockReader, error) { return nil, nil } - slices.SortFunc(loadable, func(a, b *Block) bool { - return a.Meta().MinTime < b.Meta().MinTime + slices.SortFunc(loadable, func(a, b *Block) int { + return int(a.Meta().MinTime - b.Meta().MinTime) }) blockMetas := make([]BlockMeta, 0, len(loadable)) @@ -887,13 +887,13 @@ func open(dir string, l log.Logger, r prometheus.Registerer, opts *Options, rngs if initErr := db.head.Init(minValidTime); initErr != nil { db.head.metrics.walCorruptionsTotal.Inc() - isOOOErr := isErrLoadOOOWal(initErr) - if isOOOErr { - level.Warn(db.logger).Log("msg", "Encountered OOO WAL read error, attempting repair", "err", initErr) - if err := wbl.Repair(initErr); err != nil { - return nil, errors.Wrap(err, "repair corrupted OOO WAL") + e, ok := initErr.(*errLoadWbl) + if ok { + level.Warn(db.logger).Log("msg", "Encountered WBL read error, attempting repair", "err", initErr) + if err := wbl.Repair(e.err); err != nil { + return nil, errors.Wrap(err, "repair corrupted WBL") } - level.Info(db.logger).Log("msg", "Successfully repaired OOO WAL") + level.Info(db.logger).Log("msg", "Successfully repaired WBL") } else { level.Warn(db.logger).Log("msg", "Encountered WAL read error, attempting repair", "err", initErr) if err := wal.Repair(initErr); err != nil { @@ -908,7 +908,7 @@ func open(dir string, l log.Logger, r prometheus.Registerer, opts *Options, rngs db.oooWasEnabled.Store(true) } - go db.run() + go db.run(ctx) return db, nil } @@ -949,7 +949,7 @@ func (db *DB) Dir() string { return db.dir } -func (db *DB) run() { +func (db *DB) run(ctx context.Context) { defer close(db.donec) backoff := time.Duration(0) @@ -980,7 +980,7 @@ func (db *DB) run() { db.autoCompactMtx.Lock() if db.autoCompact { - if err := db.Compact(); err != nil { + if err := db.Compact(ctx); err != nil { level.Error(db.logger).Log("msg", "compaction failed", "err", err) backoff = exponential(backoff, 1*time.Second, 1*time.Minute) } else { @@ -1100,7 +1100,7 @@ func (a dbAppender) Commit() error { // which will also delete the blocks that fall out of the retention window. // Old blocks are only deleted on reloadBlocks based on the new block's parent information. // See DB.reloadBlocks documentation for further information. -func (db *DB) Compact() (returnErr error) { +func (db *DB) Compact(ctx context.Context) (returnErr error) { db.cmtx.Lock() defer db.cmtx.Unlock() defer func() { @@ -1173,7 +1173,7 @@ func (db *DB) Compact() (returnErr error) { if lastBlockMaxt != math.MinInt64 { // The head was compacted, so we compact OOO head as well. - if err := db.compactOOOHead(); err != nil { + if err := db.compactOOOHead(ctx); err != nil { return errors.Wrap(err, "compact ooo head") } } @@ -1197,18 +1197,18 @@ func (db *DB) CompactHead(head *RangeHead) error { } // CompactOOOHead compacts the OOO Head. -func (db *DB) CompactOOOHead() error { +func (db *DB) CompactOOOHead(ctx context.Context) error { db.cmtx.Lock() defer db.cmtx.Unlock() - return db.compactOOOHead() + return db.compactOOOHead(ctx) } -func (db *DB) compactOOOHead() error { +func (db *DB) compactOOOHead(ctx context.Context) error { if !db.oooWasEnabled.Load() { return nil } - oooHead, err := NewOOOCompactionHead(db.head) + oooHead, err := NewOOOCompactionHead(ctx, db.head) if err != nil { return errors.Wrap(err, "get ooo compaction head") } @@ -1447,8 +1447,8 @@ func (db *DB) reloadBlocks() (err error) { } db.metrics.blocksBytes.Set(float64(blocksSize)) - slices.SortFunc(toLoad, func(a, b *Block) bool { - return a.Meta().MinTime < b.Meta().MinTime + slices.SortFunc(toLoad, func(a, b *Block) int { + return int(a.Meta().MinTime - b.Meta().MinTime) }) // Swap new blocks first for subsequently created readers to be seen. @@ -1517,8 +1517,8 @@ func deletableBlocks(db *DB, blocks []*Block) map[ulid.ULID]struct{} { // Sort the blocks by time - newest to oldest (largest to smallest timestamp). // This ensures that the retentions will remove the oldest blocks. - slices.SortFunc(blocks, func(a, b *Block) bool { - return a.Meta().MaxTime > b.Meta().MaxTime + slices.SortFunc(blocks, func(a, b *Block) int { + return int(b.Meta().MaxTime - a.Meta().MaxTime) }) for _, block := range blocks { @@ -1797,6 +1797,11 @@ func (db *DB) EnableCompactions() { level.Info(db.logger).Log("msg", "Compactions enabled") } +// ForceHeadMMap is intended for use only in tests and benchmarks. +func (db *DB) ForceHeadMMap() { + db.head.mmapHeadChunks() +} + // Snapshot writes the current data to the directory. If withHead is set to true it // will create a new block containing all data that's currently in the memory buffer/WAL. func (db *DB) Snapshot(dir string, withHead bool) error { @@ -1836,7 +1841,7 @@ func (db *DB) Snapshot(dir string, withHead bool) error { } // Querier returns a new querier over the data partition for the given time range. -func (db *DB) Querier(_ context.Context, mint, maxt int64) (storage.Querier, error) { +func (db *DB) Querier(mint, maxt int64) (storage.Querier, error) { var blocks []BlockReader db.mtx.RLock() @@ -1984,7 +1989,7 @@ func (db *DB) blockChunkQuerierForRange(mint, maxt int64) ([]storage.ChunkQuerie } // ChunkQuerier returns a new chunk querier over the data partition for the given time range. -func (db *DB) ChunkQuerier(_ context.Context, mint, maxt int64) (storage.ChunkQuerier, error) { +func (db *DB) ChunkQuerier(mint, maxt int64) (storage.ChunkQuerier, error) { blockQueriers, err := db.blockChunkQuerierForRange(mint, maxt) if err != nil { return nil, err @@ -2001,7 +2006,7 @@ func rangeForTimestamp(t, width int64) (maxt int64) { } // Delete implements deletion of metrics. It only has atomicity guarantees on a per-block basis. -func (db *DB) Delete(mint, maxt int64, ms ...*labels.Matcher) error { +func (db *DB) Delete(ctx context.Context, mint, maxt int64, ms ...*labels.Matcher) error { db.cmtx.Lock() defer db.cmtx.Unlock() @@ -2013,13 +2018,13 @@ func (db *DB) Delete(mint, maxt int64, ms ...*labels.Matcher) error { for _, b := range db.blocks { if b.OverlapsClosedInterval(mint, maxt) { g.Go(func(b *Block) func() error { - return func() error { return b.Delete(mint, maxt, ms...) } + return func() error { return b.Delete(ctx, mint, maxt, ms...) } }(b)) } } if db.head.OverlapsClosedInterval(mint, maxt) { g.Go(func() error { - return db.head.Delete(mint, maxt, ms...) + return db.head.Delete(ctx, mint, maxt, ms...) }) } diff --git a/vendor/github.com/prometheus/prometheus/tsdb/exemplar.go b/vendor/github.com/prometheus/prometheus/tsdb/exemplar.go index d4c0505cc..904fc7c2b 100644 --- a/vendor/github.com/prometheus/prometheus/tsdb/exemplar.go +++ b/vendor/github.com/prometheus/prometheus/tsdb/exemplar.go @@ -185,8 +185,8 @@ func (ce *CircularExemplarStorage) Select(start, end int64, matchers ...[]*label } } - slices.SortFunc(ret, func(a, b exemplar.QueryResult) bool { - return labels.Compare(a.SeriesLabels, b.SeriesLabels) < 0 + slices.SortFunc(ret, func(a, b exemplar.QueryResult) int { + return labels.Compare(a.SeriesLabels, b.SeriesLabels) }) return ret, nil diff --git a/vendor/github.com/prometheus/prometheus/tsdb/head.go b/vendor/github.com/prometheus/prometheus/tsdb/head.go index cfda3f644..0ea2b8385 100644 --- a/vendor/github.com/prometheus/prometheus/tsdb/head.go +++ b/vendor/github.com/prometheus/prometheus/tsdb/head.go @@ -14,6 +14,7 @@ package tsdb import ( + "context" "fmt" "io" "math" @@ -257,7 +258,6 @@ func NewHead(r prometheus.Registerer, l log.Logger, wal, wbl *wlog.WL, opts *Hea if err := h.resetInMemoryState(); err != nil { return nil, err } - h.metrics = newHeadMetrics(h, r) if opts.ChunkPool == nil { opts.ChunkPool = chunkenc.NewPool() @@ -277,6 +277,7 @@ func NewHead(r prometheus.Registerer, l log.Logger, wal, wbl *wlog.WL, opts *Hea if err != nil { return nil, err } + h.metrics = newHeadMetrics(h, r) return h, nil } @@ -764,17 +765,17 @@ func (h *Head) Init(minValidTime int64) error { wblReplayStart := time.Now() if h.wbl != nil { - // Replay OOO WAL. + // Replay WBL. startFrom, endAt, e = wlog.Segments(h.wbl.Dir()) if e != nil { - return errors.Wrap(e, "finding OOO WAL segments") + return &errLoadWbl{errors.Wrap(e, "finding WBL segments")} } h.startWALReplayStatus(startFrom, endAt) for i := startFrom; i <= endAt; i++ { s, err := wlog.OpenReadSegment(wlog.SegmentName(h.wbl.Dir(), i)) if err != nil { - return errors.Wrap(err, fmt.Sprintf("open WBL segment: %d", i)) + return &errLoadWbl{errors.Wrap(err, fmt.Sprintf("open WBL segment: %d", i))} } sr := wlog.NewSegmentBufReader(s) @@ -783,7 +784,7 @@ func (h *Head) Init(minValidTime int64) error { level.Warn(h.logger).Log("msg", "Error while closing the wbl segments reader", "err", err) } if err != nil { - return err + return &errLoadWbl{err} } level.Info(h.logger).Log("msg", "WBL segment loaded", "segment", i, "maxSegment", endAt) h.updateWALReplayStatusRead(i) @@ -1426,19 +1427,23 @@ func (h *RangeHead) String() string { // Delete all samples in the range of [mint, maxt] for series that satisfy the given // label matchers. -func (h *Head) Delete(mint, maxt int64, ms ...*labels.Matcher) error { +func (h *Head) Delete(ctx context.Context, mint, maxt int64, ms ...*labels.Matcher) error { // Do not delete anything beyond the currently valid range. mint, maxt = clampInterval(mint, maxt, h.MinTime(), h.MaxTime()) ir := h.indexRange(mint, maxt) - p, err := PostingsForMatchers(ir, ms...) + p, err := PostingsForMatchers(ctx, ir, ms...) if err != nil { return errors.Wrap(err, "select series") } var stones []tombstones.Stone for p.Next() { + if err := ctx.Err(); err != nil { + return errors.Wrap(err, "select series") + } + series := h.series.getByID(chunks.HeadSeriesRef(p.At())) if series == nil { level.Debug(h.logger).Log("msg", "Series not found in Head.Delete") @@ -1458,6 +1463,10 @@ func (h *Head) Delete(mint, maxt int64, ms ...*labels.Matcher) error { if p.Err() != nil { return p.Err() } + if ctx.Err() != nil { + return errors.Wrap(err, "select series") + } + if h.wal != nil { var enc record.Encoder if err := h.wal.Log(enc.Tombstones(stones, nil)); err != nil { diff --git a/vendor/github.com/prometheus/prometheus/tsdb/head_read.go b/vendor/github.com/prometheus/prometheus/tsdb/head_read.go index f27d4ef76..6964d5472 100644 --- a/vendor/github.com/prometheus/prometheus/tsdb/head_read.go +++ b/vendor/github.com/prometheus/prometheus/tsdb/head_read.go @@ -62,8 +62,8 @@ func (h *headIndexReader) Symbols() index.StringIter { // specific label name that are within the time range mint to maxt. // If matchers are specified the returned result set is reduced // to label values of metrics matching the matchers. -func (h *headIndexReader) SortedLabelValues(name string, matchers ...*labels.Matcher) ([]string, error) { - values, err := h.LabelValues(name, matchers...) +func (h *headIndexReader) SortedLabelValues(ctx context.Context, name string, matchers ...*labels.Matcher) ([]string, error) { + values, err := h.LabelValues(ctx, name, matchers...) if err == nil { slices.Sort(values) } @@ -74,21 +74,21 @@ func (h *headIndexReader) SortedLabelValues(name string, matchers ...*labels.Mat // specific label name that are within the time range mint to maxt. // If matchers are specified the returned result set is reduced // to label values of metrics matching the matchers. -func (h *headIndexReader) LabelValues(name string, matchers ...*labels.Matcher) ([]string, error) { +func (h *headIndexReader) LabelValues(ctx context.Context, name string, matchers ...*labels.Matcher) ([]string, error) { if h.maxt < h.head.MinTime() || h.mint > h.head.MaxTime() { return []string{}, nil } if len(matchers) == 0 { - return h.head.postings.LabelValues(name), nil + return h.head.postings.LabelValues(ctx, name), nil } - return labelValuesWithMatchers(h, name, matchers...) + return labelValuesWithMatchers(ctx, h, name, matchers...) } // LabelNames returns all the unique label names present in the head // that are within the time range mint to maxt. -func (h *headIndexReader) LabelNames(matchers ...*labels.Matcher) ([]string, error) { +func (h *headIndexReader) LabelNames(ctx context.Context, matchers ...*labels.Matcher) ([]string, error) { if h.maxt < h.head.MinTime() || h.mint > h.head.MaxTime() { return []string{}, nil } @@ -99,11 +99,11 @@ func (h *headIndexReader) LabelNames(matchers ...*labels.Matcher) ([]string, err return labelNames, nil } - return labelNamesWithMatchers(h, matchers...) + return labelNamesWithMatchers(ctx, h, matchers...) } // Postings returns the postings list iterator for the label pairs. -func (h *headIndexReader) Postings(name string, values ...string) (index.Postings, error) { +func (h *headIndexReader) Postings(ctx context.Context, name string, values ...string) (index.Postings, error) { switch len(values) { case 0: return index.EmptyPostings(), nil @@ -116,7 +116,7 @@ func (h *headIndexReader) Postings(name string, values ...string) (index.Posting res = append(res, p) } } - return index.Merge(res...), nil + return index.Merge(ctx, res...), nil } } @@ -136,8 +136,8 @@ func (h *headIndexReader) SortedPostings(p index.Postings) index.Postings { return index.ErrPostings(errors.Wrap(err, "expand postings")) } - slices.SortFunc(series, func(a, b *memSeries) bool { - return labels.Compare(a.lset, b.lset) < 0 + slices.SortFunc(series, func(a, b *memSeries) int { + return labels.Compare(a.lset, b.lset) }) // Convert back to list. @@ -216,7 +216,7 @@ func (s *memSeries) oooHeadChunkID(pos int) chunks.HeadChunkID { } // LabelValueFor returns label value for the given label name in the series referred to by ID. -func (h *headIndexReader) LabelValueFor(id storage.SeriesRef, label string) (string, error) { +func (h *headIndexReader) LabelValueFor(_ context.Context, id storage.SeriesRef, label string) (string, error) { memSeries := h.head.series.getByID(chunks.HeadSeriesRef(id)) if memSeries == nil { return "", storage.ErrNotFound @@ -232,9 +232,12 @@ func (h *headIndexReader) LabelValueFor(id storage.SeriesRef, label string) (str // LabelNamesFor returns all the label names for the series referred to by IDs. // The names returned are sorted. -func (h *headIndexReader) LabelNamesFor(ids ...storage.SeriesRef) ([]string, error) { +func (h *headIndexReader) LabelNamesFor(ctx context.Context, ids ...storage.SeriesRef) ([]string, error) { namesMap := make(map[string]struct{}) for _, id := range ids { + if ctx.Err() != nil { + return nil, ctx.Err() + } memSeries := h.head.series.getByID(chunks.HeadSeriesRef(id)) if memSeries == nil { return nil, storage.ErrNotFound diff --git a/vendor/github.com/prometheus/prometheus/tsdb/head_wal.go b/vendor/github.com/prometheus/prometheus/tsdb/head_wal.go index 19520a7d2..d6780c021 100644 --- a/vendor/github.com/prometheus/prometheus/tsdb/head_wal.go +++ b/vendor/github.com/prometheus/prometheus/tsdb/head_wal.go @@ -589,9 +589,6 @@ func (wp *walSubsetProcessor) processWALSamples(h *Head, mmappedChunks, oooMmapp if s.T <= ms.mmMaxTime { continue } - if s.T <= ms.mmMaxTime { - continue - } if _, chunkCreated := ms.append(s.T, s.V, 0, appendChunkOpts); chunkCreated { h.metrics.chunksCreated.Inc() h.metrics.chunks.Inc() @@ -752,7 +749,9 @@ func (h *Head) loadWBL(r *wlog.Reader, multiRef map[chunks.HeadSeriesRef]chunks. m = len(samples) } for i := 0; i < concurrency; i++ { - shards[i] = processors[i].reuseBuf() + if shards[i] == nil { + shards[i] = processors[i].reuseBuf() + } } for _, sam := range samples[:m] { if r, ok := multiRef[sam.Ref]; ok { @@ -762,7 +761,10 @@ func (h *Head) loadWBL(r *wlog.Reader, multiRef map[chunks.HeadSeriesRef]chunks. shards[mod] = append(shards[mod], sam) } for i := 0; i < concurrency; i++ { - processors[i].input <- shards[i] + if len(shards[i]) > 0 { + processors[i].input <- wblSubsetProcessorInputItem{samples: shards[i]} + shards[i] = nil + } } samples = samples[m:] } @@ -788,23 +790,7 @@ func (h *Head) loadWBL(r *wlog.Reader, multiRef map[chunks.HeadSeriesRef]chunks. continue } idx := uint64(ms.ref) % uint64(concurrency) - // It is possible that some old sample is being processed in processWALSamples that - // could cause race below. So we wait for the goroutine to empty input the buffer and finish - // processing all old samples after emptying the buffer. - processors[idx].waitUntilIdle() - // Lock the subset so we can modify the series object - processors[idx].mx.Lock() - - // All samples till now have been m-mapped. Hence clear out the headChunk. - // In case some samples slipped through and went into m-map chunks because of changed - // chunk size parameters, we are not taking care of that here. - // TODO(codesome): see if there is a way to avoid duplicate m-map chunks if - // the size of ooo chunk was reduced between restart. - if ms.ooo != nil { - ms.ooo.oooHeadChunk = nil - } - - processors[idx].mx.Unlock() + processors[idx].input <- wblSubsetProcessorInputItem{mmappedSeries: ms} } default: panic(fmt.Errorf("unexpected decodedCh type: %T", d)) @@ -839,31 +825,27 @@ func (e errLoadWbl) Error() string { return e.err.Error() } -// To support errors.Cause(). func (e errLoadWbl) Cause() error { return e.err } -// To support errors.Unwrap(). func (e errLoadWbl) Unwrap() error { return e.err } -// isErrLoadOOOWal returns a boolean if the error is errLoadWbl. -func isErrLoadOOOWal(err error) bool { - _, ok := err.(*errLoadWbl) - return ok +type wblSubsetProcessor struct { + input chan wblSubsetProcessorInputItem + output chan []record.RefSample } -type wblSubsetProcessor struct { - mx sync.Mutex // Take this lock while modifying series in the subset. - input chan []record.RefSample - output chan []record.RefSample +type wblSubsetProcessorInputItem struct { + mmappedSeries *memSeries + samples []record.RefSample } func (wp *wblSubsetProcessor) setup() { wp.output = make(chan []record.RefSample, 300) - wp.input = make(chan []record.RefSample, 300) + wp.input = make(chan wblSubsetProcessorInputItem, 300) } func (wp *wblSubsetProcessor) closeAndDrain() { @@ -884,16 +866,23 @@ func (wp *wblSubsetProcessor) reuseBuf() []record.RefSample { // processWBLSamples adds the samples it receives to the head and passes // the buffer received to an output channel for reuse. -// Samples before the minValidTime timestamp are discarded. func (wp *wblSubsetProcessor) processWBLSamples(h *Head) (unknownRefs uint64) { defer close(wp.output) oooCapMax := h.opts.OutOfOrderCapMax.Load() // We don't check for minValidTime for ooo samples. mint, maxt := int64(math.MaxInt64), int64(math.MinInt64) - for samples := range wp.input { - wp.mx.Lock() - for _, s := range samples { + for in := range wp.input { + if in.mmappedSeries != nil && in.mmappedSeries.ooo != nil { + // All samples till now have been m-mapped. Hence clear out the headChunk. + // In case some samples slipped through and went into m-map chunks because of changed + // chunk size parameters, we are not taking care of that here. + // TODO(codesome): see if there is a way to avoid duplicate m-map chunks if + // the size of ooo chunk was reduced between restart. + in.mmappedSeries.ooo.oooHeadChunk = nil + continue + } + for _, s := range in.samples { ms := h.series.getByID(s.Ref) if ms == nil { unknownRefs++ @@ -913,8 +902,10 @@ func (wp *wblSubsetProcessor) processWBLSamples(h *Head) (unknownRefs uint64) { } } } - wp.mx.Unlock() - + select { + case wp.output <- in.samples: + default: + } } h.updateMinOOOMaxOOOTime(mint, maxt) @@ -922,21 +913,6 @@ func (wp *wblSubsetProcessor) processWBLSamples(h *Head) (unknownRefs uint64) { return unknownRefs } -func (wp *wblSubsetProcessor) waitUntilIdle() { - select { - case <-wp.output: // Allow output side to drain to avoid deadlock. - default: - } - wp.input <- []record.RefSample{} - for len(wp.input) != 0 { - time.Sleep(10 * time.Microsecond) - select { - case <-wp.output: // Allow output side to drain to avoid deadlock. - default: - } - } -} - const ( chunkSnapshotRecordTypeSeries uint8 = 1 chunkSnapshotRecordTypeTombstones uint8 = 2 diff --git a/vendor/github.com/prometheus/prometheus/tsdb/index/index.go b/vendor/github.com/prometheus/prometheus/tsdb/index/index.go index a1a970f5c..ccf06e8ea 100644 --- a/vendor/github.com/prometheus/prometheus/tsdb/index/index.go +++ b/vendor/github.com/prometheus/prometheus/tsdb/index/index.go @@ -923,7 +923,7 @@ func (w *Writer) writePostingsToTmpFiles() error { // Symbol numbers are in order, so the strings will also be in order. slices.Sort(values) for _, v := range values { - value, err := w.symbols.Lookup(v) + value, err := w.symbols.Lookup(w.ctx, v) if err != nil { return err } @@ -1295,7 +1295,7 @@ func NewSymbols(bs ByteSlice, version, off int) (*Symbols, error) { return s, nil } -func (s Symbols) Lookup(o uint32) (string, error) { +func (s Symbols) Lookup(ctx context.Context, o uint32) (string, error) { d := encoding.Decbuf{ B: s.bs.Range(0, s.bs.Len()), } @@ -1307,6 +1307,9 @@ func (s Symbols) Lookup(o uint32) (string, error) { d.Skip(s.offsets[int(o/symbolFactor)]) // Walk until we find the one we want. for i := o - (o / symbolFactor * symbolFactor); i > 0; i-- { + if ctx.Err() != nil { + return "", ctx.Err() + } d.UvarintBytes() } } else { @@ -1434,11 +1437,11 @@ func (r *Reader) Close() error { return r.c.Close() } -func (r *Reader) lookupSymbol(o uint32) (string, error) { +func (r *Reader) lookupSymbol(ctx context.Context, o uint32) (string, error) { if s, ok := r.nameSymbols[o]; ok { return s, nil } - return r.symbols.Lookup(o) + return r.symbols.Lookup(ctx, o) } // Symbols returns an iterator over the symbols that exist within the index. @@ -1454,8 +1457,8 @@ func (r *Reader) SymbolTableSize() uint64 { // SortedLabelValues returns value tuples that exist for the given label name. // It is not safe to use the return value beyond the lifetime of the byte slice // passed into the Reader. -func (r *Reader) SortedLabelValues(name string, matchers ...*labels.Matcher) ([]string, error) { - values, err := r.LabelValues(name, matchers...) +func (r *Reader) SortedLabelValues(ctx context.Context, name string, matchers ...*labels.Matcher) ([]string, error) { + values, err := r.LabelValues(ctx, name, matchers...) if err == nil && r.version == FormatV1 { slices.Sort(values) } @@ -1466,7 +1469,7 @@ func (r *Reader) SortedLabelValues(name string, matchers ...*labels.Matcher) ([] // It is not safe to use the return value beyond the lifetime of the byte slice // passed into the Reader. // TODO(replay): Support filtering by matchers -func (r *Reader) LabelValues(name string, matchers ...*labels.Matcher) ([]string, error) { +func (r *Reader) LabelValues(ctx context.Context, name string, matchers ...*labels.Matcher) ([]string, error) { if len(matchers) > 0 { return nil, errors.Errorf("matchers parameter is not implemented: %+v", matchers) } @@ -1497,7 +1500,7 @@ func (r *Reader) LabelValues(name string, matchers ...*labels.Matcher) ([]string lastVal := e[len(e)-1].value skip := 0 - for d.Err() == nil { + for d.Err() == nil && ctx.Err() == nil { if skip == 0 { // These are always the same number of bytes, // and it's faster to skip than parse. @@ -1518,15 +1521,20 @@ func (r *Reader) LabelValues(name string, matchers ...*labels.Matcher) ([]string if d.Err() != nil { return nil, errors.Wrap(d.Err(), "get postings offset entry") } - return values, nil + + return values, ctx.Err() } // LabelNamesFor returns all the label names for the series referred to by IDs. // The names returned are sorted. -func (r *Reader) LabelNamesFor(ids ...storage.SeriesRef) ([]string, error) { +func (r *Reader) LabelNamesFor(ctx context.Context, ids ...storage.SeriesRef) ([]string, error) { // Gather offsetsMap the name offsetsMap in the symbol table first offsetsMap := make(map[uint32]struct{}) for _, id := range ids { + if ctx.Err() != nil { + return nil, ctx.Err() + } + offset := id // In version 2 series IDs are no longer exact references but series are 16-byte padded // and the ID is the multiple of 16 of the actual position. @@ -1552,7 +1560,7 @@ func (r *Reader) LabelNamesFor(ids ...storage.SeriesRef) ([]string, error) { // Lookup the unique symbols. names := make([]string, 0, len(offsetsMap)) for off := range offsetsMap { - name, err := r.lookupSymbol(off) + name, err := r.lookupSymbol(ctx, off) if err != nil { return nil, errors.Wrap(err, "lookup symbol in LabelNamesFor") } @@ -1565,7 +1573,7 @@ func (r *Reader) LabelNamesFor(ids ...storage.SeriesRef) ([]string, error) { } // LabelValueFor returns label value for the given label name in the series referred to by ID. -func (r *Reader) LabelValueFor(id storage.SeriesRef, label string) (string, error) { +func (r *Reader) LabelValueFor(ctx context.Context, id storage.SeriesRef, label string) (string, error) { offset := id // In version 2 series IDs are no longer exact references but series are 16-byte padded // and the ID is the multiple of 16 of the actual position. @@ -1578,7 +1586,7 @@ func (r *Reader) LabelValueFor(id storage.SeriesRef, label string) (string, erro return "", errors.Wrap(d.Err(), "label values for") } - value, err := r.dec.LabelValueFor(buf, label) + value, err := r.dec.LabelValueFor(ctx, buf, label) if err != nil { return "", storage.ErrNotFound } @@ -1605,7 +1613,7 @@ func (r *Reader) Series(id storage.SeriesRef, builder *labels.ScratchBuilder, ch return errors.Wrap(r.dec.Series(d.Get(), builder, chks), "read series") } -func (r *Reader) Postings(name string, values ...string) (Postings, error) { +func (r *Reader) Postings(ctx context.Context, name string, values ...string) (Postings, error) { if r.version == FormatV1 { e, ok := r.postingsV1[name] if !ok { @@ -1625,7 +1633,7 @@ func (r *Reader) Postings(name string, values ...string) (Postings, error) { } res = append(res, p) } - return Merge(res...), nil + return Merge(ctx, res...), nil } e, ok := r.postings[name] @@ -1664,7 +1672,7 @@ func (r *Reader) Postings(name string, values ...string) (Postings, error) { // Iterate on the offset table. var postingsOff uint64 // The offset into the postings table. - for d.Err() == nil { + for d.Err() == nil && ctx.Err() == nil { if skip == 0 { // These are always the same number of bytes, // and it's faster to skip than parse. @@ -1701,9 +1709,12 @@ func (r *Reader) Postings(name string, values ...string) (Postings, error) { if d.Err() != nil { return nil, errors.Wrap(d.Err(), "get postings offset entry") } + if ctx.Err() != nil { + return nil, errors.Wrap(ctx.Err(), "get postings offset entry") + } } - return Merge(res...), nil + return Merge(ctx, res...), nil } // SortedPostings returns the given postings list reordered so that the backing series @@ -1719,7 +1730,7 @@ func (r *Reader) Size() int64 { // LabelNames returns all the unique label names present in the index. // TODO(twilkie) implement support for matchers -func (r *Reader) LabelNames(matchers ...*labels.Matcher) ([]string, error) { +func (r *Reader) LabelNames(_ context.Context, matchers ...*labels.Matcher) ([]string, error) { if len(matchers) > 0 { return nil, errors.Errorf("matchers parameter is not implemented: %+v", matchers) } @@ -1763,7 +1774,7 @@ func (s stringListIter) Err() error { return nil } // It currently does not contain decoding methods for all entry types but can be extended // by them if there's demand. type Decoder struct { - LookupSymbol func(uint32) (string, error) + LookupSymbol func(context.Context, uint32) (string, error) } // Postings returns a postings list for b and its number of elements. @@ -1800,7 +1811,7 @@ func (dec *Decoder) LabelNamesOffsetsFor(b []byte) ([]uint32, error) { } // LabelValueFor decodes a label for a given series. -func (dec *Decoder) LabelValueFor(b []byte, label string) (string, error) { +func (dec *Decoder) LabelValueFor(ctx context.Context, b []byte, label string) (string, error) { d := encoding.Decbuf{B: b} k := d.Uvarint() @@ -1812,13 +1823,13 @@ func (dec *Decoder) LabelValueFor(b []byte, label string) (string, error) { return "", errors.Wrap(d.Err(), "read series label offsets") } - ln, err := dec.LookupSymbol(lno) + ln, err := dec.LookupSymbol(ctx, lno) if err != nil { return "", errors.Wrap(err, "lookup label name") } if ln == label { - lv, err := dec.LookupSymbol(lvo) + lv, err := dec.LookupSymbol(ctx, lvo) if err != nil { return "", errors.Wrap(err, "lookup label value") } @@ -1848,11 +1859,11 @@ func (dec *Decoder) Series(b []byte, builder *labels.ScratchBuilder, chks *[]chu return errors.Wrap(d.Err(), "read series label offsets") } - ln, err := dec.LookupSymbol(lno) + ln, err := dec.LookupSymbol(context.TODO(), lno) if err != nil { return errors.Wrap(err, "lookup label name") } - lv, err := dec.LookupSymbol(lvo) + lv, err := dec.LookupSymbol(context.TODO(), lvo) if err != nil { return errors.Wrap(err, "lookup label value") } diff --git a/vendor/github.com/prometheus/prometheus/tsdb/index/postings.go b/vendor/github.com/prometheus/prometheus/tsdb/index/postings.go index 3be8a1997..f79a8d4cf 100644 --- a/vendor/github.com/prometheus/prometheus/tsdb/index/postings.go +++ b/vendor/github.com/prometheus/prometheus/tsdb/index/postings.go @@ -15,9 +15,11 @@ package index import ( "container/heap" + "context" "encoding/binary" "runtime" "sort" + "strings" "sync" "github.com/pkg/errors" @@ -107,11 +109,14 @@ func (p *MemPostings) SortedKeys() []labels.Label { } p.mtx.RUnlock() - slices.SortFunc(keys, func(a, b labels.Label) bool { - if a.Name != b.Name { - return a.Name < b.Name + slices.SortFunc(keys, func(a, b labels.Label) int { + nameCompare := strings.Compare(a.Name, b.Name) + // If names are the same, compare values. + if nameCompare != 0 { + return nameCompare } - return a.Value < b.Value + + return strings.Compare(a.Value, b.Value) }) return keys } @@ -135,7 +140,7 @@ func (p *MemPostings) LabelNames() []string { } // LabelValues returns label values for the given name. -func (p *MemPostings) LabelValues(name string) []string { +func (p *MemPostings) LabelValues(_ context.Context, name string) []string { p.mtx.RLock() defer p.mtx.RUnlock() @@ -408,6 +413,7 @@ type Postings interface { Seek(v storage.SeriesRef) bool // At returns the value at the current iterator position. + // At should only be called after a successful call to Next or Seek. At() storage.SeriesRef // Err returns the last error of the iterator. @@ -519,7 +525,7 @@ func (it *intersectPostings) Err() error { } // Merge returns a new iterator over the union of the input iterators. -func Merge(its ...Postings) Postings { +func Merge(ctx context.Context, its ...Postings) Postings { if len(its) == 0 { return EmptyPostings() } @@ -527,7 +533,7 @@ func Merge(its ...Postings) Postings { return its[0] } - p, ok := newMergedPostings(its) + p, ok := newMergedPostings(ctx, its) if !ok { return EmptyPostings() } @@ -559,12 +565,14 @@ type mergedPostings struct { err error } -func newMergedPostings(p []Postings) (m *mergedPostings, nonEmpty bool) { +func newMergedPostings(ctx context.Context, p []Postings) (m *mergedPostings, nonEmpty bool) { ph := make(postingsHeap, 0, len(p)) for _, it := range p { // NOTE: mergedPostings struct requires the user to issue an initial Next. switch { + case ctx.Err() != nil: + return &mergedPostings{err: ctx.Err()}, true case it.Next(): ph = append(ph, it) case it.Err() != nil: diff --git a/vendor/github.com/prometheus/prometheus/tsdb/index/postingsstats.go b/vendor/github.com/prometheus/prometheus/tsdb/index/postingsstats.go index 8e5f62dba..70622b3d2 100644 --- a/vendor/github.com/prometheus/prometheus/tsdb/index/postingsstats.go +++ b/vendor/github.com/prometheus/prometheus/tsdb/index/postingsstats.go @@ -63,8 +63,6 @@ func (m *maxHeap) push(item Stat) { } func (m *maxHeap) get() []Stat { - slices.SortFunc(m.Items, func(a, b Stat) bool { - return a.Count > b.Count - }) + slices.SortFunc(m.Items, func(a, b Stat) int { return int(b.Count - a.Count) }) return m.Items } diff --git a/vendor/github.com/prometheus/prometheus/tsdb/ooo_head_read.go b/vendor/github.com/prometheus/prometheus/tsdb/ooo_head_read.go index 2d683b545..198bc4f2f 100644 --- a/vendor/github.com/prometheus/prometheus/tsdb/ooo_head_read.go +++ b/vendor/github.com/prometheus/prometheus/tsdb/ooo_head_read.go @@ -11,10 +11,11 @@ // See the License for the specific language governing permissions and // limitations under the License. -// nolint:revive // Many unsued function arguments in this file by design. +// nolint:revive // Many unused function arguments in this file by design. package tsdb import ( + "context" "errors" "math" @@ -157,16 +158,16 @@ func (oh *OOOHeadIndexReader) series(ref storage.SeriesRef, builder *labels.Scra // LabelValues needs to be overridden from the headIndexReader implementation due // to the check that happens at the beginning where we make sure that the query // interval overlaps with the head minooot and maxooot. -func (oh *OOOHeadIndexReader) LabelValues(name string, matchers ...*labels.Matcher) ([]string, error) { +func (oh *OOOHeadIndexReader) LabelValues(ctx context.Context, name string, matchers ...*labels.Matcher) ([]string, error) { if oh.maxt < oh.head.MinOOOTime() || oh.mint > oh.head.MaxOOOTime() { return []string{}, nil } if len(matchers) == 0 { - return oh.head.postings.LabelValues(name), nil + return oh.head.postings.LabelValues(ctx, name), nil } - return labelValuesWithMatchers(oh, name, matchers...) + return labelValuesWithMatchers(ctx, oh, name, matchers...) } type chunkMetaAndChunkDiskMapperRef struct { @@ -176,21 +177,21 @@ type chunkMetaAndChunkDiskMapperRef struct { origMaxT int64 } -func refLessByMinTimeAndMinRef(a, b chunkMetaAndChunkDiskMapperRef) bool { +func refLessByMinTimeAndMinRef(a, b chunkMetaAndChunkDiskMapperRef) int { if a.meta.MinTime == b.meta.MinTime { - return a.meta.Ref < b.meta.Ref + return int(a.meta.Ref - b.meta.Ref) } - return a.meta.MinTime < b.meta.MinTime + return int(a.meta.MinTime - b.meta.MinTime) } -func lessByMinTimeAndMinRef(a, b chunks.Meta) bool { +func lessByMinTimeAndMinRef(a, b chunks.Meta) int { if a.MinTime == b.MinTime { - return a.Ref < b.Ref + return int(a.Ref - b.Ref) } - return a.MinTime < b.MinTime + return int(a.MinTime - b.MinTime) } -func (oh *OOOHeadIndexReader) Postings(name string, values ...string) (index.Postings, error) { +func (oh *OOOHeadIndexReader) Postings(ctx context.Context, name string, values ...string) (index.Postings, error) { switch len(values) { case 0: return index.EmptyPostings(), nil @@ -202,7 +203,7 @@ func (oh *OOOHeadIndexReader) Postings(name string, values ...string) (index.Pos for _, value := range values { res = append(res, oh.head.postings.Get(name, value)) // TODO(ganesh) Also call GetOOOPostings } - return index.Merge(res...), nil + return index.Merge(ctx, res...), nil } } @@ -268,7 +269,7 @@ type OOOCompactionHead struct { // 4. Cuts a new WBL file for the OOO WBL. // All the above together have a bit of CPU and memory overhead, and can have a bit of impact // on the sample append latency. So call NewOOOCompactionHead only right before compaction. -func NewOOOCompactionHead(head *Head) (*OOOCompactionHead, error) { +func NewOOOCompactionHead(ctx context.Context, head *Head) (*OOOCompactionHead, error) { ch := &OOOCompactionHead{ chunkRange: head.chunkRange.Load(), mint: math.MaxInt64, @@ -287,7 +288,7 @@ func NewOOOCompactionHead(head *Head) (*OOOCompactionHead, error) { n, v := index.AllPostingsKey() // TODO: verify this gets only ooo samples. - p, err := ch.oooIR.Postings(n, v) + p, err := ch.oooIR.Postings(ctx, n, v) if err != nil { return nil, err } @@ -396,7 +397,7 @@ func (ir *OOOCompactionHeadIndexReader) Symbols() index.StringIter { return ir.ch.oooIR.Symbols() } -func (ir *OOOCompactionHeadIndexReader) Postings(name string, values ...string) (index.Postings, error) { +func (ir *OOOCompactionHeadIndexReader) Postings(_ context.Context, name string, values ...string) (index.Postings, error) { n, v := index.AllPostingsKey() if name != n || len(values) != 1 || values[0] != v { return nil, errors.New("only AllPostingsKey is supported") @@ -413,27 +414,27 @@ func (ir *OOOCompactionHeadIndexReader) Series(ref storage.SeriesRef, builder *l return ir.ch.oooIR.series(ref, builder, chks, ir.ch.lastMmapRef) } -func (ir *OOOCompactionHeadIndexReader) SortedLabelValues(name string, matchers ...*labels.Matcher) ([]string, error) { +func (ir *OOOCompactionHeadIndexReader) SortedLabelValues(_ context.Context, name string, matchers ...*labels.Matcher) ([]string, error) { return nil, errors.New("not implemented") } -func (ir *OOOCompactionHeadIndexReader) LabelValues(name string, matchers ...*labels.Matcher) ([]string, error) { +func (ir *OOOCompactionHeadIndexReader) LabelValues(_ context.Context, name string, matchers ...*labels.Matcher) ([]string, error) { return nil, errors.New("not implemented") } -func (ir *OOOCompactionHeadIndexReader) PostingsForMatchers(concurrent bool, ms ...*labels.Matcher) (index.Postings, error) { +func (ir *OOOCompactionHeadIndexReader) PostingsForMatchers(_ context.Context, concurrent bool, ms ...*labels.Matcher) (index.Postings, error) { return nil, errors.New("not implemented") } -func (ir *OOOCompactionHeadIndexReader) LabelNames(matchers ...*labels.Matcher) ([]string, error) { +func (ir *OOOCompactionHeadIndexReader) LabelNames(context.Context, ...*labels.Matcher) ([]string, error) { return nil, errors.New("not implemented") } -func (ir *OOOCompactionHeadIndexReader) LabelValueFor(id storage.SeriesRef, label string) (string, error) { +func (ir *OOOCompactionHeadIndexReader) LabelValueFor(context.Context, storage.SeriesRef, string) (string, error) { return "", errors.New("not implemented") } -func (ir *OOOCompactionHeadIndexReader) LabelNamesFor(ids ...storage.SeriesRef) ([]string, error) { +func (ir *OOOCompactionHeadIndexReader) LabelNamesFor(ctx context.Context, ids ...storage.SeriesRef) ([]string, error) { return nil, errors.New("not implemented") } diff --git a/vendor/github.com/prometheus/prometheus/tsdb/querier.go b/vendor/github.com/prometheus/prometheus/tsdb/querier.go index 965707547..a832c0d1b 100644 --- a/vendor/github.com/prometheus/prometheus/tsdb/querier.go +++ b/vendor/github.com/prometheus/prometheus/tsdb/querier.go @@ -14,6 +14,7 @@ package tsdb import ( + "context" "fmt" "math" "strings" @@ -21,6 +22,7 @@ import ( "github.com/oklog/ulid" "github.com/pkg/errors" + "golang.org/x/exp/slices" "github.com/prometheus/prometheus/model/histogram" "github.com/prometheus/prometheus/model/labels" @@ -30,6 +32,7 @@ import ( tsdb_errors "github.com/prometheus/prometheus/tsdb/errors" "github.com/prometheus/prometheus/tsdb/index" "github.com/prometheus/prometheus/tsdb/tombstones" + "github.com/prometheus/prometheus/util/annotations" ) // Bitmap used by func isRegexMetaCharacter to check whether a character needs to be escaped. @@ -87,13 +90,13 @@ func newBlockBaseQuerier(b BlockReader, mint, maxt int64) (*blockBaseQuerier, er }, nil } -func (q *blockBaseQuerier) LabelValues(name string, matchers ...*labels.Matcher) ([]string, storage.Warnings, error) { - res, err := q.index.SortedLabelValues(name, matchers...) +func (q *blockBaseQuerier) LabelValues(ctx context.Context, name string, matchers ...*labels.Matcher) ([]string, annotations.Annotations, error) { + res, err := q.index.SortedLabelValues(ctx, name, matchers...) return res, nil, err } -func (q *blockBaseQuerier) LabelNames(matchers ...*labels.Matcher) ([]string, storage.Warnings, error) { - res, err := q.index.LabelNames(matchers...) +func (q *blockBaseQuerier) LabelNames(ctx context.Context, matchers ...*labels.Matcher) ([]string, annotations.Annotations, error) { + res, err := q.index.LabelNames(ctx, matchers...) return res, nil, err } @@ -124,12 +127,12 @@ func NewBlockQuerier(b BlockReader, mint, maxt int64) (storage.Querier, error) { return &blockQuerier{blockBaseQuerier: q}, nil } -func (q *blockQuerier) Select(sortSeries bool, hints *storage.SelectHints, ms ...*labels.Matcher) storage.SeriesSet { +func (q *blockQuerier) Select(ctx context.Context, sortSeries bool, hints *storage.SelectHints, ms ...*labels.Matcher) storage.SeriesSet { mint := q.mint maxt := q.maxt disableTrimming := false - p, err := PostingsForMatchers(q.index, ms...) + p, err := PostingsForMatchers(ctx, q.index, ms...) if err != nil { return storage.ErrSeriesSet(err) } @@ -164,7 +167,7 @@ func NewBlockChunkQuerier(b BlockReader, mint, maxt int64) (storage.ChunkQuerier return &blockChunkQuerier{blockBaseQuerier: q}, nil } -func (q *blockChunkQuerier) Select(sortSeries bool, hints *storage.SelectHints, ms ...*labels.Matcher) storage.ChunkSeriesSet { +func (q *blockChunkQuerier) Select(ctx context.Context, sortSeries bool, hints *storage.SelectHints, ms ...*labels.Matcher) storage.ChunkSeriesSet { mint := q.mint maxt := q.maxt disableTrimming := false @@ -173,7 +176,7 @@ func (q *blockChunkQuerier) Select(sortSeries bool, hints *storage.SelectHints, maxt = hints.End disableTrimming = hints.DisableTrimming } - p, err := PostingsForMatchers(q.index, ms...) + p, err := PostingsForMatchers(ctx, q.index, ms...) if err != nil { return storage.ErrChunkSeriesSet(err) } @@ -234,7 +237,7 @@ func findSetMatches(pattern string) []string { // PostingsForMatchers assembles a single postings iterator against the index reader // based on the given matchers. The resulting postings are not ordered by series. -func PostingsForMatchers(ix IndexReader, ms ...*labels.Matcher) (index.Postings, error) { +func PostingsForMatchers(ctx context.Context, ix IndexReader, ms ...*labels.Matcher) (index.Postings, error) { var its, notIts []index.Postings // See which label must be non-empty. // Optimization for case like {l=~".", l!="1"}. @@ -244,12 +247,54 @@ func PostingsForMatchers(ix IndexReader, ms ...*labels.Matcher) (index.Postings, labelMustBeSet[m.Name] = true } } + isSubtractingMatcher := func(m *labels.Matcher) bool { + if !labelMustBeSet[m.Name] { + return true + } + return (m.Type == labels.MatchNotEqual || m.Type == labels.MatchNotRegexp) && m.Matches("") + } + hasSubtractingMatchers, hasIntersectingMatchers := false, false + for _, m := range ms { + if isSubtractingMatcher(m) { + hasSubtractingMatchers = true + } else { + hasIntersectingMatchers = true + } + } + + if hasSubtractingMatchers && !hasIntersectingMatchers { + // If there's nothing to subtract from, add in everything and remove the notIts later. + // We prefer to get AllPostings so that the base of subtraction (i.e. allPostings) + // doesn't include series that may be added to the index reader during this function call. + k, v := index.AllPostingsKey() + allPostings, err := ix.Postings(ctx, k, v) + if err != nil { + return nil, err + } + its = append(its, allPostings) + } + + // Sort matchers to have the intersecting matchers first. + // This way the base for subtraction is smaller and + // there is no chance that the set we subtract from + // contains postings of series that didn't exist when + // we constructed the set we subtract by. + slices.SortStableFunc(ms, func(i, j *labels.Matcher) int { + if !isSubtractingMatcher(i) && isSubtractingMatcher(j) { + return -1 + } + + return +1 + }) for _, m := range ms { + if ctx.Err() != nil { + return nil, ctx.Err() + } switch { case m.Name == "" && m.Value == "": // Special-case for AllPostings, used in tests at least. k, v := index.AllPostingsKey() - allPostings, err := ix.Postings(k, v) + allPostings, err := ix.Postings(ctx, k, v) if err != nil { return nil, err } @@ -267,7 +312,7 @@ func PostingsForMatchers(ix IndexReader, ms ...*labels.Matcher) (index.Postings, return nil, err } - it, err := postingsForMatcher(ix, inverse) + it, err := postingsForMatcher(ctx, ix, inverse) if err != nil { return nil, err } @@ -280,7 +325,7 @@ func PostingsForMatchers(ix IndexReader, ms ...*labels.Matcher) (index.Postings, return nil, err } - it, err := inversePostingsForMatcher(ix, inverse) + it, err := inversePostingsForMatcher(ctx, ix, inverse) if err != nil { return nil, err } @@ -290,7 +335,7 @@ func PostingsForMatchers(ix IndexReader, ms ...*labels.Matcher) (index.Postings, its = append(its, it) default: // l="a" // Non-Not matcher, use normal postingsForMatcher. - it, err := postingsForMatcher(ix, m) + it, err := postingsForMatcher(ctx, ix, m) if err != nil { return nil, err } @@ -304,7 +349,7 @@ func PostingsForMatchers(ix IndexReader, ms ...*labels.Matcher) (index.Postings, // the series which don't have the label name set too. See: // https://github.com/prometheus/prometheus/issues/3575 and // https://github.com/prometheus/prometheus/pull/3578#issuecomment-351653555 - it, err := inversePostingsForMatcher(ix, m) + it, err := inversePostingsForMatcher(ctx, ix, m) if err != nil { return nil, err } @@ -312,16 +357,6 @@ func PostingsForMatchers(ix IndexReader, ms ...*labels.Matcher) (index.Postings, } } - // If there's nothing to subtract from, add in everything and remove the notIts later. - if len(its) == 0 && len(notIts) != 0 { - k, v := index.AllPostingsKey() - allPostings, err := ix.Postings(k, v) - if err != nil { - return nil, err - } - its = append(its, allPostings) - } - it := index.Intersect(its...) for _, n := range notIts { @@ -331,23 +366,23 @@ func PostingsForMatchers(ix IndexReader, ms ...*labels.Matcher) (index.Postings, return it, nil } -func postingsForMatcher(ix IndexReader, m *labels.Matcher) (index.Postings, error) { +func postingsForMatcher(ctx context.Context, ix IndexReader, m *labels.Matcher) (index.Postings, error) { // This method will not return postings for missing labels. // Fast-path for equal matching. if m.Type == labels.MatchEqual { - return ix.Postings(m.Name, m.Value) + return ix.Postings(ctx, m.Name, m.Value) } // Fast-path for set matching. if m.Type == labels.MatchRegexp { setMatches := findSetMatches(m.GetRegexString()) if len(setMatches) > 0 { - return ix.Postings(m.Name, setMatches...) + return ix.Postings(ctx, m.Name, setMatches...) } } - vals, err := ix.LabelValues(m.Name) + vals, err := ix.LabelValues(ctx, m.Name) if err != nil { return nil, err } @@ -363,28 +398,28 @@ func postingsForMatcher(ix IndexReader, m *labels.Matcher) (index.Postings, erro return index.EmptyPostings(), nil } - return ix.Postings(m.Name, res...) + return ix.Postings(ctx, m.Name, res...) } // inversePostingsForMatcher returns the postings for the series with the label name set but not matching the matcher. -func inversePostingsForMatcher(ix IndexReader, m *labels.Matcher) (index.Postings, error) { +func inversePostingsForMatcher(ctx context.Context, ix IndexReader, m *labels.Matcher) (index.Postings, error) { // Fast-path for MatchNotRegexp matching. // Inverse of a MatchNotRegexp is MatchRegexp (double negation). // Fast-path for set matching. if m.Type == labels.MatchNotRegexp { setMatches := findSetMatches(m.GetRegexString()) if len(setMatches) > 0 { - return ix.Postings(m.Name, setMatches...) + return ix.Postings(ctx, m.Name, setMatches...) } } // Fast-path for MatchNotEqual matching. // Inverse of a MatchNotEqual is MatchEqual (double negation). if m.Type == labels.MatchNotEqual { - return ix.Postings(m.Name, m.Value) + return ix.Postings(ctx, m.Name, m.Value) } - vals, err := ix.LabelValues(m.Name) + vals, err := ix.LabelValues(ctx, m.Name) if err != nil { return nil, err } @@ -401,16 +436,16 @@ func inversePostingsForMatcher(ix IndexReader, m *labels.Matcher) (index.Posting } } - return ix.Postings(m.Name, res...) + return ix.Postings(ctx, m.Name, res...) } -func labelValuesWithMatchers(r IndexReader, name string, matchers ...*labels.Matcher) ([]string, error) { - p, err := PostingsForMatchers(r, matchers...) +func labelValuesWithMatchers(ctx context.Context, r IndexReader, name string, matchers ...*labels.Matcher) ([]string, error) { + p, err := PostingsForMatchers(ctx, r, matchers...) if err != nil { return nil, errors.Wrap(err, "fetching postings for matchers") } - allValues, err := r.LabelValues(name) + allValues, err := r.LabelValues(ctx, name) if err != nil { return nil, errors.Wrapf(err, "fetching values of label %s", name) } @@ -436,7 +471,7 @@ func labelValuesWithMatchers(r IndexReader, name string, matchers ...*labels.Mat valuesPostings := make([]index.Postings, len(allValues)) for i, value := range allValues { - valuesPostings[i], err = r.Postings(name, value) + valuesPostings[i], err = r.Postings(ctx, name, value) if err != nil { return nil, errors.Wrapf(err, "fetching postings for %s=%q", name, value) } @@ -454,8 +489,8 @@ func labelValuesWithMatchers(r IndexReader, name string, matchers ...*labels.Mat return values, nil } -func labelNamesWithMatchers(r IndexReader, matchers ...*labels.Matcher) ([]string, error) { - p, err := PostingsForMatchers(r, matchers...) +func labelNamesWithMatchers(ctx context.Context, r IndexReader, matchers ...*labels.Matcher) ([]string, error) { + p, err := PostingsForMatchers(ctx, r, matchers...) if err != nil { return nil, err } @@ -468,7 +503,7 @@ func labelNamesWithMatchers(r IndexReader, matchers ...*labels.Matcher) ([]strin return nil, errors.Wrapf(p.Err(), "postings for label names with matchers") } - return r.LabelNamesFor(postings...) + return r.LabelNamesFor(ctx, postings...) } // seriesData, used inside other iterators, are updated when we move from one series to another. @@ -588,7 +623,7 @@ func (b *blockBaseSeriesSet) Err() error { return b.p.Err() } -func (b *blockBaseSeriesSet) Warnings() storage.Warnings { return nil } +func (b *blockBaseSeriesSet) Warnings() annotations.Annotations { return nil } // populateWithDelGenericSeriesIterator allows to iterate over given chunk // metas. In each iteration it ensures that chunks are trimmed based on given @@ -622,7 +657,7 @@ func (p *populateWithDelGenericSeriesIterator) reset(blockID ulid.ULID, cr Chunk p.chks = chks p.i = -1 p.err = nil - p.bufIter.Iter = nil + // Note we don't touch p.bufIter.Iter; it is holding on to an iterator we might reuse in next(). p.bufIter.Intervals = p.bufIter.Intervals[:0] p.intervals = intervals p.currDelIter = nil @@ -805,6 +840,7 @@ func (p *populateWithDelChunkSeriesIterator) Next() bool { } return false } + p.curr.MinTime = p.currDelIter.AtT() // Re-encode the chunk if iterator is provider. This means that it has // some samples to be deleted or chunk is opened. @@ -820,7 +856,6 @@ func (p *populateWithDelChunkSeriesIterator) Next() bool { if app, err = newChunk.Appender(); err != nil { break } - for vt := valueType; vt != chunkenc.ValNone; vt = p.currDelIter.Next() { if vt != chunkenc.ValHistogram { err = fmt.Errorf("found value type %v in histogram chunk", vt) @@ -838,15 +873,12 @@ func (p *populateWithDelChunkSeriesIterator) Next() bool { if app, err = newChunk.Appender(); err != nil { break } - var v float64 - t, v = p.currDelIter.At() - p.curr.MinTime = t - app.Append(t, v) - for vt := p.currDelIter.Next(); vt != chunkenc.ValNone; vt = p.currDelIter.Next() { + for vt := valueType; vt != chunkenc.ValNone; vt = p.currDelIter.Next() { if vt != chunkenc.ValFloat { err = fmt.Errorf("found value type %v in float chunk", vt) break } + var v float64 t, v = p.currDelIter.At() app.Append(t, v) } @@ -855,7 +887,6 @@ func (p *populateWithDelChunkSeriesIterator) Next() bool { if app, err = newChunk.Appender(); err != nil { break } - for vt := valueType; vt != chunkenc.ValNone; vt = p.currDelIter.Next() { if vt != chunkenc.ValFloatHistogram { err = fmt.Errorf("found value type %v in histogram chunk", vt) diff --git a/vendor/github.com/prometheus/prometheus/tsdb/wlog/checkpoint.go b/vendor/github.com/prometheus/prometheus/tsdb/wlog/checkpoint.go index dd52ea2e3..d64599c27 100644 --- a/vendor/github.com/prometheus/prometheus/tsdb/wlog/checkpoint.go +++ b/vendor/github.com/prometheus/prometheus/tsdb/wlog/checkpoint.go @@ -374,8 +374,8 @@ func listCheckpoints(dir string) (refs []checkpointRef, err error) { refs = append(refs, checkpointRef{name: fi.Name(), index: idx}) } - slices.SortFunc(refs, func(a, b checkpointRef) bool { - return a.index < b.index + slices.SortFunc(refs, func(a, b checkpointRef) int { + return a.index - b.index }) return refs, nil diff --git a/vendor/github.com/prometheus/prometheus/tsdb/wlog/watcher.go b/vendor/github.com/prometheus/prometheus/tsdb/wlog/watcher.go index 221e9607c..3315d1922 100644 --- a/vendor/github.com/prometheus/prometheus/tsdb/wlog/watcher.go +++ b/vendor/github.com/prometheus/prometheus/tsdb/wlog/watcher.go @@ -65,7 +65,7 @@ type WriteTo interface { SeriesReset(int) } -// Used to notifier the watcher that data has been written so that it can read. +// Used to notify the watcher that data has been written so that it can read. type WriteNotified interface { Notify() } @@ -398,8 +398,16 @@ func (w *Watcher) watch(segmentNum int, tail bool) error { reader := NewLiveReader(w.logger, w.readerMetrics, segment) - readTicker := time.NewTicker(readTimeout) - defer readTicker.Stop() + size := int64(math.MaxInt64) + if !tail { + var err error + size, err = getSegmentSize(w.walDir, segmentNum) + if err != nil { + return errors.Wrap(err, "getSegmentSize") + } + + return w.readAndHandleError(reader, segmentNum, tail, size) + } checkpointTicker := time.NewTicker(checkpointPeriod) defer checkpointTicker.Stop() @@ -407,18 +415,8 @@ func (w *Watcher) watch(segmentNum int, tail bool) error { segmentTicker := time.NewTicker(segmentCheckPeriod) defer segmentTicker.Stop() - // If we're replaying the segment we need to know the size of the file to know - // when to return from watch and move on to the next segment. - size := int64(math.MaxInt64) - if !tail { - segmentTicker.Stop() - checkpointTicker.Stop() - var err error - size, err = getSegmentSize(w.walDir, segmentNum) - if err != nil { - return errors.Wrap(err, "getSegmentSize") - } - } + readTicker := time.NewTicker(readTimeout) + defer readTicker.Stop() gcSem := make(chan struct{}, 1) for { diff --git a/vendor/github.com/prometheus/prometheus/tsdb/wlog/wlog.go b/vendor/github.com/prometheus/prometheus/tsdb/wlog/wlog.go index d898ebd7a..fd65fca07 100644 --- a/vendor/github.com/prometheus/prometheus/tsdb/wlog/wlog.go +++ b/vendor/github.com/prometheus/prometheus/tsdb/wlog/wlog.go @@ -909,8 +909,8 @@ func listSegments(dir string) (refs []segmentRef, err error) { } refs = append(refs, segmentRef{name: fn, index: k}) } - slices.SortFunc(refs, func(a, b segmentRef) bool { - return a.index < b.index + slices.SortFunc(refs, func(a, b segmentRef) int { + return a.index - b.index }) for i := 0; i < len(refs)-1; i++ { if refs[i].index+1 != refs[i+1].index { diff --git a/vendor/github.com/prometheus/prometheus/util/annotations/annotations.go b/vendor/github.com/prometheus/prometheus/util/annotations/annotations.go new file mode 100644 index 000000000..1d339646e --- /dev/null +++ b/vendor/github.com/prometheus/prometheus/util/annotations/annotations.go @@ -0,0 +1,178 @@ +// Copyright 2023 The Prometheus Authors +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package annotations + +import ( + "errors" + "fmt" + + "github.com/prometheus/common/model" + + "github.com/prometheus/prometheus/promql/parser/posrange" +) + +// Annotations is a general wrapper for warnings and other information +// that is returned by the query API along with the results. +// Each individual annotation is modeled by a Go error. +// They are deduplicated based on the string returned by error.Error(). +// The zero value is usable without further initialization, see New(). +type Annotations map[string]error + +// New returns new Annotations ready to use. Note that the zero value of +// Annotations is also fully usable, but using this method is often more +// readable. +func New() *Annotations { + return &Annotations{} +} + +// Add adds an annotation (modeled as a Go error) in-place and returns the +// modified Annotations for convenience. +func (a *Annotations) Add(err error) Annotations { + if *a == nil { + *a = Annotations{} + } + (*a)[err.Error()] = err + return *a +} + +// Merge adds the contents of the second annotation to the first, modifying +// the first in-place, and returns the merged first Annotation for convenience. +func (a *Annotations) Merge(aa Annotations) Annotations { + if *a == nil { + if aa == nil { + return nil + } + *a = Annotations{} + } + for key, val := range aa { + (*a)[key] = val + } + return *a +} + +// AsErrors is a convenience function to return the annotations map as a slice +// of errors. +func (a Annotations) AsErrors() []error { + arr := make([]error, 0, len(a)) + for _, err := range a { + arr = append(arr, err) + } + return arr +} + +// AsStrings is a convenience function to return the annotations map as a slice +// of strings. The query string is used to get the line number and character offset +// positioning info of the elements which trigger an annotation. We limit the number +// of annotations returned here with maxAnnos (0 for no limit). +func (a Annotations) AsStrings(query string, maxAnnos int) []string { + arr := make([]string, 0, len(a)) + for _, err := range a { + if maxAnnos > 0 && len(arr) >= maxAnnos { + break + } + anErr, ok := err.(annoErr) + if ok { + anErr.Query = query + err = anErr + } + arr = append(arr, err.Error()) + } + if maxAnnos > 0 && len(a) > maxAnnos { + arr = append(arr, fmt.Sprintf("%d more annotations omitted", len(a)-maxAnnos)) + } + return arr +} + +//nolint:revive // Ignore ST1012 +var ( + // Currently there are only 2 types, warnings and info. + // For now, info are visually identical with warnings as we have not updated + // the API spec or the frontend to show a different kind of warning. But we + // make the distinction here to prepare for adding them in future. + PromQLInfo = errors.New("PromQL info") + PromQLWarning = errors.New("PromQL warning") + + InvalidQuantileWarning = fmt.Errorf("%w: quantile value should be between 0 and 1", PromQLWarning) + BadBucketLabelWarning = fmt.Errorf("%w: bucket label %q is missing or has a malformed value", PromQLWarning, model.BucketLabel) + MixedFloatsHistogramsWarning = fmt.Errorf("%w: encountered a mix of histograms and floats for metric name", PromQLWarning) + MixedClassicNativeHistogramsWarning = fmt.Errorf("%w: vector contains a mix of classic and native histograms for metric name", PromQLWarning) + + PossibleNonCounterInfo = fmt.Errorf("%w: metric might not be a counter, name does not end in _total/_sum/_count/_bucket:", PromQLInfo) + HistogramQuantileForcedMonotonicityInfo = fmt.Errorf("%w: input to histogram_quantile needed to be fixed for monotonicity (and may give inaccurate results) for metric name", PromQLInfo) +) + +type annoErr struct { + PositionRange posrange.PositionRange + Err error + Query string +} + +func (e annoErr) Error() string { + return fmt.Sprintf("%s (%s)", e.Err, e.PositionRange.StartPosInput(e.Query, 0)) +} + +// NewInvalidQuantileWarning is used when the user specifies an invalid quantile +// value, i.e. a float that is outside the range [0, 1] or NaN. +func NewInvalidQuantileWarning(q float64, pos posrange.PositionRange) annoErr { + return annoErr{ + PositionRange: pos, + Err: fmt.Errorf("%w, got %g", InvalidQuantileWarning, q), + } +} + +// NewBadBucketLabelWarning is used when there is an error parsing the bucket label +// of a classic histogram. +func NewBadBucketLabelWarning(metricName, label string, pos posrange.PositionRange) annoErr { + return annoErr{ + PositionRange: pos, + Err: fmt.Errorf("%w of %q for metric name %q", BadBucketLabelWarning, label, metricName), + } +} + +// NewMixedFloatsHistogramsWarning is used when the queried series includes both +// float samples and histogram samples for functions that do not support mixed +// samples. +func NewMixedFloatsHistogramsWarning(metricName string, pos posrange.PositionRange) annoErr { + return annoErr{ + PositionRange: pos, + Err: fmt.Errorf("%w %q", MixedFloatsHistogramsWarning, metricName), + } +} + +// NewMixedClassicNativeHistogramsWarning is used when the queried series includes +// both classic and native histograms. +func NewMixedClassicNativeHistogramsWarning(metricName string, pos posrange.PositionRange) annoErr { + return annoErr{ + PositionRange: pos, + Err: fmt.Errorf("%w %q", MixedClassicNativeHistogramsWarning, metricName), + } +} + +// NewPossibleNonCounterInfo is used when a named counter metric with only float samples does not +// have the suffixes _total, _sum, _count, or _bucket. +func NewPossibleNonCounterInfo(metricName string, pos posrange.PositionRange) annoErr { + return annoErr{ + PositionRange: pos, + Err: fmt.Errorf("%w %q", PossibleNonCounterInfo, metricName), + } +} + +// NewHistogramQuantileForcedMonotonicityInfo is used when the input (classic histograms) to +// histogram_quantile needs to be forced to be monotonic. +func NewHistogramQuantileForcedMonotonicityInfo(metricName string, pos posrange.PositionRange) annoErr { + return annoErr{ + PositionRange: pos, + Err: fmt.Errorf("%w %q", HistogramQuantileForcedMonotonicityInfo, metricName), + } +} diff --git a/vendor/github.com/urfave/cli/v2/.gitignore b/vendor/github.com/urfave/cli/v2/.gitignore index d7d26b1fc..1ef91a60b 100644 --- a/vendor/github.com/urfave/cli/v2/.gitignore +++ b/vendor/github.com/urfave/cli/v2/.gitignore @@ -4,6 +4,7 @@ .*envrc .envrc .idea +# goimports is installed here if not available /.local/ /site/ coverage.txt diff --git a/vendor/github.com/urfave/cli/v2/app.go b/vendor/github.com/urfave/cli/v2/app.go index 19b76c9b6..f69a1939b 100644 --- a/vendor/github.com/urfave/cli/v2/app.go +++ b/vendor/github.com/urfave/cli/v2/app.go @@ -329,6 +329,9 @@ func (a *App) RunContext(ctx context.Context, arguments []string) (err error) { a.rootCommand = a.newRootCommand() cCtx.Command = a.rootCommand + if err := checkDuplicatedCmds(a.rootCommand); err != nil { + return err + } return a.rootCommand.Run(cCtx, arguments...) } @@ -455,30 +458,6 @@ func (a *App) handleExitCoder(cCtx *Context, err error) { } } -func (a *App) commandNames() []string { - var cmdNames []string - - for _, cmd := range a.Commands { - cmdNames = append(cmdNames, cmd.Names()...) - } - - return cmdNames -} - -func (a *App) validCommandName(checkCmdName string) bool { - valid := false - allCommandNames := a.commandNames() - - for _, cmdName := range allCommandNames { - if checkCmdName == cmdName { - valid = true - break - } - } - - return valid -} - func (a *App) argsWithDefaultCommand(oldArgs Args) Args { if a.DefaultCommand != "" { rawArgs := append([]string{a.DefaultCommand}, oldArgs.Slice()...) diff --git a/vendor/github.com/urfave/cli/v2/category.go b/vendor/github.com/urfave/cli/v2/category.go index ccc043c25..b1847eca1 100644 --- a/vendor/github.com/urfave/cli/v2/category.go +++ b/vendor/github.com/urfave/cli/v2/category.go @@ -111,7 +111,7 @@ func newFlagCategoriesFromFlags(fs []Flag) FlagCategories { } } - if categorized == true { + if categorized { for _, fl := range fs { if cf, ok := fl.(CategorizableFlag); ok { if cf.GetCategory() == "" { diff --git a/vendor/github.com/urfave/cli/v2/command.go b/vendor/github.com/urfave/cli/v2/command.go index 69a0fdf6d..c318da989 100644 --- a/vendor/github.com/urfave/cli/v2/command.go +++ b/vendor/github.com/urfave/cli/v2/command.go @@ -149,6 +149,9 @@ func (c *Command) Run(cCtx *Context, arguments ...string) (err error) { if !c.isRoot { c.setup(cCtx) + if err := checkDuplicatedCmds(c); err != nil { + return err + } } a := args(arguments) @@ -404,3 +407,16 @@ func hasCommand(commands []*Command, command *Command) bool { return false } + +func checkDuplicatedCmds(parent *Command) error { + seen := make(map[string]struct{}) + for _, c := range parent.Subcommands { + for _, name := range c.Names() { + if _, exists := seen[name]; exists { + return fmt.Errorf("parent command [%s] has duplicated subcommand name or alias: %s", parent.Name, name) + } + seen[name] = struct{}{} + } + } + return nil +} diff --git a/vendor/github.com/urfave/cli/v2/flag_bool.go b/vendor/github.com/urfave/cli/v2/flag_bool.go index 369d18b77..01862ea76 100644 --- a/vendor/github.com/urfave/cli/v2/flag_bool.go +++ b/vendor/github.com/urfave/cli/v2/flag_bool.go @@ -84,7 +84,10 @@ func (f *BoolFlag) GetDefaultText() string { if f.DefaultText != "" { return f.DefaultText } - return fmt.Sprintf("%v", f.defaultValue) + if f.defaultValueSet { + return fmt.Sprintf("%v", f.defaultValue) + } + return fmt.Sprintf("%v", f.Value) } // GetEnvVars returns the env vars for this flag @@ -105,6 +108,7 @@ func (f *BoolFlag) RunAction(c *Context) error { func (f *BoolFlag) Apply(set *flag.FlagSet) error { // set default value so that environment wont be able to overwrite it f.defaultValue = f.Value + f.defaultValueSet = true if val, source, found := flagFromEnvOrFile(f.EnvVars, f.FilePath); found { if val != "" { diff --git a/vendor/github.com/urfave/cli/v2/flag_duration.go b/vendor/github.com/urfave/cli/v2/flag_duration.go index eac4cb833..e600cc30a 100644 --- a/vendor/github.com/urfave/cli/v2/flag_duration.go +++ b/vendor/github.com/urfave/cli/v2/flag_duration.go @@ -32,7 +32,10 @@ func (f *DurationFlag) GetDefaultText() string { if f.DefaultText != "" { return f.DefaultText } - return f.defaultValue.String() + if f.defaultValueSet { + return f.defaultValue.String() + } + return f.Value.String() } // GetEnvVars returns the env vars for this flag @@ -44,6 +47,7 @@ func (f *DurationFlag) GetEnvVars() []string { func (f *DurationFlag) Apply(set *flag.FlagSet) error { // set default value so that environment wont be able to overwrite it f.defaultValue = f.Value + f.defaultValueSet = true if val, source, found := flagFromEnvOrFile(f.EnvVars, f.FilePath); found { if val != "" { diff --git a/vendor/github.com/urfave/cli/v2/flag_float64.go b/vendor/github.com/urfave/cli/v2/flag_float64.go index bce26c195..6a4de5c88 100644 --- a/vendor/github.com/urfave/cli/v2/flag_float64.go +++ b/vendor/github.com/urfave/cli/v2/flag_float64.go @@ -32,7 +32,10 @@ func (f *Float64Flag) GetDefaultText() string { if f.DefaultText != "" { return f.DefaultText } - return f.GetValue() + if f.defaultValueSet { + return fmt.Sprintf("%v", f.defaultValue) + } + return fmt.Sprintf("%v", f.Value) } // GetEnvVars returns the env vars for this flag @@ -42,6 +45,9 @@ func (f *Float64Flag) GetEnvVars() []string { // Apply populates the flag given the flag set and environment func (f *Float64Flag) Apply(set *flag.FlagSet) error { + f.defaultValue = f.Value + f.defaultValueSet = true + if val, source, found := flagFromEnvOrFile(f.EnvVars, f.FilePath); found { if val != "" { valFloat, err := strconv.ParseFloat(val, 64) diff --git a/vendor/github.com/urfave/cli/v2/flag_generic.go b/vendor/github.com/urfave/cli/v2/flag_generic.go index 039ffdfee..7528c934c 100644 --- a/vendor/github.com/urfave/cli/v2/flag_generic.go +++ b/vendor/github.com/urfave/cli/v2/flag_generic.go @@ -53,9 +53,15 @@ func (f *GenericFlag) GetDefaultText() string { if f.DefaultText != "" { return f.DefaultText } - if f.defaultValue != nil { - return f.defaultValue.String() + val := f.Value + if f.defaultValueSet { + val = f.defaultValue } + + if val != nil { + return val.String() + } + return "" } @@ -70,6 +76,7 @@ func (f *GenericFlag) Apply(set *flag.FlagSet) error { // set default value so that environment wont be able to overwrite it if f.Value != nil { f.defaultValue = &stringGeneric{value: f.Value.String()} + f.defaultValueSet = true } if val, source, found := flagFromEnvOrFile(f.EnvVars, f.FilePath); found { diff --git a/vendor/github.com/urfave/cli/v2/flag_int.go b/vendor/github.com/urfave/cli/v2/flag_int.go index d681270a2..750e7ebfc 100644 --- a/vendor/github.com/urfave/cli/v2/flag_int.go +++ b/vendor/github.com/urfave/cli/v2/flag_int.go @@ -32,7 +32,10 @@ func (f *IntFlag) GetDefaultText() string { if f.DefaultText != "" { return f.DefaultText } - return fmt.Sprintf("%d", f.defaultValue) + if f.defaultValueSet { + return fmt.Sprintf("%d", f.defaultValue) + } + return fmt.Sprintf("%d", f.Value) } // GetEnvVars returns the env vars for this flag @@ -44,6 +47,7 @@ func (f *IntFlag) GetEnvVars() []string { func (f *IntFlag) Apply(set *flag.FlagSet) error { // set default value so that environment wont be able to overwrite it f.defaultValue = f.Value + f.defaultValueSet = true if val, source, found := flagFromEnvOrFile(f.EnvVars, f.FilePath); found { if val != "" { diff --git a/vendor/github.com/urfave/cli/v2/flag_int64.go b/vendor/github.com/urfave/cli/v2/flag_int64.go index 6f8c8d27d..688c26716 100644 --- a/vendor/github.com/urfave/cli/v2/flag_int64.go +++ b/vendor/github.com/urfave/cli/v2/flag_int64.go @@ -32,7 +32,10 @@ func (f *Int64Flag) GetDefaultText() string { if f.DefaultText != "" { return f.DefaultText } - return fmt.Sprintf("%d", f.defaultValue) + if f.defaultValueSet { + return fmt.Sprintf("%d", f.defaultValue) + } + return fmt.Sprintf("%d", f.Value) } // GetEnvVars returns the env vars for this flag @@ -44,6 +47,7 @@ func (f *Int64Flag) GetEnvVars() []string { func (f *Int64Flag) Apply(set *flag.FlagSet) error { // set default value so that environment wont be able to overwrite it f.defaultValue = f.Value + f.defaultValueSet = true if val, source, found := flagFromEnvOrFile(f.EnvVars, f.FilePath); found { if val != "" { diff --git a/vendor/github.com/urfave/cli/v2/flag_path.go b/vendor/github.com/urfave/cli/v2/flag_path.go index c4986779d..76cb35248 100644 --- a/vendor/github.com/urfave/cli/v2/flag_path.go +++ b/vendor/github.com/urfave/cli/v2/flag_path.go @@ -33,10 +33,14 @@ func (f *PathFlag) GetDefaultText() string { if f.DefaultText != "" { return f.DefaultText } - if f.defaultValue == "" { - return f.defaultValue + val := f.Value + if f.defaultValueSet { + val = f.defaultValue } - return fmt.Sprintf("%q", f.defaultValue) + if val == "" { + return val + } + return fmt.Sprintf("%q", val) } // GetEnvVars returns the env vars for this flag @@ -48,6 +52,7 @@ func (f *PathFlag) GetEnvVars() []string { func (f *PathFlag) Apply(set *flag.FlagSet) error { // set default value so that environment wont be able to overwrite it f.defaultValue = f.Value + f.defaultValueSet = true if val, _, found := flagFromEnvOrFile(f.EnvVars, f.FilePath); found { f.Value = val diff --git a/vendor/github.com/urfave/cli/v2/flag_string.go b/vendor/github.com/urfave/cli/v2/flag_string.go index 4e55a2ca3..0f73e0621 100644 --- a/vendor/github.com/urfave/cli/v2/flag_string.go +++ b/vendor/github.com/urfave/cli/v2/flag_string.go @@ -31,10 +31,15 @@ func (f *StringFlag) GetDefaultText() string { if f.DefaultText != "" { return f.DefaultText } - if f.defaultValue == "" { - return f.defaultValue + val := f.Value + if f.defaultValueSet { + val = f.defaultValue } - return fmt.Sprintf("%q", f.defaultValue) + + if val == "" { + return val + } + return fmt.Sprintf("%q", val) } // GetEnvVars returns the env vars for this flag @@ -46,6 +51,7 @@ func (f *StringFlag) GetEnvVars() []string { func (f *StringFlag) Apply(set *flag.FlagSet) error { // set default value so that environment wont be able to overwrite it f.defaultValue = f.Value + f.defaultValueSet = true if val, _, found := flagFromEnvOrFile(f.EnvVars, f.FilePath); found { f.Value = val diff --git a/vendor/github.com/urfave/cli/v2/flag_timestamp.go b/vendor/github.com/urfave/cli/v2/flag_timestamp.go index 83f750a31..b90123087 100644 --- a/vendor/github.com/urfave/cli/v2/flag_timestamp.go +++ b/vendor/github.com/urfave/cli/v2/flag_timestamp.go @@ -120,8 +120,13 @@ func (f *TimestampFlag) GetDefaultText() string { if f.DefaultText != "" { return f.DefaultText } - if f.defaultValue != nil && f.defaultValue.timestamp != nil { - return f.defaultValue.timestamp.String() + val := f.Value + if f.defaultValueSet { + val = f.defaultValue + } + + if val != nil && val.timestamp != nil { + return val.timestamp.String() } return "" @@ -144,6 +149,7 @@ func (f *TimestampFlag) Apply(set *flag.FlagSet) error { f.Value.SetLocation(f.Timezone) f.defaultValue = f.Value.clone() + f.defaultValueSet = true if val, source, found := flagFromEnvOrFile(f.EnvVars, f.FilePath); found { if err := f.Value.Set(val); err != nil { diff --git a/vendor/github.com/urfave/cli/v2/flag_uint.go b/vendor/github.com/urfave/cli/v2/flag_uint.go index d11aa0a89..8d5b85458 100644 --- a/vendor/github.com/urfave/cli/v2/flag_uint.go +++ b/vendor/github.com/urfave/cli/v2/flag_uint.go @@ -25,6 +25,7 @@ func (f *UintFlag) GetCategory() string { func (f *UintFlag) Apply(set *flag.FlagSet) error { // set default value so that environment wont be able to overwrite it f.defaultValue = f.Value + f.defaultValueSet = true if val, source, found := flagFromEnvOrFile(f.EnvVars, f.FilePath); found { if val != "" { @@ -69,7 +70,10 @@ func (f *UintFlag) GetDefaultText() string { if f.DefaultText != "" { return f.DefaultText } - return fmt.Sprintf("%d", f.defaultValue) + if f.defaultValueSet { + return fmt.Sprintf("%d", f.defaultValue) + } + return fmt.Sprintf("%d", f.Value) } // GetEnvVars returns the env vars for this flag diff --git a/vendor/github.com/urfave/cli/v2/flag_uint64.go b/vendor/github.com/urfave/cli/v2/flag_uint64.go index ea73100a9..c356e533b 100644 --- a/vendor/github.com/urfave/cli/v2/flag_uint64.go +++ b/vendor/github.com/urfave/cli/v2/flag_uint64.go @@ -25,6 +25,7 @@ func (f *Uint64Flag) GetCategory() string { func (f *Uint64Flag) Apply(set *flag.FlagSet) error { // set default value so that environment wont be able to overwrite it f.defaultValue = f.Value + f.defaultValueSet = true if val, source, found := flagFromEnvOrFile(f.EnvVars, f.FilePath); found { if val != "" { @@ -69,7 +70,10 @@ func (f *Uint64Flag) GetDefaultText() string { if f.DefaultText != "" { return f.DefaultText } - return fmt.Sprintf("%d", f.defaultValue) + if f.defaultValueSet { + return fmt.Sprintf("%d", f.defaultValue) + } + return fmt.Sprintf("%d", f.Value) } // GetEnvVars returns the env vars for this flag diff --git a/vendor/github.com/urfave/cli/v2/help.go b/vendor/github.com/urfave/cli/v2/help.go index 885d7843c..84bd77bc1 100644 --- a/vendor/github.com/urfave/cli/v2/help.go +++ b/vendor/github.com/urfave/cli/v2/help.go @@ -69,7 +69,7 @@ var helpCommand = &Command{ } // Case 3, 5 - if (len(cCtx.Command.Subcommands) == 1 && !cCtx.Command.HideHelp) || + if (len(cCtx.Command.Subcommands) == 1 && !cCtx.Command.HideHelp && !cCtx.Command.HideHelpCommand) || (len(cCtx.Command.Subcommands) == 0 && cCtx.Command.HideHelp) { templ := cCtx.Command.CustomHelpTemplate if templ == "" { @@ -376,17 +376,26 @@ func printHelpCustom(out io.Writer, templ string, data interface{}, customFuncs w := tabwriter.NewWriter(out, 1, 8, 2, ' ', 0) t := template.Must(template.New("help").Funcs(funcMap).Parse(templ)) - t.New("helpNameTemplate").Parse(helpNameTemplate) - t.New("usageTemplate").Parse(usageTemplate) - t.New("descriptionTemplate").Parse(descriptionTemplate) - t.New("visibleCommandTemplate").Parse(visibleCommandTemplate) - t.New("copyrightTemplate").Parse(copyrightTemplate) - t.New("versionTemplate").Parse(versionTemplate) - t.New("visibleFlagCategoryTemplate").Parse(visibleFlagCategoryTemplate) - t.New("visibleFlagTemplate").Parse(visibleFlagTemplate) - t.New("visibleGlobalFlagCategoryTemplate").Parse(strings.Replace(visibleFlagCategoryTemplate, "OPTIONS", "GLOBAL OPTIONS", -1)) - t.New("authorsTemplate").Parse(authorsTemplate) - t.New("visibleCommandCategoryTemplate").Parse(visibleCommandCategoryTemplate) + templates := map[string]string{ + "helpNameTemplate": helpNameTemplate, + "usageTemplate": usageTemplate, + "descriptionTemplate": descriptionTemplate, + "visibleCommandTemplate": visibleCommandTemplate, + "copyrightTemplate": copyrightTemplate, + "versionTemplate": versionTemplate, + "visibleFlagCategoryTemplate": visibleFlagCategoryTemplate, + "visibleFlagTemplate": visibleFlagTemplate, + "visibleGlobalFlagCategoryTemplate": strings.Replace(visibleFlagCategoryTemplate, "OPTIONS", "GLOBAL OPTIONS", -1), + "authorsTemplate": authorsTemplate, + "visibleCommandCategoryTemplate": visibleCommandCategoryTemplate, + } + for name, value := range templates { + if _, err := t.New(name).Parse(value); err != nil { + if os.Getenv("CLI_TEMPLATE_ERROR_DEBUG") != "" { + _, _ = fmt.Fprintf(ErrWriter, "CLI TEMPLATE ERROR: %#v\n", err) + } + } + } err := t.Execute(w, data) if err != nil { @@ -415,6 +424,9 @@ func checkVersion(cCtx *Context) bool { } func checkHelp(cCtx *Context) bool { + if HelpFlag == nil { + return false + } found := false for _, name := range HelpFlag.Names() { if cCtx.Bool(name) { @@ -426,24 +438,6 @@ func checkHelp(cCtx *Context) bool { return found } -func checkCommandHelp(c *Context, name string) bool { - if c.Bool("h") || c.Bool("help") { - _ = ShowCommandHelp(c, name) - return true - } - - return false -} - -func checkSubcommandHelp(cCtx *Context) bool { - if cCtx.Bool("h") || cCtx.Bool("help") { - _ = ShowSubcommandHelp(cCtx) - return true - } - - return false -} - func checkShellCompleteFlag(a *App, arguments []string) (bool, []string) { if !a.EnableBashCompletion { return false, arguments diff --git a/vendor/github.com/urfave/cli/v2/mkdocs-requirements.txt b/vendor/github.com/urfave/cli/v2/mkdocs-reqs.txt similarity index 100% rename from vendor/github.com/urfave/cli/v2/mkdocs-requirements.txt rename to vendor/github.com/urfave/cli/v2/mkdocs-reqs.txt diff --git a/vendor/github.com/urfave/cli/v2/mkdocs.yml b/vendor/github.com/urfave/cli/v2/mkdocs.yml index 02657b9ed..f7bfd419e 100644 --- a/vendor/github.com/urfave/cli/v2/mkdocs.yml +++ b/vendor/github.com/urfave/cli/v2/mkdocs.yml @@ -1,7 +1,7 @@ # NOTE: the mkdocs dependencies will need to be installed out of # band until this whole thing gets more automated: # -# pip install -r mkdocs-requirements.txt +# pip install -r mkdocs-reqs.txt # site_name: urfave/cli diff --git a/vendor/github.com/urfave/cli/v2/suggestions.go b/vendor/github.com/urfave/cli/v2/suggestions.go index 87fa905dd..c73a0012d 100644 --- a/vendor/github.com/urfave/cli/v2/suggestions.go +++ b/vendor/github.com/urfave/cli/v2/suggestions.go @@ -21,7 +21,7 @@ func suggestFlag(flags []Flag, provided string, hideHelp bool) string { for _, flag := range flags { flagNames := flag.Names() - if !hideHelp { + if !hideHelp && HelpFlag != nil { flagNames = append(flagNames, HelpFlag.Names()...) } for _, name := range flagNames { diff --git a/vendor/github.com/urfave/cli/v2/zz_generated.flags.go b/vendor/github.com/urfave/cli/v2/zz_generated.flags.go index 73e771451..f2fc8c88b 100644 --- a/vendor/github.com/urfave/cli/v2/zz_generated.flags.go +++ b/vendor/github.com/urfave/cli/v2/zz_generated.flags.go @@ -23,7 +23,8 @@ type Float64SliceFlag struct { Aliases []string EnvVars []string - defaultValue *Float64Slice + defaultValue *Float64Slice + defaultValueSet bool separator separatorSpec @@ -69,7 +70,8 @@ type GenericFlag struct { Aliases []string EnvVars []string - defaultValue Generic + defaultValue Generic + defaultValueSet bool TakesFile bool @@ -120,7 +122,8 @@ type Int64SliceFlag struct { Aliases []string EnvVars []string - defaultValue *Int64Slice + defaultValue *Int64Slice + defaultValueSet bool separator separatorSpec @@ -166,7 +169,8 @@ type IntSliceFlag struct { Aliases []string EnvVars []string - defaultValue *IntSlice + defaultValue *IntSlice + defaultValueSet bool separator separatorSpec @@ -212,7 +216,8 @@ type PathFlag struct { Aliases []string EnvVars []string - defaultValue Path + defaultValue Path + defaultValueSet bool TakesFile bool @@ -263,7 +268,8 @@ type StringSliceFlag struct { Aliases []string EnvVars []string - defaultValue *StringSlice + defaultValue *StringSlice + defaultValueSet bool separator separatorSpec @@ -313,7 +319,8 @@ type TimestampFlag struct { Aliases []string EnvVars []string - defaultValue *Timestamp + defaultValue *Timestamp + defaultValueSet bool Layout string @@ -366,7 +373,8 @@ type Uint64SliceFlag struct { Aliases []string EnvVars []string - defaultValue *Uint64Slice + defaultValue *Uint64Slice + defaultValueSet bool separator separatorSpec @@ -412,7 +420,8 @@ type UintSliceFlag struct { Aliases []string EnvVars []string - defaultValue *UintSlice + defaultValue *UintSlice + defaultValueSet bool separator separatorSpec @@ -458,7 +467,8 @@ type BoolFlag struct { Aliases []string EnvVars []string - defaultValue bool + defaultValue bool + defaultValueSet bool Count *int @@ -511,7 +521,8 @@ type Float64Flag struct { Aliases []string EnvVars []string - defaultValue float64 + defaultValue float64 + defaultValueSet bool Action func(*Context, float64) error } @@ -560,7 +571,8 @@ type IntFlag struct { Aliases []string EnvVars []string - defaultValue int + defaultValue int + defaultValueSet bool Base int @@ -611,7 +623,8 @@ type Int64Flag struct { Aliases []string EnvVars []string - defaultValue int64 + defaultValue int64 + defaultValueSet bool Base int @@ -662,7 +675,8 @@ type StringFlag struct { Aliases []string EnvVars []string - defaultValue string + defaultValue string + defaultValueSet bool TakesFile bool @@ -713,7 +727,8 @@ type DurationFlag struct { Aliases []string EnvVars []string - defaultValue time.Duration + defaultValue time.Duration + defaultValueSet bool Action func(*Context, time.Duration) error } @@ -762,7 +777,8 @@ type UintFlag struct { Aliases []string EnvVars []string - defaultValue uint + defaultValue uint + defaultValueSet bool Base int @@ -813,7 +829,8 @@ type Uint64Flag struct { Aliases []string EnvVars []string - defaultValue uint64 + defaultValue uint64 + defaultValueSet bool Base int diff --git a/vendor/go.opentelemetry.io/collector/pdata/pcommon/slice.go b/vendor/go.opentelemetry.io/collector/pdata/pcommon/slice.go index 5352ff44d..7434f467a 100644 --- a/vendor/go.opentelemetry.io/collector/pdata/pcommon/slice.go +++ b/vendor/go.opentelemetry.io/collector/pdata/pcommon/slice.go @@ -137,7 +137,6 @@ func (es Slice) RemoveIf(f func(Value) bool) { (*es.getOrig())[newLen] = (*es.getOrig())[i] newLen++ } - // TODO: Prevent memory leak by erasing truncated values. *es.getOrig() = (*es.getOrig())[:newLen] } diff --git a/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_exemplarslice.go b/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_exemplarslice.go index 733341c36..15d70a6ed 100644 --- a/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_exemplarslice.go +++ b/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_exemplarslice.go @@ -117,7 +117,6 @@ func (es ExemplarSlice) RemoveIf(f func(Exemplar) bool) { (*es.orig)[newLen] = (*es.orig)[i] newLen++ } - // TODO: Prevent memory leak by erasing truncated values. *es.orig = (*es.orig)[:newLen] } diff --git a/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_exponentialhistogramdatapoint.go b/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_exponentialhistogramdatapoint.go index 859a08b28..3d76368b3 100644 --- a/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_exponentialhistogramdatapoint.go +++ b/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_exponentialhistogramdatapoint.go @@ -204,6 +204,17 @@ func (ms ExponentialHistogramDataPoint) RemoveMax() { ms.orig.Max_ = nil } +// ZeroThreshold returns the zerothreshold associated with this ExponentialHistogramDataPoint. +func (ms ExponentialHistogramDataPoint) ZeroThreshold() float64 { + return ms.orig.ZeroThreshold +} + +// SetZeroThreshold replaces the zerothreshold associated with this ExponentialHistogramDataPoint. +func (ms ExponentialHistogramDataPoint) SetZeroThreshold(v float64) { + ms.state.AssertMutable() + ms.orig.ZeroThreshold = v +} + // CopyTo copies all properties from the current struct overriding the destination. func (ms ExponentialHistogramDataPoint) CopyTo(dest ExponentialHistogramDataPoint) { dest.state.AssertMutable() @@ -229,4 +240,5 @@ func (ms ExponentialHistogramDataPoint) CopyTo(dest ExponentialHistogramDataPoin dest.SetMax(ms.Max()) } + dest.SetZeroThreshold(ms.ZeroThreshold()) } diff --git a/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_exponentialhistogramdatapointslice.go b/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_exponentialhistogramdatapointslice.go index 94ec52656..a466a7c18 100644 --- a/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_exponentialhistogramdatapointslice.go +++ b/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_exponentialhistogramdatapointslice.go @@ -119,7 +119,6 @@ func (es ExponentialHistogramDataPointSlice) RemoveIf(f func(ExponentialHistogra (*es.orig)[newLen] = (*es.orig)[i] newLen++ } - // TODO: Prevent memory leak by erasing truncated values. *es.orig = (*es.orig)[:newLen] } diff --git a/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_histogramdatapointslice.go b/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_histogramdatapointslice.go index 47b02e17f..7ee6ef737 100644 --- a/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_histogramdatapointslice.go +++ b/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_histogramdatapointslice.go @@ -119,7 +119,6 @@ func (es HistogramDataPointSlice) RemoveIf(f func(HistogramDataPoint) bool) { (*es.orig)[newLen] = (*es.orig)[i] newLen++ } - // TODO: Prevent memory leak by erasing truncated values. *es.orig = (*es.orig)[:newLen] } diff --git a/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_metricslice.go b/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_metricslice.go index 30d2e0c1f..13f05a0ec 100644 --- a/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_metricslice.go +++ b/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_metricslice.go @@ -119,7 +119,6 @@ func (es MetricSlice) RemoveIf(f func(Metric) bool) { (*es.orig)[newLen] = (*es.orig)[i] newLen++ } - // TODO: Prevent memory leak by erasing truncated values. *es.orig = (*es.orig)[:newLen] } diff --git a/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_numberdatapointslice.go b/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_numberdatapointslice.go index 13cd71b72..57cdd1174 100644 --- a/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_numberdatapointslice.go +++ b/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_numberdatapointslice.go @@ -119,7 +119,6 @@ func (es NumberDataPointSlice) RemoveIf(f func(NumberDataPoint) bool) { (*es.orig)[newLen] = (*es.orig)[i] newLen++ } - // TODO: Prevent memory leak by erasing truncated values. *es.orig = (*es.orig)[:newLen] } diff --git a/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_resourcemetricsslice.go b/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_resourcemetricsslice.go index b25fdc721..55217ea27 100644 --- a/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_resourcemetricsslice.go +++ b/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_resourcemetricsslice.go @@ -119,7 +119,6 @@ func (es ResourceMetricsSlice) RemoveIf(f func(ResourceMetrics) bool) { (*es.orig)[newLen] = (*es.orig)[i] newLen++ } - // TODO: Prevent memory leak by erasing truncated values. *es.orig = (*es.orig)[:newLen] } diff --git a/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_scopemetricsslice.go b/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_scopemetricsslice.go index d2bbe6108..a86eb0b48 100644 --- a/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_scopemetricsslice.go +++ b/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_scopemetricsslice.go @@ -119,7 +119,6 @@ func (es ScopeMetricsSlice) RemoveIf(f func(ScopeMetrics) bool) { (*es.orig)[newLen] = (*es.orig)[i] newLen++ } - // TODO: Prevent memory leak by erasing truncated values. *es.orig = (*es.orig)[:newLen] } diff --git a/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_summarydatapointslice.go b/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_summarydatapointslice.go index e8aa51de0..f91550096 100644 --- a/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_summarydatapointslice.go +++ b/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_summarydatapointslice.go @@ -119,7 +119,6 @@ func (es SummaryDataPointSlice) RemoveIf(f func(SummaryDataPoint) bool) { (*es.orig)[newLen] = (*es.orig)[i] newLen++ } - // TODO: Prevent memory leak by erasing truncated values. *es.orig = (*es.orig)[:newLen] } diff --git a/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_summarydatapointvalueatquantileslice.go b/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_summarydatapointvalueatquantileslice.go index 21343f8ce..ed899050a 100644 --- a/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_summarydatapointvalueatquantileslice.go +++ b/vendor/go.opentelemetry.io/collector/pdata/pmetric/generated_summarydatapointvalueatquantileslice.go @@ -119,7 +119,6 @@ func (es SummaryDataPointValueAtQuantileSlice) RemoveIf(f func(SummaryDataPointV (*es.orig)[newLen] = (*es.orig)[i] newLen++ } - // TODO: Prevent memory leak by erasing truncated values. *es.orig = (*es.orig)[:newLen] } diff --git a/vendor/go.opentelemetry.io/collector/pdata/pmetric/json.go b/vendor/go.opentelemetry.io/collector/pdata/pmetric/json.go index 3df234c20..3944bb027 100644 --- a/vendor/go.opentelemetry.io/collector/pdata/pmetric/json.go +++ b/vendor/go.opentelemetry.io/collector/pdata/pmetric/json.go @@ -17,8 +17,10 @@ import ( var _ Marshaler = (*JSONMarshaler)(nil) +// JSONMarshaler marshals pdata.Metrics to JSON bytes using the OTLP/JSON format. type JSONMarshaler struct{} +// MarshalMetrics to the OTLP/JSON format. func (*JSONMarshaler) MarshalMetrics(md Metrics) ([]byte, error) { buf := bytes.Buffer{} pb := internal.MetricsToProto(internal.Metrics(md)) @@ -26,8 +28,10 @@ func (*JSONMarshaler) MarshalMetrics(md Metrics) ([]byte, error) { return buf.Bytes(), err } +// JSONUnmarshaler unmarshals OTLP/JSON formatted-bytes to pdata.Metrics. type JSONUnmarshaler struct{} +// UnmarshalMetrics from OTLP/JSON format into pdata.Metrics. func (*JSONUnmarshaler) UnmarshalMetrics(buf []byte) (Metrics, error) { iter := jsoniter.ConfigFastest.BorrowIterator(buf) defer jsoniter.ConfigFastest.ReturnIterator(iter) diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/version.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/version.go index 8a5cf07bd..bd41c1804 100644 --- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/version.go +++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/version.go @@ -16,7 +16,7 @@ package otelhttp // import "go.opentelemetry.io/contrib/instrumentation/net/http // Version is the current release version of the otelhttp instrumentation. func Version() string { - return "0.46.0" + return "0.46.1" // This string is updated by the pre_release.sh script during release } diff --git a/vendor/go.opentelemetry.io/otel/.gitignore b/vendor/go.opentelemetry.io/otel/.gitignore index 924805565..895c7664b 100644 --- a/vendor/go.opentelemetry.io/otel/.gitignore +++ b/vendor/go.opentelemetry.io/otel/.gitignore @@ -14,13 +14,9 @@ go.work.sum gen/ /example/dice/dice -/example/fib/fib -/example/fib/traces.txt -/example/jaeger/jaeger /example/namedtracer/namedtracer /example/otel-collector/otel-collector /example/opencensus/opencensus /example/passthrough/passthrough /example/prometheus/prometheus -/example/view/view /example/zipkin/zipkin diff --git a/vendor/go.opentelemetry.io/otel/CHANGELOG.md b/vendor/go.opentelemetry.io/otel/CHANGELOG.md index c4e7ad475..24874f856 100644 --- a/vendor/go.opentelemetry.io/otel/CHANGELOG.md +++ b/vendor/go.opentelemetry.io/otel/CHANGELOG.md @@ -8,6 +8,20 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm ## [Unreleased] +## [1.21.0/0.44.0] 2023-11-16 + +### Removed + +- Remove the deprecated `go.opentelemetry.io/otel/bridge/opencensus.NewTracer`. (#4706) +- Remove the deprecated `go.opentelemetry.io/otel/exporters/otlp/otlpmetric` module. (#4707) +- Remove the deprecated `go.opentelemetry.io/otel/example/view` module. (#4708) +- Remove the deprecated `go.opentelemetry.io/otel/example/fib` module. (#4723) + +### Fixed + +- Do not parse non-protobuf responses in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp`. (#4719) +- Do not parse non-protobuf responses in `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp`. (#4719) + ## [1.20.0/0.43.0] 2023-11-10 This release brings a breaking change for custom trace API implementations. Some interfaces (`TracerProvider`, `Tracer`, `Span`) now embed the `go.opentelemetry.io/otel/trace/embedded` types. Implementors need to update their implementations based on what they want the default behavior to be. See the "API Implementations" section of the [trace API] package documentation for more information about how to accomplish this. @@ -2721,7 +2735,8 @@ It contains api and sdk for trace and meter. - CircleCI build CI manifest files. - CODEOWNERS file to track owners of this project. -[Unreleased]: https://github.com/open-telemetry/opentelemetry-go/compare/v1.20.0...HEAD +[Unreleased]: https://github.com/open-telemetry/opentelemetry-go/compare/v1.21.0...HEAD +[1.21.0/0.44.0]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.21.0 [1.20.0/0.43.0]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.20.0 [1.19.0/0.42.0/0.0.7]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.19.0 [1.19.0-rc.1/0.42.0-rc.1]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.19.0-rc.1 diff --git a/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md b/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md index a00dbca7b..850606ae6 100644 --- a/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md +++ b/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md @@ -90,6 +90,10 @@ git push Open a pull request against the main `opentelemetry-go` repo. Be sure to add the pull request ID to the entry you added to `CHANGELOG.md`. +Avoid rebasing and force-pushing to your branch to facilitate reviewing the pull request. +Rewriting Git history makes it difficult to keep track of iterations during code review. +All pull requests are squashed to a single commit upon merge to `main`. + ### How to Receive Comments * If the PR is not ready for review, please put `[WIP]` in the title, diff --git a/vendor/go.opentelemetry.io/otel/semconv/v1.21.0/attribute_group.go b/vendor/go.opentelemetry.io/otel/semconv/v1.21.0/attribute_group.go new file mode 100644 index 000000000..e6cf89510 --- /dev/null +++ b/vendor/go.opentelemetry.io/otel/semconv/v1.21.0/attribute_group.go @@ -0,0 +1,1877 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated from semantic convention specification. DO NOT EDIT. + +package semconv // import "go.opentelemetry.io/otel/semconv/v1.21.0" + +import "go.opentelemetry.io/otel/attribute" + +// These attributes may be used to describe the client in a connection-based +// network interaction where there is one side that initiates the connection +// (the client is the side that initiates the connection). This covers all TCP +// network interactions since TCP is connection-based and one side initiates +// the connection (an exception is made for peer-to-peer communication over TCP +// where the "user-facing" surface of the protocol / API does not expose a +// clear notion of client and server). This also covers UDP network +// interactions where one side initiates the interaction, e.g. QUIC (HTTP/3) +// and DNS. +const ( + // ClientAddressKey is the attribute Key conforming to the "client.address" + // semantic conventions. It represents the client address - unix domain + // socket name, IPv4 or IPv6 address. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '/tmp/my.sock', '10.1.2.80' + // Note: When observed from the server side, and when communicating through + // an intermediary, `client.address` SHOULD represent client address behind + // any intermediaries (e.g. proxies) if it's available. + ClientAddressKey = attribute.Key("client.address") + + // ClientPortKey is the attribute Key conforming to the "client.port" + // semantic conventions. It represents the client port number + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 65123 + // Note: When observed from the server side, and when communicating through + // an intermediary, `client.port` SHOULD represent client port behind any + // intermediaries (e.g. proxies) if it's available. + ClientPortKey = attribute.Key("client.port") + + // ClientSocketAddressKey is the attribute Key conforming to the + // "client.socket.address" semantic conventions. It represents the + // immediate client peer address - unix domain socket name, IPv4 or IPv6 + // address. + // + // Type: string + // RequirementLevel: Recommended (If different than `client.address`.) + // Stability: stable + // Examples: '/tmp/my.sock', '127.0.0.1' + ClientSocketAddressKey = attribute.Key("client.socket.address") + + // ClientSocketPortKey is the attribute Key conforming to the + // "client.socket.port" semantic conventions. It represents the immediate + // client peer port number + // + // Type: int + // RequirementLevel: Recommended (If different than `client.port`.) + // Stability: stable + // Examples: 35555 + ClientSocketPortKey = attribute.Key("client.socket.port") +) + +// ClientAddress returns an attribute KeyValue conforming to the +// "client.address" semantic conventions. It represents the client address - +// unix domain socket name, IPv4 or IPv6 address. +func ClientAddress(val string) attribute.KeyValue { + return ClientAddressKey.String(val) +} + +// ClientPort returns an attribute KeyValue conforming to the "client.port" +// semantic conventions. It represents the client port number +func ClientPort(val int) attribute.KeyValue { + return ClientPortKey.Int(val) +} + +// ClientSocketAddress returns an attribute KeyValue conforming to the +// "client.socket.address" semantic conventions. It represents the immediate +// client peer address - unix domain socket name, IPv4 or IPv6 address. +func ClientSocketAddress(val string) attribute.KeyValue { + return ClientSocketAddressKey.String(val) +} + +// ClientSocketPort returns an attribute KeyValue conforming to the +// "client.socket.port" semantic conventions. It represents the immediate +// client peer port number +func ClientSocketPort(val int) attribute.KeyValue { + return ClientSocketPortKey.Int(val) +} + +// Describes deprecated HTTP attributes. +const ( + // HTTPMethodKey is the attribute Key conforming to the "http.method" + // semantic conventions. It represents the deprecated, use + // `http.request.method` instead. + // + // Type: string + // RequirementLevel: Optional + // Stability: deprecated + // Examples: 'GET', 'POST', 'HEAD' + HTTPMethodKey = attribute.Key("http.method") + + // HTTPStatusCodeKey is the attribute Key conforming to the + // "http.status_code" semantic conventions. It represents the deprecated, + // use `http.response.status_code` instead. + // + // Type: int + // RequirementLevel: Optional + // Stability: deprecated + // Examples: 200 + HTTPStatusCodeKey = attribute.Key("http.status_code") + + // HTTPSchemeKey is the attribute Key conforming to the "http.scheme" + // semantic conventions. It represents the deprecated, use `url.scheme` + // instead. + // + // Type: string + // RequirementLevel: Optional + // Stability: deprecated + // Examples: 'http', 'https' + HTTPSchemeKey = attribute.Key("http.scheme") + + // HTTPURLKey is the attribute Key conforming to the "http.url" semantic + // conventions. It represents the deprecated, use `url.full` instead. + // + // Type: string + // RequirementLevel: Optional + // Stability: deprecated + // Examples: 'https://www.foo.bar/search?q=OpenTelemetry#SemConv' + HTTPURLKey = attribute.Key("http.url") + + // HTTPTargetKey is the attribute Key conforming to the "http.target" + // semantic conventions. It represents the deprecated, use `url.path` and + // `url.query` instead. + // + // Type: string + // RequirementLevel: Optional + // Stability: deprecated + // Examples: '/search?q=OpenTelemetry#SemConv' + HTTPTargetKey = attribute.Key("http.target") + + // HTTPRequestContentLengthKey is the attribute Key conforming to the + // "http.request_content_length" semantic conventions. It represents the + // deprecated, use `http.request.body.size` instead. + // + // Type: int + // RequirementLevel: Optional + // Stability: deprecated + // Examples: 3495 + HTTPRequestContentLengthKey = attribute.Key("http.request_content_length") + + // HTTPResponseContentLengthKey is the attribute Key conforming to the + // "http.response_content_length" semantic conventions. It represents the + // deprecated, use `http.response.body.size` instead. + // + // Type: int + // RequirementLevel: Optional + // Stability: deprecated + // Examples: 3495 + HTTPResponseContentLengthKey = attribute.Key("http.response_content_length") +) + +// HTTPMethod returns an attribute KeyValue conforming to the "http.method" +// semantic conventions. It represents the deprecated, use +// `http.request.method` instead. +func HTTPMethod(val string) attribute.KeyValue { + return HTTPMethodKey.String(val) +} + +// HTTPStatusCode returns an attribute KeyValue conforming to the +// "http.status_code" semantic conventions. It represents the deprecated, use +// `http.response.status_code` instead. +func HTTPStatusCode(val int) attribute.KeyValue { + return HTTPStatusCodeKey.Int(val) +} + +// HTTPScheme returns an attribute KeyValue conforming to the "http.scheme" +// semantic conventions. It represents the deprecated, use `url.scheme` +// instead. +func HTTPScheme(val string) attribute.KeyValue { + return HTTPSchemeKey.String(val) +} + +// HTTPURL returns an attribute KeyValue conforming to the "http.url" +// semantic conventions. It represents the deprecated, use `url.full` instead. +func HTTPURL(val string) attribute.KeyValue { + return HTTPURLKey.String(val) +} + +// HTTPTarget returns an attribute KeyValue conforming to the "http.target" +// semantic conventions. It represents the deprecated, use `url.path` and +// `url.query` instead. +func HTTPTarget(val string) attribute.KeyValue { + return HTTPTargetKey.String(val) +} + +// HTTPRequestContentLength returns an attribute KeyValue conforming to the +// "http.request_content_length" semantic conventions. It represents the +// deprecated, use `http.request.body.size` instead. +func HTTPRequestContentLength(val int) attribute.KeyValue { + return HTTPRequestContentLengthKey.Int(val) +} + +// HTTPResponseContentLength returns an attribute KeyValue conforming to the +// "http.response_content_length" semantic conventions. It represents the +// deprecated, use `http.response.body.size` instead. +func HTTPResponseContentLength(val int) attribute.KeyValue { + return HTTPResponseContentLengthKey.Int(val) +} + +// These attributes may be used for any network related operation. +const ( + // NetSockPeerNameKey is the attribute Key conforming to the + // "net.sock.peer.name" semantic conventions. It represents the deprecated, + // use `server.socket.domain` on client spans. + // + // Type: string + // RequirementLevel: Optional + // Stability: deprecated + // Examples: '/var/my.sock' + NetSockPeerNameKey = attribute.Key("net.sock.peer.name") + + // NetSockPeerAddrKey is the attribute Key conforming to the + // "net.sock.peer.addr" semantic conventions. It represents the deprecated, + // use `server.socket.address` on client spans and `client.socket.address` + // on server spans. + // + // Type: string + // RequirementLevel: Optional + // Stability: deprecated + // Examples: '192.168.0.1' + NetSockPeerAddrKey = attribute.Key("net.sock.peer.addr") + + // NetSockPeerPortKey is the attribute Key conforming to the + // "net.sock.peer.port" semantic conventions. It represents the deprecated, + // use `server.socket.port` on client spans and `client.socket.port` on + // server spans. + // + // Type: int + // RequirementLevel: Optional + // Stability: deprecated + // Examples: 65531 + NetSockPeerPortKey = attribute.Key("net.sock.peer.port") + + // NetPeerNameKey is the attribute Key conforming to the "net.peer.name" + // semantic conventions. It represents the deprecated, use `server.address` + // on client spans and `client.address` on server spans. + // + // Type: string + // RequirementLevel: Optional + // Stability: deprecated + // Examples: 'example.com' + NetPeerNameKey = attribute.Key("net.peer.name") + + // NetPeerPortKey is the attribute Key conforming to the "net.peer.port" + // semantic conventions. It represents the deprecated, use `server.port` on + // client spans and `client.port` on server spans. + // + // Type: int + // RequirementLevel: Optional + // Stability: deprecated + // Examples: 8080 + NetPeerPortKey = attribute.Key("net.peer.port") + + // NetHostNameKey is the attribute Key conforming to the "net.host.name" + // semantic conventions. It represents the deprecated, use + // `server.address`. + // + // Type: string + // RequirementLevel: Optional + // Stability: deprecated + // Examples: 'example.com' + NetHostNameKey = attribute.Key("net.host.name") + + // NetHostPortKey is the attribute Key conforming to the "net.host.port" + // semantic conventions. It represents the deprecated, use `server.port`. + // + // Type: int + // RequirementLevel: Optional + // Stability: deprecated + // Examples: 8080 + NetHostPortKey = attribute.Key("net.host.port") + + // NetSockHostAddrKey is the attribute Key conforming to the + // "net.sock.host.addr" semantic conventions. It represents the deprecated, + // use `server.socket.address`. + // + // Type: string + // RequirementLevel: Optional + // Stability: deprecated + // Examples: '/var/my.sock' + NetSockHostAddrKey = attribute.Key("net.sock.host.addr") + + // NetSockHostPortKey is the attribute Key conforming to the + // "net.sock.host.port" semantic conventions. It represents the deprecated, + // use `server.socket.port`. + // + // Type: int + // RequirementLevel: Optional + // Stability: deprecated + // Examples: 8080 + NetSockHostPortKey = attribute.Key("net.sock.host.port") + + // NetTransportKey is the attribute Key conforming to the "net.transport" + // semantic conventions. It represents the deprecated, use + // `network.transport`. + // + // Type: Enum + // RequirementLevel: Optional + // Stability: deprecated + NetTransportKey = attribute.Key("net.transport") + + // NetProtocolNameKey is the attribute Key conforming to the + // "net.protocol.name" semantic conventions. It represents the deprecated, + // use `network.protocol.name`. + // + // Type: string + // RequirementLevel: Optional + // Stability: deprecated + // Examples: 'amqp', 'http', 'mqtt' + NetProtocolNameKey = attribute.Key("net.protocol.name") + + // NetProtocolVersionKey is the attribute Key conforming to the + // "net.protocol.version" semantic conventions. It represents the + // deprecated, use `network.protocol.version`. + // + // Type: string + // RequirementLevel: Optional + // Stability: deprecated + // Examples: '3.1.1' + NetProtocolVersionKey = attribute.Key("net.protocol.version") + + // NetSockFamilyKey is the attribute Key conforming to the + // "net.sock.family" semantic conventions. It represents the deprecated, + // use `network.transport` and `network.type`. + // + // Type: Enum + // RequirementLevel: Optional + // Stability: deprecated + NetSockFamilyKey = attribute.Key("net.sock.family") +) + +var ( + // ip_tcp + NetTransportTCP = NetTransportKey.String("ip_tcp") + // ip_udp + NetTransportUDP = NetTransportKey.String("ip_udp") + // Named or anonymous pipe + NetTransportPipe = NetTransportKey.String("pipe") + // In-process communication + NetTransportInProc = NetTransportKey.String("inproc") + // Something else (non IP-based) + NetTransportOther = NetTransportKey.String("other") +) + +var ( + // IPv4 address + NetSockFamilyInet = NetSockFamilyKey.String("inet") + // IPv6 address + NetSockFamilyInet6 = NetSockFamilyKey.String("inet6") + // Unix domain socket path + NetSockFamilyUnix = NetSockFamilyKey.String("unix") +) + +// NetSockPeerName returns an attribute KeyValue conforming to the +// "net.sock.peer.name" semantic conventions. It represents the deprecated, use +// `server.socket.domain` on client spans. +func NetSockPeerName(val string) attribute.KeyValue { + return NetSockPeerNameKey.String(val) +} + +// NetSockPeerAddr returns an attribute KeyValue conforming to the +// "net.sock.peer.addr" semantic conventions. It represents the deprecated, use +// `server.socket.address` on client spans and `client.socket.address` on +// server spans. +func NetSockPeerAddr(val string) attribute.KeyValue { + return NetSockPeerAddrKey.String(val) +} + +// NetSockPeerPort returns an attribute KeyValue conforming to the +// "net.sock.peer.port" semantic conventions. It represents the deprecated, use +// `server.socket.port` on client spans and `client.socket.port` on server +// spans. +func NetSockPeerPort(val int) attribute.KeyValue { + return NetSockPeerPortKey.Int(val) +} + +// NetPeerName returns an attribute KeyValue conforming to the +// "net.peer.name" semantic conventions. It represents the deprecated, use +// `server.address` on client spans and `client.address` on server spans. +func NetPeerName(val string) attribute.KeyValue { + return NetPeerNameKey.String(val) +} + +// NetPeerPort returns an attribute KeyValue conforming to the +// "net.peer.port" semantic conventions. It represents the deprecated, use +// `server.port` on client spans and `client.port` on server spans. +func NetPeerPort(val int) attribute.KeyValue { + return NetPeerPortKey.Int(val) +} + +// NetHostName returns an attribute KeyValue conforming to the +// "net.host.name" semantic conventions. It represents the deprecated, use +// `server.address`. +func NetHostName(val string) attribute.KeyValue { + return NetHostNameKey.String(val) +} + +// NetHostPort returns an attribute KeyValue conforming to the +// "net.host.port" semantic conventions. It represents the deprecated, use +// `server.port`. +func NetHostPort(val int) attribute.KeyValue { + return NetHostPortKey.Int(val) +} + +// NetSockHostAddr returns an attribute KeyValue conforming to the +// "net.sock.host.addr" semantic conventions. It represents the deprecated, use +// `server.socket.address`. +func NetSockHostAddr(val string) attribute.KeyValue { + return NetSockHostAddrKey.String(val) +} + +// NetSockHostPort returns an attribute KeyValue conforming to the +// "net.sock.host.port" semantic conventions. It represents the deprecated, use +// `server.socket.port`. +func NetSockHostPort(val int) attribute.KeyValue { + return NetSockHostPortKey.Int(val) +} + +// NetProtocolName returns an attribute KeyValue conforming to the +// "net.protocol.name" semantic conventions. It represents the deprecated, use +// `network.protocol.name`. +func NetProtocolName(val string) attribute.KeyValue { + return NetProtocolNameKey.String(val) +} + +// NetProtocolVersion returns an attribute KeyValue conforming to the +// "net.protocol.version" semantic conventions. It represents the deprecated, +// use `network.protocol.version`. +func NetProtocolVersion(val string) attribute.KeyValue { + return NetProtocolVersionKey.String(val) +} + +// These attributes may be used to describe the receiver of a network +// exchange/packet. These should be used when there is no client/server +// relationship between the two sides, or when that relationship is unknown. +// This covers low-level network interactions (e.g. packet tracing) where you +// don't know if there was a connection or which side initiated it. This also +// covers unidirectional UDP flows and peer-to-peer communication where the +// "user-facing" surface of the protocol / API does not expose a clear notion +// of client and server. +const ( + // DestinationDomainKey is the attribute Key conforming to the + // "destination.domain" semantic conventions. It represents the domain name + // of the destination system. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'foo.example.com' + // Note: This value may be a host name, a fully qualified domain name, or + // another host naming format. + DestinationDomainKey = attribute.Key("destination.domain") + + // DestinationAddressKey is the attribute Key conforming to the + // "destination.address" semantic conventions. It represents the peer + // address, for example IP address or UNIX socket name. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '10.5.3.2' + DestinationAddressKey = attribute.Key("destination.address") + + // DestinationPortKey is the attribute Key conforming to the + // "destination.port" semantic conventions. It represents the peer port + // number + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 3389, 2888 + DestinationPortKey = attribute.Key("destination.port") +) + +// DestinationDomain returns an attribute KeyValue conforming to the +// "destination.domain" semantic conventions. It represents the domain name of +// the destination system. +func DestinationDomain(val string) attribute.KeyValue { + return DestinationDomainKey.String(val) +} + +// DestinationAddress returns an attribute KeyValue conforming to the +// "destination.address" semantic conventions. It represents the peer address, +// for example IP address or UNIX socket name. +func DestinationAddress(val string) attribute.KeyValue { + return DestinationAddressKey.String(val) +} + +// DestinationPort returns an attribute KeyValue conforming to the +// "destination.port" semantic conventions. It represents the peer port number +func DestinationPort(val int) attribute.KeyValue { + return DestinationPortKey.Int(val) +} + +// Describes HTTP attributes. +const ( + // HTTPRequestMethodKey is the attribute Key conforming to the + // "http.request.method" semantic conventions. It represents the hTTP + // request method. + // + // Type: Enum + // RequirementLevel: Required + // Stability: stable + // Examples: 'GET', 'POST', 'HEAD' + // Note: HTTP request method value SHOULD be "known" to the + // instrumentation. + // By default, this convention defines "known" methods as the ones listed + // in [RFC9110](https://www.rfc-editor.org/rfc/rfc9110.html#name-methods) + // and the PATCH method defined in + // [RFC5789](https://www.rfc-editor.org/rfc/rfc5789.html). + // + // If the HTTP request method is not known to instrumentation, it MUST set + // the `http.request.method` attribute to `_OTHER` and, except if reporting + // a metric, MUST + // set the exact method received in the request line as value of the + // `http.request.method_original` attribute. + // + // If the HTTP instrumentation could end up converting valid HTTP request + // methods to `_OTHER`, then it MUST provide a way to override + // the list of known HTTP methods. If this override is done via environment + // variable, then the environment variable MUST be named + // OTEL_INSTRUMENTATION_HTTP_KNOWN_METHODS and support a comma-separated + // list of case-sensitive known HTTP methods + // (this list MUST be a full override of the default known method, it is + // not a list of known methods in addition to the defaults). + // + // HTTP method names are case-sensitive and `http.request.method` attribute + // value MUST match a known HTTP method name exactly. + // Instrumentations for specific web frameworks that consider HTTP methods + // to be case insensitive, SHOULD populate a canonical equivalent. + // Tracing instrumentations that do so, MUST also set + // `http.request.method_original` to the original value. + HTTPRequestMethodKey = attribute.Key("http.request.method") + + // HTTPResponseStatusCodeKey is the attribute Key conforming to the + // "http.response.status_code" semantic conventions. It represents the + // [HTTP response status + // code](https://tools.ietf.org/html/rfc7231#section-6). + // + // Type: int + // RequirementLevel: ConditionallyRequired (If and only if one was + // received/sent.) + // Stability: stable + // Examples: 200 + HTTPResponseStatusCodeKey = attribute.Key("http.response.status_code") +) + +var ( + // CONNECT method + HTTPRequestMethodConnect = HTTPRequestMethodKey.String("CONNECT") + // DELETE method + HTTPRequestMethodDelete = HTTPRequestMethodKey.String("DELETE") + // GET method + HTTPRequestMethodGet = HTTPRequestMethodKey.String("GET") + // HEAD method + HTTPRequestMethodHead = HTTPRequestMethodKey.String("HEAD") + // OPTIONS method + HTTPRequestMethodOptions = HTTPRequestMethodKey.String("OPTIONS") + // PATCH method + HTTPRequestMethodPatch = HTTPRequestMethodKey.String("PATCH") + // POST method + HTTPRequestMethodPost = HTTPRequestMethodKey.String("POST") + // PUT method + HTTPRequestMethodPut = HTTPRequestMethodKey.String("PUT") + // TRACE method + HTTPRequestMethodTrace = HTTPRequestMethodKey.String("TRACE") + // Any HTTP method that the instrumentation has no prior knowledge of + HTTPRequestMethodOther = HTTPRequestMethodKey.String("_OTHER") +) + +// HTTPResponseStatusCode returns an attribute KeyValue conforming to the +// "http.response.status_code" semantic conventions. It represents the [HTTP +// response status code](https://tools.ietf.org/html/rfc7231#section-6). +func HTTPResponseStatusCode(val int) attribute.KeyValue { + return HTTPResponseStatusCodeKey.Int(val) +} + +// HTTP Server attributes +const ( + // HTTPRouteKey is the attribute Key conforming to the "http.route" + // semantic conventions. It represents the matched route (path template in + // the format used by the respective server framework). See note below + // + // Type: string + // RequirementLevel: ConditionallyRequired (If and only if it's available) + // Stability: stable + // Examples: '/users/:userID?', '{controller}/{action}/{id?}' + // Note: MUST NOT be populated when this is not supported by the HTTP + // server framework as the route attribute should have low-cardinality and + // the URI path can NOT substitute it. + // SHOULD include the [application + // root](/docs/http/http-spans.md#http-server-definitions) if there is one. + HTTPRouteKey = attribute.Key("http.route") +) + +// HTTPRoute returns an attribute KeyValue conforming to the "http.route" +// semantic conventions. It represents the matched route (path template in the +// format used by the respective server framework). See note below +func HTTPRoute(val string) attribute.KeyValue { + return HTTPRouteKey.String(val) +} + +// Attributes for Events represented using Log Records. +const ( + // EventNameKey is the attribute Key conforming to the "event.name" + // semantic conventions. It represents the name identifies the event. + // + // Type: string + // RequirementLevel: Required + // Stability: stable + // Examples: 'click', 'exception' + EventNameKey = attribute.Key("event.name") + + // EventDomainKey is the attribute Key conforming to the "event.domain" + // semantic conventions. It represents the domain identifies the business + // context for the events. + // + // Type: Enum + // RequirementLevel: Required + // Stability: stable + // Note: Events across different domains may have same `event.name`, yet be + // unrelated events. + EventDomainKey = attribute.Key("event.domain") +) + +var ( + // Events from browser apps + EventDomainBrowser = EventDomainKey.String("browser") + // Events from mobile apps + EventDomainDevice = EventDomainKey.String("device") + // Events from Kubernetes + EventDomainK8S = EventDomainKey.String("k8s") +) + +// EventName returns an attribute KeyValue conforming to the "event.name" +// semantic conventions. It represents the name identifies the event. +func EventName(val string) attribute.KeyValue { + return EventNameKey.String(val) +} + +// The attributes described in this section are rather generic. They may be +// used in any Log Record they apply to. +const ( + // LogRecordUIDKey is the attribute Key conforming to the "log.record.uid" + // semantic conventions. It represents a unique identifier for the Log + // Record. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '01ARZ3NDEKTSV4RRFFQ69G5FAV' + // Note: If an id is provided, other log records with the same id will be + // considered duplicates and can be removed safely. This means, that two + // distinguishable log records MUST have different values. + // The id MAY be an [Universally Unique Lexicographically Sortable + // Identifier (ULID)](https://github.com/ulid/spec), but other identifiers + // (e.g. UUID) may be used as needed. + LogRecordUIDKey = attribute.Key("log.record.uid") +) + +// LogRecordUID returns an attribute KeyValue conforming to the +// "log.record.uid" semantic conventions. It represents a unique identifier for +// the Log Record. +func LogRecordUID(val string) attribute.KeyValue { + return LogRecordUIDKey.String(val) +} + +// Describes Log attributes +const ( + // LogIostreamKey is the attribute Key conforming to the "log.iostream" + // semantic conventions. It represents the stream associated with the log. + // See below for a list of well-known values. + // + // Type: Enum + // RequirementLevel: Optional + // Stability: stable + LogIostreamKey = attribute.Key("log.iostream") +) + +var ( + // Logs from stdout stream + LogIostreamStdout = LogIostreamKey.String("stdout") + // Events from stderr stream + LogIostreamStderr = LogIostreamKey.String("stderr") +) + +// A file to which log was emitted. +const ( + // LogFileNameKey is the attribute Key conforming to the "log.file.name" + // semantic conventions. It represents the basename of the file. + // + // Type: string + // RequirementLevel: Recommended + // Stability: stable + // Examples: 'audit.log' + LogFileNameKey = attribute.Key("log.file.name") + + // LogFilePathKey is the attribute Key conforming to the "log.file.path" + // semantic conventions. It represents the full path to the file. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '/var/log/mysql/audit.log' + LogFilePathKey = attribute.Key("log.file.path") + + // LogFileNameResolvedKey is the attribute Key conforming to the + // "log.file.name_resolved" semantic conventions. It represents the + // basename of the file, with symlinks resolved. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'uuid.log' + LogFileNameResolvedKey = attribute.Key("log.file.name_resolved") + + // LogFilePathResolvedKey is the attribute Key conforming to the + // "log.file.path_resolved" semantic conventions. It represents the full + // path to the file, with symlinks resolved. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '/var/lib/docker/uuid.log' + LogFilePathResolvedKey = attribute.Key("log.file.path_resolved") +) + +// LogFileName returns an attribute KeyValue conforming to the +// "log.file.name" semantic conventions. It represents the basename of the +// file. +func LogFileName(val string) attribute.KeyValue { + return LogFileNameKey.String(val) +} + +// LogFilePath returns an attribute KeyValue conforming to the +// "log.file.path" semantic conventions. It represents the full path to the +// file. +func LogFilePath(val string) attribute.KeyValue { + return LogFilePathKey.String(val) +} + +// LogFileNameResolved returns an attribute KeyValue conforming to the +// "log.file.name_resolved" semantic conventions. It represents the basename of +// the file, with symlinks resolved. +func LogFileNameResolved(val string) attribute.KeyValue { + return LogFileNameResolvedKey.String(val) +} + +// LogFilePathResolved returns an attribute KeyValue conforming to the +// "log.file.path_resolved" semantic conventions. It represents the full path +// to the file, with symlinks resolved. +func LogFilePathResolved(val string) attribute.KeyValue { + return LogFilePathResolvedKey.String(val) +} + +// Describes JVM memory metric attributes. +const ( + // TypeKey is the attribute Key conforming to the "type" semantic + // conventions. It represents the type of memory. + // + // Type: Enum + // RequirementLevel: Recommended + // Stability: stable + // Examples: 'heap', 'non_heap' + TypeKey = attribute.Key("type") + + // PoolKey is the attribute Key conforming to the "pool" semantic + // conventions. It represents the name of the memory pool. + // + // Type: string + // RequirementLevel: Recommended + // Stability: stable + // Examples: 'G1 Old Gen', 'G1 Eden space', 'G1 Survivor Space' + // Note: Pool names are generally obtained via + // [MemoryPoolMXBean#getName()](https://docs.oracle.com/en/java/javase/11/docs/api/java.management/java/lang/management/MemoryPoolMXBean.html#getName()). + PoolKey = attribute.Key("pool") +) + +var ( + // Heap memory + TypeHeap = TypeKey.String("heap") + // Non-heap memory + TypeNonHeap = TypeKey.String("non_heap") +) + +// Pool returns an attribute KeyValue conforming to the "pool" semantic +// conventions. It represents the name of the memory pool. +func Pool(val string) attribute.KeyValue { + return PoolKey.String(val) +} + +// These attributes may be used to describe the server in a connection-based +// network interaction where there is one side that initiates the connection +// (the client is the side that initiates the connection). This covers all TCP +// network interactions since TCP is connection-based and one side initiates +// the connection (an exception is made for peer-to-peer communication over TCP +// where the "user-facing" surface of the protocol / API does not expose a +// clear notion of client and server). This also covers UDP network +// interactions where one side initiates the interaction, e.g. QUIC (HTTP/3) +// and DNS. +const ( + // ServerAddressKey is the attribute Key conforming to the "server.address" + // semantic conventions. It represents the logical server hostname, matches + // server FQDN if available, and IP or socket address if FQDN is not known. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'example.com' + ServerAddressKey = attribute.Key("server.address") + + // ServerPortKey is the attribute Key conforming to the "server.port" + // semantic conventions. It represents the logical server port number + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 80, 8080, 443 + ServerPortKey = attribute.Key("server.port") + + // ServerSocketDomainKey is the attribute Key conforming to the + // "server.socket.domain" semantic conventions. It represents the domain + // name of an immediate peer. + // + // Type: string + // RequirementLevel: Recommended (If different than `server.address`.) + // Stability: stable + // Examples: 'proxy.example.com' + // Note: Typically observed from the client side, and represents a proxy or + // other intermediary domain name. + ServerSocketDomainKey = attribute.Key("server.socket.domain") + + // ServerSocketAddressKey is the attribute Key conforming to the + // "server.socket.address" semantic conventions. It represents the physical + // server IP address or Unix socket address. If set from the client, should + // simply use the socket's peer address, and not attempt to find any actual + // server IP (i.e., if set from client, this may represent some proxy + // server instead of the logical server). + // + // Type: string + // RequirementLevel: Recommended (If different than `server.address`.) + // Stability: stable + // Examples: '10.5.3.2' + ServerSocketAddressKey = attribute.Key("server.socket.address") + + // ServerSocketPortKey is the attribute Key conforming to the + // "server.socket.port" semantic conventions. It represents the physical + // server port. + // + // Type: int + // RequirementLevel: Recommended (If different than `server.port`.) + // Stability: stable + // Examples: 16456 + ServerSocketPortKey = attribute.Key("server.socket.port") +) + +// ServerAddress returns an attribute KeyValue conforming to the +// "server.address" semantic conventions. It represents the logical server +// hostname, matches server FQDN if available, and IP or socket address if FQDN +// is not known. +func ServerAddress(val string) attribute.KeyValue { + return ServerAddressKey.String(val) +} + +// ServerPort returns an attribute KeyValue conforming to the "server.port" +// semantic conventions. It represents the logical server port number +func ServerPort(val int) attribute.KeyValue { + return ServerPortKey.Int(val) +} + +// ServerSocketDomain returns an attribute KeyValue conforming to the +// "server.socket.domain" semantic conventions. It represents the domain name +// of an immediate peer. +func ServerSocketDomain(val string) attribute.KeyValue { + return ServerSocketDomainKey.String(val) +} + +// ServerSocketAddress returns an attribute KeyValue conforming to the +// "server.socket.address" semantic conventions. It represents the physical +// server IP address or Unix socket address. If set from the client, should +// simply use the socket's peer address, and not attempt to find any actual +// server IP (i.e., if set from client, this may represent some proxy server +// instead of the logical server). +func ServerSocketAddress(val string) attribute.KeyValue { + return ServerSocketAddressKey.String(val) +} + +// ServerSocketPort returns an attribute KeyValue conforming to the +// "server.socket.port" semantic conventions. It represents the physical server +// port. +func ServerSocketPort(val int) attribute.KeyValue { + return ServerSocketPortKey.Int(val) +} + +// These attributes may be used to describe the sender of a network +// exchange/packet. These should be used when there is no client/server +// relationship between the two sides, or when that relationship is unknown. +// This covers low-level network interactions (e.g. packet tracing) where you +// don't know if there was a connection or which side initiated it. This also +// covers unidirectional UDP flows and peer-to-peer communication where the +// "user-facing" surface of the protocol / API does not expose a clear notion +// of client and server. +const ( + // SourceDomainKey is the attribute Key conforming to the "source.domain" + // semantic conventions. It represents the domain name of the source + // system. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'foo.example.com' + // Note: This value may be a host name, a fully qualified domain name, or + // another host naming format. + SourceDomainKey = attribute.Key("source.domain") + + // SourceAddressKey is the attribute Key conforming to the "source.address" + // semantic conventions. It represents the source address, for example IP + // address or Unix socket name. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '10.5.3.2' + SourceAddressKey = attribute.Key("source.address") + + // SourcePortKey is the attribute Key conforming to the "source.port" + // semantic conventions. It represents the source port number + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 3389, 2888 + SourcePortKey = attribute.Key("source.port") +) + +// SourceDomain returns an attribute KeyValue conforming to the +// "source.domain" semantic conventions. It represents the domain name of the +// source system. +func SourceDomain(val string) attribute.KeyValue { + return SourceDomainKey.String(val) +} + +// SourceAddress returns an attribute KeyValue conforming to the +// "source.address" semantic conventions. It represents the source address, for +// example IP address or Unix socket name. +func SourceAddress(val string) attribute.KeyValue { + return SourceAddressKey.String(val) +} + +// SourcePort returns an attribute KeyValue conforming to the "source.port" +// semantic conventions. It represents the source port number +func SourcePort(val int) attribute.KeyValue { + return SourcePortKey.Int(val) +} + +// These attributes may be used for any network related operation. +const ( + // NetworkTransportKey is the attribute Key conforming to the + // "network.transport" semantic conventions. It represents the [OSI + // Transport Layer](https://osi-model.com/transport-layer/) or + // [Inter-process Communication + // method](https://en.wikipedia.org/wiki/Inter-process_communication). The + // value SHOULD be normalized to lowercase. + // + // Type: Enum + // RequirementLevel: Optional + // Stability: stable + // Examples: 'tcp', 'udp' + NetworkTransportKey = attribute.Key("network.transport") + + // NetworkTypeKey is the attribute Key conforming to the "network.type" + // semantic conventions. It represents the [OSI Network + // Layer](https://osi-model.com/network-layer/) or non-OSI equivalent. The + // value SHOULD be normalized to lowercase. + // + // Type: Enum + // RequirementLevel: Optional + // Stability: stable + // Examples: 'ipv4', 'ipv6' + NetworkTypeKey = attribute.Key("network.type") + + // NetworkProtocolNameKey is the attribute Key conforming to the + // "network.protocol.name" semantic conventions. It represents the [OSI + // Application Layer](https://osi-model.com/application-layer/) or non-OSI + // equivalent. The value SHOULD be normalized to lowercase. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'amqp', 'http', 'mqtt' + NetworkProtocolNameKey = attribute.Key("network.protocol.name") + + // NetworkProtocolVersionKey is the attribute Key conforming to the + // "network.protocol.version" semantic conventions. It represents the + // version of the application layer protocol used. See note below. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '3.1.1' + // Note: `network.protocol.version` refers to the version of the protocol + // used and might be different from the protocol client's version. If the + // HTTP client used has a version of `0.27.2`, but sends HTTP version + // `1.1`, this attribute should be set to `1.1`. + NetworkProtocolVersionKey = attribute.Key("network.protocol.version") +) + +var ( + // TCP + NetworkTransportTCP = NetworkTransportKey.String("tcp") + // UDP + NetworkTransportUDP = NetworkTransportKey.String("udp") + // Named or anonymous pipe. See note below + NetworkTransportPipe = NetworkTransportKey.String("pipe") + // Unix domain socket + NetworkTransportUnix = NetworkTransportKey.String("unix") +) + +var ( + // IPv4 + NetworkTypeIpv4 = NetworkTypeKey.String("ipv4") + // IPv6 + NetworkTypeIpv6 = NetworkTypeKey.String("ipv6") +) + +// NetworkProtocolName returns an attribute KeyValue conforming to the +// "network.protocol.name" semantic conventions. It represents the [OSI +// Application Layer](https://osi-model.com/application-layer/) or non-OSI +// equivalent. The value SHOULD be normalized to lowercase. +func NetworkProtocolName(val string) attribute.KeyValue { + return NetworkProtocolNameKey.String(val) +} + +// NetworkProtocolVersion returns an attribute KeyValue conforming to the +// "network.protocol.version" semantic conventions. It represents the version +// of the application layer protocol used. See note below. +func NetworkProtocolVersion(val string) attribute.KeyValue { + return NetworkProtocolVersionKey.String(val) +} + +// These attributes may be used for any network related operation. +const ( + // NetworkConnectionTypeKey is the attribute Key conforming to the + // "network.connection.type" semantic conventions. It represents the + // internet connection type. + // + // Type: Enum + // RequirementLevel: Optional + // Stability: stable + // Examples: 'wifi' + NetworkConnectionTypeKey = attribute.Key("network.connection.type") + + // NetworkConnectionSubtypeKey is the attribute Key conforming to the + // "network.connection.subtype" semantic conventions. It represents the + // this describes more details regarding the connection.type. It may be the + // type of cell technology connection, but it could be used for describing + // details about a wifi connection. + // + // Type: Enum + // RequirementLevel: Optional + // Stability: stable + // Examples: 'LTE' + NetworkConnectionSubtypeKey = attribute.Key("network.connection.subtype") + + // NetworkCarrierNameKey is the attribute Key conforming to the + // "network.carrier.name" semantic conventions. It represents the name of + // the mobile carrier. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'sprint' + NetworkCarrierNameKey = attribute.Key("network.carrier.name") + + // NetworkCarrierMccKey is the attribute Key conforming to the + // "network.carrier.mcc" semantic conventions. It represents the mobile + // carrier country code. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '310' + NetworkCarrierMccKey = attribute.Key("network.carrier.mcc") + + // NetworkCarrierMncKey is the attribute Key conforming to the + // "network.carrier.mnc" semantic conventions. It represents the mobile + // carrier network code. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '001' + NetworkCarrierMncKey = attribute.Key("network.carrier.mnc") + + // NetworkCarrierIccKey is the attribute Key conforming to the + // "network.carrier.icc" semantic conventions. It represents the ISO 3166-1 + // alpha-2 2-character country code associated with the mobile carrier + // network. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'DE' + NetworkCarrierIccKey = attribute.Key("network.carrier.icc") +) + +var ( + // wifi + NetworkConnectionTypeWifi = NetworkConnectionTypeKey.String("wifi") + // wired + NetworkConnectionTypeWired = NetworkConnectionTypeKey.String("wired") + // cell + NetworkConnectionTypeCell = NetworkConnectionTypeKey.String("cell") + // unavailable + NetworkConnectionTypeUnavailable = NetworkConnectionTypeKey.String("unavailable") + // unknown + NetworkConnectionTypeUnknown = NetworkConnectionTypeKey.String("unknown") +) + +var ( + // GPRS + NetworkConnectionSubtypeGprs = NetworkConnectionSubtypeKey.String("gprs") + // EDGE + NetworkConnectionSubtypeEdge = NetworkConnectionSubtypeKey.String("edge") + // UMTS + NetworkConnectionSubtypeUmts = NetworkConnectionSubtypeKey.String("umts") + // CDMA + NetworkConnectionSubtypeCdma = NetworkConnectionSubtypeKey.String("cdma") + // EVDO Rel. 0 + NetworkConnectionSubtypeEvdo0 = NetworkConnectionSubtypeKey.String("evdo_0") + // EVDO Rev. A + NetworkConnectionSubtypeEvdoA = NetworkConnectionSubtypeKey.String("evdo_a") + // CDMA2000 1XRTT + NetworkConnectionSubtypeCdma20001xrtt = NetworkConnectionSubtypeKey.String("cdma2000_1xrtt") + // HSDPA + NetworkConnectionSubtypeHsdpa = NetworkConnectionSubtypeKey.String("hsdpa") + // HSUPA + NetworkConnectionSubtypeHsupa = NetworkConnectionSubtypeKey.String("hsupa") + // HSPA + NetworkConnectionSubtypeHspa = NetworkConnectionSubtypeKey.String("hspa") + // IDEN + NetworkConnectionSubtypeIden = NetworkConnectionSubtypeKey.String("iden") + // EVDO Rev. B + NetworkConnectionSubtypeEvdoB = NetworkConnectionSubtypeKey.String("evdo_b") + // LTE + NetworkConnectionSubtypeLte = NetworkConnectionSubtypeKey.String("lte") + // EHRPD + NetworkConnectionSubtypeEhrpd = NetworkConnectionSubtypeKey.String("ehrpd") + // HSPAP + NetworkConnectionSubtypeHspap = NetworkConnectionSubtypeKey.String("hspap") + // GSM + NetworkConnectionSubtypeGsm = NetworkConnectionSubtypeKey.String("gsm") + // TD-SCDMA + NetworkConnectionSubtypeTdScdma = NetworkConnectionSubtypeKey.String("td_scdma") + // IWLAN + NetworkConnectionSubtypeIwlan = NetworkConnectionSubtypeKey.String("iwlan") + // 5G NR (New Radio) + NetworkConnectionSubtypeNr = NetworkConnectionSubtypeKey.String("nr") + // 5G NRNSA (New Radio Non-Standalone) + NetworkConnectionSubtypeNrnsa = NetworkConnectionSubtypeKey.String("nrnsa") + // LTE CA + NetworkConnectionSubtypeLteCa = NetworkConnectionSubtypeKey.String("lte_ca") +) + +// NetworkCarrierName returns an attribute KeyValue conforming to the +// "network.carrier.name" semantic conventions. It represents the name of the +// mobile carrier. +func NetworkCarrierName(val string) attribute.KeyValue { + return NetworkCarrierNameKey.String(val) +} + +// NetworkCarrierMcc returns an attribute KeyValue conforming to the +// "network.carrier.mcc" semantic conventions. It represents the mobile carrier +// country code. +func NetworkCarrierMcc(val string) attribute.KeyValue { + return NetworkCarrierMccKey.String(val) +} + +// NetworkCarrierMnc returns an attribute KeyValue conforming to the +// "network.carrier.mnc" semantic conventions. It represents the mobile carrier +// network code. +func NetworkCarrierMnc(val string) attribute.KeyValue { + return NetworkCarrierMncKey.String(val) +} + +// NetworkCarrierIcc returns an attribute KeyValue conforming to the +// "network.carrier.icc" semantic conventions. It represents the ISO 3166-1 +// alpha-2 2-character country code associated with the mobile carrier network. +func NetworkCarrierIcc(val string) attribute.KeyValue { + return NetworkCarrierIccKey.String(val) +} + +// Semantic conventions for HTTP client and server Spans. +const ( + // HTTPRequestMethodOriginalKey is the attribute Key conforming to the + // "http.request.method_original" semantic conventions. It represents the + // original HTTP method sent by the client in the request line. + // + // Type: string + // RequirementLevel: ConditionallyRequired (If and only if it's different + // than `http.request.method`.) + // Stability: stable + // Examples: 'GeT', 'ACL', 'foo' + HTTPRequestMethodOriginalKey = attribute.Key("http.request.method_original") + + // HTTPRequestBodySizeKey is the attribute Key conforming to the + // "http.request.body.size" semantic conventions. It represents the size of + // the request payload body in bytes. This is the number of bytes + // transferred excluding headers and is often, but not always, present as + // the + // [Content-Length](https://www.rfc-editor.org/rfc/rfc9110.html#field.content-length) + // header. For requests using transport encoding, this should be the + // compressed size. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 3495 + HTTPRequestBodySizeKey = attribute.Key("http.request.body.size") + + // HTTPResponseBodySizeKey is the attribute Key conforming to the + // "http.response.body.size" semantic conventions. It represents the size + // of the response payload body in bytes. This is the number of bytes + // transferred excluding headers and is often, but not always, present as + // the + // [Content-Length](https://www.rfc-editor.org/rfc/rfc9110.html#field.content-length) + // header. For requests using transport encoding, this should be the + // compressed size. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 3495 + HTTPResponseBodySizeKey = attribute.Key("http.response.body.size") +) + +// HTTPRequestMethodOriginal returns an attribute KeyValue conforming to the +// "http.request.method_original" semantic conventions. It represents the +// original HTTP method sent by the client in the request line. +func HTTPRequestMethodOriginal(val string) attribute.KeyValue { + return HTTPRequestMethodOriginalKey.String(val) +} + +// HTTPRequestBodySize returns an attribute KeyValue conforming to the +// "http.request.body.size" semantic conventions. It represents the size of the +// request payload body in bytes. This is the number of bytes transferred +// excluding headers and is often, but not always, present as the +// [Content-Length](https://www.rfc-editor.org/rfc/rfc9110.html#field.content-length) +// header. For requests using transport encoding, this should be the compressed +// size. +func HTTPRequestBodySize(val int) attribute.KeyValue { + return HTTPRequestBodySizeKey.Int(val) +} + +// HTTPResponseBodySize returns an attribute KeyValue conforming to the +// "http.response.body.size" semantic conventions. It represents the size of +// the response payload body in bytes. This is the number of bytes transferred +// excluding headers and is often, but not always, present as the +// [Content-Length](https://www.rfc-editor.org/rfc/rfc9110.html#field.content-length) +// header. For requests using transport encoding, this should be the compressed +// size. +func HTTPResponseBodySize(val int) attribute.KeyValue { + return HTTPResponseBodySizeKey.Int(val) +} + +// Semantic convention describing per-message attributes populated on messaging +// spans or links. +const ( + // MessagingMessageIDKey is the attribute Key conforming to the + // "messaging.message.id" semantic conventions. It represents a value used + // by the messaging system as an identifier for the message, represented as + // a string. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '452a7c7c7c7048c2f887f61572b18fc2' + MessagingMessageIDKey = attribute.Key("messaging.message.id") + + // MessagingMessageConversationIDKey is the attribute Key conforming to the + // "messaging.message.conversation_id" semantic conventions. It represents + // the [conversation ID](#conversations) identifying the conversation to + // which the message belongs, represented as a string. Sometimes called + // "Correlation ID". + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'MyConversationID' + MessagingMessageConversationIDKey = attribute.Key("messaging.message.conversation_id") + + // MessagingMessagePayloadSizeBytesKey is the attribute Key conforming to + // the "messaging.message.payload_size_bytes" semantic conventions. It + // represents the (uncompressed) size of the message payload in bytes. Also + // use this attribute if it is unknown whether the compressed or + // uncompressed payload size is reported. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 2738 + MessagingMessagePayloadSizeBytesKey = attribute.Key("messaging.message.payload_size_bytes") + + // MessagingMessagePayloadCompressedSizeBytesKey is the attribute Key + // conforming to the "messaging.message.payload_compressed_size_bytes" + // semantic conventions. It represents the compressed size of the message + // payload in bytes. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 2048 + MessagingMessagePayloadCompressedSizeBytesKey = attribute.Key("messaging.message.payload_compressed_size_bytes") +) + +// MessagingMessageID returns an attribute KeyValue conforming to the +// "messaging.message.id" semantic conventions. It represents a value used by +// the messaging system as an identifier for the message, represented as a +// string. +func MessagingMessageID(val string) attribute.KeyValue { + return MessagingMessageIDKey.String(val) +} + +// MessagingMessageConversationID returns an attribute KeyValue conforming +// to the "messaging.message.conversation_id" semantic conventions. It +// represents the [conversation ID](#conversations) identifying the +// conversation to which the message belongs, represented as a string. +// Sometimes called "Correlation ID". +func MessagingMessageConversationID(val string) attribute.KeyValue { + return MessagingMessageConversationIDKey.String(val) +} + +// MessagingMessagePayloadSizeBytes returns an attribute KeyValue conforming +// to the "messaging.message.payload_size_bytes" semantic conventions. It +// represents the (uncompressed) size of the message payload in bytes. Also use +// this attribute if it is unknown whether the compressed or uncompressed +// payload size is reported. +func MessagingMessagePayloadSizeBytes(val int) attribute.KeyValue { + return MessagingMessagePayloadSizeBytesKey.Int(val) +} + +// MessagingMessagePayloadCompressedSizeBytes returns an attribute KeyValue +// conforming to the "messaging.message.payload_compressed_size_bytes" semantic +// conventions. It represents the compressed size of the message payload in +// bytes. +func MessagingMessagePayloadCompressedSizeBytes(val int) attribute.KeyValue { + return MessagingMessagePayloadCompressedSizeBytesKey.Int(val) +} + +// Semantic convention for attributes that describe messaging destination on +// broker +const ( + // MessagingDestinationNameKey is the attribute Key conforming to the + // "messaging.destination.name" semantic conventions. It represents the + // message destination name + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'MyQueue', 'MyTopic' + // Note: Destination name SHOULD uniquely identify a specific queue, topic + // or other entity within the broker. If + // the broker does not have such notion, the destination name SHOULD + // uniquely identify the broker. + MessagingDestinationNameKey = attribute.Key("messaging.destination.name") + + // MessagingDestinationTemplateKey is the attribute Key conforming to the + // "messaging.destination.template" semantic conventions. It represents the + // low cardinality representation of the messaging destination name + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '/customers/{customerID}' + // Note: Destination names could be constructed from templates. An example + // would be a destination name involving a user name or product id. + // Although the destination name in this case is of high cardinality, the + // underlying template is of low cardinality and can be effectively used + // for grouping and aggregation. + MessagingDestinationTemplateKey = attribute.Key("messaging.destination.template") + + // MessagingDestinationTemporaryKey is the attribute Key conforming to the + // "messaging.destination.temporary" semantic conventions. It represents a + // boolean that is true if the message destination is temporary and might + // not exist anymore after messages are processed. + // + // Type: boolean + // RequirementLevel: Optional + // Stability: stable + MessagingDestinationTemporaryKey = attribute.Key("messaging.destination.temporary") + + // MessagingDestinationAnonymousKey is the attribute Key conforming to the + // "messaging.destination.anonymous" semantic conventions. It represents a + // boolean that is true if the message destination is anonymous (could be + // unnamed or have auto-generated name). + // + // Type: boolean + // RequirementLevel: Optional + // Stability: stable + MessagingDestinationAnonymousKey = attribute.Key("messaging.destination.anonymous") +) + +// MessagingDestinationName returns an attribute KeyValue conforming to the +// "messaging.destination.name" semantic conventions. It represents the message +// destination name +func MessagingDestinationName(val string) attribute.KeyValue { + return MessagingDestinationNameKey.String(val) +} + +// MessagingDestinationTemplate returns an attribute KeyValue conforming to +// the "messaging.destination.template" semantic conventions. It represents the +// low cardinality representation of the messaging destination name +func MessagingDestinationTemplate(val string) attribute.KeyValue { + return MessagingDestinationTemplateKey.String(val) +} + +// MessagingDestinationTemporary returns an attribute KeyValue conforming to +// the "messaging.destination.temporary" semantic conventions. It represents a +// boolean that is true if the message destination is temporary and might not +// exist anymore after messages are processed. +func MessagingDestinationTemporary(val bool) attribute.KeyValue { + return MessagingDestinationTemporaryKey.Bool(val) +} + +// MessagingDestinationAnonymous returns an attribute KeyValue conforming to +// the "messaging.destination.anonymous" semantic conventions. It represents a +// boolean that is true if the message destination is anonymous (could be +// unnamed or have auto-generated name). +func MessagingDestinationAnonymous(val bool) attribute.KeyValue { + return MessagingDestinationAnonymousKey.Bool(val) +} + +// Attributes for RabbitMQ +const ( + // MessagingRabbitmqDestinationRoutingKeyKey is the attribute Key + // conforming to the "messaging.rabbitmq.destination.routing_key" semantic + // conventions. It represents the rabbitMQ message routing key. + // + // Type: string + // RequirementLevel: ConditionallyRequired (If not empty.) + // Stability: stable + // Examples: 'myKey' + MessagingRabbitmqDestinationRoutingKeyKey = attribute.Key("messaging.rabbitmq.destination.routing_key") +) + +// MessagingRabbitmqDestinationRoutingKey returns an attribute KeyValue +// conforming to the "messaging.rabbitmq.destination.routing_key" semantic +// conventions. It represents the rabbitMQ message routing key. +func MessagingRabbitmqDestinationRoutingKey(val string) attribute.KeyValue { + return MessagingRabbitmqDestinationRoutingKeyKey.String(val) +} + +// Attributes for Apache Kafka +const ( + // MessagingKafkaMessageKeyKey is the attribute Key conforming to the + // "messaging.kafka.message.key" semantic conventions. It represents the + // message keys in Kafka are used for grouping alike messages to ensure + // they're processed on the same partition. They differ from + // `messaging.message.id` in that they're not unique. If the key is `null`, + // the attribute MUST NOT be set. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'myKey' + // Note: If the key type is not string, it's string representation has to + // be supplied for the attribute. If the key has no unambiguous, canonical + // string form, don't include its value. + MessagingKafkaMessageKeyKey = attribute.Key("messaging.kafka.message.key") + + // MessagingKafkaConsumerGroupKey is the attribute Key conforming to the + // "messaging.kafka.consumer.group" semantic conventions. It represents the + // name of the Kafka Consumer Group that is handling the message. Only + // applies to consumers, not producers. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'my-group' + MessagingKafkaConsumerGroupKey = attribute.Key("messaging.kafka.consumer.group") + + // MessagingKafkaDestinationPartitionKey is the attribute Key conforming to + // the "messaging.kafka.destination.partition" semantic conventions. It + // represents the partition the message is sent to. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 2 + MessagingKafkaDestinationPartitionKey = attribute.Key("messaging.kafka.destination.partition") + + // MessagingKafkaMessageOffsetKey is the attribute Key conforming to the + // "messaging.kafka.message.offset" semantic conventions. It represents the + // offset of a record in the corresponding Kafka partition. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 42 + MessagingKafkaMessageOffsetKey = attribute.Key("messaging.kafka.message.offset") + + // MessagingKafkaMessageTombstoneKey is the attribute Key conforming to the + // "messaging.kafka.message.tombstone" semantic conventions. It represents + // a boolean that is true if the message is a tombstone. + // + // Type: boolean + // RequirementLevel: ConditionallyRequired (If value is `true`. When + // missing, the value is assumed to be `false`.) + // Stability: stable + MessagingKafkaMessageTombstoneKey = attribute.Key("messaging.kafka.message.tombstone") +) + +// MessagingKafkaMessageKey returns an attribute KeyValue conforming to the +// "messaging.kafka.message.key" semantic conventions. It represents the +// message keys in Kafka are used for grouping alike messages to ensure they're +// processed on the same partition. They differ from `messaging.message.id` in +// that they're not unique. If the key is `null`, the attribute MUST NOT be +// set. +func MessagingKafkaMessageKey(val string) attribute.KeyValue { + return MessagingKafkaMessageKeyKey.String(val) +} + +// MessagingKafkaConsumerGroup returns an attribute KeyValue conforming to +// the "messaging.kafka.consumer.group" semantic conventions. It represents the +// name of the Kafka Consumer Group that is handling the message. Only applies +// to consumers, not producers. +func MessagingKafkaConsumerGroup(val string) attribute.KeyValue { + return MessagingKafkaConsumerGroupKey.String(val) +} + +// MessagingKafkaDestinationPartition returns an attribute KeyValue +// conforming to the "messaging.kafka.destination.partition" semantic +// conventions. It represents the partition the message is sent to. +func MessagingKafkaDestinationPartition(val int) attribute.KeyValue { + return MessagingKafkaDestinationPartitionKey.Int(val) +} + +// MessagingKafkaMessageOffset returns an attribute KeyValue conforming to +// the "messaging.kafka.message.offset" semantic conventions. It represents the +// offset of a record in the corresponding Kafka partition. +func MessagingKafkaMessageOffset(val int) attribute.KeyValue { + return MessagingKafkaMessageOffsetKey.Int(val) +} + +// MessagingKafkaMessageTombstone returns an attribute KeyValue conforming +// to the "messaging.kafka.message.tombstone" semantic conventions. It +// represents a boolean that is true if the message is a tombstone. +func MessagingKafkaMessageTombstone(val bool) attribute.KeyValue { + return MessagingKafkaMessageTombstoneKey.Bool(val) +} + +// Attributes for Apache RocketMQ +const ( + // MessagingRocketmqNamespaceKey is the attribute Key conforming to the + // "messaging.rocketmq.namespace" semantic conventions. It represents the + // namespace of RocketMQ resources, resources in different namespaces are + // individual. + // + // Type: string + // RequirementLevel: Required + // Stability: stable + // Examples: 'myNamespace' + MessagingRocketmqNamespaceKey = attribute.Key("messaging.rocketmq.namespace") + + // MessagingRocketmqClientGroupKey is the attribute Key conforming to the + // "messaging.rocketmq.client_group" semantic conventions. It represents + // the name of the RocketMQ producer/consumer group that is handling the + // message. The client type is identified by the SpanKind. + // + // Type: string + // RequirementLevel: Required + // Stability: stable + // Examples: 'myConsumerGroup' + MessagingRocketmqClientGroupKey = attribute.Key("messaging.rocketmq.client_group") + + // MessagingRocketmqMessageDeliveryTimestampKey is the attribute Key + // conforming to the "messaging.rocketmq.message.delivery_timestamp" + // semantic conventions. It represents the timestamp in milliseconds that + // the delay message is expected to be delivered to consumer. + // + // Type: int + // RequirementLevel: ConditionallyRequired (If the message type is delay + // and delay time level is not specified.) + // Stability: stable + // Examples: 1665987217045 + MessagingRocketmqMessageDeliveryTimestampKey = attribute.Key("messaging.rocketmq.message.delivery_timestamp") + + // MessagingRocketmqMessageDelayTimeLevelKey is the attribute Key + // conforming to the "messaging.rocketmq.message.delay_time_level" semantic + // conventions. It represents the delay time level for delay message, which + // determines the message delay time. + // + // Type: int + // RequirementLevel: ConditionallyRequired (If the message type is delay + // and delivery timestamp is not specified.) + // Stability: stable + // Examples: 3 + MessagingRocketmqMessageDelayTimeLevelKey = attribute.Key("messaging.rocketmq.message.delay_time_level") + + // MessagingRocketmqMessageGroupKey is the attribute Key conforming to the + // "messaging.rocketmq.message.group" semantic conventions. It represents + // the it is essential for FIFO message. Messages that belong to the same + // message group are always processed one by one within the same consumer + // group. + // + // Type: string + // RequirementLevel: ConditionallyRequired (If the message type is FIFO.) + // Stability: stable + // Examples: 'myMessageGroup' + MessagingRocketmqMessageGroupKey = attribute.Key("messaging.rocketmq.message.group") + + // MessagingRocketmqMessageTypeKey is the attribute Key conforming to the + // "messaging.rocketmq.message.type" semantic conventions. It represents + // the type of message. + // + // Type: Enum + // RequirementLevel: Optional + // Stability: stable + MessagingRocketmqMessageTypeKey = attribute.Key("messaging.rocketmq.message.type") + + // MessagingRocketmqMessageTagKey is the attribute Key conforming to the + // "messaging.rocketmq.message.tag" semantic conventions. It represents the + // secondary classifier of message besides topic. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'tagA' + MessagingRocketmqMessageTagKey = attribute.Key("messaging.rocketmq.message.tag") + + // MessagingRocketmqMessageKeysKey is the attribute Key conforming to the + // "messaging.rocketmq.message.keys" semantic conventions. It represents + // the key(s) of message, another way to mark message besides message id. + // + // Type: string[] + // RequirementLevel: Optional + // Stability: stable + // Examples: 'keyA', 'keyB' + MessagingRocketmqMessageKeysKey = attribute.Key("messaging.rocketmq.message.keys") + + // MessagingRocketmqConsumptionModelKey is the attribute Key conforming to + // the "messaging.rocketmq.consumption_model" semantic conventions. It + // represents the model of message consumption. This only applies to + // consumer spans. + // + // Type: Enum + // RequirementLevel: Optional + // Stability: stable + MessagingRocketmqConsumptionModelKey = attribute.Key("messaging.rocketmq.consumption_model") +) + +var ( + // Normal message + MessagingRocketmqMessageTypeNormal = MessagingRocketmqMessageTypeKey.String("normal") + // FIFO message + MessagingRocketmqMessageTypeFifo = MessagingRocketmqMessageTypeKey.String("fifo") + // Delay message + MessagingRocketmqMessageTypeDelay = MessagingRocketmqMessageTypeKey.String("delay") + // Transaction message + MessagingRocketmqMessageTypeTransaction = MessagingRocketmqMessageTypeKey.String("transaction") +) + +var ( + // Clustering consumption model + MessagingRocketmqConsumptionModelClustering = MessagingRocketmqConsumptionModelKey.String("clustering") + // Broadcasting consumption model + MessagingRocketmqConsumptionModelBroadcasting = MessagingRocketmqConsumptionModelKey.String("broadcasting") +) + +// MessagingRocketmqNamespace returns an attribute KeyValue conforming to +// the "messaging.rocketmq.namespace" semantic conventions. It represents the +// namespace of RocketMQ resources, resources in different namespaces are +// individual. +func MessagingRocketmqNamespace(val string) attribute.KeyValue { + return MessagingRocketmqNamespaceKey.String(val) +} + +// MessagingRocketmqClientGroup returns an attribute KeyValue conforming to +// the "messaging.rocketmq.client_group" semantic conventions. It represents +// the name of the RocketMQ producer/consumer group that is handling the +// message. The client type is identified by the SpanKind. +func MessagingRocketmqClientGroup(val string) attribute.KeyValue { + return MessagingRocketmqClientGroupKey.String(val) +} + +// MessagingRocketmqMessageDeliveryTimestamp returns an attribute KeyValue +// conforming to the "messaging.rocketmq.message.delivery_timestamp" semantic +// conventions. It represents the timestamp in milliseconds that the delay +// message is expected to be delivered to consumer. +func MessagingRocketmqMessageDeliveryTimestamp(val int) attribute.KeyValue { + return MessagingRocketmqMessageDeliveryTimestampKey.Int(val) +} + +// MessagingRocketmqMessageDelayTimeLevel returns an attribute KeyValue +// conforming to the "messaging.rocketmq.message.delay_time_level" semantic +// conventions. It represents the delay time level for delay message, which +// determines the message delay time. +func MessagingRocketmqMessageDelayTimeLevel(val int) attribute.KeyValue { + return MessagingRocketmqMessageDelayTimeLevelKey.Int(val) +} + +// MessagingRocketmqMessageGroup returns an attribute KeyValue conforming to +// the "messaging.rocketmq.message.group" semantic conventions. It represents +// the it is essential for FIFO message. Messages that belong to the same +// message group are always processed one by one within the same consumer +// group. +func MessagingRocketmqMessageGroup(val string) attribute.KeyValue { + return MessagingRocketmqMessageGroupKey.String(val) +} + +// MessagingRocketmqMessageTag returns an attribute KeyValue conforming to +// the "messaging.rocketmq.message.tag" semantic conventions. It represents the +// secondary classifier of message besides topic. +func MessagingRocketmqMessageTag(val string) attribute.KeyValue { + return MessagingRocketmqMessageTagKey.String(val) +} + +// MessagingRocketmqMessageKeys returns an attribute KeyValue conforming to +// the "messaging.rocketmq.message.keys" semantic conventions. It represents +// the key(s) of message, another way to mark message besides message id. +func MessagingRocketmqMessageKeys(val ...string) attribute.KeyValue { + return MessagingRocketmqMessageKeysKey.StringSlice(val) +} + +// Attributes describing URL. +const ( + // URLSchemeKey is the attribute Key conforming to the "url.scheme" + // semantic conventions. It represents the [URI + // scheme](https://www.rfc-editor.org/rfc/rfc3986#section-3.1) component + // identifying the used protocol. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'https', 'ftp', 'telnet' + URLSchemeKey = attribute.Key("url.scheme") + + // URLFullKey is the attribute Key conforming to the "url.full" semantic + // conventions. It represents the absolute URL describing a network + // resource according to [RFC3986](https://www.rfc-editor.org/rfc/rfc3986) + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'https://www.foo.bar/search?q=OpenTelemetry#SemConv', + // '//localhost' + // Note: For network calls, URL usually has + // `scheme://host[:port][path][?query][#fragment]` format, where the + // fragment is not transmitted over HTTP, but if it is known, it should be + // included nevertheless. + // `url.full` MUST NOT contain credentials passed via URL in form of + // `https://username:password@www.example.com/`. In such case username and + // password should be redacted and attribute's value should be + // `https://REDACTED:REDACTED@www.example.com/`. + // `url.full` SHOULD capture the absolute URL when it is available (or can + // be reconstructed) and SHOULD NOT be validated or modified except for + // sanitizing purposes. + URLFullKey = attribute.Key("url.full") + + // URLPathKey is the attribute Key conforming to the "url.path" semantic + // conventions. It represents the [URI + // path](https://www.rfc-editor.org/rfc/rfc3986#section-3.3) component + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '/search' + // Note: When missing, the value is assumed to be `/` + URLPathKey = attribute.Key("url.path") + + // URLQueryKey is the attribute Key conforming to the "url.query" semantic + // conventions. It represents the [URI + // query](https://www.rfc-editor.org/rfc/rfc3986#section-3.4) component + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'q=OpenTelemetry' + // Note: Sensitive content provided in query string SHOULD be scrubbed when + // instrumentations can identify it. + URLQueryKey = attribute.Key("url.query") + + // URLFragmentKey is the attribute Key conforming to the "url.fragment" + // semantic conventions. It represents the [URI + // fragment](https://www.rfc-editor.org/rfc/rfc3986#section-3.5) component + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'SemConv' + URLFragmentKey = attribute.Key("url.fragment") +) + +// URLScheme returns an attribute KeyValue conforming to the "url.scheme" +// semantic conventions. It represents the [URI +// scheme](https://www.rfc-editor.org/rfc/rfc3986#section-3.1) component +// identifying the used protocol. +func URLScheme(val string) attribute.KeyValue { + return URLSchemeKey.String(val) +} + +// URLFull returns an attribute KeyValue conforming to the "url.full" +// semantic conventions. It represents the absolute URL describing a network +// resource according to [RFC3986](https://www.rfc-editor.org/rfc/rfc3986) +func URLFull(val string) attribute.KeyValue { + return URLFullKey.String(val) +} + +// URLPath returns an attribute KeyValue conforming to the "url.path" +// semantic conventions. It represents the [URI +// path](https://www.rfc-editor.org/rfc/rfc3986#section-3.3) component +func URLPath(val string) attribute.KeyValue { + return URLPathKey.String(val) +} + +// URLQuery returns an attribute KeyValue conforming to the "url.query" +// semantic conventions. It represents the [URI +// query](https://www.rfc-editor.org/rfc/rfc3986#section-3.4) component +func URLQuery(val string) attribute.KeyValue { + return URLQueryKey.String(val) +} + +// URLFragment returns an attribute KeyValue conforming to the +// "url.fragment" semantic conventions. It represents the [URI +// fragment](https://www.rfc-editor.org/rfc/rfc3986#section-3.5) component +func URLFragment(val string) attribute.KeyValue { + return URLFragmentKey.String(val) +} + +// Describes user-agent attributes. +const ( + // UserAgentOriginalKey is the attribute Key conforming to the + // "user_agent.original" semantic conventions. It represents the value of + // the [HTTP + // User-Agent](https://www.rfc-editor.org/rfc/rfc9110.html#field.user-agent) + // header sent by the client. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'CERN-LineMode/2.15 libwww/2.17b3' + UserAgentOriginalKey = attribute.Key("user_agent.original") +) + +// UserAgentOriginal returns an attribute KeyValue conforming to the +// "user_agent.original" semantic conventions. It represents the value of the +// [HTTP +// User-Agent](https://www.rfc-editor.org/rfc/rfc9110.html#field.user-agent) +// header sent by the client. +func UserAgentOriginal(val string) attribute.KeyValue { + return UserAgentOriginalKey.String(val) +} diff --git a/vendor/go.opentelemetry.io/otel/semconv/v1.21.0/doc.go b/vendor/go.opentelemetry.io/otel/semconv/v1.21.0/doc.go new file mode 100644 index 000000000..7cf424855 --- /dev/null +++ b/vendor/go.opentelemetry.io/otel/semconv/v1.21.0/doc.go @@ -0,0 +1,20 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Package semconv implements OpenTelemetry semantic conventions. +// +// OpenTelemetry semantic conventions are agreed standardized naming +// patterns for OpenTelemetry things. This package represents the conventions +// as of the v1.21.0 version of the OpenTelemetry specification. +package semconv // import "go.opentelemetry.io/otel/semconv/v1.21.0" diff --git a/vendor/go.opentelemetry.io/otel/semconv/v1.21.0/event.go b/vendor/go.opentelemetry.io/otel/semconv/v1.21.0/event.go new file mode 100644 index 000000000..30ae34fe4 --- /dev/null +++ b/vendor/go.opentelemetry.io/otel/semconv/v1.21.0/event.go @@ -0,0 +1,199 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated from semantic convention specification. DO NOT EDIT. + +package semconv // import "go.opentelemetry.io/otel/semconv/v1.21.0" + +import "go.opentelemetry.io/otel/attribute" + +// This semantic convention defines the attributes used to represent a feature +// flag evaluation as an event. +const ( + // FeatureFlagKeyKey is the attribute Key conforming to the + // "feature_flag.key" semantic conventions. It represents the unique + // identifier of the feature flag. + // + // Type: string + // RequirementLevel: Required + // Stability: stable + // Examples: 'logo-color' + FeatureFlagKeyKey = attribute.Key("feature_flag.key") + + // FeatureFlagProviderNameKey is the attribute Key conforming to the + // "feature_flag.provider_name" semantic conventions. It represents the + // name of the service provider that performs the flag evaluation. + // + // Type: string + // RequirementLevel: Recommended + // Stability: stable + // Examples: 'Flag Manager' + FeatureFlagProviderNameKey = attribute.Key("feature_flag.provider_name") + + // FeatureFlagVariantKey is the attribute Key conforming to the + // "feature_flag.variant" semantic conventions. It represents the sHOULD be + // a semantic identifier for a value. If one is unavailable, a stringified + // version of the value can be used. + // + // Type: string + // RequirementLevel: Recommended + // Stability: stable + // Examples: 'red', 'true', 'on' + // Note: A semantic identifier, commonly referred to as a variant, provides + // a means + // for referring to a value without including the value itself. This can + // provide additional context for understanding the meaning behind a value. + // For example, the variant `red` maybe be used for the value `#c05543`. + // + // A stringified version of the value can be used in situations where a + // semantic identifier is unavailable. String representation of the value + // should be determined by the implementer. + FeatureFlagVariantKey = attribute.Key("feature_flag.variant") +) + +// FeatureFlagKey returns an attribute KeyValue conforming to the +// "feature_flag.key" semantic conventions. It represents the unique identifier +// of the feature flag. +func FeatureFlagKey(val string) attribute.KeyValue { + return FeatureFlagKeyKey.String(val) +} + +// FeatureFlagProviderName returns an attribute KeyValue conforming to the +// "feature_flag.provider_name" semantic conventions. It represents the name of +// the service provider that performs the flag evaluation. +func FeatureFlagProviderName(val string) attribute.KeyValue { + return FeatureFlagProviderNameKey.String(val) +} + +// FeatureFlagVariant returns an attribute KeyValue conforming to the +// "feature_flag.variant" semantic conventions. It represents the sHOULD be a +// semantic identifier for a value. If one is unavailable, a stringified +// version of the value can be used. +func FeatureFlagVariant(val string) attribute.KeyValue { + return FeatureFlagVariantKey.String(val) +} + +// RPC received/sent message. +const ( + // MessageTypeKey is the attribute Key conforming to the "message.type" + // semantic conventions. It represents the whether this is a received or + // sent message. + // + // Type: Enum + // RequirementLevel: Optional + // Stability: stable + MessageTypeKey = attribute.Key("message.type") + + // MessageIDKey is the attribute Key conforming to the "message.id" + // semantic conventions. It represents the mUST be calculated as two + // different counters starting from `1` one for sent messages and one for + // received message. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Note: This way we guarantee that the values will be consistent between + // different implementations. + MessageIDKey = attribute.Key("message.id") + + // MessageCompressedSizeKey is the attribute Key conforming to the + // "message.compressed_size" semantic conventions. It represents the + // compressed size of the message in bytes. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + MessageCompressedSizeKey = attribute.Key("message.compressed_size") + + // MessageUncompressedSizeKey is the attribute Key conforming to the + // "message.uncompressed_size" semantic conventions. It represents the + // uncompressed size of the message in bytes. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + MessageUncompressedSizeKey = attribute.Key("message.uncompressed_size") +) + +var ( + // sent + MessageTypeSent = MessageTypeKey.String("SENT") + // received + MessageTypeReceived = MessageTypeKey.String("RECEIVED") +) + +// MessageID returns an attribute KeyValue conforming to the "message.id" +// semantic conventions. It represents the mUST be calculated as two different +// counters starting from `1` one for sent messages and one for received +// message. +func MessageID(val int) attribute.KeyValue { + return MessageIDKey.Int(val) +} + +// MessageCompressedSize returns an attribute KeyValue conforming to the +// "message.compressed_size" semantic conventions. It represents the compressed +// size of the message in bytes. +func MessageCompressedSize(val int) attribute.KeyValue { + return MessageCompressedSizeKey.Int(val) +} + +// MessageUncompressedSize returns an attribute KeyValue conforming to the +// "message.uncompressed_size" semantic conventions. It represents the +// uncompressed size of the message in bytes. +func MessageUncompressedSize(val int) attribute.KeyValue { + return MessageUncompressedSizeKey.Int(val) +} + +// The attributes used to report a single exception associated with a span. +const ( + // ExceptionEscapedKey is the attribute Key conforming to the + // "exception.escaped" semantic conventions. It represents the sHOULD be + // set to true if the exception event is recorded at a point where it is + // known that the exception is escaping the scope of the span. + // + // Type: boolean + // RequirementLevel: Optional + // Stability: stable + // Note: An exception is considered to have escaped (or left) the scope of + // a span, + // if that span is ended while the exception is still logically "in + // flight". + // This may be actually "in flight" in some languages (e.g. if the + // exception + // is passed to a Context manager's `__exit__` method in Python) but will + // usually be caught at the point of recording the exception in most + // languages. + // + // It is usually not possible to determine at the point where an exception + // is thrown + // whether it will escape the scope of a span. + // However, it is trivial to know that an exception + // will escape, if one checks for an active exception just before ending + // the span, + // as done in the [example above](#recording-an-exception). + // + // It follows that an exception may still escape the scope of the span + // even if the `exception.escaped` attribute was not set or set to false, + // since the event might have been recorded at a time where it was not + // clear whether the exception will escape. + ExceptionEscapedKey = attribute.Key("exception.escaped") +) + +// ExceptionEscaped returns an attribute KeyValue conforming to the +// "exception.escaped" semantic conventions. It represents the sHOULD be set to +// true if the exception event is recorded at a point where it is known that +// the exception is escaping the scope of the span. +func ExceptionEscaped(val bool) attribute.KeyValue { + return ExceptionEscapedKey.Bool(val) +} diff --git a/vendor/go.opentelemetry.io/otel/semconv/v1.21.0/exception.go b/vendor/go.opentelemetry.io/otel/semconv/v1.21.0/exception.go new file mode 100644 index 000000000..93d3c1760 --- /dev/null +++ b/vendor/go.opentelemetry.io/otel/semconv/v1.21.0/exception.go @@ -0,0 +1,20 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package semconv // import "go.opentelemetry.io/otel/semconv/v1.21.0" + +const ( + // ExceptionEventName is the name of the Span event representing an exception. + ExceptionEventName = "exception" +) diff --git a/vendor/go.opentelemetry.io/otel/semconv/v1.21.0/resource.go b/vendor/go.opentelemetry.io/otel/semconv/v1.21.0/resource.go new file mode 100644 index 000000000..b6d8935cf --- /dev/null +++ b/vendor/go.opentelemetry.io/otel/semconv/v1.21.0/resource.go @@ -0,0 +1,2310 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated from semantic convention specification. DO NOT EDIT. + +package semconv // import "go.opentelemetry.io/otel/semconv/v1.21.0" + +import "go.opentelemetry.io/otel/attribute" + +// The web browser in which the application represented by the resource is +// running. The `browser.*` attributes MUST be used only for resources that +// represent applications running in a web browser (regardless of whether +// running on a mobile or desktop device). +const ( + // BrowserBrandsKey is the attribute Key conforming to the "browser.brands" + // semantic conventions. It represents the array of brand name and version + // separated by a space + // + // Type: string[] + // RequirementLevel: Optional + // Stability: stable + // Examples: ' Not A;Brand 99', 'Chromium 99', 'Chrome 99' + // Note: This value is intended to be taken from the [UA client hints + // API](https://wicg.github.io/ua-client-hints/#interface) + // (`navigator.userAgentData.brands`). + BrowserBrandsKey = attribute.Key("browser.brands") + + // BrowserPlatformKey is the attribute Key conforming to the + // "browser.platform" semantic conventions. It represents the platform on + // which the browser is running + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'Windows', 'macOS', 'Android' + // Note: This value is intended to be taken from the [UA client hints + // API](https://wicg.github.io/ua-client-hints/#interface) + // (`navigator.userAgentData.platform`). If unavailable, the legacy + // `navigator.platform` API SHOULD NOT be used instead and this attribute + // SHOULD be left unset in order for the values to be consistent. + // The list of possible values is defined in the [W3C User-Agent Client + // Hints + // specification](https://wicg.github.io/ua-client-hints/#sec-ch-ua-platform). + // Note that some (but not all) of these values can overlap with values in + // the [`os.type` and `os.name` attributes](./os.md). However, for + // consistency, the values in the `browser.platform` attribute should + // capture the exact value that the user agent provides. + BrowserPlatformKey = attribute.Key("browser.platform") + + // BrowserMobileKey is the attribute Key conforming to the "browser.mobile" + // semantic conventions. It represents a boolean that is true if the + // browser is running on a mobile device + // + // Type: boolean + // RequirementLevel: Optional + // Stability: stable + // Note: This value is intended to be taken from the [UA client hints + // API](https://wicg.github.io/ua-client-hints/#interface) + // (`navigator.userAgentData.mobile`). If unavailable, this attribute + // SHOULD be left unset. + BrowserMobileKey = attribute.Key("browser.mobile") + + // BrowserLanguageKey is the attribute Key conforming to the + // "browser.language" semantic conventions. It represents the preferred + // language of the user using the browser + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'en', 'en-US', 'fr', 'fr-FR' + // Note: This value is intended to be taken from the Navigator API + // `navigator.language`. + BrowserLanguageKey = attribute.Key("browser.language") +) + +// BrowserBrands returns an attribute KeyValue conforming to the +// "browser.brands" semantic conventions. It represents the array of brand name +// and version separated by a space +func BrowserBrands(val ...string) attribute.KeyValue { + return BrowserBrandsKey.StringSlice(val) +} + +// BrowserPlatform returns an attribute KeyValue conforming to the +// "browser.platform" semantic conventions. It represents the platform on which +// the browser is running +func BrowserPlatform(val string) attribute.KeyValue { + return BrowserPlatformKey.String(val) +} + +// BrowserMobile returns an attribute KeyValue conforming to the +// "browser.mobile" semantic conventions. It represents a boolean that is true +// if the browser is running on a mobile device +func BrowserMobile(val bool) attribute.KeyValue { + return BrowserMobileKey.Bool(val) +} + +// BrowserLanguage returns an attribute KeyValue conforming to the +// "browser.language" semantic conventions. It represents the preferred +// language of the user using the browser +func BrowserLanguage(val string) attribute.KeyValue { + return BrowserLanguageKey.String(val) +} + +// A cloud environment (e.g. GCP, Azure, AWS) +const ( + // CloudProviderKey is the attribute Key conforming to the "cloud.provider" + // semantic conventions. It represents the name of the cloud provider. + // + // Type: Enum + // RequirementLevel: Optional + // Stability: stable + CloudProviderKey = attribute.Key("cloud.provider") + + // CloudAccountIDKey is the attribute Key conforming to the + // "cloud.account.id" semantic conventions. It represents the cloud account + // ID the resource is assigned to. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '111111111111', 'opentelemetry' + CloudAccountIDKey = attribute.Key("cloud.account.id") + + // CloudRegionKey is the attribute Key conforming to the "cloud.region" + // semantic conventions. It represents the geographical region the resource + // is running. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'us-central1', 'us-east-1' + // Note: Refer to your provider's docs to see the available regions, for + // example [Alibaba Cloud + // regions](https://www.alibabacloud.com/help/doc-detail/40654.htm), [AWS + // regions](https://aws.amazon.com/about-aws/global-infrastructure/regions_az/), + // [Azure + // regions](https://azure.microsoft.com/en-us/global-infrastructure/geographies/), + // [Google Cloud regions](https://cloud.google.com/about/locations), or + // [Tencent Cloud + // regions](https://www.tencentcloud.com/document/product/213/6091). + CloudRegionKey = attribute.Key("cloud.region") + + // CloudResourceIDKey is the attribute Key conforming to the + // "cloud.resource_id" semantic conventions. It represents the cloud + // provider-specific native identifier of the monitored cloud resource + // (e.g. an + // [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // on AWS, a [fully qualified resource + // ID](https://learn.microsoft.com/en-us/rest/api/resources/resources/get-by-id) + // on Azure, a [full resource + // name](https://cloud.google.com/apis/design/resource_names#full_resource_name) + // on GCP) + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'arn:aws:lambda:REGION:ACCOUNT_ID:function:my-function', + // '//run.googleapis.com/projects/PROJECT_ID/locations/LOCATION_ID/services/SERVICE_ID', + // '/subscriptions//resourceGroups//providers/Microsoft.Web/sites//functions/' + // Note: On some cloud providers, it may not be possible to determine the + // full ID at startup, + // so it may be necessary to set `cloud.resource_id` as a span attribute + // instead. + // + // The exact value to use for `cloud.resource_id` depends on the cloud + // provider. + // The following well-known definitions MUST be used if you set this + // attribute and they apply: + // + // * **AWS Lambda:** The function + // [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html). + // Take care not to use the "invoked ARN" directly but replace any + // [alias + // suffix](https://docs.aws.amazon.com/lambda/latest/dg/configuration-aliases.html) + // with the resolved function version, as the same runtime instance may + // be invokable with + // multiple different aliases. + // * **GCP:** The [URI of the + // resource](https://cloud.google.com/iam/docs/full-resource-names) + // * **Azure:** The [Fully Qualified Resource + // ID](https://docs.microsoft.com/en-us/rest/api/resources/resources/get-by-id) + // of the invoked function, + // *not* the function app, having the form + // `/subscriptions//resourceGroups//providers/Microsoft.Web/sites//functions/`. + // This means that a span attribute MUST be used, as an Azure function + // app can host multiple functions that would usually share + // a TracerProvider. + CloudResourceIDKey = attribute.Key("cloud.resource_id") + + // CloudAvailabilityZoneKey is the attribute Key conforming to the + // "cloud.availability_zone" semantic conventions. It represents the cloud + // regions often have multiple, isolated locations known as zones to + // increase availability. Availability zone represents the zone where the + // resource is running. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'us-east-1c' + // Note: Availability zones are called "zones" on Alibaba Cloud and Google + // Cloud. + CloudAvailabilityZoneKey = attribute.Key("cloud.availability_zone") + + // CloudPlatformKey is the attribute Key conforming to the "cloud.platform" + // semantic conventions. It represents the cloud platform in use. + // + // Type: Enum + // RequirementLevel: Optional + // Stability: stable + // Note: The prefix of the service SHOULD match the one specified in + // `cloud.provider`. + CloudPlatformKey = attribute.Key("cloud.platform") +) + +var ( + // Alibaba Cloud + CloudProviderAlibabaCloud = CloudProviderKey.String("alibaba_cloud") + // Amazon Web Services + CloudProviderAWS = CloudProviderKey.String("aws") + // Microsoft Azure + CloudProviderAzure = CloudProviderKey.String("azure") + // Google Cloud Platform + CloudProviderGCP = CloudProviderKey.String("gcp") + // Heroku Platform as a Service + CloudProviderHeroku = CloudProviderKey.String("heroku") + // IBM Cloud + CloudProviderIbmCloud = CloudProviderKey.String("ibm_cloud") + // Tencent Cloud + CloudProviderTencentCloud = CloudProviderKey.String("tencent_cloud") +) + +var ( + // Alibaba Cloud Elastic Compute Service + CloudPlatformAlibabaCloudECS = CloudPlatformKey.String("alibaba_cloud_ecs") + // Alibaba Cloud Function Compute + CloudPlatformAlibabaCloudFc = CloudPlatformKey.String("alibaba_cloud_fc") + // Red Hat OpenShift on Alibaba Cloud + CloudPlatformAlibabaCloudOpenshift = CloudPlatformKey.String("alibaba_cloud_openshift") + // AWS Elastic Compute Cloud + CloudPlatformAWSEC2 = CloudPlatformKey.String("aws_ec2") + // AWS Elastic Container Service + CloudPlatformAWSECS = CloudPlatformKey.String("aws_ecs") + // AWS Elastic Kubernetes Service + CloudPlatformAWSEKS = CloudPlatformKey.String("aws_eks") + // AWS Lambda + CloudPlatformAWSLambda = CloudPlatformKey.String("aws_lambda") + // AWS Elastic Beanstalk + CloudPlatformAWSElasticBeanstalk = CloudPlatformKey.String("aws_elastic_beanstalk") + // AWS App Runner + CloudPlatformAWSAppRunner = CloudPlatformKey.String("aws_app_runner") + // Red Hat OpenShift on AWS (ROSA) + CloudPlatformAWSOpenshift = CloudPlatformKey.String("aws_openshift") + // Azure Virtual Machines + CloudPlatformAzureVM = CloudPlatformKey.String("azure_vm") + // Azure Container Instances + CloudPlatformAzureContainerInstances = CloudPlatformKey.String("azure_container_instances") + // Azure Kubernetes Service + CloudPlatformAzureAKS = CloudPlatformKey.String("azure_aks") + // Azure Functions + CloudPlatformAzureFunctions = CloudPlatformKey.String("azure_functions") + // Azure App Service + CloudPlatformAzureAppService = CloudPlatformKey.String("azure_app_service") + // Azure Red Hat OpenShift + CloudPlatformAzureOpenshift = CloudPlatformKey.String("azure_openshift") + // Google Bare Metal Solution (BMS) + CloudPlatformGCPBareMetalSolution = CloudPlatformKey.String("gcp_bare_metal_solution") + // Google Cloud Compute Engine (GCE) + CloudPlatformGCPComputeEngine = CloudPlatformKey.String("gcp_compute_engine") + // Google Cloud Run + CloudPlatformGCPCloudRun = CloudPlatformKey.String("gcp_cloud_run") + // Google Cloud Kubernetes Engine (GKE) + CloudPlatformGCPKubernetesEngine = CloudPlatformKey.String("gcp_kubernetes_engine") + // Google Cloud Functions (GCF) + CloudPlatformGCPCloudFunctions = CloudPlatformKey.String("gcp_cloud_functions") + // Google Cloud App Engine (GAE) + CloudPlatformGCPAppEngine = CloudPlatformKey.String("gcp_app_engine") + // Red Hat OpenShift on Google Cloud + CloudPlatformGCPOpenshift = CloudPlatformKey.String("gcp_openshift") + // Red Hat OpenShift on IBM Cloud + CloudPlatformIbmCloudOpenshift = CloudPlatformKey.String("ibm_cloud_openshift") + // Tencent Cloud Cloud Virtual Machine (CVM) + CloudPlatformTencentCloudCvm = CloudPlatformKey.String("tencent_cloud_cvm") + // Tencent Cloud Elastic Kubernetes Service (EKS) + CloudPlatformTencentCloudEKS = CloudPlatformKey.String("tencent_cloud_eks") + // Tencent Cloud Serverless Cloud Function (SCF) + CloudPlatformTencentCloudScf = CloudPlatformKey.String("tencent_cloud_scf") +) + +// CloudAccountID returns an attribute KeyValue conforming to the +// "cloud.account.id" semantic conventions. It represents the cloud account ID +// the resource is assigned to. +func CloudAccountID(val string) attribute.KeyValue { + return CloudAccountIDKey.String(val) +} + +// CloudRegion returns an attribute KeyValue conforming to the +// "cloud.region" semantic conventions. It represents the geographical region +// the resource is running. +func CloudRegion(val string) attribute.KeyValue { + return CloudRegionKey.String(val) +} + +// CloudResourceID returns an attribute KeyValue conforming to the +// "cloud.resource_id" semantic conventions. It represents the cloud +// provider-specific native identifier of the monitored cloud resource (e.g. an +// [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) +// on AWS, a [fully qualified resource +// ID](https://learn.microsoft.com/en-us/rest/api/resources/resources/get-by-id) +// on Azure, a [full resource +// name](https://cloud.google.com/apis/design/resource_names#full_resource_name) +// on GCP) +func CloudResourceID(val string) attribute.KeyValue { + return CloudResourceIDKey.String(val) +} + +// CloudAvailabilityZone returns an attribute KeyValue conforming to the +// "cloud.availability_zone" semantic conventions. It represents the cloud +// regions often have multiple, isolated locations known as zones to increase +// availability. Availability zone represents the zone where the resource is +// running. +func CloudAvailabilityZone(val string) attribute.KeyValue { + return CloudAvailabilityZoneKey.String(val) +} + +// Resources used by AWS Elastic Container Service (ECS). +const ( + // AWSECSContainerARNKey is the attribute Key conforming to the + // "aws.ecs.container.arn" semantic conventions. It represents the Amazon + // Resource Name (ARN) of an [ECS container + // instance](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ECS_instances.html). + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: + // 'arn:aws:ecs:us-west-1:123456789123:container/32624152-9086-4f0e-acae-1a75b14fe4d9' + AWSECSContainerARNKey = attribute.Key("aws.ecs.container.arn") + + // AWSECSClusterARNKey is the attribute Key conforming to the + // "aws.ecs.cluster.arn" semantic conventions. It represents the ARN of an + // [ECS + // cluster](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/clusters.html). + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'arn:aws:ecs:us-west-2:123456789123:cluster/my-cluster' + AWSECSClusterARNKey = attribute.Key("aws.ecs.cluster.arn") + + // AWSECSLaunchtypeKey is the attribute Key conforming to the + // "aws.ecs.launchtype" semantic conventions. It represents the [launch + // type](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) + // for an ECS task. + // + // Type: Enum + // RequirementLevel: Optional + // Stability: stable + AWSECSLaunchtypeKey = attribute.Key("aws.ecs.launchtype") + + // AWSECSTaskARNKey is the attribute Key conforming to the + // "aws.ecs.task.arn" semantic conventions. It represents the ARN of an + // [ECS task + // definition](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definitions.html). + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: + // 'arn:aws:ecs:us-west-1:123456789123:task/10838bed-421f-43ef-870a-f43feacbbb5b' + AWSECSTaskARNKey = attribute.Key("aws.ecs.task.arn") + + // AWSECSTaskFamilyKey is the attribute Key conforming to the + // "aws.ecs.task.family" semantic conventions. It represents the task + // definition family this task definition is a member of. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'opentelemetry-family' + AWSECSTaskFamilyKey = attribute.Key("aws.ecs.task.family") + + // AWSECSTaskRevisionKey is the attribute Key conforming to the + // "aws.ecs.task.revision" semantic conventions. It represents the revision + // for this task definition. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '8', '26' + AWSECSTaskRevisionKey = attribute.Key("aws.ecs.task.revision") +) + +var ( + // ec2 + AWSECSLaunchtypeEC2 = AWSECSLaunchtypeKey.String("ec2") + // fargate + AWSECSLaunchtypeFargate = AWSECSLaunchtypeKey.String("fargate") +) + +// AWSECSContainerARN returns an attribute KeyValue conforming to the +// "aws.ecs.container.arn" semantic conventions. It represents the Amazon +// Resource Name (ARN) of an [ECS container +// instance](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ECS_instances.html). +func AWSECSContainerARN(val string) attribute.KeyValue { + return AWSECSContainerARNKey.String(val) +} + +// AWSECSClusterARN returns an attribute KeyValue conforming to the +// "aws.ecs.cluster.arn" semantic conventions. It represents the ARN of an [ECS +// cluster](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/clusters.html). +func AWSECSClusterARN(val string) attribute.KeyValue { + return AWSECSClusterARNKey.String(val) +} + +// AWSECSTaskARN returns an attribute KeyValue conforming to the +// "aws.ecs.task.arn" semantic conventions. It represents the ARN of an [ECS +// task +// definition](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definitions.html). +func AWSECSTaskARN(val string) attribute.KeyValue { + return AWSECSTaskARNKey.String(val) +} + +// AWSECSTaskFamily returns an attribute KeyValue conforming to the +// "aws.ecs.task.family" semantic conventions. It represents the task +// definition family this task definition is a member of. +func AWSECSTaskFamily(val string) attribute.KeyValue { + return AWSECSTaskFamilyKey.String(val) +} + +// AWSECSTaskRevision returns an attribute KeyValue conforming to the +// "aws.ecs.task.revision" semantic conventions. It represents the revision for +// this task definition. +func AWSECSTaskRevision(val string) attribute.KeyValue { + return AWSECSTaskRevisionKey.String(val) +} + +// Resources used by AWS Elastic Kubernetes Service (EKS). +const ( + // AWSEKSClusterARNKey is the attribute Key conforming to the + // "aws.eks.cluster.arn" semantic conventions. It represents the ARN of an + // EKS cluster. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'arn:aws:ecs:us-west-2:123456789123:cluster/my-cluster' + AWSEKSClusterARNKey = attribute.Key("aws.eks.cluster.arn") +) + +// AWSEKSClusterARN returns an attribute KeyValue conforming to the +// "aws.eks.cluster.arn" semantic conventions. It represents the ARN of an EKS +// cluster. +func AWSEKSClusterARN(val string) attribute.KeyValue { + return AWSEKSClusterARNKey.String(val) +} + +// Resources specific to Amazon Web Services. +const ( + // AWSLogGroupNamesKey is the attribute Key conforming to the + // "aws.log.group.names" semantic conventions. It represents the name(s) of + // the AWS log group(s) an application is writing to. + // + // Type: string[] + // RequirementLevel: Optional + // Stability: stable + // Examples: '/aws/lambda/my-function', 'opentelemetry-service' + // Note: Multiple log groups must be supported for cases like + // multi-container applications, where a single application has sidecar + // containers, and each write to their own log group. + AWSLogGroupNamesKey = attribute.Key("aws.log.group.names") + + // AWSLogGroupARNsKey is the attribute Key conforming to the + // "aws.log.group.arns" semantic conventions. It represents the Amazon + // Resource Name(s) (ARN) of the AWS log group(s). + // + // Type: string[] + // RequirementLevel: Optional + // Stability: stable + // Examples: + // 'arn:aws:logs:us-west-1:123456789012:log-group:/aws/my/group:*' + // Note: See the [log group ARN format + // documentation](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/iam-access-control-overview-cwl.html#CWL_ARN_Format). + AWSLogGroupARNsKey = attribute.Key("aws.log.group.arns") + + // AWSLogStreamNamesKey is the attribute Key conforming to the + // "aws.log.stream.names" semantic conventions. It represents the name(s) + // of the AWS log stream(s) an application is writing to. + // + // Type: string[] + // RequirementLevel: Optional + // Stability: stable + // Examples: 'logs/main/10838bed-421f-43ef-870a-f43feacbbb5b' + AWSLogStreamNamesKey = attribute.Key("aws.log.stream.names") + + // AWSLogStreamARNsKey is the attribute Key conforming to the + // "aws.log.stream.arns" semantic conventions. It represents the ARN(s) of + // the AWS log stream(s). + // + // Type: string[] + // RequirementLevel: Optional + // Stability: stable + // Examples: + // 'arn:aws:logs:us-west-1:123456789012:log-group:/aws/my/group:log-stream:logs/main/10838bed-421f-43ef-870a-f43feacbbb5b' + // Note: See the [log stream ARN format + // documentation](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/iam-access-control-overview-cwl.html#CWL_ARN_Format). + // One log group can contain several log streams, so these ARNs necessarily + // identify both a log group and a log stream. + AWSLogStreamARNsKey = attribute.Key("aws.log.stream.arns") +) + +// AWSLogGroupNames returns an attribute KeyValue conforming to the +// "aws.log.group.names" semantic conventions. It represents the name(s) of the +// AWS log group(s) an application is writing to. +func AWSLogGroupNames(val ...string) attribute.KeyValue { + return AWSLogGroupNamesKey.StringSlice(val) +} + +// AWSLogGroupARNs returns an attribute KeyValue conforming to the +// "aws.log.group.arns" semantic conventions. It represents the Amazon Resource +// Name(s) (ARN) of the AWS log group(s). +func AWSLogGroupARNs(val ...string) attribute.KeyValue { + return AWSLogGroupARNsKey.StringSlice(val) +} + +// AWSLogStreamNames returns an attribute KeyValue conforming to the +// "aws.log.stream.names" semantic conventions. It represents the name(s) of +// the AWS log stream(s) an application is writing to. +func AWSLogStreamNames(val ...string) attribute.KeyValue { + return AWSLogStreamNamesKey.StringSlice(val) +} + +// AWSLogStreamARNs returns an attribute KeyValue conforming to the +// "aws.log.stream.arns" semantic conventions. It represents the ARN(s) of the +// AWS log stream(s). +func AWSLogStreamARNs(val ...string) attribute.KeyValue { + return AWSLogStreamARNsKey.StringSlice(val) +} + +// Resource used by Google Cloud Run. +const ( + // GCPCloudRunJobExecutionKey is the attribute Key conforming to the + // "gcp.cloud_run.job.execution" semantic conventions. It represents the + // name of the Cloud Run + // [execution](https://cloud.google.com/run/docs/managing/job-executions) + // being run for the Job, as set by the + // [`CLOUD_RUN_EXECUTION`](https://cloud.google.com/run/docs/container-contract#jobs-env-vars) + // environment variable. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'job-name-xxxx', 'sample-job-mdw84' + GCPCloudRunJobExecutionKey = attribute.Key("gcp.cloud_run.job.execution") + + // GCPCloudRunJobTaskIndexKey is the attribute Key conforming to the + // "gcp.cloud_run.job.task_index" semantic conventions. It represents the + // index for a task within an execution as provided by the + // [`CLOUD_RUN_TASK_INDEX`](https://cloud.google.com/run/docs/container-contract#jobs-env-vars) + // environment variable. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 0, 1 + GCPCloudRunJobTaskIndexKey = attribute.Key("gcp.cloud_run.job.task_index") +) + +// GCPCloudRunJobExecution returns an attribute KeyValue conforming to the +// "gcp.cloud_run.job.execution" semantic conventions. It represents the name +// of the Cloud Run +// [execution](https://cloud.google.com/run/docs/managing/job-executions) being +// run for the Job, as set by the +// [`CLOUD_RUN_EXECUTION`](https://cloud.google.com/run/docs/container-contract#jobs-env-vars) +// environment variable. +func GCPCloudRunJobExecution(val string) attribute.KeyValue { + return GCPCloudRunJobExecutionKey.String(val) +} + +// GCPCloudRunJobTaskIndex returns an attribute KeyValue conforming to the +// "gcp.cloud_run.job.task_index" semantic conventions. It represents the index +// for a task within an execution as provided by the +// [`CLOUD_RUN_TASK_INDEX`](https://cloud.google.com/run/docs/container-contract#jobs-env-vars) +// environment variable. +func GCPCloudRunJobTaskIndex(val int) attribute.KeyValue { + return GCPCloudRunJobTaskIndexKey.Int(val) +} + +// Resources used by Google Compute Engine (GCE). +const ( + // GCPGceInstanceNameKey is the attribute Key conforming to the + // "gcp.gce.instance.name" semantic conventions. It represents the instance + // name of a GCE instance. This is the value provided by `host.name`, the + // visible name of the instance in the Cloud Console UI, and the prefix for + // the default hostname of the instance as defined by the [default internal + // DNS + // name](https://cloud.google.com/compute/docs/internal-dns#instance-fully-qualified-domain-names). + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'instance-1', 'my-vm-name' + GCPGceInstanceNameKey = attribute.Key("gcp.gce.instance.name") + + // GCPGceInstanceHostnameKey is the attribute Key conforming to the + // "gcp.gce.instance.hostname" semantic conventions. It represents the + // hostname of a GCE instance. This is the full value of the default or + // [custom + // hostname](https://cloud.google.com/compute/docs/instances/custom-hostname-vm). + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'my-host1234.example.com', + // 'sample-vm.us-west1-b.c.my-project.internal' + GCPGceInstanceHostnameKey = attribute.Key("gcp.gce.instance.hostname") +) + +// GCPGceInstanceName returns an attribute KeyValue conforming to the +// "gcp.gce.instance.name" semantic conventions. It represents the instance +// name of a GCE instance. This is the value provided by `host.name`, the +// visible name of the instance in the Cloud Console UI, and the prefix for the +// default hostname of the instance as defined by the [default internal DNS +// name](https://cloud.google.com/compute/docs/internal-dns#instance-fully-qualified-domain-names). +func GCPGceInstanceName(val string) attribute.KeyValue { + return GCPGceInstanceNameKey.String(val) +} + +// GCPGceInstanceHostname returns an attribute KeyValue conforming to the +// "gcp.gce.instance.hostname" semantic conventions. It represents the hostname +// of a GCE instance. This is the full value of the default or [custom +// hostname](https://cloud.google.com/compute/docs/instances/custom-hostname-vm). +func GCPGceInstanceHostname(val string) attribute.KeyValue { + return GCPGceInstanceHostnameKey.String(val) +} + +// Heroku dyno metadata +const ( + // HerokuReleaseCreationTimestampKey is the attribute Key conforming to the + // "heroku.release.creation_timestamp" semantic conventions. It represents + // the time and date the release was created + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '2022-10-23T18:00:42Z' + HerokuReleaseCreationTimestampKey = attribute.Key("heroku.release.creation_timestamp") + + // HerokuReleaseCommitKey is the attribute Key conforming to the + // "heroku.release.commit" semantic conventions. It represents the commit + // hash for the current release + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'e6134959463efd8966b20e75b913cafe3f5ec' + HerokuReleaseCommitKey = attribute.Key("heroku.release.commit") + + // HerokuAppIDKey is the attribute Key conforming to the "heroku.app.id" + // semantic conventions. It represents the unique identifier for the + // application + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '2daa2797-e42b-4624-9322-ec3f968df4da' + HerokuAppIDKey = attribute.Key("heroku.app.id") +) + +// HerokuReleaseCreationTimestamp returns an attribute KeyValue conforming +// to the "heroku.release.creation_timestamp" semantic conventions. It +// represents the time and date the release was created +func HerokuReleaseCreationTimestamp(val string) attribute.KeyValue { + return HerokuReleaseCreationTimestampKey.String(val) +} + +// HerokuReleaseCommit returns an attribute KeyValue conforming to the +// "heroku.release.commit" semantic conventions. It represents the commit hash +// for the current release +func HerokuReleaseCommit(val string) attribute.KeyValue { + return HerokuReleaseCommitKey.String(val) +} + +// HerokuAppID returns an attribute KeyValue conforming to the +// "heroku.app.id" semantic conventions. It represents the unique identifier +// for the application +func HerokuAppID(val string) attribute.KeyValue { + return HerokuAppIDKey.String(val) +} + +// A container instance. +const ( + // ContainerNameKey is the attribute Key conforming to the "container.name" + // semantic conventions. It represents the container name used by container + // runtime. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'opentelemetry-autoconf' + ContainerNameKey = attribute.Key("container.name") + + // ContainerIDKey is the attribute Key conforming to the "container.id" + // semantic conventions. It represents the container ID. Usually a UUID, as + // for example used to [identify Docker + // containers](https://docs.docker.com/engine/reference/run/#container-identification). + // The UUID might be abbreviated. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'a3bf90e006b2' + ContainerIDKey = attribute.Key("container.id") + + // ContainerRuntimeKey is the attribute Key conforming to the + // "container.runtime" semantic conventions. It represents the container + // runtime managing this container. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'docker', 'containerd', 'rkt' + ContainerRuntimeKey = attribute.Key("container.runtime") + + // ContainerImageNameKey is the attribute Key conforming to the + // "container.image.name" semantic conventions. It represents the name of + // the image the container was built on. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'gcr.io/opentelemetry/operator' + ContainerImageNameKey = attribute.Key("container.image.name") + + // ContainerImageTagKey is the attribute Key conforming to the + // "container.image.tag" semantic conventions. It represents the container + // image tag. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '0.1' + ContainerImageTagKey = attribute.Key("container.image.tag") + + // ContainerImageIDKey is the attribute Key conforming to the + // "container.image.id" semantic conventions. It represents the runtime + // specific image identifier. Usually a hash algorithm followed by a UUID. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: + // 'sha256:19c92d0a00d1b66d897bceaa7319bee0dd38a10a851c60bcec9474aa3f01e50f' + // Note: Docker defines a sha256 of the image id; `container.image.id` + // corresponds to the `Image` field from the Docker container inspect + // [API](https://docs.docker.com/engine/api/v1.43/#tag/Container/operation/ContainerInspect) + // endpoint. + // K8S defines a link to the container registry repository with digest + // `"imageID": "registry.azurecr.io + // /namespace/service/dockerfile@sha256:bdeabd40c3a8a492eaf9e8e44d0ebbb84bac7ee25ac0cf8a7159d25f62555625"`. + // OCI defines a digest of manifest. + ContainerImageIDKey = attribute.Key("container.image.id") + + // ContainerCommandKey is the attribute Key conforming to the + // "container.command" semantic conventions. It represents the command used + // to run the container (i.e. the command name). + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'otelcontribcol' + // Note: If using embedded credentials or sensitive data, it is recommended + // to remove them to prevent potential leakage. + ContainerCommandKey = attribute.Key("container.command") + + // ContainerCommandLineKey is the attribute Key conforming to the + // "container.command_line" semantic conventions. It represents the full + // command run by the container as a single string representing the full + // command. [2] + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'otelcontribcol --config config.yaml' + ContainerCommandLineKey = attribute.Key("container.command_line") + + // ContainerCommandArgsKey is the attribute Key conforming to the + // "container.command_args" semantic conventions. It represents the all the + // command arguments (including the command/executable itself) run by the + // container. [2] + // + // Type: string[] + // RequirementLevel: Optional + // Stability: stable + // Examples: 'otelcontribcol, --config, config.yaml' + ContainerCommandArgsKey = attribute.Key("container.command_args") +) + +// ContainerName returns an attribute KeyValue conforming to the +// "container.name" semantic conventions. It represents the container name used +// by container runtime. +func ContainerName(val string) attribute.KeyValue { + return ContainerNameKey.String(val) +} + +// ContainerID returns an attribute KeyValue conforming to the +// "container.id" semantic conventions. It represents the container ID. Usually +// a UUID, as for example used to [identify Docker +// containers](https://docs.docker.com/engine/reference/run/#container-identification). +// The UUID might be abbreviated. +func ContainerID(val string) attribute.KeyValue { + return ContainerIDKey.String(val) +} + +// ContainerRuntime returns an attribute KeyValue conforming to the +// "container.runtime" semantic conventions. It represents the container +// runtime managing this container. +func ContainerRuntime(val string) attribute.KeyValue { + return ContainerRuntimeKey.String(val) +} + +// ContainerImageName returns an attribute KeyValue conforming to the +// "container.image.name" semantic conventions. It represents the name of the +// image the container was built on. +func ContainerImageName(val string) attribute.KeyValue { + return ContainerImageNameKey.String(val) +} + +// ContainerImageTag returns an attribute KeyValue conforming to the +// "container.image.tag" semantic conventions. It represents the container +// image tag. +func ContainerImageTag(val string) attribute.KeyValue { + return ContainerImageTagKey.String(val) +} + +// ContainerImageID returns an attribute KeyValue conforming to the +// "container.image.id" semantic conventions. It represents the runtime +// specific image identifier. Usually a hash algorithm followed by a UUID. +func ContainerImageID(val string) attribute.KeyValue { + return ContainerImageIDKey.String(val) +} + +// ContainerCommand returns an attribute KeyValue conforming to the +// "container.command" semantic conventions. It represents the command used to +// run the container (i.e. the command name). +func ContainerCommand(val string) attribute.KeyValue { + return ContainerCommandKey.String(val) +} + +// ContainerCommandLine returns an attribute KeyValue conforming to the +// "container.command_line" semantic conventions. It represents the full +// command run by the container as a single string representing the full +// command. [2] +func ContainerCommandLine(val string) attribute.KeyValue { + return ContainerCommandLineKey.String(val) +} + +// ContainerCommandArgs returns an attribute KeyValue conforming to the +// "container.command_args" semantic conventions. It represents the all the +// command arguments (including the command/executable itself) run by the +// container. [2] +func ContainerCommandArgs(val ...string) attribute.KeyValue { + return ContainerCommandArgsKey.StringSlice(val) +} + +// The software deployment. +const ( + // DeploymentEnvironmentKey is the attribute Key conforming to the + // "deployment.environment" semantic conventions. It represents the name of + // the [deployment + // environment](https://en.wikipedia.org/wiki/Deployment_environment) (aka + // deployment tier). + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'staging', 'production' + DeploymentEnvironmentKey = attribute.Key("deployment.environment") +) + +// DeploymentEnvironment returns an attribute KeyValue conforming to the +// "deployment.environment" semantic conventions. It represents the name of the +// [deployment +// environment](https://en.wikipedia.org/wiki/Deployment_environment) (aka +// deployment tier). +func DeploymentEnvironment(val string) attribute.KeyValue { + return DeploymentEnvironmentKey.String(val) +} + +// The device on which the process represented by this resource is running. +const ( + // DeviceIDKey is the attribute Key conforming to the "device.id" semantic + // conventions. It represents a unique identifier representing the device + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '2ab2916d-a51f-4ac8-80ee-45ac31a28092' + // Note: The device identifier MUST only be defined using the values + // outlined below. This value is not an advertising identifier and MUST NOT + // be used as such. On iOS (Swift or Objective-C), this value MUST be equal + // to the [vendor + // identifier](https://developer.apple.com/documentation/uikit/uidevice/1620059-identifierforvendor). + // On Android (Java or Kotlin), this value MUST be equal to the Firebase + // Installation ID or a globally unique UUID which is persisted across + // sessions in your application. More information can be found + // [here](https://developer.android.com/training/articles/user-data-ids) on + // best practices and exact implementation details. Caution should be taken + // when storing personal data or anything which can identify a user. GDPR + // and data protection laws may apply, ensure you do your own due + // diligence. + DeviceIDKey = attribute.Key("device.id") + + // DeviceModelIdentifierKey is the attribute Key conforming to the + // "device.model.identifier" semantic conventions. It represents the model + // identifier for the device + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'iPhone3,4', 'SM-G920F' + // Note: It's recommended this value represents a machine readable version + // of the model identifier rather than the market or consumer-friendly name + // of the device. + DeviceModelIdentifierKey = attribute.Key("device.model.identifier") + + // DeviceModelNameKey is the attribute Key conforming to the + // "device.model.name" semantic conventions. It represents the marketing + // name for the device model + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'iPhone 6s Plus', 'Samsung Galaxy S6' + // Note: It's recommended this value represents a human readable version of + // the device model rather than a machine readable alternative. + DeviceModelNameKey = attribute.Key("device.model.name") + + // DeviceManufacturerKey is the attribute Key conforming to the + // "device.manufacturer" semantic conventions. It represents the name of + // the device manufacturer + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'Apple', 'Samsung' + // Note: The Android OS provides this field via + // [Build](https://developer.android.com/reference/android/os/Build#MANUFACTURER). + // iOS apps SHOULD hardcode the value `Apple`. + DeviceManufacturerKey = attribute.Key("device.manufacturer") +) + +// DeviceID returns an attribute KeyValue conforming to the "device.id" +// semantic conventions. It represents a unique identifier representing the +// device +func DeviceID(val string) attribute.KeyValue { + return DeviceIDKey.String(val) +} + +// DeviceModelIdentifier returns an attribute KeyValue conforming to the +// "device.model.identifier" semantic conventions. It represents the model +// identifier for the device +func DeviceModelIdentifier(val string) attribute.KeyValue { + return DeviceModelIdentifierKey.String(val) +} + +// DeviceModelName returns an attribute KeyValue conforming to the +// "device.model.name" semantic conventions. It represents the marketing name +// for the device model +func DeviceModelName(val string) attribute.KeyValue { + return DeviceModelNameKey.String(val) +} + +// DeviceManufacturer returns an attribute KeyValue conforming to the +// "device.manufacturer" semantic conventions. It represents the name of the +// device manufacturer +func DeviceManufacturer(val string) attribute.KeyValue { + return DeviceManufacturerKey.String(val) +} + +// A serverless instance. +const ( + // FaaSNameKey is the attribute Key conforming to the "faas.name" semantic + // conventions. It represents the name of the single function that this + // runtime instance executes. + // + // Type: string + // RequirementLevel: Required + // Stability: stable + // Examples: 'my-function', 'myazurefunctionapp/some-function-name' + // Note: This is the name of the function as configured/deployed on the + // FaaS + // platform and is usually different from the name of the callback + // function (which may be stored in the + // [`code.namespace`/`code.function`](/docs/general/general-attributes.md#source-code-attributes) + // span attributes). + // + // For some cloud providers, the above definition is ambiguous. The + // following + // definition of function name MUST be used for this attribute + // (and consequently the span name) for the listed cloud + // providers/products: + // + // * **Azure:** The full name `/`, i.e., function app name + // followed by a forward slash followed by the function name (this form + // can also be seen in the resource JSON for the function). + // This means that a span attribute MUST be used, as an Azure function + // app can host multiple functions that would usually share + // a TracerProvider (see also the `cloud.resource_id` attribute). + FaaSNameKey = attribute.Key("faas.name") + + // FaaSVersionKey is the attribute Key conforming to the "faas.version" + // semantic conventions. It represents the immutable version of the + // function being executed. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '26', 'pinkfroid-00002' + // Note: Depending on the cloud provider and platform, use: + // + // * **AWS Lambda:** The [function + // version](https://docs.aws.amazon.com/lambda/latest/dg/configuration-versions.html) + // (an integer represented as a decimal string). + // * **Google Cloud Run (Services):** The + // [revision](https://cloud.google.com/run/docs/managing/revisions) + // (i.e., the function name plus the revision suffix). + // * **Google Cloud Functions:** The value of the + // [`K_REVISION` environment + // variable](https://cloud.google.com/functions/docs/env-var#runtime_environment_variables_set_automatically). + // * **Azure Functions:** Not applicable. Do not set this attribute. + FaaSVersionKey = attribute.Key("faas.version") + + // FaaSInstanceKey is the attribute Key conforming to the "faas.instance" + // semantic conventions. It represents the execution environment ID as a + // string, that will be potentially reused for other invocations to the + // same function/function version. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '2021/06/28/[$LATEST]2f399eb14537447da05ab2a2e39309de' + // Note: * **AWS Lambda:** Use the (full) log stream name. + FaaSInstanceKey = attribute.Key("faas.instance") + + // FaaSMaxMemoryKey is the attribute Key conforming to the + // "faas.max_memory" semantic conventions. It represents the amount of + // memory available to the serverless function converted to Bytes. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 134217728 + // Note: It's recommended to set this attribute since e.g. too little + // memory can easily stop a Java AWS Lambda function from working + // correctly. On AWS Lambda, the environment variable + // `AWS_LAMBDA_FUNCTION_MEMORY_SIZE` provides this information (which must + // be multiplied by 1,048,576). + FaaSMaxMemoryKey = attribute.Key("faas.max_memory") +) + +// FaaSName returns an attribute KeyValue conforming to the "faas.name" +// semantic conventions. It represents the name of the single function that +// this runtime instance executes. +func FaaSName(val string) attribute.KeyValue { + return FaaSNameKey.String(val) +} + +// FaaSVersion returns an attribute KeyValue conforming to the +// "faas.version" semantic conventions. It represents the immutable version of +// the function being executed. +func FaaSVersion(val string) attribute.KeyValue { + return FaaSVersionKey.String(val) +} + +// FaaSInstance returns an attribute KeyValue conforming to the +// "faas.instance" semantic conventions. It represents the execution +// environment ID as a string, that will be potentially reused for other +// invocations to the same function/function version. +func FaaSInstance(val string) attribute.KeyValue { + return FaaSInstanceKey.String(val) +} + +// FaaSMaxMemory returns an attribute KeyValue conforming to the +// "faas.max_memory" semantic conventions. It represents the amount of memory +// available to the serverless function converted to Bytes. +func FaaSMaxMemory(val int) attribute.KeyValue { + return FaaSMaxMemoryKey.Int(val) +} + +// A host is defined as a computing instance. For example, physical servers, +// virtual machines, switches or disk array. +const ( + // HostIDKey is the attribute Key conforming to the "host.id" semantic + // conventions. It represents the unique host ID. For Cloud, this must be + // the instance_id assigned by the cloud provider. For non-containerized + // systems, this should be the `machine-id`. See the table below for the + // sources to use to determine the `machine-id` based on operating system. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'fdbf79e8af94cb7f9e8df36789187052' + HostIDKey = attribute.Key("host.id") + + // HostNameKey is the attribute Key conforming to the "host.name" semantic + // conventions. It represents the name of the host. On Unix systems, it may + // contain what the hostname command returns, or the fully qualified + // hostname, or another name specified by the user. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'opentelemetry-test' + HostNameKey = attribute.Key("host.name") + + // HostTypeKey is the attribute Key conforming to the "host.type" semantic + // conventions. It represents the type of host. For Cloud, this must be the + // machine type. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'n1-standard-1' + HostTypeKey = attribute.Key("host.type") + + // HostArchKey is the attribute Key conforming to the "host.arch" semantic + // conventions. It represents the CPU architecture the host system is + // running on. + // + // Type: Enum + // RequirementLevel: Optional + // Stability: stable + HostArchKey = attribute.Key("host.arch") + + // HostImageNameKey is the attribute Key conforming to the + // "host.image.name" semantic conventions. It represents the name of the VM + // image or OS install the host was instantiated from. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'infra-ami-eks-worker-node-7d4ec78312', 'CentOS-8-x86_64-1905' + HostImageNameKey = attribute.Key("host.image.name") + + // HostImageIDKey is the attribute Key conforming to the "host.image.id" + // semantic conventions. It represents the vM image ID or host OS image ID. + // For Cloud, this value is from the provider. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'ami-07b06b442921831e5' + HostImageIDKey = attribute.Key("host.image.id") + + // HostImageVersionKey is the attribute Key conforming to the + // "host.image.version" semantic conventions. It represents the version + // string of the VM image or host OS as defined in [Version + // Attributes](README.md#version-attributes). + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '0.1' + HostImageVersionKey = attribute.Key("host.image.version") +) + +var ( + // AMD64 + HostArchAMD64 = HostArchKey.String("amd64") + // ARM32 + HostArchARM32 = HostArchKey.String("arm32") + // ARM64 + HostArchARM64 = HostArchKey.String("arm64") + // Itanium + HostArchIA64 = HostArchKey.String("ia64") + // 32-bit PowerPC + HostArchPPC32 = HostArchKey.String("ppc32") + // 64-bit PowerPC + HostArchPPC64 = HostArchKey.String("ppc64") + // IBM z/Architecture + HostArchS390x = HostArchKey.String("s390x") + // 32-bit x86 + HostArchX86 = HostArchKey.String("x86") +) + +// HostID returns an attribute KeyValue conforming to the "host.id" semantic +// conventions. It represents the unique host ID. For Cloud, this must be the +// instance_id assigned by the cloud provider. For non-containerized systems, +// this should be the `machine-id`. See the table below for the sources to use +// to determine the `machine-id` based on operating system. +func HostID(val string) attribute.KeyValue { + return HostIDKey.String(val) +} + +// HostName returns an attribute KeyValue conforming to the "host.name" +// semantic conventions. It represents the name of the host. On Unix systems, +// it may contain what the hostname command returns, or the fully qualified +// hostname, or another name specified by the user. +func HostName(val string) attribute.KeyValue { + return HostNameKey.String(val) +} + +// HostType returns an attribute KeyValue conforming to the "host.type" +// semantic conventions. It represents the type of host. For Cloud, this must +// be the machine type. +func HostType(val string) attribute.KeyValue { + return HostTypeKey.String(val) +} + +// HostImageName returns an attribute KeyValue conforming to the +// "host.image.name" semantic conventions. It represents the name of the VM +// image or OS install the host was instantiated from. +func HostImageName(val string) attribute.KeyValue { + return HostImageNameKey.String(val) +} + +// HostImageID returns an attribute KeyValue conforming to the +// "host.image.id" semantic conventions. It represents the vM image ID or host +// OS image ID. For Cloud, this value is from the provider. +func HostImageID(val string) attribute.KeyValue { + return HostImageIDKey.String(val) +} + +// HostImageVersion returns an attribute KeyValue conforming to the +// "host.image.version" semantic conventions. It represents the version string +// of the VM image or host OS as defined in [Version +// Attributes](README.md#version-attributes). +func HostImageVersion(val string) attribute.KeyValue { + return HostImageVersionKey.String(val) +} + +// A Kubernetes Cluster. +const ( + // K8SClusterNameKey is the attribute Key conforming to the + // "k8s.cluster.name" semantic conventions. It represents the name of the + // cluster. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'opentelemetry-cluster' + K8SClusterNameKey = attribute.Key("k8s.cluster.name") + + // K8SClusterUIDKey is the attribute Key conforming to the + // "k8s.cluster.uid" semantic conventions. It represents a pseudo-ID for + // the cluster, set to the UID of the `kube-system` namespace. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '218fc5a9-a5f1-4b54-aa05-46717d0ab26d' + // Note: K8S does not have support for obtaining a cluster ID. If this is + // ever + // added, we will recommend collecting the `k8s.cluster.uid` through the + // official APIs. In the meantime, we are able to use the `uid` of the + // `kube-system` namespace as a proxy for cluster ID. Read on for the + // rationale. + // + // Every object created in a K8S cluster is assigned a distinct UID. The + // `kube-system` namespace is used by Kubernetes itself and will exist + // for the lifetime of the cluster. Using the `uid` of the `kube-system` + // namespace is a reasonable proxy for the K8S ClusterID as it will only + // change if the cluster is rebuilt. Furthermore, Kubernetes UIDs are + // UUIDs as standardized by + // [ISO/IEC 9834-8 and ITU-T + // X.667](https://www.itu.int/ITU-T/studygroups/com17/oid.html). + // Which states: + // + // > If generated according to one of the mechanisms defined in Rec. + // ITU-T X.667 | ISO/IEC 9834-8, a UUID is either guaranteed to be + // different from all other UUIDs generated before 3603 A.D., or is + // extremely likely to be different (depending on the mechanism chosen). + // + // Therefore, UIDs between clusters should be extremely unlikely to + // conflict. + K8SClusterUIDKey = attribute.Key("k8s.cluster.uid") +) + +// K8SClusterName returns an attribute KeyValue conforming to the +// "k8s.cluster.name" semantic conventions. It represents the name of the +// cluster. +func K8SClusterName(val string) attribute.KeyValue { + return K8SClusterNameKey.String(val) +} + +// K8SClusterUID returns an attribute KeyValue conforming to the +// "k8s.cluster.uid" semantic conventions. It represents a pseudo-ID for the +// cluster, set to the UID of the `kube-system` namespace. +func K8SClusterUID(val string) attribute.KeyValue { + return K8SClusterUIDKey.String(val) +} + +// A Kubernetes Node object. +const ( + // K8SNodeNameKey is the attribute Key conforming to the "k8s.node.name" + // semantic conventions. It represents the name of the Node. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'node-1' + K8SNodeNameKey = attribute.Key("k8s.node.name") + + // K8SNodeUIDKey is the attribute Key conforming to the "k8s.node.uid" + // semantic conventions. It represents the UID of the Node. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '1eb3a0c6-0477-4080-a9cb-0cb7db65c6a2' + K8SNodeUIDKey = attribute.Key("k8s.node.uid") +) + +// K8SNodeName returns an attribute KeyValue conforming to the +// "k8s.node.name" semantic conventions. It represents the name of the Node. +func K8SNodeName(val string) attribute.KeyValue { + return K8SNodeNameKey.String(val) +} + +// K8SNodeUID returns an attribute KeyValue conforming to the "k8s.node.uid" +// semantic conventions. It represents the UID of the Node. +func K8SNodeUID(val string) attribute.KeyValue { + return K8SNodeUIDKey.String(val) +} + +// A Kubernetes Namespace. +const ( + // K8SNamespaceNameKey is the attribute Key conforming to the + // "k8s.namespace.name" semantic conventions. It represents the name of the + // namespace that the pod is running in. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'default' + K8SNamespaceNameKey = attribute.Key("k8s.namespace.name") +) + +// K8SNamespaceName returns an attribute KeyValue conforming to the +// "k8s.namespace.name" semantic conventions. It represents the name of the +// namespace that the pod is running in. +func K8SNamespaceName(val string) attribute.KeyValue { + return K8SNamespaceNameKey.String(val) +} + +// A Kubernetes Pod object. +const ( + // K8SPodUIDKey is the attribute Key conforming to the "k8s.pod.uid" + // semantic conventions. It represents the UID of the Pod. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '275ecb36-5aa8-4c2a-9c47-d8bb681b9aff' + K8SPodUIDKey = attribute.Key("k8s.pod.uid") + + // K8SPodNameKey is the attribute Key conforming to the "k8s.pod.name" + // semantic conventions. It represents the name of the Pod. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'opentelemetry-pod-autoconf' + K8SPodNameKey = attribute.Key("k8s.pod.name") +) + +// K8SPodUID returns an attribute KeyValue conforming to the "k8s.pod.uid" +// semantic conventions. It represents the UID of the Pod. +func K8SPodUID(val string) attribute.KeyValue { + return K8SPodUIDKey.String(val) +} + +// K8SPodName returns an attribute KeyValue conforming to the "k8s.pod.name" +// semantic conventions. It represents the name of the Pod. +func K8SPodName(val string) attribute.KeyValue { + return K8SPodNameKey.String(val) +} + +// A container in a +// [PodTemplate](https://kubernetes.io/docs/concepts/workloads/pods/#pod-templates). +const ( + // K8SContainerNameKey is the attribute Key conforming to the + // "k8s.container.name" semantic conventions. It represents the name of the + // Container from Pod specification, must be unique within a Pod. Container + // runtime usually uses different globally unique name (`container.name`). + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'redis' + K8SContainerNameKey = attribute.Key("k8s.container.name") + + // K8SContainerRestartCountKey is the attribute Key conforming to the + // "k8s.container.restart_count" semantic conventions. It represents the + // number of times the container was restarted. This attribute can be used + // to identify a particular container (running or stopped) within a + // container spec. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 0, 2 + K8SContainerRestartCountKey = attribute.Key("k8s.container.restart_count") +) + +// K8SContainerName returns an attribute KeyValue conforming to the +// "k8s.container.name" semantic conventions. It represents the name of the +// Container from Pod specification, must be unique within a Pod. Container +// runtime usually uses different globally unique name (`container.name`). +func K8SContainerName(val string) attribute.KeyValue { + return K8SContainerNameKey.String(val) +} + +// K8SContainerRestartCount returns an attribute KeyValue conforming to the +// "k8s.container.restart_count" semantic conventions. It represents the number +// of times the container was restarted. This attribute can be used to identify +// a particular container (running or stopped) within a container spec. +func K8SContainerRestartCount(val int) attribute.KeyValue { + return K8SContainerRestartCountKey.Int(val) +} + +// A Kubernetes ReplicaSet object. +const ( + // K8SReplicaSetUIDKey is the attribute Key conforming to the + // "k8s.replicaset.uid" semantic conventions. It represents the UID of the + // ReplicaSet. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '275ecb36-5aa8-4c2a-9c47-d8bb681b9aff' + K8SReplicaSetUIDKey = attribute.Key("k8s.replicaset.uid") + + // K8SReplicaSetNameKey is the attribute Key conforming to the + // "k8s.replicaset.name" semantic conventions. It represents the name of + // the ReplicaSet. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'opentelemetry' + K8SReplicaSetNameKey = attribute.Key("k8s.replicaset.name") +) + +// K8SReplicaSetUID returns an attribute KeyValue conforming to the +// "k8s.replicaset.uid" semantic conventions. It represents the UID of the +// ReplicaSet. +func K8SReplicaSetUID(val string) attribute.KeyValue { + return K8SReplicaSetUIDKey.String(val) +} + +// K8SReplicaSetName returns an attribute KeyValue conforming to the +// "k8s.replicaset.name" semantic conventions. It represents the name of the +// ReplicaSet. +func K8SReplicaSetName(val string) attribute.KeyValue { + return K8SReplicaSetNameKey.String(val) +} + +// A Kubernetes Deployment object. +const ( + // K8SDeploymentUIDKey is the attribute Key conforming to the + // "k8s.deployment.uid" semantic conventions. It represents the UID of the + // Deployment. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '275ecb36-5aa8-4c2a-9c47-d8bb681b9aff' + K8SDeploymentUIDKey = attribute.Key("k8s.deployment.uid") + + // K8SDeploymentNameKey is the attribute Key conforming to the + // "k8s.deployment.name" semantic conventions. It represents the name of + // the Deployment. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'opentelemetry' + K8SDeploymentNameKey = attribute.Key("k8s.deployment.name") +) + +// K8SDeploymentUID returns an attribute KeyValue conforming to the +// "k8s.deployment.uid" semantic conventions. It represents the UID of the +// Deployment. +func K8SDeploymentUID(val string) attribute.KeyValue { + return K8SDeploymentUIDKey.String(val) +} + +// K8SDeploymentName returns an attribute KeyValue conforming to the +// "k8s.deployment.name" semantic conventions. It represents the name of the +// Deployment. +func K8SDeploymentName(val string) attribute.KeyValue { + return K8SDeploymentNameKey.String(val) +} + +// A Kubernetes StatefulSet object. +const ( + // K8SStatefulSetUIDKey is the attribute Key conforming to the + // "k8s.statefulset.uid" semantic conventions. It represents the UID of the + // StatefulSet. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '275ecb36-5aa8-4c2a-9c47-d8bb681b9aff' + K8SStatefulSetUIDKey = attribute.Key("k8s.statefulset.uid") + + // K8SStatefulSetNameKey is the attribute Key conforming to the + // "k8s.statefulset.name" semantic conventions. It represents the name of + // the StatefulSet. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'opentelemetry' + K8SStatefulSetNameKey = attribute.Key("k8s.statefulset.name") +) + +// K8SStatefulSetUID returns an attribute KeyValue conforming to the +// "k8s.statefulset.uid" semantic conventions. It represents the UID of the +// StatefulSet. +func K8SStatefulSetUID(val string) attribute.KeyValue { + return K8SStatefulSetUIDKey.String(val) +} + +// K8SStatefulSetName returns an attribute KeyValue conforming to the +// "k8s.statefulset.name" semantic conventions. It represents the name of the +// StatefulSet. +func K8SStatefulSetName(val string) attribute.KeyValue { + return K8SStatefulSetNameKey.String(val) +} + +// A Kubernetes DaemonSet object. +const ( + // K8SDaemonSetUIDKey is the attribute Key conforming to the + // "k8s.daemonset.uid" semantic conventions. It represents the UID of the + // DaemonSet. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '275ecb36-5aa8-4c2a-9c47-d8bb681b9aff' + K8SDaemonSetUIDKey = attribute.Key("k8s.daemonset.uid") + + // K8SDaemonSetNameKey is the attribute Key conforming to the + // "k8s.daemonset.name" semantic conventions. It represents the name of the + // DaemonSet. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'opentelemetry' + K8SDaemonSetNameKey = attribute.Key("k8s.daemonset.name") +) + +// K8SDaemonSetUID returns an attribute KeyValue conforming to the +// "k8s.daemonset.uid" semantic conventions. It represents the UID of the +// DaemonSet. +func K8SDaemonSetUID(val string) attribute.KeyValue { + return K8SDaemonSetUIDKey.String(val) +} + +// K8SDaemonSetName returns an attribute KeyValue conforming to the +// "k8s.daemonset.name" semantic conventions. It represents the name of the +// DaemonSet. +func K8SDaemonSetName(val string) attribute.KeyValue { + return K8SDaemonSetNameKey.String(val) +} + +// A Kubernetes Job object. +const ( + // K8SJobUIDKey is the attribute Key conforming to the "k8s.job.uid" + // semantic conventions. It represents the UID of the Job. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '275ecb36-5aa8-4c2a-9c47-d8bb681b9aff' + K8SJobUIDKey = attribute.Key("k8s.job.uid") + + // K8SJobNameKey is the attribute Key conforming to the "k8s.job.name" + // semantic conventions. It represents the name of the Job. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'opentelemetry' + K8SJobNameKey = attribute.Key("k8s.job.name") +) + +// K8SJobUID returns an attribute KeyValue conforming to the "k8s.job.uid" +// semantic conventions. It represents the UID of the Job. +func K8SJobUID(val string) attribute.KeyValue { + return K8SJobUIDKey.String(val) +} + +// K8SJobName returns an attribute KeyValue conforming to the "k8s.job.name" +// semantic conventions. It represents the name of the Job. +func K8SJobName(val string) attribute.KeyValue { + return K8SJobNameKey.String(val) +} + +// A Kubernetes CronJob object. +const ( + // K8SCronJobUIDKey is the attribute Key conforming to the + // "k8s.cronjob.uid" semantic conventions. It represents the UID of the + // CronJob. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '275ecb36-5aa8-4c2a-9c47-d8bb681b9aff' + K8SCronJobUIDKey = attribute.Key("k8s.cronjob.uid") + + // K8SCronJobNameKey is the attribute Key conforming to the + // "k8s.cronjob.name" semantic conventions. It represents the name of the + // CronJob. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'opentelemetry' + K8SCronJobNameKey = attribute.Key("k8s.cronjob.name") +) + +// K8SCronJobUID returns an attribute KeyValue conforming to the +// "k8s.cronjob.uid" semantic conventions. It represents the UID of the +// CronJob. +func K8SCronJobUID(val string) attribute.KeyValue { + return K8SCronJobUIDKey.String(val) +} + +// K8SCronJobName returns an attribute KeyValue conforming to the +// "k8s.cronjob.name" semantic conventions. It represents the name of the +// CronJob. +func K8SCronJobName(val string) attribute.KeyValue { + return K8SCronJobNameKey.String(val) +} + +// The operating system (OS) on which the process represented by this resource +// is running. +const ( + // OSTypeKey is the attribute Key conforming to the "os.type" semantic + // conventions. It represents the operating system type. + // + // Type: Enum + // RequirementLevel: Required + // Stability: stable + OSTypeKey = attribute.Key("os.type") + + // OSDescriptionKey is the attribute Key conforming to the "os.description" + // semantic conventions. It represents the human readable (not intended to + // be parsed) OS version information, like e.g. reported by `ver` or + // `lsb_release -a` commands. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'Microsoft Windows [Version 10.0.18363.778]', 'Ubuntu 18.04.1 + // LTS' + OSDescriptionKey = attribute.Key("os.description") + + // OSNameKey is the attribute Key conforming to the "os.name" semantic + // conventions. It represents the human readable operating system name. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'iOS', 'Android', 'Ubuntu' + OSNameKey = attribute.Key("os.name") + + // OSVersionKey is the attribute Key conforming to the "os.version" + // semantic conventions. It represents the version string of the operating + // system as defined in [Version + // Attributes](/docs/resource/README.md#version-attributes). + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '14.2.1', '18.04.1' + OSVersionKey = attribute.Key("os.version") +) + +var ( + // Microsoft Windows + OSTypeWindows = OSTypeKey.String("windows") + // Linux + OSTypeLinux = OSTypeKey.String("linux") + // Apple Darwin + OSTypeDarwin = OSTypeKey.String("darwin") + // FreeBSD + OSTypeFreeBSD = OSTypeKey.String("freebsd") + // NetBSD + OSTypeNetBSD = OSTypeKey.String("netbsd") + // OpenBSD + OSTypeOpenBSD = OSTypeKey.String("openbsd") + // DragonFly BSD + OSTypeDragonflyBSD = OSTypeKey.String("dragonflybsd") + // HP-UX (Hewlett Packard Unix) + OSTypeHPUX = OSTypeKey.String("hpux") + // AIX (Advanced Interactive eXecutive) + OSTypeAIX = OSTypeKey.String("aix") + // SunOS, Oracle Solaris + OSTypeSolaris = OSTypeKey.String("solaris") + // IBM z/OS + OSTypeZOS = OSTypeKey.String("z_os") +) + +// OSDescription returns an attribute KeyValue conforming to the +// "os.description" semantic conventions. It represents the human readable (not +// intended to be parsed) OS version information, like e.g. reported by `ver` +// or `lsb_release -a` commands. +func OSDescription(val string) attribute.KeyValue { + return OSDescriptionKey.String(val) +} + +// OSName returns an attribute KeyValue conforming to the "os.name" semantic +// conventions. It represents the human readable operating system name. +func OSName(val string) attribute.KeyValue { + return OSNameKey.String(val) +} + +// OSVersion returns an attribute KeyValue conforming to the "os.version" +// semantic conventions. It represents the version string of the operating +// system as defined in [Version +// Attributes](/docs/resource/README.md#version-attributes). +func OSVersion(val string) attribute.KeyValue { + return OSVersionKey.String(val) +} + +// An operating system process. +const ( + // ProcessPIDKey is the attribute Key conforming to the "process.pid" + // semantic conventions. It represents the process identifier (PID). + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 1234 + ProcessPIDKey = attribute.Key("process.pid") + + // ProcessParentPIDKey is the attribute Key conforming to the + // "process.parent_pid" semantic conventions. It represents the parent + // Process identifier (PID). + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 111 + ProcessParentPIDKey = attribute.Key("process.parent_pid") + + // ProcessExecutableNameKey is the attribute Key conforming to the + // "process.executable.name" semantic conventions. It represents the name + // of the process executable. On Linux based systems, can be set to the + // `Name` in `proc/[pid]/status`. On Windows, can be set to the base name + // of `GetProcessImageFileNameW`. + // + // Type: string + // RequirementLevel: ConditionallyRequired (See alternative attributes + // below.) + // Stability: stable + // Examples: 'otelcol' + ProcessExecutableNameKey = attribute.Key("process.executable.name") + + // ProcessExecutablePathKey is the attribute Key conforming to the + // "process.executable.path" semantic conventions. It represents the full + // path to the process executable. On Linux based systems, can be set to + // the target of `proc/[pid]/exe`. On Windows, can be set to the result of + // `GetProcessImageFileNameW`. + // + // Type: string + // RequirementLevel: ConditionallyRequired (See alternative attributes + // below.) + // Stability: stable + // Examples: '/usr/bin/cmd/otelcol' + ProcessExecutablePathKey = attribute.Key("process.executable.path") + + // ProcessCommandKey is the attribute Key conforming to the + // "process.command" semantic conventions. It represents the command used + // to launch the process (i.e. the command name). On Linux based systems, + // can be set to the zeroth string in `proc/[pid]/cmdline`. On Windows, can + // be set to the first parameter extracted from `GetCommandLineW`. + // + // Type: string + // RequirementLevel: ConditionallyRequired (See alternative attributes + // below.) + // Stability: stable + // Examples: 'cmd/otelcol' + ProcessCommandKey = attribute.Key("process.command") + + // ProcessCommandLineKey is the attribute Key conforming to the + // "process.command_line" semantic conventions. It represents the full + // command used to launch the process as a single string representing the + // full command. On Windows, can be set to the result of `GetCommandLineW`. + // Do not set this if you have to assemble it just for monitoring; use + // `process.command_args` instead. + // + // Type: string + // RequirementLevel: ConditionallyRequired (See alternative attributes + // below.) + // Stability: stable + // Examples: 'C:\\cmd\\otecol --config="my directory\\config.yaml"' + ProcessCommandLineKey = attribute.Key("process.command_line") + + // ProcessCommandArgsKey is the attribute Key conforming to the + // "process.command_args" semantic conventions. It represents the all the + // command arguments (including the command/executable itself) as received + // by the process. On Linux-based systems (and some other Unixoid systems + // supporting procfs), can be set according to the list of null-delimited + // strings extracted from `proc/[pid]/cmdline`. For libc-based executables, + // this would be the full argv vector passed to `main`. + // + // Type: string[] + // RequirementLevel: ConditionallyRequired (See alternative attributes + // below.) + // Stability: stable + // Examples: 'cmd/otecol', '--config=config.yaml' + ProcessCommandArgsKey = attribute.Key("process.command_args") + + // ProcessOwnerKey is the attribute Key conforming to the "process.owner" + // semantic conventions. It represents the username of the user that owns + // the process. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'root' + ProcessOwnerKey = attribute.Key("process.owner") +) + +// ProcessPID returns an attribute KeyValue conforming to the "process.pid" +// semantic conventions. It represents the process identifier (PID). +func ProcessPID(val int) attribute.KeyValue { + return ProcessPIDKey.Int(val) +} + +// ProcessParentPID returns an attribute KeyValue conforming to the +// "process.parent_pid" semantic conventions. It represents the parent Process +// identifier (PID). +func ProcessParentPID(val int) attribute.KeyValue { + return ProcessParentPIDKey.Int(val) +} + +// ProcessExecutableName returns an attribute KeyValue conforming to the +// "process.executable.name" semantic conventions. It represents the name of +// the process executable. On Linux based systems, can be set to the `Name` in +// `proc/[pid]/status`. On Windows, can be set to the base name of +// `GetProcessImageFileNameW`. +func ProcessExecutableName(val string) attribute.KeyValue { + return ProcessExecutableNameKey.String(val) +} + +// ProcessExecutablePath returns an attribute KeyValue conforming to the +// "process.executable.path" semantic conventions. It represents the full path +// to the process executable. On Linux based systems, can be set to the target +// of `proc/[pid]/exe`. On Windows, can be set to the result of +// `GetProcessImageFileNameW`. +func ProcessExecutablePath(val string) attribute.KeyValue { + return ProcessExecutablePathKey.String(val) +} + +// ProcessCommand returns an attribute KeyValue conforming to the +// "process.command" semantic conventions. It represents the command used to +// launch the process (i.e. the command name). On Linux based systems, can be +// set to the zeroth string in `proc/[pid]/cmdline`. On Windows, can be set to +// the first parameter extracted from `GetCommandLineW`. +func ProcessCommand(val string) attribute.KeyValue { + return ProcessCommandKey.String(val) +} + +// ProcessCommandLine returns an attribute KeyValue conforming to the +// "process.command_line" semantic conventions. It represents the full command +// used to launch the process as a single string representing the full command. +// On Windows, can be set to the result of `GetCommandLineW`. Do not set this +// if you have to assemble it just for monitoring; use `process.command_args` +// instead. +func ProcessCommandLine(val string) attribute.KeyValue { + return ProcessCommandLineKey.String(val) +} + +// ProcessCommandArgs returns an attribute KeyValue conforming to the +// "process.command_args" semantic conventions. It represents the all the +// command arguments (including the command/executable itself) as received by +// the process. On Linux-based systems (and some other Unixoid systems +// supporting procfs), can be set according to the list of null-delimited +// strings extracted from `proc/[pid]/cmdline`. For libc-based executables, +// this would be the full argv vector passed to `main`. +func ProcessCommandArgs(val ...string) attribute.KeyValue { + return ProcessCommandArgsKey.StringSlice(val) +} + +// ProcessOwner returns an attribute KeyValue conforming to the +// "process.owner" semantic conventions. It represents the username of the user +// that owns the process. +func ProcessOwner(val string) attribute.KeyValue { + return ProcessOwnerKey.String(val) +} + +// The single (language) runtime instance which is monitored. +const ( + // ProcessRuntimeNameKey is the attribute Key conforming to the + // "process.runtime.name" semantic conventions. It represents the name of + // the runtime of this process. For compiled native binaries, this SHOULD + // be the name of the compiler. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'OpenJDK Runtime Environment' + ProcessRuntimeNameKey = attribute.Key("process.runtime.name") + + // ProcessRuntimeVersionKey is the attribute Key conforming to the + // "process.runtime.version" semantic conventions. It represents the + // version of the runtime of this process, as returned by the runtime + // without modification. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '14.0.2' + ProcessRuntimeVersionKey = attribute.Key("process.runtime.version") + + // ProcessRuntimeDescriptionKey is the attribute Key conforming to the + // "process.runtime.description" semantic conventions. It represents an + // additional description about the runtime of the process, for example a + // specific vendor customization of the runtime environment. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'Eclipse OpenJ9 Eclipse OpenJ9 VM openj9-0.21.0' + ProcessRuntimeDescriptionKey = attribute.Key("process.runtime.description") +) + +// ProcessRuntimeName returns an attribute KeyValue conforming to the +// "process.runtime.name" semantic conventions. It represents the name of the +// runtime of this process. For compiled native binaries, this SHOULD be the +// name of the compiler. +func ProcessRuntimeName(val string) attribute.KeyValue { + return ProcessRuntimeNameKey.String(val) +} + +// ProcessRuntimeVersion returns an attribute KeyValue conforming to the +// "process.runtime.version" semantic conventions. It represents the version of +// the runtime of this process, as returned by the runtime without +// modification. +func ProcessRuntimeVersion(val string) attribute.KeyValue { + return ProcessRuntimeVersionKey.String(val) +} + +// ProcessRuntimeDescription returns an attribute KeyValue conforming to the +// "process.runtime.description" semantic conventions. It represents an +// additional description about the runtime of the process, for example a +// specific vendor customization of the runtime environment. +func ProcessRuntimeDescription(val string) attribute.KeyValue { + return ProcessRuntimeDescriptionKey.String(val) +} + +// A service instance. +const ( + // ServiceNameKey is the attribute Key conforming to the "service.name" + // semantic conventions. It represents the logical name of the service. + // + // Type: string + // RequirementLevel: Required + // Stability: stable + // Examples: 'shoppingcart' + // Note: MUST be the same for all instances of horizontally scaled + // services. If the value was not specified, SDKs MUST fallback to + // `unknown_service:` concatenated with + // [`process.executable.name`](process.md#process), e.g. + // `unknown_service:bash`. If `process.executable.name` is not available, + // the value MUST be set to `unknown_service`. + ServiceNameKey = attribute.Key("service.name") + + // ServiceVersionKey is the attribute Key conforming to the + // "service.version" semantic conventions. It represents the version string + // of the service API or implementation. The format is not defined by these + // conventions. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '2.0.0', 'a01dbef8a' + ServiceVersionKey = attribute.Key("service.version") +) + +// ServiceName returns an attribute KeyValue conforming to the +// "service.name" semantic conventions. It represents the logical name of the +// service. +func ServiceName(val string) attribute.KeyValue { + return ServiceNameKey.String(val) +} + +// ServiceVersion returns an attribute KeyValue conforming to the +// "service.version" semantic conventions. It represents the version string of +// the service API or implementation. The format is not defined by these +// conventions. +func ServiceVersion(val string) attribute.KeyValue { + return ServiceVersionKey.String(val) +} + +// A service instance. +const ( + // ServiceNamespaceKey is the attribute Key conforming to the + // "service.namespace" semantic conventions. It represents a namespace for + // `service.name`. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'Shop' + // Note: A string value having a meaning that helps to distinguish a group + // of services, for example the team name that owns a group of services. + // `service.name` is expected to be unique within the same namespace. If + // `service.namespace` is not specified in the Resource then `service.name` + // is expected to be unique for all services that have no explicit + // namespace defined (so the empty/unspecified namespace is simply one more + // valid namespace). Zero-length namespace string is assumed equal to + // unspecified namespace. + ServiceNamespaceKey = attribute.Key("service.namespace") + + // ServiceInstanceIDKey is the attribute Key conforming to the + // "service.instance.id" semantic conventions. It represents the string ID + // of the service instance. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'my-k8s-pod-deployment-1', + // '627cc493-f310-47de-96bd-71410b7dec09' + // Note: MUST be unique for each instance of the same + // `service.namespace,service.name` pair (in other words + // `service.namespace,service.name,service.instance.id` triplet MUST be + // globally unique). The ID helps to distinguish instances of the same + // service that exist at the same time (e.g. instances of a horizontally + // scaled service). It is preferable for the ID to be persistent and stay + // the same for the lifetime of the service instance, however it is + // acceptable that the ID is ephemeral and changes during important + // lifetime events for the service (e.g. service restarts). If the service + // has no inherent unique ID that can be used as the value of this + // attribute it is recommended to generate a random Version 1 or Version 4 + // RFC 4122 UUID (services aiming for reproducible UUIDs may also use + // Version 5, see RFC 4122 for more recommendations). + ServiceInstanceIDKey = attribute.Key("service.instance.id") +) + +// ServiceNamespace returns an attribute KeyValue conforming to the +// "service.namespace" semantic conventions. It represents a namespace for +// `service.name`. +func ServiceNamespace(val string) attribute.KeyValue { + return ServiceNamespaceKey.String(val) +} + +// ServiceInstanceID returns an attribute KeyValue conforming to the +// "service.instance.id" semantic conventions. It represents the string ID of +// the service instance. +func ServiceInstanceID(val string) attribute.KeyValue { + return ServiceInstanceIDKey.String(val) +} + +// The telemetry SDK used to capture data recorded by the instrumentation +// libraries. +const ( + // TelemetrySDKNameKey is the attribute Key conforming to the + // "telemetry.sdk.name" semantic conventions. It represents the name of the + // telemetry SDK as defined above. + // + // Type: string + // RequirementLevel: Required + // Stability: stable + // Examples: 'opentelemetry' + // Note: The OpenTelemetry SDK MUST set the `telemetry.sdk.name` attribute + // to `opentelemetry`. + // If another SDK, like a fork or a vendor-provided implementation, is + // used, this SDK MUST set the + // `telemetry.sdk.name` attribute to the fully-qualified class or module + // name of this SDK's main entry point + // or another suitable identifier depending on the language. + // The identifier `opentelemetry` is reserved and MUST NOT be used in this + // case. + // All custom identifiers SHOULD be stable across different versions of an + // implementation. + TelemetrySDKNameKey = attribute.Key("telemetry.sdk.name") + + // TelemetrySDKLanguageKey is the attribute Key conforming to the + // "telemetry.sdk.language" semantic conventions. It represents the + // language of the telemetry SDK. + // + // Type: Enum + // RequirementLevel: Required + // Stability: stable + TelemetrySDKLanguageKey = attribute.Key("telemetry.sdk.language") + + // TelemetrySDKVersionKey is the attribute Key conforming to the + // "telemetry.sdk.version" semantic conventions. It represents the version + // string of the telemetry SDK. + // + // Type: string + // RequirementLevel: Required + // Stability: stable + // Examples: '1.2.3' + TelemetrySDKVersionKey = attribute.Key("telemetry.sdk.version") +) + +var ( + // cpp + TelemetrySDKLanguageCPP = TelemetrySDKLanguageKey.String("cpp") + // dotnet + TelemetrySDKLanguageDotnet = TelemetrySDKLanguageKey.String("dotnet") + // erlang + TelemetrySDKLanguageErlang = TelemetrySDKLanguageKey.String("erlang") + // go + TelemetrySDKLanguageGo = TelemetrySDKLanguageKey.String("go") + // java + TelemetrySDKLanguageJava = TelemetrySDKLanguageKey.String("java") + // nodejs + TelemetrySDKLanguageNodejs = TelemetrySDKLanguageKey.String("nodejs") + // php + TelemetrySDKLanguagePHP = TelemetrySDKLanguageKey.String("php") + // python + TelemetrySDKLanguagePython = TelemetrySDKLanguageKey.String("python") + // ruby + TelemetrySDKLanguageRuby = TelemetrySDKLanguageKey.String("ruby") + // rust + TelemetrySDKLanguageRust = TelemetrySDKLanguageKey.String("rust") + // swift + TelemetrySDKLanguageSwift = TelemetrySDKLanguageKey.String("swift") + // webjs + TelemetrySDKLanguageWebjs = TelemetrySDKLanguageKey.String("webjs") +) + +// TelemetrySDKName returns an attribute KeyValue conforming to the +// "telemetry.sdk.name" semantic conventions. It represents the name of the +// telemetry SDK as defined above. +func TelemetrySDKName(val string) attribute.KeyValue { + return TelemetrySDKNameKey.String(val) +} + +// TelemetrySDKVersion returns an attribute KeyValue conforming to the +// "telemetry.sdk.version" semantic conventions. It represents the version +// string of the telemetry SDK. +func TelemetrySDKVersion(val string) attribute.KeyValue { + return TelemetrySDKVersionKey.String(val) +} + +// The telemetry SDK used to capture data recorded by the instrumentation +// libraries. +const ( + // TelemetryAutoVersionKey is the attribute Key conforming to the + // "telemetry.auto.version" semantic conventions. It represents the version + // string of the auto instrumentation agent, if used. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '1.2.3' + TelemetryAutoVersionKey = attribute.Key("telemetry.auto.version") +) + +// TelemetryAutoVersion returns an attribute KeyValue conforming to the +// "telemetry.auto.version" semantic conventions. It represents the version +// string of the auto instrumentation agent, if used. +func TelemetryAutoVersion(val string) attribute.KeyValue { + return TelemetryAutoVersionKey.String(val) +} + +// Resource describing the packaged software running the application code. Web +// engines are typically executed using process.runtime. +const ( + // WebEngineNameKey is the attribute Key conforming to the "webengine.name" + // semantic conventions. It represents the name of the web engine. + // + // Type: string + // RequirementLevel: Required + // Stability: stable + // Examples: 'WildFly' + WebEngineNameKey = attribute.Key("webengine.name") + + // WebEngineVersionKey is the attribute Key conforming to the + // "webengine.version" semantic conventions. It represents the version of + // the web engine. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '21.0.0' + WebEngineVersionKey = attribute.Key("webengine.version") + + // WebEngineDescriptionKey is the attribute Key conforming to the + // "webengine.description" semantic conventions. It represents the + // additional description of the web engine (e.g. detailed version and + // edition information). + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'WildFly Full 21.0.0.Final (WildFly Core 13.0.1.Final) - + // 2.2.2.Final' + WebEngineDescriptionKey = attribute.Key("webengine.description") +) + +// WebEngineName returns an attribute KeyValue conforming to the +// "webengine.name" semantic conventions. It represents the name of the web +// engine. +func WebEngineName(val string) attribute.KeyValue { + return WebEngineNameKey.String(val) +} + +// WebEngineVersion returns an attribute KeyValue conforming to the +// "webengine.version" semantic conventions. It represents the version of the +// web engine. +func WebEngineVersion(val string) attribute.KeyValue { + return WebEngineVersionKey.String(val) +} + +// WebEngineDescription returns an attribute KeyValue conforming to the +// "webengine.description" semantic conventions. It represents the additional +// description of the web engine (e.g. detailed version and edition +// information). +func WebEngineDescription(val string) attribute.KeyValue { + return WebEngineDescriptionKey.String(val) +} + +// Attributes used by non-OTLP exporters to represent OpenTelemetry Scope's +// concepts. +const ( + // OTelScopeNameKey is the attribute Key conforming to the + // "otel.scope.name" semantic conventions. It represents the name of the + // instrumentation scope - (`InstrumentationScope.Name` in OTLP). + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'io.opentelemetry.contrib.mongodb' + OTelScopeNameKey = attribute.Key("otel.scope.name") + + // OTelScopeVersionKey is the attribute Key conforming to the + // "otel.scope.version" semantic conventions. It represents the version of + // the instrumentation scope - (`InstrumentationScope.Version` in OTLP). + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '1.0.0' + OTelScopeVersionKey = attribute.Key("otel.scope.version") +) + +// OTelScopeName returns an attribute KeyValue conforming to the +// "otel.scope.name" semantic conventions. It represents the name of the +// instrumentation scope - (`InstrumentationScope.Name` in OTLP). +func OTelScopeName(val string) attribute.KeyValue { + return OTelScopeNameKey.String(val) +} + +// OTelScopeVersion returns an attribute KeyValue conforming to the +// "otel.scope.version" semantic conventions. It represents the version of the +// instrumentation scope - (`InstrumentationScope.Version` in OTLP). +func OTelScopeVersion(val string) attribute.KeyValue { + return OTelScopeVersionKey.String(val) +} + +// Span attributes used by non-OTLP exporters to represent OpenTelemetry +// Scope's concepts. +const ( + // OTelLibraryNameKey is the attribute Key conforming to the + // "otel.library.name" semantic conventions. It represents the deprecated, + // use the `otel.scope.name` attribute. + // + // Type: string + // RequirementLevel: Optional + // Stability: deprecated + // Examples: 'io.opentelemetry.contrib.mongodb' + OTelLibraryNameKey = attribute.Key("otel.library.name") + + // OTelLibraryVersionKey is the attribute Key conforming to the + // "otel.library.version" semantic conventions. It represents the + // deprecated, use the `otel.scope.version` attribute. + // + // Type: string + // RequirementLevel: Optional + // Stability: deprecated + // Examples: '1.0.0' + OTelLibraryVersionKey = attribute.Key("otel.library.version") +) + +// OTelLibraryName returns an attribute KeyValue conforming to the +// "otel.library.name" semantic conventions. It represents the deprecated, use +// the `otel.scope.name` attribute. +func OTelLibraryName(val string) attribute.KeyValue { + return OTelLibraryNameKey.String(val) +} + +// OTelLibraryVersion returns an attribute KeyValue conforming to the +// "otel.library.version" semantic conventions. It represents the deprecated, +// use the `otel.scope.version` attribute. +func OTelLibraryVersion(val string) attribute.KeyValue { + return OTelLibraryVersionKey.String(val) +} diff --git a/vendor/go.opentelemetry.io/otel/semconv/v1.21.0/schema.go b/vendor/go.opentelemetry.io/otel/semconv/v1.21.0/schema.go new file mode 100644 index 000000000..66ffd5989 --- /dev/null +++ b/vendor/go.opentelemetry.io/otel/semconv/v1.21.0/schema.go @@ -0,0 +1,20 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package semconv // import "go.opentelemetry.io/otel/semconv/v1.21.0" + +// SchemaURL is the schema URL that matches the version of the semantic conventions +// that this package defines. Semconv packages starting from v1.4.0 must declare +// non-empty schema URL in the form https://opentelemetry.io/schemas/ +const SchemaURL = "https://opentelemetry.io/schemas/1.21.0" diff --git a/vendor/go.opentelemetry.io/otel/semconv/v1.21.0/trace.go b/vendor/go.opentelemetry.io/otel/semconv/v1.21.0/trace.go new file mode 100644 index 000000000..b5a91450d --- /dev/null +++ b/vendor/go.opentelemetry.io/otel/semconv/v1.21.0/trace.go @@ -0,0 +1,2495 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated from semantic convention specification. DO NOT EDIT. + +package semconv // import "go.opentelemetry.io/otel/semconv/v1.21.0" + +import "go.opentelemetry.io/otel/attribute" + +// The shared attributes used to report a single exception associated with a +// span or log. +const ( + // ExceptionTypeKey is the attribute Key conforming to the "exception.type" + // semantic conventions. It represents the type of the exception (its + // fully-qualified class name, if applicable). The dynamic type of the + // exception should be preferred over the static type in languages that + // support it. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'java.net.ConnectException', 'OSError' + ExceptionTypeKey = attribute.Key("exception.type") + + // ExceptionMessageKey is the attribute Key conforming to the + // "exception.message" semantic conventions. It represents the exception + // message. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'Division by zero', "Can't convert 'int' object to str + // implicitly" + ExceptionMessageKey = attribute.Key("exception.message") + + // ExceptionStacktraceKey is the attribute Key conforming to the + // "exception.stacktrace" semantic conventions. It represents a stacktrace + // as a string in the natural representation for the language runtime. The + // representation is to be determined and documented by each language SIG. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'Exception in thread "main" java.lang.RuntimeException: Test + // exception\\n at ' + // 'com.example.GenerateTrace.methodB(GenerateTrace.java:13)\\n at ' + // 'com.example.GenerateTrace.methodA(GenerateTrace.java:9)\\n at ' + // 'com.example.GenerateTrace.main(GenerateTrace.java:5)' + ExceptionStacktraceKey = attribute.Key("exception.stacktrace") +) + +// ExceptionType returns an attribute KeyValue conforming to the +// "exception.type" semantic conventions. It represents the type of the +// exception (its fully-qualified class name, if applicable). The dynamic type +// of the exception should be preferred over the static type in languages that +// support it. +func ExceptionType(val string) attribute.KeyValue { + return ExceptionTypeKey.String(val) +} + +// ExceptionMessage returns an attribute KeyValue conforming to the +// "exception.message" semantic conventions. It represents the exception +// message. +func ExceptionMessage(val string) attribute.KeyValue { + return ExceptionMessageKey.String(val) +} + +// ExceptionStacktrace returns an attribute KeyValue conforming to the +// "exception.stacktrace" semantic conventions. It represents a stacktrace as a +// string in the natural representation for the language runtime. The +// representation is to be determined and documented by each language SIG. +func ExceptionStacktrace(val string) attribute.KeyValue { + return ExceptionStacktraceKey.String(val) +} + +// Span attributes used by AWS Lambda (in addition to general `faas` +// attributes). +const ( + // AWSLambdaInvokedARNKey is the attribute Key conforming to the + // "aws.lambda.invoked_arn" semantic conventions. It represents the full + // invoked ARN as provided on the `Context` passed to the function + // (`Lambda-Runtime-Invoked-Function-ARN` header on the + // `/runtime/invocation/next` applicable). + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'arn:aws:lambda:us-east-1:123456:function:myfunction:myalias' + // Note: This may be different from `cloud.resource_id` if an alias is + // involved. + AWSLambdaInvokedARNKey = attribute.Key("aws.lambda.invoked_arn") +) + +// AWSLambdaInvokedARN returns an attribute KeyValue conforming to the +// "aws.lambda.invoked_arn" semantic conventions. It represents the full +// invoked ARN as provided on the `Context` passed to the function +// (`Lambda-Runtime-Invoked-Function-ARN` header on the +// `/runtime/invocation/next` applicable). +func AWSLambdaInvokedARN(val string) attribute.KeyValue { + return AWSLambdaInvokedARNKey.String(val) +} + +// Attributes for CloudEvents. CloudEvents is a specification on how to define +// event data in a standard way. These attributes can be attached to spans when +// performing operations with CloudEvents, regardless of the protocol being +// used. +const ( + // CloudeventsEventIDKey is the attribute Key conforming to the + // "cloudevents.event_id" semantic conventions. It represents the + // [event_id](https://github.com/cloudevents/spec/blob/v1.0.2/cloudevents/spec.md#id) + // uniquely identifies the event. + // + // Type: string + // RequirementLevel: Required + // Stability: stable + // Examples: '123e4567-e89b-12d3-a456-426614174000', '0001' + CloudeventsEventIDKey = attribute.Key("cloudevents.event_id") + + // CloudeventsEventSourceKey is the attribute Key conforming to the + // "cloudevents.event_source" semantic conventions. It represents the + // [source](https://github.com/cloudevents/spec/blob/v1.0.2/cloudevents/spec.md#source-1) + // identifies the context in which an event happened. + // + // Type: string + // RequirementLevel: Required + // Stability: stable + // Examples: 'https://github.com/cloudevents', + // '/cloudevents/spec/pull/123', 'my-service' + CloudeventsEventSourceKey = attribute.Key("cloudevents.event_source") + + // CloudeventsEventSpecVersionKey is the attribute Key conforming to the + // "cloudevents.event_spec_version" semantic conventions. It represents the + // [version of the CloudEvents + // specification](https://github.com/cloudevents/spec/blob/v1.0.2/cloudevents/spec.md#specversion) + // which the event uses. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '1.0' + CloudeventsEventSpecVersionKey = attribute.Key("cloudevents.event_spec_version") + + // CloudeventsEventTypeKey is the attribute Key conforming to the + // "cloudevents.event_type" semantic conventions. It represents the + // [event_type](https://github.com/cloudevents/spec/blob/v1.0.2/cloudevents/spec.md#type) + // contains a value describing the type of event related to the originating + // occurrence. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'com.github.pull_request.opened', + // 'com.example.object.deleted.v2' + CloudeventsEventTypeKey = attribute.Key("cloudevents.event_type") + + // CloudeventsEventSubjectKey is the attribute Key conforming to the + // "cloudevents.event_subject" semantic conventions. It represents the + // [subject](https://github.com/cloudevents/spec/blob/v1.0.2/cloudevents/spec.md#subject) + // of the event in the context of the event producer (identified by + // source). + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'mynewfile.jpg' + CloudeventsEventSubjectKey = attribute.Key("cloudevents.event_subject") +) + +// CloudeventsEventID returns an attribute KeyValue conforming to the +// "cloudevents.event_id" semantic conventions. It represents the +// [event_id](https://github.com/cloudevents/spec/blob/v1.0.2/cloudevents/spec.md#id) +// uniquely identifies the event. +func CloudeventsEventID(val string) attribute.KeyValue { + return CloudeventsEventIDKey.String(val) +} + +// CloudeventsEventSource returns an attribute KeyValue conforming to the +// "cloudevents.event_source" semantic conventions. It represents the +// [source](https://github.com/cloudevents/spec/blob/v1.0.2/cloudevents/spec.md#source-1) +// identifies the context in which an event happened. +func CloudeventsEventSource(val string) attribute.KeyValue { + return CloudeventsEventSourceKey.String(val) +} + +// CloudeventsEventSpecVersion returns an attribute KeyValue conforming to +// the "cloudevents.event_spec_version" semantic conventions. It represents the +// [version of the CloudEvents +// specification](https://github.com/cloudevents/spec/blob/v1.0.2/cloudevents/spec.md#specversion) +// which the event uses. +func CloudeventsEventSpecVersion(val string) attribute.KeyValue { + return CloudeventsEventSpecVersionKey.String(val) +} + +// CloudeventsEventType returns an attribute KeyValue conforming to the +// "cloudevents.event_type" semantic conventions. It represents the +// [event_type](https://github.com/cloudevents/spec/blob/v1.0.2/cloudevents/spec.md#type) +// contains a value describing the type of event related to the originating +// occurrence. +func CloudeventsEventType(val string) attribute.KeyValue { + return CloudeventsEventTypeKey.String(val) +} + +// CloudeventsEventSubject returns an attribute KeyValue conforming to the +// "cloudevents.event_subject" semantic conventions. It represents the +// [subject](https://github.com/cloudevents/spec/blob/v1.0.2/cloudevents/spec.md#subject) +// of the event in the context of the event producer (identified by source). +func CloudeventsEventSubject(val string) attribute.KeyValue { + return CloudeventsEventSubjectKey.String(val) +} + +// Semantic conventions for the OpenTracing Shim +const ( + // OpentracingRefTypeKey is the attribute Key conforming to the + // "opentracing.ref_type" semantic conventions. It represents the + // parent-child Reference type + // + // Type: Enum + // RequirementLevel: Optional + // Stability: stable + // Note: The causal relationship between a child Span and a parent Span. + OpentracingRefTypeKey = attribute.Key("opentracing.ref_type") +) + +var ( + // The parent Span depends on the child Span in some capacity + OpentracingRefTypeChildOf = OpentracingRefTypeKey.String("child_of") + // The parent Span does not depend in any way on the result of the child Span + OpentracingRefTypeFollowsFrom = OpentracingRefTypeKey.String("follows_from") +) + +// The attributes used to perform database client calls. +const ( + // DBSystemKey is the attribute Key conforming to the "db.system" semantic + // conventions. It represents an identifier for the database management + // system (DBMS) product being used. See below for a list of well-known + // identifiers. + // + // Type: Enum + // RequirementLevel: Required + // Stability: stable + DBSystemKey = attribute.Key("db.system") + + // DBConnectionStringKey is the attribute Key conforming to the + // "db.connection_string" semantic conventions. It represents the + // connection string used to connect to the database. It is recommended to + // remove embedded credentials. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'Server=(localdb)\\v11.0;Integrated Security=true;' + DBConnectionStringKey = attribute.Key("db.connection_string") + + // DBUserKey is the attribute Key conforming to the "db.user" semantic + // conventions. It represents the username for accessing the database. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'readonly_user', 'reporting_user' + DBUserKey = attribute.Key("db.user") + + // DBJDBCDriverClassnameKey is the attribute Key conforming to the + // "db.jdbc.driver_classname" semantic conventions. It represents the + // fully-qualified class name of the [Java Database Connectivity + // (JDBC)](https://docs.oracle.com/javase/8/docs/technotes/guides/jdbc/) + // driver used to connect. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'org.postgresql.Driver', + // 'com.microsoft.sqlserver.jdbc.SQLServerDriver' + DBJDBCDriverClassnameKey = attribute.Key("db.jdbc.driver_classname") + + // DBNameKey is the attribute Key conforming to the "db.name" semantic + // conventions. It represents the this attribute is used to report the name + // of the database being accessed. For commands that switch the database, + // this should be set to the target database (even if the command fails). + // + // Type: string + // RequirementLevel: ConditionallyRequired (If applicable.) + // Stability: stable + // Examples: 'customers', 'main' + // Note: In some SQL databases, the database name to be used is called + // "schema name". In case there are multiple layers that could be + // considered for database name (e.g. Oracle instance name and schema + // name), the database name to be used is the more specific layer (e.g. + // Oracle schema name). + DBNameKey = attribute.Key("db.name") + + // DBStatementKey is the attribute Key conforming to the "db.statement" + // semantic conventions. It represents the database statement being + // executed. + // + // Type: string + // RequirementLevel: Recommended (Should be collected by default only if + // there is sanitization that excludes sensitive information.) + // Stability: stable + // Examples: 'SELECT * FROM wuser_table', 'SET mykey "WuValue"' + DBStatementKey = attribute.Key("db.statement") + + // DBOperationKey is the attribute Key conforming to the "db.operation" + // semantic conventions. It represents the name of the operation being + // executed, e.g. the [MongoDB command + // name](https://docs.mongodb.com/manual/reference/command/#database-operations) + // such as `findAndModify`, or the SQL keyword. + // + // Type: string + // RequirementLevel: ConditionallyRequired (If `db.statement` is not + // applicable.) + // Stability: stable + // Examples: 'findAndModify', 'HMSET', 'SELECT' + // Note: When setting this to an SQL keyword, it is not recommended to + // attempt any client-side parsing of `db.statement` just to get this + // property, but it should be set if the operation name is provided by the + // library being instrumented. If the SQL statement has an ambiguous + // operation, or performs more than one operation, this value may be + // omitted. + DBOperationKey = attribute.Key("db.operation") +) + +var ( + // Some other SQL database. Fallback only. See notes + DBSystemOtherSQL = DBSystemKey.String("other_sql") + // Microsoft SQL Server + DBSystemMSSQL = DBSystemKey.String("mssql") + // Microsoft SQL Server Compact + DBSystemMssqlcompact = DBSystemKey.String("mssqlcompact") + // MySQL + DBSystemMySQL = DBSystemKey.String("mysql") + // Oracle Database + DBSystemOracle = DBSystemKey.String("oracle") + // IBM DB2 + DBSystemDB2 = DBSystemKey.String("db2") + // PostgreSQL + DBSystemPostgreSQL = DBSystemKey.String("postgresql") + // Amazon Redshift + DBSystemRedshift = DBSystemKey.String("redshift") + // Apache Hive + DBSystemHive = DBSystemKey.String("hive") + // Cloudscape + DBSystemCloudscape = DBSystemKey.String("cloudscape") + // HyperSQL DataBase + DBSystemHSQLDB = DBSystemKey.String("hsqldb") + // Progress Database + DBSystemProgress = DBSystemKey.String("progress") + // SAP MaxDB + DBSystemMaxDB = DBSystemKey.String("maxdb") + // SAP HANA + DBSystemHanaDB = DBSystemKey.String("hanadb") + // Ingres + DBSystemIngres = DBSystemKey.String("ingres") + // FirstSQL + DBSystemFirstSQL = DBSystemKey.String("firstsql") + // EnterpriseDB + DBSystemEDB = DBSystemKey.String("edb") + // InterSystems Caché + DBSystemCache = DBSystemKey.String("cache") + // Adabas (Adaptable Database System) + DBSystemAdabas = DBSystemKey.String("adabas") + // Firebird + DBSystemFirebird = DBSystemKey.String("firebird") + // Apache Derby + DBSystemDerby = DBSystemKey.String("derby") + // FileMaker + DBSystemFilemaker = DBSystemKey.String("filemaker") + // Informix + DBSystemInformix = DBSystemKey.String("informix") + // InstantDB + DBSystemInstantDB = DBSystemKey.String("instantdb") + // InterBase + DBSystemInterbase = DBSystemKey.String("interbase") + // MariaDB + DBSystemMariaDB = DBSystemKey.String("mariadb") + // Netezza + DBSystemNetezza = DBSystemKey.String("netezza") + // Pervasive PSQL + DBSystemPervasive = DBSystemKey.String("pervasive") + // PointBase + DBSystemPointbase = DBSystemKey.String("pointbase") + // SQLite + DBSystemSqlite = DBSystemKey.String("sqlite") + // Sybase + DBSystemSybase = DBSystemKey.String("sybase") + // Teradata + DBSystemTeradata = DBSystemKey.String("teradata") + // Vertica + DBSystemVertica = DBSystemKey.String("vertica") + // H2 + DBSystemH2 = DBSystemKey.String("h2") + // ColdFusion IMQ + DBSystemColdfusion = DBSystemKey.String("coldfusion") + // Apache Cassandra + DBSystemCassandra = DBSystemKey.String("cassandra") + // Apache HBase + DBSystemHBase = DBSystemKey.String("hbase") + // MongoDB + DBSystemMongoDB = DBSystemKey.String("mongodb") + // Redis + DBSystemRedis = DBSystemKey.String("redis") + // Couchbase + DBSystemCouchbase = DBSystemKey.String("couchbase") + // CouchDB + DBSystemCouchDB = DBSystemKey.String("couchdb") + // Microsoft Azure Cosmos DB + DBSystemCosmosDB = DBSystemKey.String("cosmosdb") + // Amazon DynamoDB + DBSystemDynamoDB = DBSystemKey.String("dynamodb") + // Neo4j + DBSystemNeo4j = DBSystemKey.String("neo4j") + // Apache Geode + DBSystemGeode = DBSystemKey.String("geode") + // Elasticsearch + DBSystemElasticsearch = DBSystemKey.String("elasticsearch") + // Memcached + DBSystemMemcached = DBSystemKey.String("memcached") + // CockroachDB + DBSystemCockroachdb = DBSystemKey.String("cockroachdb") + // OpenSearch + DBSystemOpensearch = DBSystemKey.String("opensearch") + // ClickHouse + DBSystemClickhouse = DBSystemKey.String("clickhouse") + // Cloud Spanner + DBSystemSpanner = DBSystemKey.String("spanner") + // Trino + DBSystemTrino = DBSystemKey.String("trino") +) + +// DBConnectionString returns an attribute KeyValue conforming to the +// "db.connection_string" semantic conventions. It represents the connection +// string used to connect to the database. It is recommended to remove embedded +// credentials. +func DBConnectionString(val string) attribute.KeyValue { + return DBConnectionStringKey.String(val) +} + +// DBUser returns an attribute KeyValue conforming to the "db.user" semantic +// conventions. It represents the username for accessing the database. +func DBUser(val string) attribute.KeyValue { + return DBUserKey.String(val) +} + +// DBJDBCDriverClassname returns an attribute KeyValue conforming to the +// "db.jdbc.driver_classname" semantic conventions. It represents the +// fully-qualified class name of the [Java Database Connectivity +// (JDBC)](https://docs.oracle.com/javase/8/docs/technotes/guides/jdbc/) driver +// used to connect. +func DBJDBCDriverClassname(val string) attribute.KeyValue { + return DBJDBCDriverClassnameKey.String(val) +} + +// DBName returns an attribute KeyValue conforming to the "db.name" semantic +// conventions. It represents the this attribute is used to report the name of +// the database being accessed. For commands that switch the database, this +// should be set to the target database (even if the command fails). +func DBName(val string) attribute.KeyValue { + return DBNameKey.String(val) +} + +// DBStatement returns an attribute KeyValue conforming to the +// "db.statement" semantic conventions. It represents the database statement +// being executed. +func DBStatement(val string) attribute.KeyValue { + return DBStatementKey.String(val) +} + +// DBOperation returns an attribute KeyValue conforming to the +// "db.operation" semantic conventions. It represents the name of the operation +// being executed, e.g. the [MongoDB command +// name](https://docs.mongodb.com/manual/reference/command/#database-operations) +// such as `findAndModify`, or the SQL keyword. +func DBOperation(val string) attribute.KeyValue { + return DBOperationKey.String(val) +} + +// Connection-level attributes for Microsoft SQL Server +const ( + // DBMSSQLInstanceNameKey is the attribute Key conforming to the + // "db.mssql.instance_name" semantic conventions. It represents the + // Microsoft SQL Server [instance + // name](https://docs.microsoft.com/en-us/sql/connect/jdbc/building-the-connection-url?view=sql-server-ver15) + // connecting to. This name is used to determine the port of a named + // instance. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'MSSQLSERVER' + // Note: If setting a `db.mssql.instance_name`, `server.port` is no longer + // required (but still recommended if non-standard). + DBMSSQLInstanceNameKey = attribute.Key("db.mssql.instance_name") +) + +// DBMSSQLInstanceName returns an attribute KeyValue conforming to the +// "db.mssql.instance_name" semantic conventions. It represents the Microsoft +// SQL Server [instance +// name](https://docs.microsoft.com/en-us/sql/connect/jdbc/building-the-connection-url?view=sql-server-ver15) +// connecting to. This name is used to determine the port of a named instance. +func DBMSSQLInstanceName(val string) attribute.KeyValue { + return DBMSSQLInstanceNameKey.String(val) +} + +// Call-level attributes for Cassandra +const ( + // DBCassandraPageSizeKey is the attribute Key conforming to the + // "db.cassandra.page_size" semantic conventions. It represents the fetch + // size used for paging, i.e. how many rows will be returned at once. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 5000 + DBCassandraPageSizeKey = attribute.Key("db.cassandra.page_size") + + // DBCassandraConsistencyLevelKey is the attribute Key conforming to the + // "db.cassandra.consistency_level" semantic conventions. It represents the + // consistency level of the query. Based on consistency values from + // [CQL](https://docs.datastax.com/en/cassandra-oss/3.0/cassandra/dml/dmlConfigConsistency.html). + // + // Type: Enum + // RequirementLevel: Optional + // Stability: stable + DBCassandraConsistencyLevelKey = attribute.Key("db.cassandra.consistency_level") + + // DBCassandraTableKey is the attribute Key conforming to the + // "db.cassandra.table" semantic conventions. It represents the name of the + // primary table that the operation is acting upon, including the keyspace + // name (if applicable). + // + // Type: string + // RequirementLevel: Recommended + // Stability: stable + // Examples: 'mytable' + // Note: This mirrors the db.sql.table attribute but references cassandra + // rather than sql. It is not recommended to attempt any client-side + // parsing of `db.statement` just to get this property, but it should be + // set if it is provided by the library being instrumented. If the + // operation is acting upon an anonymous table, or more than one table, + // this value MUST NOT be set. + DBCassandraTableKey = attribute.Key("db.cassandra.table") + + // DBCassandraIdempotenceKey is the attribute Key conforming to the + // "db.cassandra.idempotence" semantic conventions. It represents the + // whether or not the query is idempotent. + // + // Type: boolean + // RequirementLevel: Optional + // Stability: stable + DBCassandraIdempotenceKey = attribute.Key("db.cassandra.idempotence") + + // DBCassandraSpeculativeExecutionCountKey is the attribute Key conforming + // to the "db.cassandra.speculative_execution_count" semantic conventions. + // It represents the number of times a query was speculatively executed. + // Not set or `0` if the query was not executed speculatively. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 0, 2 + DBCassandraSpeculativeExecutionCountKey = attribute.Key("db.cassandra.speculative_execution_count") + + // DBCassandraCoordinatorIDKey is the attribute Key conforming to the + // "db.cassandra.coordinator.id" semantic conventions. It represents the ID + // of the coordinating node for a query. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'be13faa2-8574-4d71-926d-27f16cf8a7af' + DBCassandraCoordinatorIDKey = attribute.Key("db.cassandra.coordinator.id") + + // DBCassandraCoordinatorDCKey is the attribute Key conforming to the + // "db.cassandra.coordinator.dc" semantic conventions. It represents the + // data center of the coordinating node for a query. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'us-west-2' + DBCassandraCoordinatorDCKey = attribute.Key("db.cassandra.coordinator.dc") +) + +var ( + // all + DBCassandraConsistencyLevelAll = DBCassandraConsistencyLevelKey.String("all") + // each_quorum + DBCassandraConsistencyLevelEachQuorum = DBCassandraConsistencyLevelKey.String("each_quorum") + // quorum + DBCassandraConsistencyLevelQuorum = DBCassandraConsistencyLevelKey.String("quorum") + // local_quorum + DBCassandraConsistencyLevelLocalQuorum = DBCassandraConsistencyLevelKey.String("local_quorum") + // one + DBCassandraConsistencyLevelOne = DBCassandraConsistencyLevelKey.String("one") + // two + DBCassandraConsistencyLevelTwo = DBCassandraConsistencyLevelKey.String("two") + // three + DBCassandraConsistencyLevelThree = DBCassandraConsistencyLevelKey.String("three") + // local_one + DBCassandraConsistencyLevelLocalOne = DBCassandraConsistencyLevelKey.String("local_one") + // any + DBCassandraConsistencyLevelAny = DBCassandraConsistencyLevelKey.String("any") + // serial + DBCassandraConsistencyLevelSerial = DBCassandraConsistencyLevelKey.String("serial") + // local_serial + DBCassandraConsistencyLevelLocalSerial = DBCassandraConsistencyLevelKey.String("local_serial") +) + +// DBCassandraPageSize returns an attribute KeyValue conforming to the +// "db.cassandra.page_size" semantic conventions. It represents the fetch size +// used for paging, i.e. how many rows will be returned at once. +func DBCassandraPageSize(val int) attribute.KeyValue { + return DBCassandraPageSizeKey.Int(val) +} + +// DBCassandraTable returns an attribute KeyValue conforming to the +// "db.cassandra.table" semantic conventions. It represents the name of the +// primary table that the operation is acting upon, including the keyspace name +// (if applicable). +func DBCassandraTable(val string) attribute.KeyValue { + return DBCassandraTableKey.String(val) +} + +// DBCassandraIdempotence returns an attribute KeyValue conforming to the +// "db.cassandra.idempotence" semantic conventions. It represents the whether +// or not the query is idempotent. +func DBCassandraIdempotence(val bool) attribute.KeyValue { + return DBCassandraIdempotenceKey.Bool(val) +} + +// DBCassandraSpeculativeExecutionCount returns an attribute KeyValue +// conforming to the "db.cassandra.speculative_execution_count" semantic +// conventions. It represents the number of times a query was speculatively +// executed. Not set or `0` if the query was not executed speculatively. +func DBCassandraSpeculativeExecutionCount(val int) attribute.KeyValue { + return DBCassandraSpeculativeExecutionCountKey.Int(val) +} + +// DBCassandraCoordinatorID returns an attribute KeyValue conforming to the +// "db.cassandra.coordinator.id" semantic conventions. It represents the ID of +// the coordinating node for a query. +func DBCassandraCoordinatorID(val string) attribute.KeyValue { + return DBCassandraCoordinatorIDKey.String(val) +} + +// DBCassandraCoordinatorDC returns an attribute KeyValue conforming to the +// "db.cassandra.coordinator.dc" semantic conventions. It represents the data +// center of the coordinating node for a query. +func DBCassandraCoordinatorDC(val string) attribute.KeyValue { + return DBCassandraCoordinatorDCKey.String(val) +} + +// Call-level attributes for Redis +const ( + // DBRedisDBIndexKey is the attribute Key conforming to the + // "db.redis.database_index" semantic conventions. It represents the index + // of the database being accessed as used in the [`SELECT` + // command](https://redis.io/commands/select), provided as an integer. To + // be used instead of the generic `db.name` attribute. + // + // Type: int + // RequirementLevel: ConditionallyRequired (If other than the default + // database (`0`).) + // Stability: stable + // Examples: 0, 1, 15 + DBRedisDBIndexKey = attribute.Key("db.redis.database_index") +) + +// DBRedisDBIndex returns an attribute KeyValue conforming to the +// "db.redis.database_index" semantic conventions. It represents the index of +// the database being accessed as used in the [`SELECT` +// command](https://redis.io/commands/select), provided as an integer. To be +// used instead of the generic `db.name` attribute. +func DBRedisDBIndex(val int) attribute.KeyValue { + return DBRedisDBIndexKey.Int(val) +} + +// Call-level attributes for MongoDB +const ( + // DBMongoDBCollectionKey is the attribute Key conforming to the + // "db.mongodb.collection" semantic conventions. It represents the + // collection being accessed within the database stated in `db.name`. + // + // Type: string + // RequirementLevel: Required + // Stability: stable + // Examples: 'customers', 'products' + DBMongoDBCollectionKey = attribute.Key("db.mongodb.collection") +) + +// DBMongoDBCollection returns an attribute KeyValue conforming to the +// "db.mongodb.collection" semantic conventions. It represents the collection +// being accessed within the database stated in `db.name`. +func DBMongoDBCollection(val string) attribute.KeyValue { + return DBMongoDBCollectionKey.String(val) +} + +// Call-level attributes for SQL databases +const ( + // DBSQLTableKey is the attribute Key conforming to the "db.sql.table" + // semantic conventions. It represents the name of the primary table that + // the operation is acting upon, including the database name (if + // applicable). + // + // Type: string + // RequirementLevel: Recommended + // Stability: stable + // Examples: 'public.users', 'customers' + // Note: It is not recommended to attempt any client-side parsing of + // `db.statement` just to get this property, but it should be set if it is + // provided by the library being instrumented. If the operation is acting + // upon an anonymous table, or more than one table, this value MUST NOT be + // set. + DBSQLTableKey = attribute.Key("db.sql.table") +) + +// DBSQLTable returns an attribute KeyValue conforming to the "db.sql.table" +// semantic conventions. It represents the name of the primary table that the +// operation is acting upon, including the database name (if applicable). +func DBSQLTable(val string) attribute.KeyValue { + return DBSQLTableKey.String(val) +} + +// Call-level attributes for Cosmos DB. +const ( + // DBCosmosDBClientIDKey is the attribute Key conforming to the + // "db.cosmosdb.client_id" semantic conventions. It represents the unique + // Cosmos client instance id. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '3ba4827d-4422-483f-b59f-85b74211c11d' + DBCosmosDBClientIDKey = attribute.Key("db.cosmosdb.client_id") + + // DBCosmosDBOperationTypeKey is the attribute Key conforming to the + // "db.cosmosdb.operation_type" semantic conventions. It represents the + // cosmosDB Operation Type. + // + // Type: Enum + // RequirementLevel: ConditionallyRequired (when performing one of the + // operations in this list) + // Stability: stable + DBCosmosDBOperationTypeKey = attribute.Key("db.cosmosdb.operation_type") + + // DBCosmosDBConnectionModeKey is the attribute Key conforming to the + // "db.cosmosdb.connection_mode" semantic conventions. It represents the + // cosmos client connection mode. + // + // Type: Enum + // RequirementLevel: ConditionallyRequired (if not `direct` (or pick gw as + // default)) + // Stability: stable + DBCosmosDBConnectionModeKey = attribute.Key("db.cosmosdb.connection_mode") + + // DBCosmosDBContainerKey is the attribute Key conforming to the + // "db.cosmosdb.container" semantic conventions. It represents the cosmos + // DB container name. + // + // Type: string + // RequirementLevel: ConditionallyRequired (if available) + // Stability: stable + // Examples: 'anystring' + DBCosmosDBContainerKey = attribute.Key("db.cosmosdb.container") + + // DBCosmosDBRequestContentLengthKey is the attribute Key conforming to the + // "db.cosmosdb.request_content_length" semantic conventions. It represents + // the request payload size in bytes + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + DBCosmosDBRequestContentLengthKey = attribute.Key("db.cosmosdb.request_content_length") + + // DBCosmosDBStatusCodeKey is the attribute Key conforming to the + // "db.cosmosdb.status_code" semantic conventions. It represents the cosmos + // DB status code. + // + // Type: int + // RequirementLevel: ConditionallyRequired (if response was received) + // Stability: stable + // Examples: 200, 201 + DBCosmosDBStatusCodeKey = attribute.Key("db.cosmosdb.status_code") + + // DBCosmosDBSubStatusCodeKey is the attribute Key conforming to the + // "db.cosmosdb.sub_status_code" semantic conventions. It represents the + // cosmos DB sub status code. + // + // Type: int + // RequirementLevel: ConditionallyRequired (when response was received and + // contained sub-code.) + // Stability: stable + // Examples: 1000, 1002 + DBCosmosDBSubStatusCodeKey = attribute.Key("db.cosmosdb.sub_status_code") + + // DBCosmosDBRequestChargeKey is the attribute Key conforming to the + // "db.cosmosdb.request_charge" semantic conventions. It represents the rU + // consumed for that operation + // + // Type: double + // RequirementLevel: ConditionallyRequired (when available) + // Stability: stable + // Examples: 46.18, 1.0 + DBCosmosDBRequestChargeKey = attribute.Key("db.cosmosdb.request_charge") +) + +var ( + // invalid + DBCosmosDBOperationTypeInvalid = DBCosmosDBOperationTypeKey.String("Invalid") + // create + DBCosmosDBOperationTypeCreate = DBCosmosDBOperationTypeKey.String("Create") + // patch + DBCosmosDBOperationTypePatch = DBCosmosDBOperationTypeKey.String("Patch") + // read + DBCosmosDBOperationTypeRead = DBCosmosDBOperationTypeKey.String("Read") + // read_feed + DBCosmosDBOperationTypeReadFeed = DBCosmosDBOperationTypeKey.String("ReadFeed") + // delete + DBCosmosDBOperationTypeDelete = DBCosmosDBOperationTypeKey.String("Delete") + // replace + DBCosmosDBOperationTypeReplace = DBCosmosDBOperationTypeKey.String("Replace") + // execute + DBCosmosDBOperationTypeExecute = DBCosmosDBOperationTypeKey.String("Execute") + // query + DBCosmosDBOperationTypeQuery = DBCosmosDBOperationTypeKey.String("Query") + // head + DBCosmosDBOperationTypeHead = DBCosmosDBOperationTypeKey.String("Head") + // head_feed + DBCosmosDBOperationTypeHeadFeed = DBCosmosDBOperationTypeKey.String("HeadFeed") + // upsert + DBCosmosDBOperationTypeUpsert = DBCosmosDBOperationTypeKey.String("Upsert") + // batch + DBCosmosDBOperationTypeBatch = DBCosmosDBOperationTypeKey.String("Batch") + // query_plan + DBCosmosDBOperationTypeQueryPlan = DBCosmosDBOperationTypeKey.String("QueryPlan") + // execute_javascript + DBCosmosDBOperationTypeExecuteJavascript = DBCosmosDBOperationTypeKey.String("ExecuteJavaScript") +) + +var ( + // Gateway (HTTP) connections mode + DBCosmosDBConnectionModeGateway = DBCosmosDBConnectionModeKey.String("gateway") + // Direct connection + DBCosmosDBConnectionModeDirect = DBCosmosDBConnectionModeKey.String("direct") +) + +// DBCosmosDBClientID returns an attribute KeyValue conforming to the +// "db.cosmosdb.client_id" semantic conventions. It represents the unique +// Cosmos client instance id. +func DBCosmosDBClientID(val string) attribute.KeyValue { + return DBCosmosDBClientIDKey.String(val) +} + +// DBCosmosDBContainer returns an attribute KeyValue conforming to the +// "db.cosmosdb.container" semantic conventions. It represents the cosmos DB +// container name. +func DBCosmosDBContainer(val string) attribute.KeyValue { + return DBCosmosDBContainerKey.String(val) +} + +// DBCosmosDBRequestContentLength returns an attribute KeyValue conforming +// to the "db.cosmosdb.request_content_length" semantic conventions. It +// represents the request payload size in bytes +func DBCosmosDBRequestContentLength(val int) attribute.KeyValue { + return DBCosmosDBRequestContentLengthKey.Int(val) +} + +// DBCosmosDBStatusCode returns an attribute KeyValue conforming to the +// "db.cosmosdb.status_code" semantic conventions. It represents the cosmos DB +// status code. +func DBCosmosDBStatusCode(val int) attribute.KeyValue { + return DBCosmosDBStatusCodeKey.Int(val) +} + +// DBCosmosDBSubStatusCode returns an attribute KeyValue conforming to the +// "db.cosmosdb.sub_status_code" semantic conventions. It represents the cosmos +// DB sub status code. +func DBCosmosDBSubStatusCode(val int) attribute.KeyValue { + return DBCosmosDBSubStatusCodeKey.Int(val) +} + +// DBCosmosDBRequestCharge returns an attribute KeyValue conforming to the +// "db.cosmosdb.request_charge" semantic conventions. It represents the rU +// consumed for that operation +func DBCosmosDBRequestCharge(val float64) attribute.KeyValue { + return DBCosmosDBRequestChargeKey.Float64(val) +} + +// Span attributes used by non-OTLP exporters to represent OpenTelemetry Span's +// concepts. +const ( + // OTelStatusCodeKey is the attribute Key conforming to the + // "otel.status_code" semantic conventions. It represents the name of the + // code, either "OK" or "ERROR". MUST NOT be set if the status code is + // UNSET. + // + // Type: Enum + // RequirementLevel: Optional + // Stability: stable + OTelStatusCodeKey = attribute.Key("otel.status_code") + + // OTelStatusDescriptionKey is the attribute Key conforming to the + // "otel.status_description" semantic conventions. It represents the + // description of the Status if it has a value, otherwise not set. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'resource not found' + OTelStatusDescriptionKey = attribute.Key("otel.status_description") +) + +var ( + // The operation has been validated by an Application developer or Operator to have completed successfully + OTelStatusCodeOk = OTelStatusCodeKey.String("OK") + // The operation contains an error + OTelStatusCodeError = OTelStatusCodeKey.String("ERROR") +) + +// OTelStatusDescription returns an attribute KeyValue conforming to the +// "otel.status_description" semantic conventions. It represents the +// description of the Status if it has a value, otherwise not set. +func OTelStatusDescription(val string) attribute.KeyValue { + return OTelStatusDescriptionKey.String(val) +} + +// This semantic convention describes an instance of a function that runs +// without provisioning or managing of servers (also known as serverless +// functions or Function as a Service (FaaS)) with spans. +const ( + // FaaSTriggerKey is the attribute Key conforming to the "faas.trigger" + // semantic conventions. It represents the type of the trigger which caused + // this function invocation. + // + // Type: Enum + // RequirementLevel: Optional + // Stability: stable + // Note: For the server/consumer span on the incoming side, + // `faas.trigger` MUST be set. + // + // Clients invoking FaaS instances usually cannot set `faas.trigger`, + // since they would typically need to look in the payload to determine + // the event type. If clients set it, it should be the same as the + // trigger that corresponding incoming would have (i.e., this has + // nothing to do with the underlying transport used to make the API + // call to invoke the lambda, which is often HTTP). + FaaSTriggerKey = attribute.Key("faas.trigger") + + // FaaSInvocationIDKey is the attribute Key conforming to the + // "faas.invocation_id" semantic conventions. It represents the invocation + // ID of the current function invocation. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'af9d5aa4-a685-4c5f-a22b-444f80b3cc28' + FaaSInvocationIDKey = attribute.Key("faas.invocation_id") +) + +var ( + // A response to some data source operation such as a database or filesystem read/write + FaaSTriggerDatasource = FaaSTriggerKey.String("datasource") + // To provide an answer to an inbound HTTP request + FaaSTriggerHTTP = FaaSTriggerKey.String("http") + // A function is set to be executed when messages are sent to a messaging system + FaaSTriggerPubsub = FaaSTriggerKey.String("pubsub") + // A function is scheduled to be executed regularly + FaaSTriggerTimer = FaaSTriggerKey.String("timer") + // If none of the others apply + FaaSTriggerOther = FaaSTriggerKey.String("other") +) + +// FaaSInvocationID returns an attribute KeyValue conforming to the +// "faas.invocation_id" semantic conventions. It represents the invocation ID +// of the current function invocation. +func FaaSInvocationID(val string) attribute.KeyValue { + return FaaSInvocationIDKey.String(val) +} + +// Semantic Convention for FaaS triggered as a response to some data source +// operation such as a database or filesystem read/write. +const ( + // FaaSDocumentCollectionKey is the attribute Key conforming to the + // "faas.document.collection" semantic conventions. It represents the name + // of the source on which the triggering operation was performed. For + // example, in Cloud Storage or S3 corresponds to the bucket name, and in + // Cosmos DB to the database name. + // + // Type: string + // RequirementLevel: Required + // Stability: stable + // Examples: 'myBucketName', 'myDBName' + FaaSDocumentCollectionKey = attribute.Key("faas.document.collection") + + // FaaSDocumentOperationKey is the attribute Key conforming to the + // "faas.document.operation" semantic conventions. It represents the + // describes the type of the operation that was performed on the data. + // + // Type: Enum + // RequirementLevel: Required + // Stability: stable + FaaSDocumentOperationKey = attribute.Key("faas.document.operation") + + // FaaSDocumentTimeKey is the attribute Key conforming to the + // "faas.document.time" semantic conventions. It represents a string + // containing the time when the data was accessed in the [ISO + // 8601](https://www.iso.org/iso-8601-date-and-time-format.html) format + // expressed in [UTC](https://www.w3.org/TR/NOTE-datetime). + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '2020-01-23T13:47:06Z' + FaaSDocumentTimeKey = attribute.Key("faas.document.time") + + // FaaSDocumentNameKey is the attribute Key conforming to the + // "faas.document.name" semantic conventions. It represents the document + // name/table subjected to the operation. For example, in Cloud Storage or + // S3 is the name of the file, and in Cosmos DB the table name. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'myFile.txt', 'myTableName' + FaaSDocumentNameKey = attribute.Key("faas.document.name") +) + +var ( + // When a new object is created + FaaSDocumentOperationInsert = FaaSDocumentOperationKey.String("insert") + // When an object is modified + FaaSDocumentOperationEdit = FaaSDocumentOperationKey.String("edit") + // When an object is deleted + FaaSDocumentOperationDelete = FaaSDocumentOperationKey.String("delete") +) + +// FaaSDocumentCollection returns an attribute KeyValue conforming to the +// "faas.document.collection" semantic conventions. It represents the name of +// the source on which the triggering operation was performed. For example, in +// Cloud Storage or S3 corresponds to the bucket name, and in Cosmos DB to the +// database name. +func FaaSDocumentCollection(val string) attribute.KeyValue { + return FaaSDocumentCollectionKey.String(val) +} + +// FaaSDocumentTime returns an attribute KeyValue conforming to the +// "faas.document.time" semantic conventions. It represents a string containing +// the time when the data was accessed in the [ISO +// 8601](https://www.iso.org/iso-8601-date-and-time-format.html) format +// expressed in [UTC](https://www.w3.org/TR/NOTE-datetime). +func FaaSDocumentTime(val string) attribute.KeyValue { + return FaaSDocumentTimeKey.String(val) +} + +// FaaSDocumentName returns an attribute KeyValue conforming to the +// "faas.document.name" semantic conventions. It represents the document +// name/table subjected to the operation. For example, in Cloud Storage or S3 +// is the name of the file, and in Cosmos DB the table name. +func FaaSDocumentName(val string) attribute.KeyValue { + return FaaSDocumentNameKey.String(val) +} + +// Semantic Convention for FaaS scheduled to be executed regularly. +const ( + // FaaSTimeKey is the attribute Key conforming to the "faas.time" semantic + // conventions. It represents a string containing the function invocation + // time in the [ISO + // 8601](https://www.iso.org/iso-8601-date-and-time-format.html) format + // expressed in [UTC](https://www.w3.org/TR/NOTE-datetime). + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '2020-01-23T13:47:06Z' + FaaSTimeKey = attribute.Key("faas.time") + + // FaaSCronKey is the attribute Key conforming to the "faas.cron" semantic + // conventions. It represents a string containing the schedule period as + // [Cron + // Expression](https://docs.oracle.com/cd/E12058_01/doc/doc.1014/e12030/cron_expressions.htm). + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '0/5 * * * ? *' + FaaSCronKey = attribute.Key("faas.cron") +) + +// FaaSTime returns an attribute KeyValue conforming to the "faas.time" +// semantic conventions. It represents a string containing the function +// invocation time in the [ISO +// 8601](https://www.iso.org/iso-8601-date-and-time-format.html) format +// expressed in [UTC](https://www.w3.org/TR/NOTE-datetime). +func FaaSTime(val string) attribute.KeyValue { + return FaaSTimeKey.String(val) +} + +// FaaSCron returns an attribute KeyValue conforming to the "faas.cron" +// semantic conventions. It represents a string containing the schedule period +// as [Cron +// Expression](https://docs.oracle.com/cd/E12058_01/doc/doc.1014/e12030/cron_expressions.htm). +func FaaSCron(val string) attribute.KeyValue { + return FaaSCronKey.String(val) +} + +// Contains additional attributes for incoming FaaS spans. +const ( + // FaaSColdstartKey is the attribute Key conforming to the "faas.coldstart" + // semantic conventions. It represents a boolean that is true if the + // serverless function is executed for the first time (aka cold-start). + // + // Type: boolean + // RequirementLevel: Optional + // Stability: stable + FaaSColdstartKey = attribute.Key("faas.coldstart") +) + +// FaaSColdstart returns an attribute KeyValue conforming to the +// "faas.coldstart" semantic conventions. It represents a boolean that is true +// if the serverless function is executed for the first time (aka cold-start). +func FaaSColdstart(val bool) attribute.KeyValue { + return FaaSColdstartKey.Bool(val) +} + +// Contains additional attributes for outgoing FaaS spans. +const ( + // FaaSInvokedNameKey is the attribute Key conforming to the + // "faas.invoked_name" semantic conventions. It represents the name of the + // invoked function. + // + // Type: string + // RequirementLevel: Required + // Stability: stable + // Examples: 'my-function' + // Note: SHOULD be equal to the `faas.name` resource attribute of the + // invoked function. + FaaSInvokedNameKey = attribute.Key("faas.invoked_name") + + // FaaSInvokedProviderKey is the attribute Key conforming to the + // "faas.invoked_provider" semantic conventions. It represents the cloud + // provider of the invoked function. + // + // Type: Enum + // RequirementLevel: Required + // Stability: stable + // Note: SHOULD be equal to the `cloud.provider` resource attribute of the + // invoked function. + FaaSInvokedProviderKey = attribute.Key("faas.invoked_provider") + + // FaaSInvokedRegionKey is the attribute Key conforming to the + // "faas.invoked_region" semantic conventions. It represents the cloud + // region of the invoked function. + // + // Type: string + // RequirementLevel: ConditionallyRequired (For some cloud providers, like + // AWS or GCP, the region in which a function is hosted is essential to + // uniquely identify the function and also part of its endpoint. Since it's + // part of the endpoint being called, the region is always known to + // clients. In these cases, `faas.invoked_region` MUST be set accordingly. + // If the region is unknown to the client or not required for identifying + // the invoked function, setting `faas.invoked_region` is optional.) + // Stability: stable + // Examples: 'eu-central-1' + // Note: SHOULD be equal to the `cloud.region` resource attribute of the + // invoked function. + FaaSInvokedRegionKey = attribute.Key("faas.invoked_region") +) + +var ( + // Alibaba Cloud + FaaSInvokedProviderAlibabaCloud = FaaSInvokedProviderKey.String("alibaba_cloud") + // Amazon Web Services + FaaSInvokedProviderAWS = FaaSInvokedProviderKey.String("aws") + // Microsoft Azure + FaaSInvokedProviderAzure = FaaSInvokedProviderKey.String("azure") + // Google Cloud Platform + FaaSInvokedProviderGCP = FaaSInvokedProviderKey.String("gcp") + // Tencent Cloud + FaaSInvokedProviderTencentCloud = FaaSInvokedProviderKey.String("tencent_cloud") +) + +// FaaSInvokedName returns an attribute KeyValue conforming to the +// "faas.invoked_name" semantic conventions. It represents the name of the +// invoked function. +func FaaSInvokedName(val string) attribute.KeyValue { + return FaaSInvokedNameKey.String(val) +} + +// FaaSInvokedRegion returns an attribute KeyValue conforming to the +// "faas.invoked_region" semantic conventions. It represents the cloud region +// of the invoked function. +func FaaSInvokedRegion(val string) attribute.KeyValue { + return FaaSInvokedRegionKey.String(val) +} + +// Operations that access some remote service. +const ( + // PeerServiceKey is the attribute Key conforming to the "peer.service" + // semantic conventions. It represents the + // [`service.name`](/docs/resource/README.md#service) of the remote + // service. SHOULD be equal to the actual `service.name` resource attribute + // of the remote service if any. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'AuthTokenCache' + PeerServiceKey = attribute.Key("peer.service") +) + +// PeerService returns an attribute KeyValue conforming to the +// "peer.service" semantic conventions. It represents the +// [`service.name`](/docs/resource/README.md#service) of the remote service. +// SHOULD be equal to the actual `service.name` resource attribute of the +// remote service if any. +func PeerService(val string) attribute.KeyValue { + return PeerServiceKey.String(val) +} + +// These attributes may be used for any operation with an authenticated and/or +// authorized enduser. +const ( + // EnduserIDKey is the attribute Key conforming to the "enduser.id" + // semantic conventions. It represents the username or client_id extracted + // from the access token or + // [Authorization](https://tools.ietf.org/html/rfc7235#section-4.2) header + // in the inbound request from outside the system. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'username' + EnduserIDKey = attribute.Key("enduser.id") + + // EnduserRoleKey is the attribute Key conforming to the "enduser.role" + // semantic conventions. It represents the actual/assumed role the client + // is making the request under extracted from token or application security + // context. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'admin' + EnduserRoleKey = attribute.Key("enduser.role") + + // EnduserScopeKey is the attribute Key conforming to the "enduser.scope" + // semantic conventions. It represents the scopes or granted authorities + // the client currently possesses extracted from token or application + // security context. The value would come from the scope associated with an + // [OAuth 2.0 Access + // Token](https://tools.ietf.org/html/rfc6749#section-3.3) or an attribute + // value in a [SAML 2.0 + // Assertion](http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-tech-overview-2.0.html). + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'read:message, write:files' + EnduserScopeKey = attribute.Key("enduser.scope") +) + +// EnduserID returns an attribute KeyValue conforming to the "enduser.id" +// semantic conventions. It represents the username or client_id extracted from +// the access token or +// [Authorization](https://tools.ietf.org/html/rfc7235#section-4.2) header in +// the inbound request from outside the system. +func EnduserID(val string) attribute.KeyValue { + return EnduserIDKey.String(val) +} + +// EnduserRole returns an attribute KeyValue conforming to the +// "enduser.role" semantic conventions. It represents the actual/assumed role +// the client is making the request under extracted from token or application +// security context. +func EnduserRole(val string) attribute.KeyValue { + return EnduserRoleKey.String(val) +} + +// EnduserScope returns an attribute KeyValue conforming to the +// "enduser.scope" semantic conventions. It represents the scopes or granted +// authorities the client currently possesses extracted from token or +// application security context. The value would come from the scope associated +// with an [OAuth 2.0 Access +// Token](https://tools.ietf.org/html/rfc6749#section-3.3) or an attribute +// value in a [SAML 2.0 +// Assertion](http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-tech-overview-2.0.html). +func EnduserScope(val string) attribute.KeyValue { + return EnduserScopeKey.String(val) +} + +// These attributes may be used for any operation to store information about a +// thread that started a span. +const ( + // ThreadIDKey is the attribute Key conforming to the "thread.id" semantic + // conventions. It represents the current "managed" thread ID (as opposed + // to OS thread ID). + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 42 + ThreadIDKey = attribute.Key("thread.id") + + // ThreadNameKey is the attribute Key conforming to the "thread.name" + // semantic conventions. It represents the current thread name. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'main' + ThreadNameKey = attribute.Key("thread.name") +) + +// ThreadID returns an attribute KeyValue conforming to the "thread.id" +// semantic conventions. It represents the current "managed" thread ID (as +// opposed to OS thread ID). +func ThreadID(val int) attribute.KeyValue { + return ThreadIDKey.Int(val) +} + +// ThreadName returns an attribute KeyValue conforming to the "thread.name" +// semantic conventions. It represents the current thread name. +func ThreadName(val string) attribute.KeyValue { + return ThreadNameKey.String(val) +} + +// These attributes allow to report this unit of code and therefore to provide +// more context about the span. +const ( + // CodeFunctionKey is the attribute Key conforming to the "code.function" + // semantic conventions. It represents the method or function name, or + // equivalent (usually rightmost part of the code unit's name). + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'serveRequest' + CodeFunctionKey = attribute.Key("code.function") + + // CodeNamespaceKey is the attribute Key conforming to the "code.namespace" + // semantic conventions. It represents the "namespace" within which + // `code.function` is defined. Usually the qualified class or module name, + // such that `code.namespace` + some separator + `code.function` form a + // unique identifier for the code unit. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'com.example.MyHTTPService' + CodeNamespaceKey = attribute.Key("code.namespace") + + // CodeFilepathKey is the attribute Key conforming to the "code.filepath" + // semantic conventions. It represents the source code file name that + // identifies the code unit as uniquely as possible (preferably an absolute + // file path). + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '/usr/local/MyApplication/content_root/app/index.php' + CodeFilepathKey = attribute.Key("code.filepath") + + // CodeLineNumberKey is the attribute Key conforming to the "code.lineno" + // semantic conventions. It represents the line number in `code.filepath` + // best representing the operation. It SHOULD point within the code unit + // named in `code.function`. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 42 + CodeLineNumberKey = attribute.Key("code.lineno") + + // CodeColumnKey is the attribute Key conforming to the "code.column" + // semantic conventions. It represents the column number in `code.filepath` + // best representing the operation. It SHOULD point within the code unit + // named in `code.function`. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 16 + CodeColumnKey = attribute.Key("code.column") +) + +// CodeFunction returns an attribute KeyValue conforming to the +// "code.function" semantic conventions. It represents the method or function +// name, or equivalent (usually rightmost part of the code unit's name). +func CodeFunction(val string) attribute.KeyValue { + return CodeFunctionKey.String(val) +} + +// CodeNamespace returns an attribute KeyValue conforming to the +// "code.namespace" semantic conventions. It represents the "namespace" within +// which `code.function` is defined. Usually the qualified class or module +// name, such that `code.namespace` + some separator + `code.function` form a +// unique identifier for the code unit. +func CodeNamespace(val string) attribute.KeyValue { + return CodeNamespaceKey.String(val) +} + +// CodeFilepath returns an attribute KeyValue conforming to the +// "code.filepath" semantic conventions. It represents the source code file +// name that identifies the code unit as uniquely as possible (preferably an +// absolute file path). +func CodeFilepath(val string) attribute.KeyValue { + return CodeFilepathKey.String(val) +} + +// CodeLineNumber returns an attribute KeyValue conforming to the "code.lineno" +// semantic conventions. It represents the line number in `code.filepath` best +// representing the operation. It SHOULD point within the code unit named in +// `code.function`. +func CodeLineNumber(val int) attribute.KeyValue { + return CodeLineNumberKey.Int(val) +} + +// CodeColumn returns an attribute KeyValue conforming to the "code.column" +// semantic conventions. It represents the column number in `code.filepath` +// best representing the operation. It SHOULD point within the code unit named +// in `code.function`. +func CodeColumn(val int) attribute.KeyValue { + return CodeColumnKey.Int(val) +} + +// Semantic Convention for HTTP Client +const ( + // HTTPResendCountKey is the attribute Key conforming to the + // "http.resend_count" semantic conventions. It represents the ordinal + // number of request resending attempt (for any reason, including + // redirects). + // + // Type: int + // RequirementLevel: Recommended (if and only if request was retried.) + // Stability: stable + // Examples: 3 + // Note: The resend count SHOULD be updated each time an HTTP request gets + // resent by the client, regardless of what was the cause of the resending + // (e.g. redirection, authorization failure, 503 Server Unavailable, + // network issues, or any other). + HTTPResendCountKey = attribute.Key("http.resend_count") +) + +// HTTPResendCount returns an attribute KeyValue conforming to the +// "http.resend_count" semantic conventions. It represents the ordinal number +// of request resending attempt (for any reason, including redirects). +func HTTPResendCount(val int) attribute.KeyValue { + return HTTPResendCountKey.Int(val) +} + +// The `aws` conventions apply to operations using the AWS SDK. They map +// request or response parameters in AWS SDK API calls to attributes on a Span. +// The conventions have been collected over time based on feedback from AWS +// users of tracing and will continue to evolve as new interesting conventions +// are found. +// Some descriptions are also provided for populating general OpenTelemetry +// semantic conventions based on these APIs. +const ( + // AWSRequestIDKey is the attribute Key conforming to the "aws.request_id" + // semantic conventions. It represents the AWS request ID as returned in + // the response headers `x-amz-request-id` or `x-amz-requestid`. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '79b9da39-b7ae-508a-a6bc-864b2829c622', 'C9ER4AJX75574TDJ' + AWSRequestIDKey = attribute.Key("aws.request_id") +) + +// AWSRequestID returns an attribute KeyValue conforming to the +// "aws.request_id" semantic conventions. It represents the AWS request ID as +// returned in the response headers `x-amz-request-id` or `x-amz-requestid`. +func AWSRequestID(val string) attribute.KeyValue { + return AWSRequestIDKey.String(val) +} + +// Attributes that exist for multiple DynamoDB request types. +const ( + // AWSDynamoDBTableNamesKey is the attribute Key conforming to the + // "aws.dynamodb.table_names" semantic conventions. It represents the keys + // in the `RequestItems` object field. + // + // Type: string[] + // RequirementLevel: Optional + // Stability: stable + // Examples: 'Users', 'Cats' + AWSDynamoDBTableNamesKey = attribute.Key("aws.dynamodb.table_names") + + // AWSDynamoDBConsumedCapacityKey is the attribute Key conforming to the + // "aws.dynamodb.consumed_capacity" semantic conventions. It represents the + // JSON-serialized value of each item in the `ConsumedCapacity` response + // field. + // + // Type: string[] + // RequirementLevel: Optional + // Stability: stable + // Examples: '{ "CapacityUnits": number, "GlobalSecondaryIndexes": { + // "string" : { "CapacityUnits": number, "ReadCapacityUnits": number, + // "WriteCapacityUnits": number } }, "LocalSecondaryIndexes": { "string" : + // { "CapacityUnits": number, "ReadCapacityUnits": number, + // "WriteCapacityUnits": number } }, "ReadCapacityUnits": number, "Table": + // { "CapacityUnits": number, "ReadCapacityUnits": number, + // "WriteCapacityUnits": number }, "TableName": "string", + // "WriteCapacityUnits": number }' + AWSDynamoDBConsumedCapacityKey = attribute.Key("aws.dynamodb.consumed_capacity") + + // AWSDynamoDBItemCollectionMetricsKey is the attribute Key conforming to + // the "aws.dynamodb.item_collection_metrics" semantic conventions. It + // represents the JSON-serialized value of the `ItemCollectionMetrics` + // response field. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '{ "string" : [ { "ItemCollectionKey": { "string" : { "B": + // blob, "BOOL": boolean, "BS": [ blob ], "L": [ "AttributeValue" ], "M": { + // "string" : "AttributeValue" }, "N": "string", "NS": [ "string" ], + // "NULL": boolean, "S": "string", "SS": [ "string" ] } }, + // "SizeEstimateRangeGB": [ number ] } ] }' + AWSDynamoDBItemCollectionMetricsKey = attribute.Key("aws.dynamodb.item_collection_metrics") + + // AWSDynamoDBProvisionedReadCapacityKey is the attribute Key conforming to + // the "aws.dynamodb.provisioned_read_capacity" semantic conventions. It + // represents the value of the `ProvisionedThroughput.ReadCapacityUnits` + // request parameter. + // + // Type: double + // RequirementLevel: Optional + // Stability: stable + // Examples: 1.0, 2.0 + AWSDynamoDBProvisionedReadCapacityKey = attribute.Key("aws.dynamodb.provisioned_read_capacity") + + // AWSDynamoDBProvisionedWriteCapacityKey is the attribute Key conforming + // to the "aws.dynamodb.provisioned_write_capacity" semantic conventions. + // It represents the value of the + // `ProvisionedThroughput.WriteCapacityUnits` request parameter. + // + // Type: double + // RequirementLevel: Optional + // Stability: stable + // Examples: 1.0, 2.0 + AWSDynamoDBProvisionedWriteCapacityKey = attribute.Key("aws.dynamodb.provisioned_write_capacity") + + // AWSDynamoDBConsistentReadKey is the attribute Key conforming to the + // "aws.dynamodb.consistent_read" semantic conventions. It represents the + // value of the `ConsistentRead` request parameter. + // + // Type: boolean + // RequirementLevel: Optional + // Stability: stable + AWSDynamoDBConsistentReadKey = attribute.Key("aws.dynamodb.consistent_read") + + // AWSDynamoDBProjectionKey is the attribute Key conforming to the + // "aws.dynamodb.projection" semantic conventions. It represents the value + // of the `ProjectionExpression` request parameter. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'Title', 'Title, Price, Color', 'Title, Description, + // RelatedItems, ProductReviews' + AWSDynamoDBProjectionKey = attribute.Key("aws.dynamodb.projection") + + // AWSDynamoDBLimitKey is the attribute Key conforming to the + // "aws.dynamodb.limit" semantic conventions. It represents the value of + // the `Limit` request parameter. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 10 + AWSDynamoDBLimitKey = attribute.Key("aws.dynamodb.limit") + + // AWSDynamoDBAttributesToGetKey is the attribute Key conforming to the + // "aws.dynamodb.attributes_to_get" semantic conventions. It represents the + // value of the `AttributesToGet` request parameter. + // + // Type: string[] + // RequirementLevel: Optional + // Stability: stable + // Examples: 'lives', 'id' + AWSDynamoDBAttributesToGetKey = attribute.Key("aws.dynamodb.attributes_to_get") + + // AWSDynamoDBIndexNameKey is the attribute Key conforming to the + // "aws.dynamodb.index_name" semantic conventions. It represents the value + // of the `IndexName` request parameter. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'name_to_group' + AWSDynamoDBIndexNameKey = attribute.Key("aws.dynamodb.index_name") + + // AWSDynamoDBSelectKey is the attribute Key conforming to the + // "aws.dynamodb.select" semantic conventions. It represents the value of + // the `Select` request parameter. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'ALL_ATTRIBUTES', 'COUNT' + AWSDynamoDBSelectKey = attribute.Key("aws.dynamodb.select") +) + +// AWSDynamoDBTableNames returns an attribute KeyValue conforming to the +// "aws.dynamodb.table_names" semantic conventions. It represents the keys in +// the `RequestItems` object field. +func AWSDynamoDBTableNames(val ...string) attribute.KeyValue { + return AWSDynamoDBTableNamesKey.StringSlice(val) +} + +// AWSDynamoDBConsumedCapacity returns an attribute KeyValue conforming to +// the "aws.dynamodb.consumed_capacity" semantic conventions. It represents the +// JSON-serialized value of each item in the `ConsumedCapacity` response field. +func AWSDynamoDBConsumedCapacity(val ...string) attribute.KeyValue { + return AWSDynamoDBConsumedCapacityKey.StringSlice(val) +} + +// AWSDynamoDBItemCollectionMetrics returns an attribute KeyValue conforming +// to the "aws.dynamodb.item_collection_metrics" semantic conventions. It +// represents the JSON-serialized value of the `ItemCollectionMetrics` response +// field. +func AWSDynamoDBItemCollectionMetrics(val string) attribute.KeyValue { + return AWSDynamoDBItemCollectionMetricsKey.String(val) +} + +// AWSDynamoDBProvisionedReadCapacity returns an attribute KeyValue +// conforming to the "aws.dynamodb.provisioned_read_capacity" semantic +// conventions. It represents the value of the +// `ProvisionedThroughput.ReadCapacityUnits` request parameter. +func AWSDynamoDBProvisionedReadCapacity(val float64) attribute.KeyValue { + return AWSDynamoDBProvisionedReadCapacityKey.Float64(val) +} + +// AWSDynamoDBProvisionedWriteCapacity returns an attribute KeyValue +// conforming to the "aws.dynamodb.provisioned_write_capacity" semantic +// conventions. It represents the value of the +// `ProvisionedThroughput.WriteCapacityUnits` request parameter. +func AWSDynamoDBProvisionedWriteCapacity(val float64) attribute.KeyValue { + return AWSDynamoDBProvisionedWriteCapacityKey.Float64(val) +} + +// AWSDynamoDBConsistentRead returns an attribute KeyValue conforming to the +// "aws.dynamodb.consistent_read" semantic conventions. It represents the value +// of the `ConsistentRead` request parameter. +func AWSDynamoDBConsistentRead(val bool) attribute.KeyValue { + return AWSDynamoDBConsistentReadKey.Bool(val) +} + +// AWSDynamoDBProjection returns an attribute KeyValue conforming to the +// "aws.dynamodb.projection" semantic conventions. It represents the value of +// the `ProjectionExpression` request parameter. +func AWSDynamoDBProjection(val string) attribute.KeyValue { + return AWSDynamoDBProjectionKey.String(val) +} + +// AWSDynamoDBLimit returns an attribute KeyValue conforming to the +// "aws.dynamodb.limit" semantic conventions. It represents the value of the +// `Limit` request parameter. +func AWSDynamoDBLimit(val int) attribute.KeyValue { + return AWSDynamoDBLimitKey.Int(val) +} + +// AWSDynamoDBAttributesToGet returns an attribute KeyValue conforming to +// the "aws.dynamodb.attributes_to_get" semantic conventions. It represents the +// value of the `AttributesToGet` request parameter. +func AWSDynamoDBAttributesToGet(val ...string) attribute.KeyValue { + return AWSDynamoDBAttributesToGetKey.StringSlice(val) +} + +// AWSDynamoDBIndexName returns an attribute KeyValue conforming to the +// "aws.dynamodb.index_name" semantic conventions. It represents the value of +// the `IndexName` request parameter. +func AWSDynamoDBIndexName(val string) attribute.KeyValue { + return AWSDynamoDBIndexNameKey.String(val) +} + +// AWSDynamoDBSelect returns an attribute KeyValue conforming to the +// "aws.dynamodb.select" semantic conventions. It represents the value of the +// `Select` request parameter. +func AWSDynamoDBSelect(val string) attribute.KeyValue { + return AWSDynamoDBSelectKey.String(val) +} + +// DynamoDB.CreateTable +const ( + // AWSDynamoDBGlobalSecondaryIndexesKey is the attribute Key conforming to + // the "aws.dynamodb.global_secondary_indexes" semantic conventions. It + // represents the JSON-serialized value of each item of the + // `GlobalSecondaryIndexes` request field + // + // Type: string[] + // RequirementLevel: Optional + // Stability: stable + // Examples: '{ "IndexName": "string", "KeySchema": [ { "AttributeName": + // "string", "KeyType": "string" } ], "Projection": { "NonKeyAttributes": [ + // "string" ], "ProjectionType": "string" }, "ProvisionedThroughput": { + // "ReadCapacityUnits": number, "WriteCapacityUnits": number } }' + AWSDynamoDBGlobalSecondaryIndexesKey = attribute.Key("aws.dynamodb.global_secondary_indexes") + + // AWSDynamoDBLocalSecondaryIndexesKey is the attribute Key conforming to + // the "aws.dynamodb.local_secondary_indexes" semantic conventions. It + // represents the JSON-serialized value of each item of the + // `LocalSecondaryIndexes` request field. + // + // Type: string[] + // RequirementLevel: Optional + // Stability: stable + // Examples: '{ "IndexARN": "string", "IndexName": "string", + // "IndexSizeBytes": number, "ItemCount": number, "KeySchema": [ { + // "AttributeName": "string", "KeyType": "string" } ], "Projection": { + // "NonKeyAttributes": [ "string" ], "ProjectionType": "string" } }' + AWSDynamoDBLocalSecondaryIndexesKey = attribute.Key("aws.dynamodb.local_secondary_indexes") +) + +// AWSDynamoDBGlobalSecondaryIndexes returns an attribute KeyValue +// conforming to the "aws.dynamodb.global_secondary_indexes" semantic +// conventions. It represents the JSON-serialized value of each item of the +// `GlobalSecondaryIndexes` request field +func AWSDynamoDBGlobalSecondaryIndexes(val ...string) attribute.KeyValue { + return AWSDynamoDBGlobalSecondaryIndexesKey.StringSlice(val) +} + +// AWSDynamoDBLocalSecondaryIndexes returns an attribute KeyValue conforming +// to the "aws.dynamodb.local_secondary_indexes" semantic conventions. It +// represents the JSON-serialized value of each item of the +// `LocalSecondaryIndexes` request field. +func AWSDynamoDBLocalSecondaryIndexes(val ...string) attribute.KeyValue { + return AWSDynamoDBLocalSecondaryIndexesKey.StringSlice(val) +} + +// DynamoDB.ListTables +const ( + // AWSDynamoDBExclusiveStartTableKey is the attribute Key conforming to the + // "aws.dynamodb.exclusive_start_table" semantic conventions. It represents + // the value of the `ExclusiveStartTableName` request parameter. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'Users', 'CatsTable' + AWSDynamoDBExclusiveStartTableKey = attribute.Key("aws.dynamodb.exclusive_start_table") + + // AWSDynamoDBTableCountKey is the attribute Key conforming to the + // "aws.dynamodb.table_count" semantic conventions. It represents the the + // number of items in the `TableNames` response parameter. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 20 + AWSDynamoDBTableCountKey = attribute.Key("aws.dynamodb.table_count") +) + +// AWSDynamoDBExclusiveStartTable returns an attribute KeyValue conforming +// to the "aws.dynamodb.exclusive_start_table" semantic conventions. It +// represents the value of the `ExclusiveStartTableName` request parameter. +func AWSDynamoDBExclusiveStartTable(val string) attribute.KeyValue { + return AWSDynamoDBExclusiveStartTableKey.String(val) +} + +// AWSDynamoDBTableCount returns an attribute KeyValue conforming to the +// "aws.dynamodb.table_count" semantic conventions. It represents the the +// number of items in the `TableNames` response parameter. +func AWSDynamoDBTableCount(val int) attribute.KeyValue { + return AWSDynamoDBTableCountKey.Int(val) +} + +// DynamoDB.Query +const ( + // AWSDynamoDBScanForwardKey is the attribute Key conforming to the + // "aws.dynamodb.scan_forward" semantic conventions. It represents the + // value of the `ScanIndexForward` request parameter. + // + // Type: boolean + // RequirementLevel: Optional + // Stability: stable + AWSDynamoDBScanForwardKey = attribute.Key("aws.dynamodb.scan_forward") +) + +// AWSDynamoDBScanForward returns an attribute KeyValue conforming to the +// "aws.dynamodb.scan_forward" semantic conventions. It represents the value of +// the `ScanIndexForward` request parameter. +func AWSDynamoDBScanForward(val bool) attribute.KeyValue { + return AWSDynamoDBScanForwardKey.Bool(val) +} + +// DynamoDB.Scan +const ( + // AWSDynamoDBSegmentKey is the attribute Key conforming to the + // "aws.dynamodb.segment" semantic conventions. It represents the value of + // the `Segment` request parameter. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 10 + AWSDynamoDBSegmentKey = attribute.Key("aws.dynamodb.segment") + + // AWSDynamoDBTotalSegmentsKey is the attribute Key conforming to the + // "aws.dynamodb.total_segments" semantic conventions. It represents the + // value of the `TotalSegments` request parameter. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 100 + AWSDynamoDBTotalSegmentsKey = attribute.Key("aws.dynamodb.total_segments") + + // AWSDynamoDBCountKey is the attribute Key conforming to the + // "aws.dynamodb.count" semantic conventions. It represents the value of + // the `Count` response parameter. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 10 + AWSDynamoDBCountKey = attribute.Key("aws.dynamodb.count") + + // AWSDynamoDBScannedCountKey is the attribute Key conforming to the + // "aws.dynamodb.scanned_count" semantic conventions. It represents the + // value of the `ScannedCount` response parameter. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 50 + AWSDynamoDBScannedCountKey = attribute.Key("aws.dynamodb.scanned_count") +) + +// AWSDynamoDBSegment returns an attribute KeyValue conforming to the +// "aws.dynamodb.segment" semantic conventions. It represents the value of the +// `Segment` request parameter. +func AWSDynamoDBSegment(val int) attribute.KeyValue { + return AWSDynamoDBSegmentKey.Int(val) +} + +// AWSDynamoDBTotalSegments returns an attribute KeyValue conforming to the +// "aws.dynamodb.total_segments" semantic conventions. It represents the value +// of the `TotalSegments` request parameter. +func AWSDynamoDBTotalSegments(val int) attribute.KeyValue { + return AWSDynamoDBTotalSegmentsKey.Int(val) +} + +// AWSDynamoDBCount returns an attribute KeyValue conforming to the +// "aws.dynamodb.count" semantic conventions. It represents the value of the +// `Count` response parameter. +func AWSDynamoDBCount(val int) attribute.KeyValue { + return AWSDynamoDBCountKey.Int(val) +} + +// AWSDynamoDBScannedCount returns an attribute KeyValue conforming to the +// "aws.dynamodb.scanned_count" semantic conventions. It represents the value +// of the `ScannedCount` response parameter. +func AWSDynamoDBScannedCount(val int) attribute.KeyValue { + return AWSDynamoDBScannedCountKey.Int(val) +} + +// DynamoDB.UpdateTable +const ( + // AWSDynamoDBAttributeDefinitionsKey is the attribute Key conforming to + // the "aws.dynamodb.attribute_definitions" semantic conventions. It + // represents the JSON-serialized value of each item in the + // `AttributeDefinitions` request field. + // + // Type: string[] + // RequirementLevel: Optional + // Stability: stable + // Examples: '{ "AttributeName": "string", "AttributeType": "string" }' + AWSDynamoDBAttributeDefinitionsKey = attribute.Key("aws.dynamodb.attribute_definitions") + + // AWSDynamoDBGlobalSecondaryIndexUpdatesKey is the attribute Key + // conforming to the "aws.dynamodb.global_secondary_index_updates" semantic + // conventions. It represents the JSON-serialized value of each item in the + // the `GlobalSecondaryIndexUpdates` request field. + // + // Type: string[] + // RequirementLevel: Optional + // Stability: stable + // Examples: '{ "Create": { "IndexName": "string", "KeySchema": [ { + // "AttributeName": "string", "KeyType": "string" } ], "Projection": { + // "NonKeyAttributes": [ "string" ], "ProjectionType": "string" }, + // "ProvisionedThroughput": { "ReadCapacityUnits": number, + // "WriteCapacityUnits": number } }' + AWSDynamoDBGlobalSecondaryIndexUpdatesKey = attribute.Key("aws.dynamodb.global_secondary_index_updates") +) + +// AWSDynamoDBAttributeDefinitions returns an attribute KeyValue conforming +// to the "aws.dynamodb.attribute_definitions" semantic conventions. It +// represents the JSON-serialized value of each item in the +// `AttributeDefinitions` request field. +func AWSDynamoDBAttributeDefinitions(val ...string) attribute.KeyValue { + return AWSDynamoDBAttributeDefinitionsKey.StringSlice(val) +} + +// AWSDynamoDBGlobalSecondaryIndexUpdates returns an attribute KeyValue +// conforming to the "aws.dynamodb.global_secondary_index_updates" semantic +// conventions. It represents the JSON-serialized value of each item in the the +// `GlobalSecondaryIndexUpdates` request field. +func AWSDynamoDBGlobalSecondaryIndexUpdates(val ...string) attribute.KeyValue { + return AWSDynamoDBGlobalSecondaryIndexUpdatesKey.StringSlice(val) +} + +// Attributes that exist for S3 request types. +const ( + // AWSS3BucketKey is the attribute Key conforming to the "aws.s3.bucket" + // semantic conventions. It represents the S3 bucket name the request + // refers to. Corresponds to the `--bucket` parameter of the [S3 + // API](https://docs.aws.amazon.com/cli/latest/reference/s3api/index.html) + // operations. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'some-bucket-name' + // Note: The `bucket` attribute is applicable to all S3 operations that + // reference a bucket, i.e. that require the bucket name as a mandatory + // parameter. + // This applies to almost all S3 operations except `list-buckets`. + AWSS3BucketKey = attribute.Key("aws.s3.bucket") + + // AWSS3KeyKey is the attribute Key conforming to the "aws.s3.key" semantic + // conventions. It represents the S3 object key the request refers to. + // Corresponds to the `--key` parameter of the [S3 + // API](https://docs.aws.amazon.com/cli/latest/reference/s3api/index.html) + // operations. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'someFile.yml' + // Note: The `key` attribute is applicable to all object-related S3 + // operations, i.e. that require the object key as a mandatory parameter. + // This applies in particular to the following operations: + // + // - + // [copy-object](https://docs.aws.amazon.com/cli/latest/reference/s3api/copy-object.html) + // - + // [delete-object](https://docs.aws.amazon.com/cli/latest/reference/s3api/delete-object.html) + // - + // [get-object](https://docs.aws.amazon.com/cli/latest/reference/s3api/get-object.html) + // - + // [head-object](https://docs.aws.amazon.com/cli/latest/reference/s3api/head-object.html) + // - + // [put-object](https://docs.aws.amazon.com/cli/latest/reference/s3api/put-object.html) + // - + // [restore-object](https://docs.aws.amazon.com/cli/latest/reference/s3api/restore-object.html) + // - + // [select-object-content](https://docs.aws.amazon.com/cli/latest/reference/s3api/select-object-content.html) + // - + // [abort-multipart-upload](https://docs.aws.amazon.com/cli/latest/reference/s3api/abort-multipart-upload.html) + // - + // [complete-multipart-upload](https://docs.aws.amazon.com/cli/latest/reference/s3api/complete-multipart-upload.html) + // - + // [create-multipart-upload](https://docs.aws.amazon.com/cli/latest/reference/s3api/create-multipart-upload.html) + // - + // [list-parts](https://docs.aws.amazon.com/cli/latest/reference/s3api/list-parts.html) + // - + // [upload-part](https://docs.aws.amazon.com/cli/latest/reference/s3api/upload-part.html) + // - + // [upload-part-copy](https://docs.aws.amazon.com/cli/latest/reference/s3api/upload-part-copy.html) + AWSS3KeyKey = attribute.Key("aws.s3.key") + + // AWSS3CopySourceKey is the attribute Key conforming to the + // "aws.s3.copy_source" semantic conventions. It represents the source + // object (in the form `bucket`/`key`) for the copy operation. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'someFile.yml' + // Note: The `copy_source` attribute applies to S3 copy operations and + // corresponds to the `--copy-source` parameter + // of the [copy-object operation within the S3 + // API](https://docs.aws.amazon.com/cli/latest/reference/s3api/copy-object.html). + // This applies in particular to the following operations: + // + // - + // [copy-object](https://docs.aws.amazon.com/cli/latest/reference/s3api/copy-object.html) + // - + // [upload-part-copy](https://docs.aws.amazon.com/cli/latest/reference/s3api/upload-part-copy.html) + AWSS3CopySourceKey = attribute.Key("aws.s3.copy_source") + + // AWSS3UploadIDKey is the attribute Key conforming to the + // "aws.s3.upload_id" semantic conventions. It represents the upload ID + // that identifies the multipart upload. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'dfRtDYWFbkRONycy.Yxwh66Yjlx.cph0gtNBtJ' + // Note: The `upload_id` attribute applies to S3 multipart-upload + // operations and corresponds to the `--upload-id` parameter + // of the [S3 + // API](https://docs.aws.amazon.com/cli/latest/reference/s3api/index.html) + // multipart operations. + // This applies in particular to the following operations: + // + // - + // [abort-multipart-upload](https://docs.aws.amazon.com/cli/latest/reference/s3api/abort-multipart-upload.html) + // - + // [complete-multipart-upload](https://docs.aws.amazon.com/cli/latest/reference/s3api/complete-multipart-upload.html) + // - + // [list-parts](https://docs.aws.amazon.com/cli/latest/reference/s3api/list-parts.html) + // - + // [upload-part](https://docs.aws.amazon.com/cli/latest/reference/s3api/upload-part.html) + // - + // [upload-part-copy](https://docs.aws.amazon.com/cli/latest/reference/s3api/upload-part-copy.html) + AWSS3UploadIDKey = attribute.Key("aws.s3.upload_id") + + // AWSS3DeleteKey is the attribute Key conforming to the "aws.s3.delete" + // semantic conventions. It represents the delete request container that + // specifies the objects to be deleted. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: + // 'Objects=[{Key=string,VersionID=string},{Key=string,VersionID=string}],Quiet=boolean' + // Note: The `delete` attribute is only applicable to the + // [delete-object](https://docs.aws.amazon.com/cli/latest/reference/s3api/delete-object.html) + // operation. + // The `delete` attribute corresponds to the `--delete` parameter of the + // [delete-objects operation within the S3 + // API](https://docs.aws.amazon.com/cli/latest/reference/s3api/delete-objects.html). + AWSS3DeleteKey = attribute.Key("aws.s3.delete") + + // AWSS3PartNumberKey is the attribute Key conforming to the + // "aws.s3.part_number" semantic conventions. It represents the part number + // of the part being uploaded in a multipart-upload operation. This is a + // positive integer between 1 and 10,000. + // + // Type: int + // RequirementLevel: Optional + // Stability: stable + // Examples: 3456 + // Note: The `part_number` attribute is only applicable to the + // [upload-part](https://docs.aws.amazon.com/cli/latest/reference/s3api/upload-part.html) + // and + // [upload-part-copy](https://docs.aws.amazon.com/cli/latest/reference/s3api/upload-part-copy.html) + // operations. + // The `part_number` attribute corresponds to the `--part-number` parameter + // of the + // [upload-part operation within the S3 + // API](https://docs.aws.amazon.com/cli/latest/reference/s3api/upload-part.html). + AWSS3PartNumberKey = attribute.Key("aws.s3.part_number") +) + +// AWSS3Bucket returns an attribute KeyValue conforming to the +// "aws.s3.bucket" semantic conventions. It represents the S3 bucket name the +// request refers to. Corresponds to the `--bucket` parameter of the [S3 +// API](https://docs.aws.amazon.com/cli/latest/reference/s3api/index.html) +// operations. +func AWSS3Bucket(val string) attribute.KeyValue { + return AWSS3BucketKey.String(val) +} + +// AWSS3Key returns an attribute KeyValue conforming to the "aws.s3.key" +// semantic conventions. It represents the S3 object key the request refers to. +// Corresponds to the `--key` parameter of the [S3 +// API](https://docs.aws.amazon.com/cli/latest/reference/s3api/index.html) +// operations. +func AWSS3Key(val string) attribute.KeyValue { + return AWSS3KeyKey.String(val) +} + +// AWSS3CopySource returns an attribute KeyValue conforming to the +// "aws.s3.copy_source" semantic conventions. It represents the source object +// (in the form `bucket`/`key`) for the copy operation. +func AWSS3CopySource(val string) attribute.KeyValue { + return AWSS3CopySourceKey.String(val) +} + +// AWSS3UploadID returns an attribute KeyValue conforming to the +// "aws.s3.upload_id" semantic conventions. It represents the upload ID that +// identifies the multipart upload. +func AWSS3UploadID(val string) attribute.KeyValue { + return AWSS3UploadIDKey.String(val) +} + +// AWSS3Delete returns an attribute KeyValue conforming to the +// "aws.s3.delete" semantic conventions. It represents the delete request +// container that specifies the objects to be deleted. +func AWSS3Delete(val string) attribute.KeyValue { + return AWSS3DeleteKey.String(val) +} + +// AWSS3PartNumber returns an attribute KeyValue conforming to the +// "aws.s3.part_number" semantic conventions. It represents the part number of +// the part being uploaded in a multipart-upload operation. This is a positive +// integer between 1 and 10,000. +func AWSS3PartNumber(val int) attribute.KeyValue { + return AWSS3PartNumberKey.Int(val) +} + +// Semantic conventions to apply when instrumenting the GraphQL implementation. +// They map GraphQL operations to attributes on a Span. +const ( + // GraphqlOperationNameKey is the attribute Key conforming to the + // "graphql.operation.name" semantic conventions. It represents the name of + // the operation being executed. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'findBookByID' + GraphqlOperationNameKey = attribute.Key("graphql.operation.name") + + // GraphqlOperationTypeKey is the attribute Key conforming to the + // "graphql.operation.type" semantic conventions. It represents the type of + // the operation being executed. + // + // Type: Enum + // RequirementLevel: Optional + // Stability: stable + // Examples: 'query', 'mutation', 'subscription' + GraphqlOperationTypeKey = attribute.Key("graphql.operation.type") + + // GraphqlDocumentKey is the attribute Key conforming to the + // "graphql.document" semantic conventions. It represents the GraphQL + // document being executed. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'query findBookByID { bookByID(id: ?) { name } }' + // Note: The value may be sanitized to exclude sensitive information. + GraphqlDocumentKey = attribute.Key("graphql.document") +) + +var ( + // GraphQL query + GraphqlOperationTypeQuery = GraphqlOperationTypeKey.String("query") + // GraphQL mutation + GraphqlOperationTypeMutation = GraphqlOperationTypeKey.String("mutation") + // GraphQL subscription + GraphqlOperationTypeSubscription = GraphqlOperationTypeKey.String("subscription") +) + +// GraphqlOperationName returns an attribute KeyValue conforming to the +// "graphql.operation.name" semantic conventions. It represents the name of the +// operation being executed. +func GraphqlOperationName(val string) attribute.KeyValue { + return GraphqlOperationNameKey.String(val) +} + +// GraphqlDocument returns an attribute KeyValue conforming to the +// "graphql.document" semantic conventions. It represents the GraphQL document +// being executed. +func GraphqlDocument(val string) attribute.KeyValue { + return GraphqlDocumentKey.String(val) +} + +// General attributes used in messaging systems. +const ( + // MessagingSystemKey is the attribute Key conforming to the + // "messaging.system" semantic conventions. It represents a string + // identifying the messaging system. + // + // Type: string + // RequirementLevel: Required + // Stability: stable + // Examples: 'kafka', 'rabbitmq', 'rocketmq', 'activemq', 'AmazonSQS' + MessagingSystemKey = attribute.Key("messaging.system") + + // MessagingOperationKey is the attribute Key conforming to the + // "messaging.operation" semantic conventions. It represents a string + // identifying the kind of messaging operation as defined in the [Operation + // names](#operation-names) section above. + // + // Type: Enum + // RequirementLevel: Required + // Stability: stable + // Note: If a custom value is used, it MUST be of low cardinality. + MessagingOperationKey = attribute.Key("messaging.operation") + + // MessagingBatchMessageCountKey is the attribute Key conforming to the + // "messaging.batch.message_count" semantic conventions. It represents the + // number of messages sent, received, or processed in the scope of the + // batching operation. + // + // Type: int + // RequirementLevel: ConditionallyRequired (If the span describes an + // operation on a batch of messages.) + // Stability: stable + // Examples: 0, 1, 2 + // Note: Instrumentations SHOULD NOT set `messaging.batch.message_count` on + // spans that operate with a single message. When a messaging client + // library supports both batch and single-message API for the same + // operation, instrumentations SHOULD use `messaging.batch.message_count` + // for batching APIs and SHOULD NOT use it for single-message APIs. + MessagingBatchMessageCountKey = attribute.Key("messaging.batch.message_count") + + // MessagingClientIDKey is the attribute Key conforming to the + // "messaging.client_id" semantic conventions. It represents a unique + // identifier for the client that consumes or produces a message. + // + // Type: string + // RequirementLevel: Recommended (If a client id is available) + // Stability: stable + // Examples: 'client-5', 'myhost@8742@s8083jm' + MessagingClientIDKey = attribute.Key("messaging.client_id") +) + +var ( + // publish + MessagingOperationPublish = MessagingOperationKey.String("publish") + // receive + MessagingOperationReceive = MessagingOperationKey.String("receive") + // process + MessagingOperationProcess = MessagingOperationKey.String("process") +) + +// MessagingSystem returns an attribute KeyValue conforming to the +// "messaging.system" semantic conventions. It represents a string identifying +// the messaging system. +func MessagingSystem(val string) attribute.KeyValue { + return MessagingSystemKey.String(val) +} + +// MessagingBatchMessageCount returns an attribute KeyValue conforming to +// the "messaging.batch.message_count" semantic conventions. It represents the +// number of messages sent, received, or processed in the scope of the batching +// operation. +func MessagingBatchMessageCount(val int) attribute.KeyValue { + return MessagingBatchMessageCountKey.Int(val) +} + +// MessagingClientID returns an attribute KeyValue conforming to the +// "messaging.client_id" semantic conventions. It represents a unique +// identifier for the client that consumes or produces a message. +func MessagingClientID(val string) attribute.KeyValue { + return MessagingClientIDKey.String(val) +} + +// Semantic conventions for remote procedure calls. +const ( + // RPCSystemKey is the attribute Key conforming to the "rpc.system" + // semantic conventions. It represents a string identifying the remoting + // system. See below for a list of well-known identifiers. + // + // Type: Enum + // RequirementLevel: Required + // Stability: stable + RPCSystemKey = attribute.Key("rpc.system") + + // RPCServiceKey is the attribute Key conforming to the "rpc.service" + // semantic conventions. It represents the full (logical) name of the + // service being called, including its package name, if applicable. + // + // Type: string + // RequirementLevel: Recommended + // Stability: stable + // Examples: 'myservice.EchoService' + // Note: This is the logical name of the service from the RPC interface + // perspective, which can be different from the name of any implementing + // class. The `code.namespace` attribute may be used to store the latter + // (despite the attribute name, it may include a class name; e.g., class + // with method actually executing the call on the server side, RPC client + // stub class on the client side). + RPCServiceKey = attribute.Key("rpc.service") + + // RPCMethodKey is the attribute Key conforming to the "rpc.method" + // semantic conventions. It represents the name of the (logical) method + // being called, must be equal to the $method part in the span name. + // + // Type: string + // RequirementLevel: Recommended + // Stability: stable + // Examples: 'exampleMethod' + // Note: This is the logical name of the method from the RPC interface + // perspective, which can be different from the name of any implementing + // method/function. The `code.function` attribute may be used to store the + // latter (e.g., method actually executing the call on the server side, RPC + // client stub method on the client side). + RPCMethodKey = attribute.Key("rpc.method") +) + +var ( + // gRPC + RPCSystemGRPC = RPCSystemKey.String("grpc") + // Java RMI + RPCSystemJavaRmi = RPCSystemKey.String("java_rmi") + // .NET WCF + RPCSystemDotnetWcf = RPCSystemKey.String("dotnet_wcf") + // Apache Dubbo + RPCSystemApacheDubbo = RPCSystemKey.String("apache_dubbo") + // Connect RPC + RPCSystemConnectRPC = RPCSystemKey.String("connect_rpc") +) + +// RPCService returns an attribute KeyValue conforming to the "rpc.service" +// semantic conventions. It represents the full (logical) name of the service +// being called, including its package name, if applicable. +func RPCService(val string) attribute.KeyValue { + return RPCServiceKey.String(val) +} + +// RPCMethod returns an attribute KeyValue conforming to the "rpc.method" +// semantic conventions. It represents the name of the (logical) method being +// called, must be equal to the $method part in the span name. +func RPCMethod(val string) attribute.KeyValue { + return RPCMethodKey.String(val) +} + +// Tech-specific attributes for gRPC. +const ( + // RPCGRPCStatusCodeKey is the attribute Key conforming to the + // "rpc.grpc.status_code" semantic conventions. It represents the [numeric + // status + // code](https://github.com/grpc/grpc/blob/v1.33.2/doc/statuscodes.md) of + // the gRPC request. + // + // Type: Enum + // RequirementLevel: Required + // Stability: stable + RPCGRPCStatusCodeKey = attribute.Key("rpc.grpc.status_code") +) + +var ( + // OK + RPCGRPCStatusCodeOk = RPCGRPCStatusCodeKey.Int(0) + // CANCELLED + RPCGRPCStatusCodeCancelled = RPCGRPCStatusCodeKey.Int(1) + // UNKNOWN + RPCGRPCStatusCodeUnknown = RPCGRPCStatusCodeKey.Int(2) + // INVALID_ARGUMENT + RPCGRPCStatusCodeInvalidArgument = RPCGRPCStatusCodeKey.Int(3) + // DEADLINE_EXCEEDED + RPCGRPCStatusCodeDeadlineExceeded = RPCGRPCStatusCodeKey.Int(4) + // NOT_FOUND + RPCGRPCStatusCodeNotFound = RPCGRPCStatusCodeKey.Int(5) + // ALREADY_EXISTS + RPCGRPCStatusCodeAlreadyExists = RPCGRPCStatusCodeKey.Int(6) + // PERMISSION_DENIED + RPCGRPCStatusCodePermissionDenied = RPCGRPCStatusCodeKey.Int(7) + // RESOURCE_EXHAUSTED + RPCGRPCStatusCodeResourceExhausted = RPCGRPCStatusCodeKey.Int(8) + // FAILED_PRECONDITION + RPCGRPCStatusCodeFailedPrecondition = RPCGRPCStatusCodeKey.Int(9) + // ABORTED + RPCGRPCStatusCodeAborted = RPCGRPCStatusCodeKey.Int(10) + // OUT_OF_RANGE + RPCGRPCStatusCodeOutOfRange = RPCGRPCStatusCodeKey.Int(11) + // UNIMPLEMENTED + RPCGRPCStatusCodeUnimplemented = RPCGRPCStatusCodeKey.Int(12) + // INTERNAL + RPCGRPCStatusCodeInternal = RPCGRPCStatusCodeKey.Int(13) + // UNAVAILABLE + RPCGRPCStatusCodeUnavailable = RPCGRPCStatusCodeKey.Int(14) + // DATA_LOSS + RPCGRPCStatusCodeDataLoss = RPCGRPCStatusCodeKey.Int(15) + // UNAUTHENTICATED + RPCGRPCStatusCodeUnauthenticated = RPCGRPCStatusCodeKey.Int(16) +) + +// Tech-specific attributes for [JSON RPC](https://www.jsonrpc.org/). +const ( + // RPCJsonrpcVersionKey is the attribute Key conforming to the + // "rpc.jsonrpc.version" semantic conventions. It represents the protocol + // version as in `jsonrpc` property of request/response. Since JSON-RPC 1.0 + // does not specify this, the value can be omitted. + // + // Type: string + // RequirementLevel: ConditionallyRequired (If other than the default + // version (`1.0`)) + // Stability: stable + // Examples: '2.0', '1.0' + RPCJsonrpcVersionKey = attribute.Key("rpc.jsonrpc.version") + + // RPCJsonrpcRequestIDKey is the attribute Key conforming to the + // "rpc.jsonrpc.request_id" semantic conventions. It represents the `id` + // property of request or response. Since protocol allows id to be int, + // string, `null` or missing (for notifications), value is expected to be + // cast to string for simplicity. Use empty string in case of `null` value. + // Omit entirely if this is a notification. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: '10', 'request-7', '' + RPCJsonrpcRequestIDKey = attribute.Key("rpc.jsonrpc.request_id") + + // RPCJsonrpcErrorCodeKey is the attribute Key conforming to the + // "rpc.jsonrpc.error_code" semantic conventions. It represents the + // `error.code` property of response if it is an error response. + // + // Type: int + // RequirementLevel: ConditionallyRequired (If response is not successful.) + // Stability: stable + // Examples: -32700, 100 + RPCJsonrpcErrorCodeKey = attribute.Key("rpc.jsonrpc.error_code") + + // RPCJsonrpcErrorMessageKey is the attribute Key conforming to the + // "rpc.jsonrpc.error_message" semantic conventions. It represents the + // `error.message` property of response if it is an error response. + // + // Type: string + // RequirementLevel: Optional + // Stability: stable + // Examples: 'Parse error', 'User already exists' + RPCJsonrpcErrorMessageKey = attribute.Key("rpc.jsonrpc.error_message") +) + +// RPCJsonrpcVersion returns an attribute KeyValue conforming to the +// "rpc.jsonrpc.version" semantic conventions. It represents the protocol +// version as in `jsonrpc` property of request/response. Since JSON-RPC 1.0 +// does not specify this, the value can be omitted. +func RPCJsonrpcVersion(val string) attribute.KeyValue { + return RPCJsonrpcVersionKey.String(val) +} + +// RPCJsonrpcRequestID returns an attribute KeyValue conforming to the +// "rpc.jsonrpc.request_id" semantic conventions. It represents the `id` +// property of request or response. Since protocol allows id to be int, string, +// `null` or missing (for notifications), value is expected to be cast to +// string for simplicity. Use empty string in case of `null` value. Omit +// entirely if this is a notification. +func RPCJsonrpcRequestID(val string) attribute.KeyValue { + return RPCJsonrpcRequestIDKey.String(val) +} + +// RPCJsonrpcErrorCode returns an attribute KeyValue conforming to the +// "rpc.jsonrpc.error_code" semantic conventions. It represents the +// `error.code` property of response if it is an error response. +func RPCJsonrpcErrorCode(val int) attribute.KeyValue { + return RPCJsonrpcErrorCodeKey.Int(val) +} + +// RPCJsonrpcErrorMessage returns an attribute KeyValue conforming to the +// "rpc.jsonrpc.error_message" semantic conventions. It represents the +// `error.message` property of response if it is an error response. +func RPCJsonrpcErrorMessage(val string) attribute.KeyValue { + return RPCJsonrpcErrorMessageKey.String(val) +} + +// Tech-specific attributes for Connect RPC. +const ( + // RPCConnectRPCErrorCodeKey is the attribute Key conforming to the + // "rpc.connect_rpc.error_code" semantic conventions. It represents the + // [error codes](https://connect.build/docs/protocol/#error-codes) of the + // Connect request. Error codes are always string values. + // + // Type: Enum + // RequirementLevel: ConditionallyRequired (If response is not successful + // and if error code available.) + // Stability: stable + RPCConnectRPCErrorCodeKey = attribute.Key("rpc.connect_rpc.error_code") +) + +var ( + // cancelled + RPCConnectRPCErrorCodeCancelled = RPCConnectRPCErrorCodeKey.String("cancelled") + // unknown + RPCConnectRPCErrorCodeUnknown = RPCConnectRPCErrorCodeKey.String("unknown") + // invalid_argument + RPCConnectRPCErrorCodeInvalidArgument = RPCConnectRPCErrorCodeKey.String("invalid_argument") + // deadline_exceeded + RPCConnectRPCErrorCodeDeadlineExceeded = RPCConnectRPCErrorCodeKey.String("deadline_exceeded") + // not_found + RPCConnectRPCErrorCodeNotFound = RPCConnectRPCErrorCodeKey.String("not_found") + // already_exists + RPCConnectRPCErrorCodeAlreadyExists = RPCConnectRPCErrorCodeKey.String("already_exists") + // permission_denied + RPCConnectRPCErrorCodePermissionDenied = RPCConnectRPCErrorCodeKey.String("permission_denied") + // resource_exhausted + RPCConnectRPCErrorCodeResourceExhausted = RPCConnectRPCErrorCodeKey.String("resource_exhausted") + // failed_precondition + RPCConnectRPCErrorCodeFailedPrecondition = RPCConnectRPCErrorCodeKey.String("failed_precondition") + // aborted + RPCConnectRPCErrorCodeAborted = RPCConnectRPCErrorCodeKey.String("aborted") + // out_of_range + RPCConnectRPCErrorCodeOutOfRange = RPCConnectRPCErrorCodeKey.String("out_of_range") + // unimplemented + RPCConnectRPCErrorCodeUnimplemented = RPCConnectRPCErrorCodeKey.String("unimplemented") + // internal + RPCConnectRPCErrorCodeInternal = RPCConnectRPCErrorCodeKey.String("internal") + // unavailable + RPCConnectRPCErrorCodeUnavailable = RPCConnectRPCErrorCodeKey.String("unavailable") + // data_loss + RPCConnectRPCErrorCodeDataLoss = RPCConnectRPCErrorCodeKey.String("data_loss") + // unauthenticated + RPCConnectRPCErrorCodeUnauthenticated = RPCConnectRPCErrorCodeKey.String("unauthenticated") +) diff --git a/vendor/go.opentelemetry.io/otel/version.go b/vendor/go.opentelemetry.io/otel/version.go index 5a92f1d4b..e2f743585 100644 --- a/vendor/go.opentelemetry.io/otel/version.go +++ b/vendor/go.opentelemetry.io/otel/version.go @@ -16,5 +16,5 @@ package otel // import "go.opentelemetry.io/otel" // Version is the current release version of OpenTelemetry in use. func Version() string { - return "1.20.0" + return "1.21.0" } diff --git a/vendor/go.opentelemetry.io/otel/versions.yaml b/vendor/go.opentelemetry.io/otel/versions.yaml index 82366e799..3c153c9d6 100644 --- a/vendor/go.opentelemetry.io/otel/versions.yaml +++ b/vendor/go.opentelemetry.io/otel/versions.yaml @@ -14,13 +14,12 @@ module-sets: stable-v1: - version: v1.20.0 + version: v1.21.0 modules: - go.opentelemetry.io/otel - go.opentelemetry.io/otel/bridge/opentracing - go.opentelemetry.io/otel/bridge/opentracing/test - go.opentelemetry.io/otel/example/dice - - go.opentelemetry.io/otel/example/fib - go.opentelemetry.io/otel/example/namedtracer - go.opentelemetry.io/otel/example/otel-collector - go.opentelemetry.io/otel/example/passthrough @@ -35,14 +34,12 @@ module-sets: - go.opentelemetry.io/otel/sdk/metric - go.opentelemetry.io/otel/trace experimental-metrics: - version: v0.43.0 + version: v0.44.0 modules: - go.opentelemetry.io/otel/bridge/opencensus - go.opentelemetry.io/otel/bridge/opencensus/test - go.opentelemetry.io/otel/example/opencensus - go.opentelemetry.io/otel/example/prometheus - - go.opentelemetry.io/otel/example/view - - go.opentelemetry.io/otel/exporters/otlp/otlpmetric - go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc - go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp - go.opentelemetry.io/otel/exporters/prometheus diff --git a/vendor/golang.org/x/crypto/cryptobyte/asn1.go b/vendor/golang.org/x/crypto/cryptobyte/asn1.go index 6fc2838a3..2492f796a 100644 --- a/vendor/golang.org/x/crypto/cryptobyte/asn1.go +++ b/vendor/golang.org/x/crypto/cryptobyte/asn1.go @@ -733,13 +733,14 @@ func (s *String) ReadOptionalASN1OctetString(out *[]byte, outPresent *bool, tag return true } -// ReadOptionalASN1Boolean sets *out to the value of the next ASN.1 BOOLEAN or, -// if the next bytes are not an ASN.1 BOOLEAN, to the value of defaultValue. -// It reports whether the operation was successful. -func (s *String) ReadOptionalASN1Boolean(out *bool, defaultValue bool) bool { +// ReadOptionalASN1Boolean attempts to read an optional ASN.1 BOOLEAN +// explicitly tagged with tag into out and advances. If no element with a +// matching tag is present, it sets "out" to defaultValue instead. It reports +// whether the read was successful. +func (s *String) ReadOptionalASN1Boolean(out *bool, tag asn1.Tag, defaultValue bool) bool { var present bool var child String - if !s.ReadOptionalASN1(&child, &present, asn1.BOOLEAN) { + if !s.ReadOptionalASN1(&child, &present, tag) { return false } @@ -748,7 +749,7 @@ func (s *String) ReadOptionalASN1Boolean(out *bool, defaultValue bool) bool { return true } - return s.ReadASN1Boolean(out) + return child.ReadASN1Boolean(out) } func (s *String) readASN1(out *String, outTag *asn1.Tag, skipHeader bool) bool { diff --git a/vendor/golang.org/x/exp/slices/cmp.go b/vendor/golang.org/x/exp/slices/cmp.go new file mode 100644 index 000000000..fbf1934a0 --- /dev/null +++ b/vendor/golang.org/x/exp/slices/cmp.go @@ -0,0 +1,44 @@ +// Copyright 2023 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package slices + +import "golang.org/x/exp/constraints" + +// min is a version of the predeclared function from the Go 1.21 release. +func min[T constraints.Ordered](a, b T) T { + if a < b || isNaN(a) { + return a + } + return b +} + +// max is a version of the predeclared function from the Go 1.21 release. +func max[T constraints.Ordered](a, b T) T { + if a > b || isNaN(a) { + return a + } + return b +} + +// cmpLess is a copy of cmp.Less from the Go 1.21 release. +func cmpLess[T constraints.Ordered](x, y T) bool { + return (isNaN(x) && !isNaN(y)) || x < y +} + +// cmpCompare is a copy of cmp.Compare from the Go 1.21 release. +func cmpCompare[T constraints.Ordered](x, y T) int { + xNaN := isNaN(x) + yNaN := isNaN(y) + if xNaN && yNaN { + return 0 + } + if xNaN || x < y { + return -1 + } + if yNaN || x > y { + return +1 + } + return 0 +} diff --git a/vendor/golang.org/x/exp/slices/slices.go b/vendor/golang.org/x/exp/slices/slices.go index 8a7cf20db..5e8158bba 100644 --- a/vendor/golang.org/x/exp/slices/slices.go +++ b/vendor/golang.org/x/exp/slices/slices.go @@ -3,23 +3,20 @@ // license that can be found in the LICENSE file. // Package slices defines various functions useful with slices of any type. -// Unless otherwise specified, these functions all apply to the elements -// of a slice at index 0 <= i < len(s). -// -// Note that the less function in IsSortedFunc, SortFunc, SortStableFunc requires a -// strict weak ordering (https://en.wikipedia.org/wiki/Weak_ordering#Strict_weak_orderings), -// or the sorting may fail to sort correctly. A common case is when sorting slices of -// floating-point numbers containing NaN values. package slices -import "golang.org/x/exp/constraints" +import ( + "unsafe" + + "golang.org/x/exp/constraints" +) // Equal reports whether two slices are equal: the same length and all // elements equal. If the lengths are different, Equal returns false. // Otherwise, the elements are compared in increasing index order, and the // comparison stops at the first unequal pair. // Floating point NaNs are not considered equal. -func Equal[E comparable](s1, s2 []E) bool { +func Equal[S ~[]E, E comparable](s1, s2 S) bool { if len(s1) != len(s2) { return false } @@ -31,12 +28,12 @@ func Equal[E comparable](s1, s2 []E) bool { return true } -// EqualFunc reports whether two slices are equal using a comparison +// EqualFunc reports whether two slices are equal using an equality // function on each pair of elements. If the lengths are different, // EqualFunc returns false. Otherwise, the elements are compared in // increasing index order, and the comparison stops at the first index // for which eq returns false. -func EqualFunc[E1, E2 any](s1 []E1, s2 []E2, eq func(E1, E2) bool) bool { +func EqualFunc[S1 ~[]E1, S2 ~[]E2, E1, E2 any](s1 S1, s2 S2, eq func(E1, E2) bool) bool { if len(s1) != len(s2) { return false } @@ -49,45 +46,37 @@ func EqualFunc[E1, E2 any](s1 []E1, s2 []E2, eq func(E1, E2) bool) bool { return true } -// Compare compares the elements of s1 and s2. -// The elements are compared sequentially, starting at index 0, +// Compare compares the elements of s1 and s2, using [cmp.Compare] on each pair +// of elements. The elements are compared sequentially, starting at index 0, // until one element is not equal to the other. // The result of comparing the first non-matching elements is returned. // If both slices are equal until one of them ends, the shorter slice is // considered less than the longer one. // The result is 0 if s1 == s2, -1 if s1 < s2, and +1 if s1 > s2. -// Comparisons involving floating point NaNs are ignored. -func Compare[E constraints.Ordered](s1, s2 []E) int { - s2len := len(s2) +func Compare[S ~[]E, E constraints.Ordered](s1, s2 S) int { for i, v1 := range s1 { - if i >= s2len { + if i >= len(s2) { return +1 } v2 := s2[i] - switch { - case v1 < v2: - return -1 - case v1 > v2: - return +1 + if c := cmpCompare(v1, v2); c != 0 { + return c } } - if len(s1) < s2len { + if len(s1) < len(s2) { return -1 } return 0 } -// CompareFunc is like Compare but uses a comparison function -// on each pair of elements. The elements are compared in increasing -// index order, and the comparisons stop after the first time cmp -// returns non-zero. +// CompareFunc is like [Compare] but uses a custom comparison function on each +// pair of elements. // The result is the first non-zero result of cmp; if cmp always // returns 0 the result is 0 if len(s1) == len(s2), -1 if len(s1) < len(s2), // and +1 if len(s1) > len(s2). -func CompareFunc[E1, E2 any](s1 []E1, s2 []E2, cmp func(E1, E2) int) int { - s2len := len(s2) +func CompareFunc[S1 ~[]E1, S2 ~[]E2, E1, E2 any](s1 S1, s2 S2, cmp func(E1, E2) int) int { for i, v1 := range s1 { - if i >= s2len { + if i >= len(s2) { return +1 } v2 := s2[i] @@ -95,7 +84,7 @@ func CompareFunc[E1, E2 any](s1 []E1, s2 []E2, cmp func(E1, E2) int) int { return c } } - if len(s1) < s2len { + if len(s1) < len(s2) { return -1 } return 0 @@ -103,7 +92,7 @@ func CompareFunc[E1, E2 any](s1 []E1, s2 []E2, cmp func(E1, E2) int) int { // Index returns the index of the first occurrence of v in s, // or -1 if not present. -func Index[E comparable](s []E, v E) int { +func Index[S ~[]E, E comparable](s S, v E) int { for i := range s { if v == s[i] { return i @@ -114,7 +103,7 @@ func Index[E comparable](s []E, v E) int { // IndexFunc returns the first index i satisfying f(s[i]), // or -1 if none do. -func IndexFunc[E any](s []E, f func(E) bool) int { +func IndexFunc[S ~[]E, E any](s S, f func(E) bool) int { for i := range s { if f(s[i]) { return i @@ -124,39 +113,104 @@ func IndexFunc[E any](s []E, f func(E) bool) int { } // Contains reports whether v is present in s. -func Contains[E comparable](s []E, v E) bool { +func Contains[S ~[]E, E comparable](s S, v E) bool { return Index(s, v) >= 0 } // ContainsFunc reports whether at least one // element e of s satisfies f(e). -func ContainsFunc[E any](s []E, f func(E) bool) bool { +func ContainsFunc[S ~[]E, E any](s S, f func(E) bool) bool { return IndexFunc(s, f) >= 0 } // Insert inserts the values v... into s at index i, // returning the modified slice. -// In the returned slice r, r[i] == v[0]. +// The elements at s[i:] are shifted up to make room. +// In the returned slice r, r[i] == v[0], +// and r[i+len(v)] == value originally at r[i]. // Insert panics if i is out of range. // This function is O(len(s) + len(v)). func Insert[S ~[]E, E any](s S, i int, v ...E) S { - tot := len(s) + len(v) - if tot <= cap(s) { - s2 := s[:tot] - copy(s2[i+len(v):], s[i:]) + m := len(v) + if m == 0 { + return s + } + n := len(s) + if i == n { + return append(s, v...) + } + if n+m > cap(s) { + // Use append rather than make so that we bump the size of + // the slice up to the next storage class. + // This is what Grow does but we don't call Grow because + // that might copy the values twice. + s2 := append(s[:i], make(S, n+m-i)...) copy(s2[i:], v) + copy(s2[i+m:], s[i:]) return s2 } - s2 := make(S, tot) - copy(s2, s[:i]) - copy(s2[i:], v) - copy(s2[i+len(v):], s[i:]) - return s2 + s = s[:n+m] + + // before: + // s: aaaaaaaabbbbccccccccdddd + // ^ ^ ^ ^ + // i i+m n n+m + // after: + // s: aaaaaaaavvvvbbbbcccccccc + // ^ ^ ^ ^ + // i i+m n n+m + // + // a are the values that don't move in s. + // v are the values copied in from v. + // b and c are the values from s that are shifted up in index. + // d are the values that get overwritten, never to be seen again. + + if !overlaps(v, s[i+m:]) { + // Easy case - v does not overlap either the c or d regions. + // (It might be in some of a or b, or elsewhere entirely.) + // The data we copy up doesn't write to v at all, so just do it. + + copy(s[i+m:], s[i:]) + + // Now we have + // s: aaaaaaaabbbbbbbbcccccccc + // ^ ^ ^ ^ + // i i+m n n+m + // Note the b values are duplicated. + + copy(s[i:], v) + + // Now we have + // s: aaaaaaaavvvvbbbbcccccccc + // ^ ^ ^ ^ + // i i+m n n+m + // That's the result we want. + return s + } + + // The hard case - v overlaps c or d. We can't just shift up + // the data because we'd move or clobber the values we're trying + // to insert. + // So instead, write v on top of d, then rotate. + copy(s[n:], v) + + // Now we have + // s: aaaaaaaabbbbccccccccvvvv + // ^ ^ ^ ^ + // i i+m n n+m + + rotateRight(s[i:], m) + + // Now we have + // s: aaaaaaaavvvvbbbbcccccccc + // ^ ^ ^ ^ + // i i+m n n+m + // That's the result we want. + return s } // Delete removes the elements s[i:j] from s, returning the modified slice. // Delete panics if s[i:j] is not a valid slice of s. -// Delete modifies the contents of the slice s; it does not create a new slice. // Delete is O(len(s)-j), so if many items must be deleted, it is better to // make a single call deleting them all together than to delete one at a time. // Delete might not modify the elements s[len(s)-(j-i):len(s)]. If those @@ -175,39 +229,106 @@ func Delete[S ~[]E, E any](s S, i, j int) S { // zeroing those elements so that objects they reference can be garbage // collected. func DeleteFunc[S ~[]E, E any](s S, del func(E) bool) S { + i := IndexFunc(s, del) + if i == -1 { + return s + } // Don't start copying elements until we find one to delete. - for i, v := range s { - if del(v) { - j := i - for i++; i < len(s); i++ { - v = s[i] - if !del(v) { - s[j] = v - j++ - } - } - return s[:j] + for j := i + 1; j < len(s); j++ { + if v := s[j]; !del(v) { + s[i] = v + i++ } } - return s + return s[:i] } // Replace replaces the elements s[i:j] by the given v, and returns the // modified slice. Replace panics if s[i:j] is not a valid slice of s. func Replace[S ~[]E, E any](s S, i, j int, v ...E) S { _ = s[i:j] // verify that i:j is a valid subslice + + if i == j { + return Insert(s, i, v...) + } + if j == len(s) { + return append(s[:i], v...) + } + tot := len(s[:i]) + len(v) + len(s[j:]) - if tot <= cap(s) { - s2 := s[:tot] - copy(s2[i+len(v):], s[j:]) + if tot > cap(s) { + // Too big to fit, allocate and copy over. + s2 := append(s[:i], make(S, tot-i)...) // See Insert copy(s2[i:], v) + copy(s2[i+len(v):], s[j:]) return s2 } - s2 := make(S, tot) - copy(s2, s[:i]) - copy(s2[i:], v) - copy(s2[i+len(v):], s[j:]) - return s2 + + r := s[:tot] + + if i+len(v) <= j { + // Easy, as v fits in the deleted portion. + copy(r[i:], v) + if i+len(v) != j { + copy(r[i+len(v):], s[j:]) + } + return r + } + + // We are expanding (v is bigger than j-i). + // The situation is something like this: + // (example has i=4,j=8,len(s)=16,len(v)=6) + // s: aaaaxxxxbbbbbbbbyy + // ^ ^ ^ ^ + // i j len(s) tot + // a: prefix of s + // x: deleted range + // b: more of s + // y: area to expand into + + if !overlaps(r[i+len(v):], v) { + // Easy, as v is not clobbered by the first copy. + copy(r[i+len(v):], s[j:]) + copy(r[i:], v) + return r + } + + // This is a situation where we don't have a single place to which + // we can copy v. Parts of it need to go to two different places. + // We want to copy the prefix of v into y and the suffix into x, then + // rotate |y| spots to the right. + // + // v[2:] v[:2] + // | | + // s: aaaavvvvbbbbbbbbvv + // ^ ^ ^ ^ + // i j len(s) tot + // + // If either of those two destinations don't alias v, then we're good. + y := len(v) - (j - i) // length of y portion + + if !overlaps(r[i:j], v) { + copy(r[i:j], v[y:]) + copy(r[len(s):], v[:y]) + rotateRight(r[i:], y) + return r + } + if !overlaps(r[len(s):], v) { + copy(r[len(s):], v[:y]) + copy(r[i:j], v[y:]) + rotateRight(r[i:], y) + return r + } + + // Now we know that v overlaps both x and y. + // That means that the entirety of b is *inside* v. + // So we don't need to preserve b at all; instead we + // can copy v first, then copy the b part of v out of + // v to the right destination. + k := startIdx(v, s[j:]) + copy(r[i:], v) + copy(r[i+len(v):], r[i+k:]) + return r } // Clone returns a copy of the slice. @@ -222,7 +343,8 @@ func Clone[S ~[]E, E any](s S) S { // Compact replaces consecutive runs of equal elements with a single copy. // This is like the uniq command found on Unix. -// Compact modifies the contents of the slice s; it does not create a new slice. +// Compact modifies the contents of the slice s and returns the modified slice, +// which may have a smaller length. // When Compact discards m elements in total, it might not modify the elements // s[len(s)-m:len(s)]. If those elements contain pointers you might consider // zeroing those elements so that objects they reference can be garbage collected. @@ -242,7 +364,8 @@ func Compact[S ~[]E, E comparable](s S) S { return s[:i] } -// CompactFunc is like Compact but uses a comparison function. +// CompactFunc is like [Compact] but uses an equality function to compare elements. +// For runs of elements that compare equal, CompactFunc keeps the first one. func CompactFunc[S ~[]E, E any](s S, eq func(E, E) bool) S { if len(s) < 2 { return s @@ -280,3 +403,97 @@ func Grow[S ~[]E, E any](s S, n int) S { func Clip[S ~[]E, E any](s S) S { return s[:len(s):len(s)] } + +// Rotation algorithm explanation: +// +// rotate left by 2 +// start with +// 0123456789 +// split up like this +// 01 234567 89 +// swap first 2 and last 2 +// 89 234567 01 +// join first parts +// 89234567 01 +// recursively rotate first left part by 2 +// 23456789 01 +// join at the end +// 2345678901 +// +// rotate left by 8 +// start with +// 0123456789 +// split up like this +// 01 234567 89 +// swap first 2 and last 2 +// 89 234567 01 +// join last parts +// 89 23456701 +// recursively rotate second part left by 6 +// 89 01234567 +// join at the end +// 8901234567 + +// TODO: There are other rotate algorithms. +// This algorithm has the desirable property that it moves each element exactly twice. +// The triple-reverse algorithm is simpler and more cache friendly, but takes more writes. +// The follow-cycles algorithm can be 1-write but it is not very cache friendly. + +// rotateLeft rotates b left by n spaces. +// s_final[i] = s_orig[i+r], wrapping around. +func rotateLeft[E any](s []E, r int) { + for r != 0 && r != len(s) { + if r*2 <= len(s) { + swap(s[:r], s[len(s)-r:]) + s = s[:len(s)-r] + } else { + swap(s[:len(s)-r], s[r:]) + s, r = s[len(s)-r:], r*2-len(s) + } + } +} +func rotateRight[E any](s []E, r int) { + rotateLeft(s, len(s)-r) +} + +// swap swaps the contents of x and y. x and y must be equal length and disjoint. +func swap[E any](x, y []E) { + for i := 0; i < len(x); i++ { + x[i], y[i] = y[i], x[i] + } +} + +// overlaps reports whether the memory ranges a[0:len(a)] and b[0:len(b)] overlap. +func overlaps[E any](a, b []E) bool { + if len(a) == 0 || len(b) == 0 { + return false + } + elemSize := unsafe.Sizeof(a[0]) + if elemSize == 0 { + return false + } + // TODO: use a runtime/unsafe facility once one becomes available. See issue 12445. + // Also see crypto/internal/alias/alias.go:AnyOverlap + return uintptr(unsafe.Pointer(&a[0])) <= uintptr(unsafe.Pointer(&b[len(b)-1]))+(elemSize-1) && + uintptr(unsafe.Pointer(&b[0])) <= uintptr(unsafe.Pointer(&a[len(a)-1]))+(elemSize-1) +} + +// startIdx returns the index in haystack where the needle starts. +// prerequisite: the needle must be aliased entirely inside the haystack. +func startIdx[E any](haystack, needle []E) int { + p := &needle[0] + for i := range haystack { + if p == &haystack[i] { + return i + } + } + // TODO: what if the overlap is by a non-integral number of Es? + panic("needle not found") +} + +// Reverse reverses the elements of the slice in place. +func Reverse[S ~[]E, E any](s S) { + for i, j := 0, len(s)-1; i < j; i, j = i+1, j-1 { + s[i], s[j] = s[j], s[i] + } +} diff --git a/vendor/golang.org/x/exp/slices/sort.go b/vendor/golang.org/x/exp/slices/sort.go index 231b6448a..b67897f76 100644 --- a/vendor/golang.org/x/exp/slices/sort.go +++ b/vendor/golang.org/x/exp/slices/sort.go @@ -2,6 +2,8 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. +//go:generate go run $GOROOT/src/sort/gen_sort_variants.go -exp + package slices import ( @@ -11,57 +13,116 @@ import ( ) // Sort sorts a slice of any ordered type in ascending order. -// Sort may fail to sort correctly when sorting slices of floating-point -// numbers containing Not-a-number (NaN) values. -// Use slices.SortFunc(x, func(a, b float64) bool {return a < b || (math.IsNaN(a) && !math.IsNaN(b))}) -// instead if the input may contain NaNs. -func Sort[E constraints.Ordered](x []E) { +// When sorting floating-point numbers, NaNs are ordered before other values. +func Sort[S ~[]E, E constraints.Ordered](x S) { n := len(x) pdqsortOrdered(x, 0, n, bits.Len(uint(n))) } -// SortFunc sorts the slice x in ascending order as determined by the less function. -// This sort is not guaranteed to be stable. +// SortFunc sorts the slice x in ascending order as determined by the cmp +// function. This sort is not guaranteed to be stable. +// cmp(a, b) should return a negative number when a < b, a positive number when +// a > b and zero when a == b. // -// SortFunc requires that less is a strict weak ordering. +// SortFunc requires that cmp is a strict weak ordering. // See https://en.wikipedia.org/wiki/Weak_ordering#Strict_weak_orderings. -func SortFunc[E any](x []E, less func(a, b E) bool) { +func SortFunc[S ~[]E, E any](x S, cmp func(a, b E) int) { n := len(x) - pdqsortLessFunc(x, 0, n, bits.Len(uint(n)), less) + pdqsortCmpFunc(x, 0, n, bits.Len(uint(n)), cmp) } // SortStableFunc sorts the slice x while keeping the original order of equal -// elements, using less to compare elements. -func SortStableFunc[E any](x []E, less func(a, b E) bool) { - stableLessFunc(x, len(x), less) +// elements, using cmp to compare elements in the same way as [SortFunc]. +func SortStableFunc[S ~[]E, E any](x S, cmp func(a, b E) int) { + stableCmpFunc(x, len(x), cmp) } // IsSorted reports whether x is sorted in ascending order. -func IsSorted[E constraints.Ordered](x []E) bool { +func IsSorted[S ~[]E, E constraints.Ordered](x S) bool { for i := len(x) - 1; i > 0; i-- { - if x[i] < x[i-1] { + if cmpLess(x[i], x[i-1]) { return false } } return true } -// IsSortedFunc reports whether x is sorted in ascending order, with less as the -// comparison function. -func IsSortedFunc[E any](x []E, less func(a, b E) bool) bool { +// IsSortedFunc reports whether x is sorted in ascending order, with cmp as the +// comparison function as defined by [SortFunc]. +func IsSortedFunc[S ~[]E, E any](x S, cmp func(a, b E) int) bool { for i := len(x) - 1; i > 0; i-- { - if less(x[i], x[i-1]) { + if cmp(x[i], x[i-1]) < 0 { return false } } return true } +// Min returns the minimal value in x. It panics if x is empty. +// For floating-point numbers, Min propagates NaNs (any NaN value in x +// forces the output to be NaN). +func Min[S ~[]E, E constraints.Ordered](x S) E { + if len(x) < 1 { + panic("slices.Min: empty list") + } + m := x[0] + for i := 1; i < len(x); i++ { + m = min(m, x[i]) + } + return m +} + +// MinFunc returns the minimal value in x, using cmp to compare elements. +// It panics if x is empty. If there is more than one minimal element +// according to the cmp function, MinFunc returns the first one. +func MinFunc[S ~[]E, E any](x S, cmp func(a, b E) int) E { + if len(x) < 1 { + panic("slices.MinFunc: empty list") + } + m := x[0] + for i := 1; i < len(x); i++ { + if cmp(x[i], m) < 0 { + m = x[i] + } + } + return m +} + +// Max returns the maximal value in x. It panics if x is empty. +// For floating-point E, Max propagates NaNs (any NaN value in x +// forces the output to be NaN). +func Max[S ~[]E, E constraints.Ordered](x S) E { + if len(x) < 1 { + panic("slices.Max: empty list") + } + m := x[0] + for i := 1; i < len(x); i++ { + m = max(m, x[i]) + } + return m +} + +// MaxFunc returns the maximal value in x, using cmp to compare elements. +// It panics if x is empty. If there is more than one maximal element +// according to the cmp function, MaxFunc returns the first one. +func MaxFunc[S ~[]E, E any](x S, cmp func(a, b E) int) E { + if len(x) < 1 { + panic("slices.MaxFunc: empty list") + } + m := x[0] + for i := 1; i < len(x); i++ { + if cmp(x[i], m) > 0 { + m = x[i] + } + } + return m +} + // BinarySearch searches for target in a sorted slice and returns the position // where target is found, or the position where target would appear in the // sort order; it also returns a bool saying whether the target is really found // in the slice. The slice must be sorted in increasing order. -func BinarySearch[E constraints.Ordered](x []E, target E) (int, bool) { +func BinarySearch[S ~[]E, E constraints.Ordered](x S, target E) (int, bool) { // Inlining is faster than calling BinarySearchFunc with a lambda. n := len(x) // Define x[-1] < target and x[n] >= target. @@ -70,24 +131,24 @@ func BinarySearch[E constraints.Ordered](x []E, target E) (int, bool) { for i < j { h := int(uint(i+j) >> 1) // avoid overflow when computing h // i ≤ h < j - if x[h] < target { + if cmpLess(x[h], target) { i = h + 1 // preserves x[i-1] < target } else { j = h // preserves x[j] >= target } } // i == j, x[i-1] < target, and x[j] (= x[i]) >= target => answer is i. - return i, i < n && x[i] == target + return i, i < n && (x[i] == target || (isNaN(x[i]) && isNaN(target))) } -// BinarySearchFunc works like BinarySearch, but uses a custom comparison +// BinarySearchFunc works like [BinarySearch], but uses a custom comparison // function. The slice must be sorted in increasing order, where "increasing" // is defined by cmp. cmp should return 0 if the slice element matches // the target, a negative number if the slice element precedes the target, // or a positive number if the slice element follows the target. // cmp must implement the same ordering as the slice, such that if // cmp(a, t) < 0 and cmp(b, t) >= 0, then a must precede b in the slice. -func BinarySearchFunc[E, T any](x []E, target T, cmp func(E, T) int) (int, bool) { +func BinarySearchFunc[S ~[]E, E, T any](x S, target T, cmp func(E, T) int) (int, bool) { n := len(x) // Define cmp(x[-1], target) < 0 and cmp(x[n], target) >= 0 . // Invariant: cmp(x[i - 1], target) < 0, cmp(x[j], target) >= 0. @@ -126,3 +187,9 @@ func (r *xorshift) Next() uint64 { func nextPowerOfTwo(length int) uint { return 1 << bits.Len(uint(length)) } + +// isNaN reports whether x is a NaN without requiring the math package. +// This will always return false if T is not floating-point. +func isNaN[T constraints.Ordered](x T) bool { + return x != x +} diff --git a/vendor/golang.org/x/exp/slices/zsortfunc.go b/vendor/golang.org/x/exp/slices/zsortanyfunc.go similarity index 64% rename from vendor/golang.org/x/exp/slices/zsortfunc.go rename to vendor/golang.org/x/exp/slices/zsortanyfunc.go index 2a632476c..06f2c7a24 100644 --- a/vendor/golang.org/x/exp/slices/zsortfunc.go +++ b/vendor/golang.org/x/exp/slices/zsortanyfunc.go @@ -6,28 +6,28 @@ package slices -// insertionSortLessFunc sorts data[a:b] using insertion sort. -func insertionSortLessFunc[E any](data []E, a, b int, less func(a, b E) bool) { +// insertionSortCmpFunc sorts data[a:b] using insertion sort. +func insertionSortCmpFunc[E any](data []E, a, b int, cmp func(a, b E) int) { for i := a + 1; i < b; i++ { - for j := i; j > a && less(data[j], data[j-1]); j-- { + for j := i; j > a && (cmp(data[j], data[j-1]) < 0); j-- { data[j], data[j-1] = data[j-1], data[j] } } } -// siftDownLessFunc implements the heap property on data[lo:hi]. +// siftDownCmpFunc implements the heap property on data[lo:hi]. // first is an offset into the array where the root of the heap lies. -func siftDownLessFunc[E any](data []E, lo, hi, first int, less func(a, b E) bool) { +func siftDownCmpFunc[E any](data []E, lo, hi, first int, cmp func(a, b E) int) { root := lo for { child := 2*root + 1 if child >= hi { break } - if child+1 < hi && less(data[first+child], data[first+child+1]) { + if child+1 < hi && (cmp(data[first+child], data[first+child+1]) < 0) { child++ } - if !less(data[first+root], data[first+child]) { + if !(cmp(data[first+root], data[first+child]) < 0) { return } data[first+root], data[first+child] = data[first+child], data[first+root] @@ -35,30 +35,30 @@ func siftDownLessFunc[E any](data []E, lo, hi, first int, less func(a, b E) bool } } -func heapSortLessFunc[E any](data []E, a, b int, less func(a, b E) bool) { +func heapSortCmpFunc[E any](data []E, a, b int, cmp func(a, b E) int) { first := a lo := 0 hi := b - a // Build heap with greatest element at top. for i := (hi - 1) / 2; i >= 0; i-- { - siftDownLessFunc(data, i, hi, first, less) + siftDownCmpFunc(data, i, hi, first, cmp) } // Pop elements, largest first, into end of data. for i := hi - 1; i >= 0; i-- { data[first], data[first+i] = data[first+i], data[first] - siftDownLessFunc(data, lo, i, first, less) + siftDownCmpFunc(data, lo, i, first, cmp) } } -// pdqsortLessFunc sorts data[a:b]. +// pdqsortCmpFunc sorts data[a:b]. // The algorithm based on pattern-defeating quicksort(pdqsort), but without the optimizations from BlockQuicksort. // pdqsort paper: https://arxiv.org/pdf/2106.05123.pdf // C++ implementation: https://github.com/orlp/pdqsort // Rust implementation: https://docs.rs/pdqsort/latest/pdqsort/ // limit is the number of allowed bad (very unbalanced) pivots before falling back to heapsort. -func pdqsortLessFunc[E any](data []E, a, b, limit int, less func(a, b E) bool) { +func pdqsortCmpFunc[E any](data []E, a, b, limit int, cmp func(a, b E) int) { const maxInsertion = 12 var ( @@ -70,25 +70,25 @@ func pdqsortLessFunc[E any](data []E, a, b, limit int, less func(a, b E) bool) { length := b - a if length <= maxInsertion { - insertionSortLessFunc(data, a, b, less) + insertionSortCmpFunc(data, a, b, cmp) return } // Fall back to heapsort if too many bad choices were made. if limit == 0 { - heapSortLessFunc(data, a, b, less) + heapSortCmpFunc(data, a, b, cmp) return } // If the last partitioning was imbalanced, we need to breaking patterns. if !wasBalanced { - breakPatternsLessFunc(data, a, b, less) + breakPatternsCmpFunc(data, a, b, cmp) limit-- } - pivot, hint := choosePivotLessFunc(data, a, b, less) + pivot, hint := choosePivotCmpFunc(data, a, b, cmp) if hint == decreasingHint { - reverseRangeLessFunc(data, a, b, less) + reverseRangeCmpFunc(data, a, b, cmp) // The chosen pivot was pivot-a elements after the start of the array. // After reversing it is pivot-a elements before the end of the array. // The idea came from Rust's implementation. @@ -98,48 +98,48 @@ func pdqsortLessFunc[E any](data []E, a, b, limit int, less func(a, b E) bool) { // The slice is likely already sorted. if wasBalanced && wasPartitioned && hint == increasingHint { - if partialInsertionSortLessFunc(data, a, b, less) { + if partialInsertionSortCmpFunc(data, a, b, cmp) { return } } // Probably the slice contains many duplicate elements, partition the slice into // elements equal to and elements greater than the pivot. - if a > 0 && !less(data[a-1], data[pivot]) { - mid := partitionEqualLessFunc(data, a, b, pivot, less) + if a > 0 && !(cmp(data[a-1], data[pivot]) < 0) { + mid := partitionEqualCmpFunc(data, a, b, pivot, cmp) a = mid continue } - mid, alreadyPartitioned := partitionLessFunc(data, a, b, pivot, less) + mid, alreadyPartitioned := partitionCmpFunc(data, a, b, pivot, cmp) wasPartitioned = alreadyPartitioned leftLen, rightLen := mid-a, b-mid balanceThreshold := length / 8 if leftLen < rightLen { wasBalanced = leftLen >= balanceThreshold - pdqsortLessFunc(data, a, mid, limit, less) + pdqsortCmpFunc(data, a, mid, limit, cmp) a = mid + 1 } else { wasBalanced = rightLen >= balanceThreshold - pdqsortLessFunc(data, mid+1, b, limit, less) + pdqsortCmpFunc(data, mid+1, b, limit, cmp) b = mid } } } -// partitionLessFunc does one quicksort partition. +// partitionCmpFunc does one quicksort partition. // Let p = data[pivot] // Moves elements in data[a:b] around, so that data[i]

=p for inewpivot. // On return, data[newpivot] = p -func partitionLessFunc[E any](data []E, a, b, pivot int, less func(a, b E) bool) (newpivot int, alreadyPartitioned bool) { +func partitionCmpFunc[E any](data []E, a, b, pivot int, cmp func(a, b E) int) (newpivot int, alreadyPartitioned bool) { data[a], data[pivot] = data[pivot], data[a] i, j := a+1, b-1 // i and j are inclusive of the elements remaining to be partitioned - for i <= j && less(data[i], data[a]) { + for i <= j && (cmp(data[i], data[a]) < 0) { i++ } - for i <= j && !less(data[j], data[a]) { + for i <= j && !(cmp(data[j], data[a]) < 0) { j-- } if i > j { @@ -151,10 +151,10 @@ func partitionLessFunc[E any](data []E, a, b, pivot int, less func(a, b E) bool) j-- for { - for i <= j && less(data[i], data[a]) { + for i <= j && (cmp(data[i], data[a]) < 0) { i++ } - for i <= j && !less(data[j], data[a]) { + for i <= j && !(cmp(data[j], data[a]) < 0) { j-- } if i > j { @@ -168,17 +168,17 @@ func partitionLessFunc[E any](data []E, a, b, pivot int, less func(a, b E) bool) return j, false } -// partitionEqualLessFunc partitions data[a:b] into elements equal to data[pivot] followed by elements greater than data[pivot]. +// partitionEqualCmpFunc partitions data[a:b] into elements equal to data[pivot] followed by elements greater than data[pivot]. // It assumed that data[a:b] does not contain elements smaller than the data[pivot]. -func partitionEqualLessFunc[E any](data []E, a, b, pivot int, less func(a, b E) bool) (newpivot int) { +func partitionEqualCmpFunc[E any](data []E, a, b, pivot int, cmp func(a, b E) int) (newpivot int) { data[a], data[pivot] = data[pivot], data[a] i, j := a+1, b-1 // i and j are inclusive of the elements remaining to be partitioned for { - for i <= j && !less(data[a], data[i]) { + for i <= j && !(cmp(data[a], data[i]) < 0) { i++ } - for i <= j && less(data[a], data[j]) { + for i <= j && (cmp(data[a], data[j]) < 0) { j-- } if i > j { @@ -191,15 +191,15 @@ func partitionEqualLessFunc[E any](data []E, a, b, pivot int, less func(a, b E) return i } -// partialInsertionSortLessFunc partially sorts a slice, returns true if the slice is sorted at the end. -func partialInsertionSortLessFunc[E any](data []E, a, b int, less func(a, b E) bool) bool { +// partialInsertionSortCmpFunc partially sorts a slice, returns true if the slice is sorted at the end. +func partialInsertionSortCmpFunc[E any](data []E, a, b int, cmp func(a, b E) int) bool { const ( maxSteps = 5 // maximum number of adjacent out-of-order pairs that will get shifted shortestShifting = 50 // don't shift any elements on short arrays ) i := a + 1 for j := 0; j < maxSteps; j++ { - for i < b && !less(data[i], data[i-1]) { + for i < b && !(cmp(data[i], data[i-1]) < 0) { i++ } @@ -216,7 +216,7 @@ func partialInsertionSortLessFunc[E any](data []E, a, b int, less func(a, b E) b // Shift the smaller one to the left. if i-a >= 2 { for j := i - 1; j >= 1; j-- { - if !less(data[j], data[j-1]) { + if !(cmp(data[j], data[j-1]) < 0) { break } data[j], data[j-1] = data[j-1], data[j] @@ -225,7 +225,7 @@ func partialInsertionSortLessFunc[E any](data []E, a, b int, less func(a, b E) b // Shift the greater one to the right. if b-i >= 2 { for j := i + 1; j < b; j++ { - if !less(data[j], data[j-1]) { + if !(cmp(data[j], data[j-1]) < 0) { break } data[j], data[j-1] = data[j-1], data[j] @@ -235,9 +235,9 @@ func partialInsertionSortLessFunc[E any](data []E, a, b int, less func(a, b E) b return false } -// breakPatternsLessFunc scatters some elements around in an attempt to break some patterns +// breakPatternsCmpFunc scatters some elements around in an attempt to break some patterns // that might cause imbalanced partitions in quicksort. -func breakPatternsLessFunc[E any](data []E, a, b int, less func(a, b E) bool) { +func breakPatternsCmpFunc[E any](data []E, a, b int, cmp func(a, b E) int) { length := b - a if length >= 8 { random := xorshift(length) @@ -253,12 +253,12 @@ func breakPatternsLessFunc[E any](data []E, a, b int, less func(a, b E) bool) { } } -// choosePivotLessFunc chooses a pivot in data[a:b]. +// choosePivotCmpFunc chooses a pivot in data[a:b]. // // [0,8): chooses a static pivot. // [8,shortestNinther): uses the simple median-of-three method. // [shortestNinther,∞): uses the Tukey ninther method. -func choosePivotLessFunc[E any](data []E, a, b int, less func(a, b E) bool) (pivot int, hint sortedHint) { +func choosePivotCmpFunc[E any](data []E, a, b int, cmp func(a, b E) int) (pivot int, hint sortedHint) { const ( shortestNinther = 50 maxSwaps = 4 * 3 @@ -276,12 +276,12 @@ func choosePivotLessFunc[E any](data []E, a, b int, less func(a, b E) bool) (piv if l >= 8 { if l >= shortestNinther { // Tukey ninther method, the idea came from Rust's implementation. - i = medianAdjacentLessFunc(data, i, &swaps, less) - j = medianAdjacentLessFunc(data, j, &swaps, less) - k = medianAdjacentLessFunc(data, k, &swaps, less) + i = medianAdjacentCmpFunc(data, i, &swaps, cmp) + j = medianAdjacentCmpFunc(data, j, &swaps, cmp) + k = medianAdjacentCmpFunc(data, k, &swaps, cmp) } // Find the median among i, j, k and stores it into j. - j = medianLessFunc(data, i, j, k, &swaps, less) + j = medianCmpFunc(data, i, j, k, &swaps, cmp) } switch swaps { @@ -294,29 +294,29 @@ func choosePivotLessFunc[E any](data []E, a, b int, less func(a, b E) bool) (piv } } -// order2LessFunc returns x,y where data[x] <= data[y], where x,y=a,b or x,y=b,a. -func order2LessFunc[E any](data []E, a, b int, swaps *int, less func(a, b E) bool) (int, int) { - if less(data[b], data[a]) { +// order2CmpFunc returns x,y where data[x] <= data[y], where x,y=a,b or x,y=b,a. +func order2CmpFunc[E any](data []E, a, b int, swaps *int, cmp func(a, b E) int) (int, int) { + if cmp(data[b], data[a]) < 0 { *swaps++ return b, a } return a, b } -// medianLessFunc returns x where data[x] is the median of data[a],data[b],data[c], where x is a, b, or c. -func medianLessFunc[E any](data []E, a, b, c int, swaps *int, less func(a, b E) bool) int { - a, b = order2LessFunc(data, a, b, swaps, less) - b, c = order2LessFunc(data, b, c, swaps, less) - a, b = order2LessFunc(data, a, b, swaps, less) +// medianCmpFunc returns x where data[x] is the median of data[a],data[b],data[c], where x is a, b, or c. +func medianCmpFunc[E any](data []E, a, b, c int, swaps *int, cmp func(a, b E) int) int { + a, b = order2CmpFunc(data, a, b, swaps, cmp) + b, c = order2CmpFunc(data, b, c, swaps, cmp) + a, b = order2CmpFunc(data, a, b, swaps, cmp) return b } -// medianAdjacentLessFunc finds the median of data[a - 1], data[a], data[a + 1] and stores the index into a. -func medianAdjacentLessFunc[E any](data []E, a int, swaps *int, less func(a, b E) bool) int { - return medianLessFunc(data, a-1, a, a+1, swaps, less) +// medianAdjacentCmpFunc finds the median of data[a - 1], data[a], data[a + 1] and stores the index into a. +func medianAdjacentCmpFunc[E any](data []E, a int, swaps *int, cmp func(a, b E) int) int { + return medianCmpFunc(data, a-1, a, a+1, swaps, cmp) } -func reverseRangeLessFunc[E any](data []E, a, b int, less func(a, b E) bool) { +func reverseRangeCmpFunc[E any](data []E, a, b int, cmp func(a, b E) int) { i := a j := b - 1 for i < j { @@ -326,37 +326,37 @@ func reverseRangeLessFunc[E any](data []E, a, b int, less func(a, b E) bool) { } } -func swapRangeLessFunc[E any](data []E, a, b, n int, less func(a, b E) bool) { +func swapRangeCmpFunc[E any](data []E, a, b, n int, cmp func(a, b E) int) { for i := 0; i < n; i++ { data[a+i], data[b+i] = data[b+i], data[a+i] } } -func stableLessFunc[E any](data []E, n int, less func(a, b E) bool) { +func stableCmpFunc[E any](data []E, n int, cmp func(a, b E) int) { blockSize := 20 // must be > 0 a, b := 0, blockSize for b <= n { - insertionSortLessFunc(data, a, b, less) + insertionSortCmpFunc(data, a, b, cmp) a = b b += blockSize } - insertionSortLessFunc(data, a, n, less) + insertionSortCmpFunc(data, a, n, cmp) for blockSize < n { a, b = 0, 2*blockSize for b <= n { - symMergeLessFunc(data, a, a+blockSize, b, less) + symMergeCmpFunc(data, a, a+blockSize, b, cmp) a = b b += 2 * blockSize } if m := a + blockSize; m < n { - symMergeLessFunc(data, a, m, n, less) + symMergeCmpFunc(data, a, m, n, cmp) } blockSize *= 2 } } -// symMergeLessFunc merges the two sorted subsequences data[a:m] and data[m:b] using +// symMergeCmpFunc merges the two sorted subsequences data[a:m] and data[m:b] using // the SymMerge algorithm from Pok-Son Kim and Arne Kutzner, "Stable Minimum // Storage Merging by Symmetric Comparisons", in Susanne Albers and Tomasz // Radzik, editors, Algorithms - ESA 2004, volume 3221 of Lecture Notes in @@ -375,7 +375,7 @@ func stableLessFunc[E any](data []E, n int, less func(a, b E) bool) { // symMerge assumes non-degenerate arguments: a < m && m < b. // Having the caller check this condition eliminates many leaf recursion calls, // which improves performance. -func symMergeLessFunc[E any](data []E, a, m, b int, less func(a, b E) bool) { +func symMergeCmpFunc[E any](data []E, a, m, b int, cmp func(a, b E) int) { // Avoid unnecessary recursions of symMerge // by direct insertion of data[a] into data[m:b] // if data[a:m] only contains one element. @@ -387,7 +387,7 @@ func symMergeLessFunc[E any](data []E, a, m, b int, less func(a, b E) bool) { j := b for i < j { h := int(uint(i+j) >> 1) - if less(data[h], data[a]) { + if cmp(data[h], data[a]) < 0 { i = h + 1 } else { j = h @@ -411,7 +411,7 @@ func symMergeLessFunc[E any](data []E, a, m, b int, less func(a, b E) bool) { j := m for i < j { h := int(uint(i+j) >> 1) - if !less(data[m], data[h]) { + if !(cmp(data[m], data[h]) < 0) { i = h + 1 } else { j = h @@ -438,7 +438,7 @@ func symMergeLessFunc[E any](data []E, a, m, b int, less func(a, b E) bool) { for start < r { c := int(uint(start+r) >> 1) - if !less(data[p-c], data[c]) { + if !(cmp(data[p-c], data[c]) < 0) { start = c + 1 } else { r = c @@ -447,33 +447,33 @@ func symMergeLessFunc[E any](data []E, a, m, b int, less func(a, b E) bool) { end := n - start if start < m && m < end { - rotateLessFunc(data, start, m, end, less) + rotateCmpFunc(data, start, m, end, cmp) } if a < start && start < mid { - symMergeLessFunc(data, a, start, mid, less) + symMergeCmpFunc(data, a, start, mid, cmp) } if mid < end && end < b { - symMergeLessFunc(data, mid, end, b, less) + symMergeCmpFunc(data, mid, end, b, cmp) } } -// rotateLessFunc rotates two consecutive blocks u = data[a:m] and v = data[m:b] in data: +// rotateCmpFunc rotates two consecutive blocks u = data[a:m] and v = data[m:b] in data: // Data of the form 'x u v y' is changed to 'x v u y'. // rotate performs at most b-a many calls to data.Swap, // and it assumes non-degenerate arguments: a < m && m < b. -func rotateLessFunc[E any](data []E, a, m, b int, less func(a, b E) bool) { +func rotateCmpFunc[E any](data []E, a, m, b int, cmp func(a, b E) int) { i := m - a j := b - m for i != j { if i > j { - swapRangeLessFunc(data, m-i, m, j, less) + swapRangeCmpFunc(data, m-i, m, j, cmp) i -= j } else { - swapRangeLessFunc(data, m-i, m+j-i, i, less) + swapRangeCmpFunc(data, m-i, m+j-i, i, cmp) j -= i } } // i == j - swapRangeLessFunc(data, m-i, m, i, less) + swapRangeCmpFunc(data, m-i, m, i, cmp) } diff --git a/vendor/golang.org/x/exp/slices/zsortordered.go b/vendor/golang.org/x/exp/slices/zsortordered.go index efaa1c8b7..99b47c398 100644 --- a/vendor/golang.org/x/exp/slices/zsortordered.go +++ b/vendor/golang.org/x/exp/slices/zsortordered.go @@ -11,7 +11,7 @@ import "golang.org/x/exp/constraints" // insertionSortOrdered sorts data[a:b] using insertion sort. func insertionSortOrdered[E constraints.Ordered](data []E, a, b int) { for i := a + 1; i < b; i++ { - for j := i; j > a && (data[j] < data[j-1]); j-- { + for j := i; j > a && cmpLess(data[j], data[j-1]); j-- { data[j], data[j-1] = data[j-1], data[j] } } @@ -26,10 +26,10 @@ func siftDownOrdered[E constraints.Ordered](data []E, lo, hi, first int) { if child >= hi { break } - if child+1 < hi && (data[first+child] < data[first+child+1]) { + if child+1 < hi && cmpLess(data[first+child], data[first+child+1]) { child++ } - if !(data[first+root] < data[first+child]) { + if !cmpLess(data[first+root], data[first+child]) { return } data[first+root], data[first+child] = data[first+child], data[first+root] @@ -107,7 +107,7 @@ func pdqsortOrdered[E constraints.Ordered](data []E, a, b, limit int) { // Probably the slice contains many duplicate elements, partition the slice into // elements equal to and elements greater than the pivot. - if a > 0 && !(data[a-1] < data[pivot]) { + if a > 0 && !cmpLess(data[a-1], data[pivot]) { mid := partitionEqualOrdered(data, a, b, pivot) a = mid continue @@ -138,10 +138,10 @@ func partitionOrdered[E constraints.Ordered](data []E, a, b, pivot int) (newpivo data[a], data[pivot] = data[pivot], data[a] i, j := a+1, b-1 // i and j are inclusive of the elements remaining to be partitioned - for i <= j && (data[i] < data[a]) { + for i <= j && cmpLess(data[i], data[a]) { i++ } - for i <= j && !(data[j] < data[a]) { + for i <= j && !cmpLess(data[j], data[a]) { j-- } if i > j { @@ -153,10 +153,10 @@ func partitionOrdered[E constraints.Ordered](data []E, a, b, pivot int) (newpivo j-- for { - for i <= j && (data[i] < data[a]) { + for i <= j && cmpLess(data[i], data[a]) { i++ } - for i <= j && !(data[j] < data[a]) { + for i <= j && !cmpLess(data[j], data[a]) { j-- } if i > j { @@ -177,10 +177,10 @@ func partitionEqualOrdered[E constraints.Ordered](data []E, a, b, pivot int) (ne i, j := a+1, b-1 // i and j are inclusive of the elements remaining to be partitioned for { - for i <= j && !(data[a] < data[i]) { + for i <= j && !cmpLess(data[a], data[i]) { i++ } - for i <= j && (data[a] < data[j]) { + for i <= j && cmpLess(data[a], data[j]) { j-- } if i > j { @@ -201,7 +201,7 @@ func partialInsertionSortOrdered[E constraints.Ordered](data []E, a, b int) bool ) i := a + 1 for j := 0; j < maxSteps; j++ { - for i < b && !(data[i] < data[i-1]) { + for i < b && !cmpLess(data[i], data[i-1]) { i++ } @@ -218,7 +218,7 @@ func partialInsertionSortOrdered[E constraints.Ordered](data []E, a, b int) bool // Shift the smaller one to the left. if i-a >= 2 { for j := i - 1; j >= 1; j-- { - if !(data[j] < data[j-1]) { + if !cmpLess(data[j], data[j-1]) { break } data[j], data[j-1] = data[j-1], data[j] @@ -227,7 +227,7 @@ func partialInsertionSortOrdered[E constraints.Ordered](data []E, a, b int) bool // Shift the greater one to the right. if b-i >= 2 { for j := i + 1; j < b; j++ { - if !(data[j] < data[j-1]) { + if !cmpLess(data[j], data[j-1]) { break } data[j], data[j-1] = data[j-1], data[j] @@ -298,7 +298,7 @@ func choosePivotOrdered[E constraints.Ordered](data []E, a, b int) (pivot int, h // order2Ordered returns x,y where data[x] <= data[y], where x,y=a,b or x,y=b,a. func order2Ordered[E constraints.Ordered](data []E, a, b int, swaps *int) (int, int) { - if data[b] < data[a] { + if cmpLess(data[b], data[a]) { *swaps++ return b, a } @@ -389,7 +389,7 @@ func symMergeOrdered[E constraints.Ordered](data []E, a, m, b int) { j := b for i < j { h := int(uint(i+j) >> 1) - if data[h] < data[a] { + if cmpLess(data[h], data[a]) { i = h + 1 } else { j = h @@ -413,7 +413,7 @@ func symMergeOrdered[E constraints.Ordered](data []E, a, m, b int) { j := m for i < j { h := int(uint(i+j) >> 1) - if !(data[m] < data[h]) { + if !cmpLess(data[m], data[h]) { i = h + 1 } else { j = h @@ -440,7 +440,7 @@ func symMergeOrdered[E constraints.Ordered](data []E, a, m, b int) { for start < r { c := int(uint(start+r) >> 1) - if !(data[p-c] < data[c]) { + if !cmpLess(data[p-c], data[c]) { start = c + 1 } else { r = c diff --git a/vendor/golang.org/x/sys/unix/fcntl.go b/vendor/golang.org/x/sys/unix/fcntl.go index 58c6bfc70..6200876fb 100644 --- a/vendor/golang.org/x/sys/unix/fcntl.go +++ b/vendor/golang.org/x/sys/unix/fcntl.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -//go:build dragonfly || freebsd || linux || netbsd || openbsd +//go:build dragonfly || freebsd || linux || netbsd package unix diff --git a/vendor/golang.org/x/sys/unix/ioctl_linux.go b/vendor/golang.org/x/sys/unix/ioctl_linux.go index 0d12c0851..dbe680eab 100644 --- a/vendor/golang.org/x/sys/unix/ioctl_linux.go +++ b/vendor/golang.org/x/sys/unix/ioctl_linux.go @@ -231,3 +231,8 @@ func IoctlLoopGetStatus64(fd int) (*LoopInfo64, error) { func IoctlLoopSetStatus64(fd int, value *LoopInfo64) error { return ioctlPtr(fd, LOOP_SET_STATUS64, unsafe.Pointer(value)) } + +// IoctlLoopConfigure configures all loop device parameters in a single step +func IoctlLoopConfigure(fd int, value *LoopConfig) error { + return ioctlPtr(fd, LOOP_CONFIGURE, unsafe.Pointer(value)) +} diff --git a/vendor/golang.org/x/sys/unix/mkerrors.sh b/vendor/golang.org/x/sys/unix/mkerrors.sh index cbe24150a..6202638ba 100644 --- a/vendor/golang.org/x/sys/unix/mkerrors.sh +++ b/vendor/golang.org/x/sys/unix/mkerrors.sh @@ -519,6 +519,7 @@ ccflags="$@" $2 ~ /^LOCK_(SH|EX|NB|UN)$/ || $2 ~ /^LO_(KEY|NAME)_SIZE$/ || $2 ~ /^LOOP_(CLR|CTL|GET|SET)_/ || + $2 == "LOOP_CONFIGURE" || $2 ~ /^(AF|SOCK|SO|SOL|IPPROTO|IP|IPV6|TCP|MCAST|EVFILT|NOTE|SHUT|PROT|MAP|MREMAP|MFD|T?PACKET|MSG|SCM|MCL|DT|MADV|PR|LOCAL|TCPOPT|UDP)_/ || $2 ~ /^NFC_(GENL|PROTO|COMM|RF|SE|DIRECTION|LLCP|SOCKPROTO)_/ || $2 ~ /^NFC_.*_(MAX)?SIZE$/ || @@ -560,7 +561,7 @@ ccflags="$@" $2 ~ /^RLIMIT_(AS|CORE|CPU|DATA|FSIZE|LOCKS|MEMLOCK|MSGQUEUE|NICE|NOFILE|NPROC|RSS|RTPRIO|RTTIME|SIGPENDING|STACK)|RLIM_INFINITY/ || $2 ~ /^PRIO_(PROCESS|PGRP|USER)/ || $2 ~ /^CLONE_[A-Z_]+/ || - $2 !~ /^(BPF_TIMEVAL|BPF_FIB_LOOKUP_[A-Z]+)$/ && + $2 !~ /^(BPF_TIMEVAL|BPF_FIB_LOOKUP_[A-Z]+|BPF_F_LINK)$/ && $2 ~ /^(BPF|DLT)_/ || $2 ~ /^AUDIT_/ || $2 ~ /^(CLOCK|TIMER)_/ || diff --git a/vendor/golang.org/x/sys/unix/syscall_bsd.go b/vendor/golang.org/x/sys/unix/syscall_bsd.go index 6f328e3a5..a00c3e545 100644 --- a/vendor/golang.org/x/sys/unix/syscall_bsd.go +++ b/vendor/golang.org/x/sys/unix/syscall_bsd.go @@ -316,7 +316,7 @@ func GetsockoptString(fd, level, opt int) (string, error) { if err != nil { return "", err } - return string(buf[:vallen-1]), nil + return ByteSliceToString(buf[:vallen]), nil } //sys recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Socklen) (n int, err error) diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go index a5e1c10e3..0f85e29e6 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux.go @@ -61,15 +61,23 @@ func FanotifyMark(fd int, flags uint, mask uint64, dirFd int, pathname string) ( } //sys fchmodat(dirfd int, path string, mode uint32) (err error) +//sys fchmodat2(dirfd int, path string, mode uint32, flags int) (err error) -func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) { - // Linux fchmodat doesn't support the flags parameter. Mimick glibc's behavior - // and check the flags. Otherwise the mode would be applied to the symlink - // destination which is not what the user expects. - if flags&^AT_SYMLINK_NOFOLLOW != 0 { - return EINVAL - } else if flags&AT_SYMLINK_NOFOLLOW != 0 { - return EOPNOTSUPP +func Fchmodat(dirfd int, path string, mode uint32, flags int) error { + // Linux fchmodat doesn't support the flags parameter, but fchmodat2 does. + // Try fchmodat2 if flags are specified. + if flags != 0 { + err := fchmodat2(dirfd, path, mode, flags) + if err == ENOSYS { + // fchmodat2 isn't available. If the flags are known to be valid, + // return EOPNOTSUPP to indicate that fchmodat doesn't support them. + if flags&^(AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) != 0 { + return EINVAL + } else if flags&(AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) != 0 { + return EOPNOTSUPP + } + } + return err } return fchmodat(dirfd, path, mode) } @@ -1302,7 +1310,7 @@ func GetsockoptString(fd, level, opt int) (string, error) { return "", err } } - return string(buf[:vallen-1]), nil + return ByteSliceToString(buf[:vallen]), nil } func GetsockoptTpacketStats(fd, level, opt int) (*TpacketStats, error) { diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd.go b/vendor/golang.org/x/sys/unix/syscall_openbsd.go index d2882ee04..b25343c71 100644 --- a/vendor/golang.org/x/sys/unix/syscall_openbsd.go +++ b/vendor/golang.org/x/sys/unix/syscall_openbsd.go @@ -166,6 +166,20 @@ func Getresgid() (rgid, egid, sgid int) { //sys sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS___SYSCTL +//sys fcntl(fd int, cmd int, arg int) (n int, err error) +//sys fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) = SYS_FCNTL + +// FcntlInt performs a fcntl syscall on fd with the provided command and argument. +func FcntlInt(fd uintptr, cmd, arg int) (int, error) { + return fcntl(int(fd), cmd, arg) +} + +// FcntlFlock performs a fcntl syscall for the F_GETLK, F_SETLK or F_SETLKW command. +func FcntlFlock(fd uintptr, cmd int, lk *Flock_t) error { + _, err := fcntlPtr(int(fd), cmd, unsafe.Pointer(lk)) + return err +} + //sys ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) func Ppoll(fds []PollFd, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { diff --git a/vendor/golang.org/x/sys/unix/syscall_solaris.go b/vendor/golang.org/x/sys/unix/syscall_solaris.go index 60c8142d4..21974af06 100644 --- a/vendor/golang.org/x/sys/unix/syscall_solaris.go +++ b/vendor/golang.org/x/sys/unix/syscall_solaris.go @@ -158,7 +158,7 @@ func GetsockoptString(fd, level, opt int) (string, error) { if err != nil { return "", err } - return string(buf[:vallen-1]), nil + return ByteSliceToString(buf[:vallen]), nil } const ImplementsGetwd = true diff --git a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go index d99d05f1b..b473038c6 100644 --- a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go +++ b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go @@ -1104,7 +1104,7 @@ func GetsockoptString(fd, level, opt int) (string, error) { return "", err } - return string(buf[:vallen-1]), nil + return ByteSliceToString(buf[:vallen]), nil } func Recvmsg(fd int, p, oob []byte, flags int) (n, oobn int, recvflags int, from Sockaddr, err error) { diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go index 9c00cbf51..c73cfe2f1 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go @@ -486,7 +486,6 @@ const ( BPF_F_ANY_ALIGNMENT = 0x2 BPF_F_BEFORE = 0x8 BPF_F_ID = 0x20 - BPF_F_LINK = 0x2000 BPF_F_NETFILTER_IP_DEFRAG = 0x1 BPF_F_QUERY_EFFECTIVE = 0x1 BPF_F_REPLACE = 0x4 @@ -1802,6 +1801,7 @@ const ( LOCK_SH = 0x1 LOCK_UN = 0x8 LOOP_CLR_FD = 0x4c01 + LOOP_CONFIGURE = 0x4c0a LOOP_CTL_ADD = 0x4c80 LOOP_CTL_GET_FREE = 0x4c82 LOOP_CTL_REMOVE = 0x4c81 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux.go b/vendor/golang.org/x/sys/unix/zsyscall_linux.go index faca7a557..1488d2712 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux.go @@ -37,6 +37,21 @@ func fchmodat(dirfd int, path string, mode uint32) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fchmodat2(dirfd int, path string, mode uint32, flags int) (err error) { + var _p0 *byte + _p0, err = BytePtrFromString(path) + if err != nil { + return + } + _, _, e1 := Syscall6(SYS_FCHMODAT2, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(flags), 0, 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ioctl(fd int, req uint, arg uintptr) (err error) { _, _, e1 := Syscall(SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg)) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go index 88bfc2885..a1d061597 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go @@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fcntl(fd int, cmd int, arg int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_fcntl_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_fcntl fcntl "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s index 4cbeff171..41b561731 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s @@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $4 DATA ·libc_sysctl_trampoline_addr(SB)/4, $libc_sysctl_trampoline<>(SB) +TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_fcntl(SB) +GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $4 +DATA ·libc_fcntl_trampoline_addr(SB)/4, $libc_fcntl_trampoline<>(SB) + TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_ppoll(SB) GLOBL ·libc_ppoll_trampoline_addr(SB), RODATA, $4 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go index b8a67b99a..5b2a74097 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go @@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fcntl(fd int, cmd int, arg int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_fcntl_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_fcntl fcntl "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s index 1123f2757..4019a656f 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s @@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $8 DATA ·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB) +TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_fcntl(SB) +GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $8 +DATA ·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB) + TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_ppoll(SB) GLOBL ·libc_ppoll_trampoline_addr(SB), RODATA, $8 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go index af50a65c0..f6eda1344 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go @@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fcntl(fd int, cmd int, arg int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_fcntl_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_fcntl fcntl "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s index 82badae39..ac4af24f9 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s @@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $4 DATA ·libc_sysctl_trampoline_addr(SB)/4, $libc_sysctl_trampoline<>(SB) +TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_fcntl(SB) +GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $4 +DATA ·libc_fcntl_trampoline_addr(SB)/4, $libc_fcntl_trampoline<>(SB) + TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_ppoll(SB) GLOBL ·libc_ppoll_trampoline_addr(SB), RODATA, $4 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go index 8fb4ff36a..55df20ae9 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go @@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fcntl(fd int, cmd int, arg int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_fcntl_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_fcntl fcntl "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s index 24d7eecb9..f77d53212 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s @@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $8 DATA ·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB) +TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_fcntl(SB) +GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $8 +DATA ·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB) + TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_ppoll(SB) GLOBL ·libc_ppoll_trampoline_addr(SB), RODATA, $8 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go index f469a83ee..8c1155cbc 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go @@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fcntl(fd int, cmd int, arg int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_fcntl_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_fcntl fcntl "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s index 9a498a067..fae140b62 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s @@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $8 DATA ·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB) +TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_fcntl(SB) +GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $8 +DATA ·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB) + TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_ppoll(SB) GLOBL ·libc_ppoll_trampoline_addr(SB), RODATA, $8 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go index c26ca2e1a..7cc80c58d 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go @@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fcntl(fd int, cmd int, arg int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_fcntl_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_fcntl fcntl "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s index 1f224aa41..9d1e0ff06 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s @@ -213,6 +213,12 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $8 DATA ·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB) +TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0 + CALL libc_fcntl(SB) + RET +GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $8 +DATA ·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB) + TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0 CALL libc_ppoll(SB) RET diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go index bcc920dd2..0688737f4 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go @@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func fcntl(fd int, cmd int, arg int) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_fcntl_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_fcntl fcntl "libc.so" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) { + r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) { r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s index 87a79c709..da115f9a4 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s @@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $8 DATA ·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB) +TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_fcntl(SB) +GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $8 +DATA ·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB) + TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_ppoll(SB) GLOBL ·libc_ppoll_trampoline_addr(SB), RODATA, $8 diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go index 997bcd55a..bbf8399ff 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go @@ -2671,6 +2671,7 @@ const ( BPF_PROG_TYPE_LSM = 0x1d BPF_PROG_TYPE_SK_LOOKUP = 0x1e BPF_PROG_TYPE_SYSCALL = 0x1f + BPF_PROG_TYPE_NETFILTER = 0x20 BPF_CGROUP_INET_INGRESS = 0x0 BPF_CGROUP_INET_EGRESS = 0x1 BPF_CGROUP_INET_SOCK_CREATE = 0x2 @@ -2715,6 +2716,11 @@ const ( BPF_PERF_EVENT = 0x29 BPF_TRACE_KPROBE_MULTI = 0x2a BPF_LSM_CGROUP = 0x2b + BPF_STRUCT_OPS = 0x2c + BPF_NETFILTER = 0x2d + BPF_TCX_INGRESS = 0x2e + BPF_TCX_EGRESS = 0x2f + BPF_TRACE_UPROBE_MULTI = 0x30 BPF_LINK_TYPE_UNSPEC = 0x0 BPF_LINK_TYPE_RAW_TRACEPOINT = 0x1 BPF_LINK_TYPE_TRACING = 0x2 @@ -2725,6 +2731,18 @@ const ( BPF_LINK_TYPE_PERF_EVENT = 0x7 BPF_LINK_TYPE_KPROBE_MULTI = 0x8 BPF_LINK_TYPE_STRUCT_OPS = 0x9 + BPF_LINK_TYPE_NETFILTER = 0xa + BPF_LINK_TYPE_TCX = 0xb + BPF_LINK_TYPE_UPROBE_MULTI = 0xc + BPF_PERF_EVENT_UNSPEC = 0x0 + BPF_PERF_EVENT_UPROBE = 0x1 + BPF_PERF_EVENT_URETPROBE = 0x2 + BPF_PERF_EVENT_KPROBE = 0x3 + BPF_PERF_EVENT_KRETPROBE = 0x4 + BPF_PERF_EVENT_TRACEPOINT = 0x5 + BPF_PERF_EVENT_EVENT = 0x6 + BPF_F_KPROBE_MULTI_RETURN = 0x1 + BPF_F_UPROBE_MULTI_RETURN = 0x1 BPF_ANY = 0x0 BPF_NOEXIST = 0x1 BPF_EXIST = 0x2 @@ -2742,6 +2760,8 @@ const ( BPF_F_MMAPABLE = 0x400 BPF_F_PRESERVE_ELEMS = 0x800 BPF_F_INNER_MAP = 0x1000 + BPF_F_LINK = 0x2000 + BPF_F_PATH_FD = 0x4000 BPF_STATS_RUN_TIME = 0x0 BPF_STACK_BUILD_ID_EMPTY = 0x0 BPF_STACK_BUILD_ID_VALID = 0x1 @@ -2762,6 +2782,7 @@ const ( BPF_F_ZERO_CSUM_TX = 0x2 BPF_F_DONT_FRAGMENT = 0x4 BPF_F_SEQ_NUMBER = 0x8 + BPF_F_NO_TUNNEL_KEY = 0x10 BPF_F_TUNINFO_FLAGS = 0x10 BPF_F_INDEX_MASK = 0xffffffff BPF_F_CURRENT_CPU = 0xffffffff @@ -2778,6 +2799,8 @@ const ( BPF_F_ADJ_ROOM_ENCAP_L4_UDP = 0x10 BPF_F_ADJ_ROOM_NO_CSUM_RESET = 0x20 BPF_F_ADJ_ROOM_ENCAP_L2_ETH = 0x40 + BPF_F_ADJ_ROOM_DECAP_L3_IPV4 = 0x80 + BPF_F_ADJ_ROOM_DECAP_L3_IPV6 = 0x100 BPF_ADJ_ROOM_ENCAP_L2_MASK = 0xff BPF_ADJ_ROOM_ENCAP_L2_SHIFT = 0x38 BPF_F_SYSCTL_BASE_NAME = 0x1 @@ -2866,6 +2889,8 @@ const ( BPF_DEVCG_DEV_CHAR = 0x2 BPF_FIB_LOOKUP_DIRECT = 0x1 BPF_FIB_LOOKUP_OUTPUT = 0x2 + BPF_FIB_LOOKUP_SKIP_NEIGH = 0x4 + BPF_FIB_LOOKUP_TBID = 0x8 BPF_FIB_LKUP_RET_SUCCESS = 0x0 BPF_FIB_LKUP_RET_BLACKHOLE = 0x1 BPF_FIB_LKUP_RET_UNREACHABLE = 0x2 @@ -2901,6 +2926,7 @@ const ( BPF_CORE_ENUMVAL_EXISTS = 0xa BPF_CORE_ENUMVAL_VALUE = 0xb BPF_CORE_TYPE_MATCHES = 0xc + BPF_F_TIMER_ABS = 0x1 ) const ( @@ -2979,6 +3005,12 @@ type LoopInfo64 struct { Encrypt_key [32]uint8 Init [2]uint64 } +type LoopConfig struct { + Fd uint32 + Size uint32 + Info LoopInfo64 + _ [8]uint64 +} type TIPCSocketAddr struct { Ref uint32 diff --git a/vendor/golang.org/x/sys/windows/syscall_windows.go b/vendor/golang.org/x/sys/windows/syscall_windows.go index fb6cfd046..47dc57967 100644 --- a/vendor/golang.org/x/sys/windows/syscall_windows.go +++ b/vendor/golang.org/x/sys/windows/syscall_windows.go @@ -155,6 +155,8 @@ func NewCallbackCDecl(fn interface{}) uintptr { //sys GetModuleFileName(module Handle, filename *uint16, size uint32) (n uint32, err error) = kernel32.GetModuleFileNameW //sys GetModuleHandleEx(flags uint32, moduleName *uint16, module *Handle) (err error) = kernel32.GetModuleHandleExW //sys SetDefaultDllDirectories(directoryFlags uint32) (err error) +//sys AddDllDirectory(path *uint16) (cookie uintptr, err error) = kernel32.AddDllDirectory +//sys RemoveDllDirectory(cookie uintptr) (err error) = kernel32.RemoveDllDirectory //sys SetDllDirectory(path string) (err error) = kernel32.SetDllDirectoryW //sys GetVersion() (ver uint32, err error) //sys FormatMessage(flags uint32, msgsrc uintptr, msgid uint32, langid uint32, buf []uint16, args *byte) (n uint32, err error) = FormatMessageW diff --git a/vendor/golang.org/x/sys/windows/zsyscall_windows.go b/vendor/golang.org/x/sys/windows/zsyscall_windows.go index db6282e00..146a1f019 100644 --- a/vendor/golang.org/x/sys/windows/zsyscall_windows.go +++ b/vendor/golang.org/x/sys/windows/zsyscall_windows.go @@ -184,6 +184,7 @@ var ( procGetAdaptersInfo = modiphlpapi.NewProc("GetAdaptersInfo") procGetBestInterfaceEx = modiphlpapi.NewProc("GetBestInterfaceEx") procGetIfEntry = modiphlpapi.NewProc("GetIfEntry") + procAddDllDirectory = modkernel32.NewProc("AddDllDirectory") procAssignProcessToJobObject = modkernel32.NewProc("AssignProcessToJobObject") procCancelIo = modkernel32.NewProc("CancelIo") procCancelIoEx = modkernel32.NewProc("CancelIoEx") @@ -330,6 +331,7 @@ var ( procReadProcessMemory = modkernel32.NewProc("ReadProcessMemory") procReleaseMutex = modkernel32.NewProc("ReleaseMutex") procRemoveDirectoryW = modkernel32.NewProc("RemoveDirectoryW") + procRemoveDllDirectory = modkernel32.NewProc("RemoveDllDirectory") procResetEvent = modkernel32.NewProc("ResetEvent") procResizePseudoConsole = modkernel32.NewProc("ResizePseudoConsole") procResumeThread = modkernel32.NewProc("ResumeThread") @@ -1605,6 +1607,15 @@ func GetIfEntry(pIfRow *MibIfRow) (errcode error) { return } +func AddDllDirectory(path *uint16) (cookie uintptr, err error) { + r0, _, e1 := syscall.Syscall(procAddDllDirectory.Addr(), 1, uintptr(unsafe.Pointer(path)), 0, 0) + cookie = uintptr(r0) + if cookie == 0 { + err = errnoErr(e1) + } + return +} + func AssignProcessToJobObject(job Handle, process Handle) (err error) { r1, _, e1 := syscall.Syscall(procAssignProcessToJobObject.Addr(), 2, uintptr(job), uintptr(process), 0) if r1 == 0 { @@ -2879,6 +2890,14 @@ func RemoveDirectory(path *uint16) (err error) { return } +func RemoveDllDirectory(cookie uintptr) (err error) { + r1, _, e1 := syscall.Syscall(procRemoveDllDirectory.Addr(), 1, uintptr(cookie), 0, 0) + if r1 == 0 { + err = errnoErr(e1) + } + return +} + func ResetEvent(event Handle) (err error) { r1, _, e1 := syscall.Syscall(procResetEvent.Addr(), 1, uintptr(event), 0, 0) if r1 == 0 { diff --git a/vendor/golang.org/x/time/rate/rate.go b/vendor/golang.org/x/time/rate/rate.go index f0e0cf3cb..8f6c7f493 100644 --- a/vendor/golang.org/x/time/rate/rate.go +++ b/vendor/golang.org/x/time/rate/rate.go @@ -52,6 +52,8 @@ func Every(interval time.Duration) Limit { // or its associated context.Context is canceled. // // The methods AllowN, ReserveN, and WaitN consume n tokens. +// +// Limiter is safe for simultaneous use by multiple goroutines. type Limiter struct { mu sync.Mutex limit Limit diff --git a/vendor/golang.org/x/xerrors/LICENSE b/vendor/golang.org/x/xerrors/LICENSE deleted file mode 100644 index e4a47e17f..000000000 --- a/vendor/golang.org/x/xerrors/LICENSE +++ /dev/null @@ -1,27 +0,0 @@ -Copyright (c) 2019 The Go Authors. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/golang.org/x/xerrors/PATENTS b/vendor/golang.org/x/xerrors/PATENTS deleted file mode 100644 index 733099041..000000000 --- a/vendor/golang.org/x/xerrors/PATENTS +++ /dev/null @@ -1,22 +0,0 @@ -Additional IP Rights Grant (Patents) - -"This implementation" means the copyrightable works distributed by -Google as part of the Go project. - -Google hereby grants to You a perpetual, worldwide, non-exclusive, -no-charge, royalty-free, irrevocable (except as stated in this section) -patent license to make, have made, use, offer to sell, sell, import, -transfer and otherwise run, modify and propagate the contents of this -implementation of Go, where such license applies only to those patent -claims, both currently owned or controlled by Google and acquired in -the future, licensable by Google that are necessarily infringed by this -implementation of Go. This grant does not include claims that would be -infringed only as a consequence of further modification of this -implementation. If you or your agent or exclusive licensee institute or -order or agree to the institution of patent litigation against any -entity (including a cross-claim or counterclaim in a lawsuit) alleging -that this implementation of Go or any code incorporated within this -implementation of Go constitutes direct or contributory patent -infringement, or inducement of patent infringement, then any patent -rights granted to you under this License for this implementation of Go -shall terminate as of the date such litigation is filed. diff --git a/vendor/golang.org/x/xerrors/README b/vendor/golang.org/x/xerrors/README deleted file mode 100644 index aac7867a5..000000000 --- a/vendor/golang.org/x/xerrors/README +++ /dev/null @@ -1,2 +0,0 @@ -This repository holds the transition packages for the new Go 1.13 error values. -See golang.org/design/29934-error-values. diff --git a/vendor/golang.org/x/xerrors/adaptor.go b/vendor/golang.org/x/xerrors/adaptor.go deleted file mode 100644 index 4317f2483..000000000 --- a/vendor/golang.org/x/xerrors/adaptor.go +++ /dev/null @@ -1,193 +0,0 @@ -// Copyright 2018 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package xerrors - -import ( - "bytes" - "fmt" - "io" - "reflect" - "strconv" -) - -// FormatError calls the FormatError method of f with an errors.Printer -// configured according to s and verb, and writes the result to s. -func FormatError(f Formatter, s fmt.State, verb rune) { - // Assuming this function is only called from the Format method, and given - // that FormatError takes precedence over Format, it cannot be called from - // any package that supports errors.Formatter. It is therefore safe to - // disregard that State may be a specific printer implementation and use one - // of our choice instead. - - // limitations: does not support printing error as Go struct. - - var ( - sep = " " // separator before next error - p = &state{State: s} - direct = true - ) - - var err error = f - - switch verb { - // Note that this switch must match the preference order - // for ordinary string printing (%#v before %+v, and so on). - - case 'v': - if s.Flag('#') { - if stringer, ok := err.(fmt.GoStringer); ok { - io.WriteString(&p.buf, stringer.GoString()) - goto exit - } - // proceed as if it were %v - } else if s.Flag('+') { - p.printDetail = true - sep = "\n - " - } - case 's': - case 'q', 'x', 'X': - // Use an intermediate buffer in the rare cases that precision, - // truncation, or one of the alternative verbs (q, x, and X) are - // specified. - direct = false - - default: - p.buf.WriteString("%!") - p.buf.WriteRune(verb) - p.buf.WriteByte('(') - switch { - case err != nil: - p.buf.WriteString(reflect.TypeOf(f).String()) - default: - p.buf.WriteString("") - } - p.buf.WriteByte(')') - io.Copy(s, &p.buf) - return - } - -loop: - for { - switch v := err.(type) { - case Formatter: - err = v.FormatError((*printer)(p)) - case fmt.Formatter: - v.Format(p, 'v') - break loop - default: - io.WriteString(&p.buf, v.Error()) - break loop - } - if err == nil { - break - } - if p.needColon || !p.printDetail { - p.buf.WriteByte(':') - p.needColon = false - } - p.buf.WriteString(sep) - p.inDetail = false - p.needNewline = false - } - -exit: - width, okW := s.Width() - prec, okP := s.Precision() - - if !direct || (okW && width > 0) || okP { - // Construct format string from State s. - format := []byte{'%'} - if s.Flag('-') { - format = append(format, '-') - } - if s.Flag('+') { - format = append(format, '+') - } - if s.Flag(' ') { - format = append(format, ' ') - } - if okW { - format = strconv.AppendInt(format, int64(width), 10) - } - if okP { - format = append(format, '.') - format = strconv.AppendInt(format, int64(prec), 10) - } - format = append(format, string(verb)...) - fmt.Fprintf(s, string(format), p.buf.String()) - } else { - io.Copy(s, &p.buf) - } -} - -var detailSep = []byte("\n ") - -// state tracks error printing state. It implements fmt.State. -type state struct { - fmt.State - buf bytes.Buffer - - printDetail bool - inDetail bool - needColon bool - needNewline bool -} - -func (s *state) Write(b []byte) (n int, err error) { - if s.printDetail { - if len(b) == 0 { - return 0, nil - } - if s.inDetail && s.needColon { - s.needNewline = true - if b[0] == '\n' { - b = b[1:] - } - } - k := 0 - for i, c := range b { - if s.needNewline { - if s.inDetail && s.needColon { - s.buf.WriteByte(':') - s.needColon = false - } - s.buf.Write(detailSep) - s.needNewline = false - } - if c == '\n' { - s.buf.Write(b[k:i]) - k = i + 1 - s.needNewline = true - } - } - s.buf.Write(b[k:]) - if !s.inDetail { - s.needColon = true - } - } else if !s.inDetail { - s.buf.Write(b) - } - return len(b), nil -} - -// printer wraps a state to implement an xerrors.Printer. -type printer state - -func (s *printer) Print(args ...interface{}) { - if !s.inDetail || s.printDetail { - fmt.Fprint((*state)(s), args...) - } -} - -func (s *printer) Printf(format string, args ...interface{}) { - if !s.inDetail || s.printDetail { - fmt.Fprintf((*state)(s), format, args...) - } -} - -func (s *printer) Detail() bool { - s.inDetail = true - return s.printDetail -} diff --git a/vendor/golang.org/x/xerrors/codereview.cfg b/vendor/golang.org/x/xerrors/codereview.cfg deleted file mode 100644 index 3f8b14b64..000000000 --- a/vendor/golang.org/x/xerrors/codereview.cfg +++ /dev/null @@ -1 +0,0 @@ -issuerepo: golang/go diff --git a/vendor/golang.org/x/xerrors/doc.go b/vendor/golang.org/x/xerrors/doc.go deleted file mode 100644 index 2ef99f5a8..000000000 --- a/vendor/golang.org/x/xerrors/doc.go +++ /dev/null @@ -1,23 +0,0 @@ -// Copyright 2019 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// Package xerrors implements functions to manipulate errors. -// -// This package is based on the Go 2 proposal for error values: -// -// https://golang.org/design/29934-error-values -// -// These functions were incorporated into the standard library's errors package -// in Go 1.13: -// - Is -// - As -// - Unwrap -// -// Also, Errorf's %w verb was incorporated into fmt.Errorf. -// -// Use this package to get equivalent behavior in all supported Go versions. -// -// No other features of this package were included in Go 1.13, and at present -// there are no plans to include any of them. -package xerrors // import "golang.org/x/xerrors" diff --git a/vendor/golang.org/x/xerrors/errors.go b/vendor/golang.org/x/xerrors/errors.go deleted file mode 100644 index e88d3772d..000000000 --- a/vendor/golang.org/x/xerrors/errors.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package xerrors - -import "fmt" - -// errorString is a trivial implementation of error. -type errorString struct { - s string - frame Frame -} - -// New returns an error that formats as the given text. -// -// The returned error contains a Frame set to the caller's location and -// implements Formatter to show this information when printed with details. -func New(text string) error { - return &errorString{text, Caller(1)} -} - -func (e *errorString) Error() string { - return e.s -} - -func (e *errorString) Format(s fmt.State, v rune) { FormatError(e, s, v) } - -func (e *errorString) FormatError(p Printer) (next error) { - p.Print(e.s) - e.frame.Format(p) - return nil -} diff --git a/vendor/golang.org/x/xerrors/fmt.go b/vendor/golang.org/x/xerrors/fmt.go deleted file mode 100644 index 27a5d70bd..000000000 --- a/vendor/golang.org/x/xerrors/fmt.go +++ /dev/null @@ -1,190 +0,0 @@ -// Copyright 2018 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package xerrors - -import ( - "fmt" - "strings" - "unicode" - "unicode/utf8" - - "golang.org/x/xerrors/internal" -) - -const percentBangString = "%!" - -// Errorf formats according to a format specifier and returns the string as a -// value that satisfies error. -// -// The returned error includes the file and line number of the caller when -// formatted with additional detail enabled. If the last argument is an error -// the returned error's Format method will return it if the format string ends -// with ": %s", ": %v", or ": %w". If the last argument is an error and the -// format string ends with ": %w", the returned error implements an Unwrap -// method returning it. -// -// If the format specifier includes a %w verb with an error operand in a -// position other than at the end, the returned error will still implement an -// Unwrap method returning the operand, but the error's Format method will not -// return the wrapped error. -// -// It is invalid to include more than one %w verb or to supply it with an -// operand that does not implement the error interface. The %w verb is otherwise -// a synonym for %v. -// -// Note that as of Go 1.13, the fmt.Errorf function will do error formatting, -// but it will not capture a stack backtrace. -func Errorf(format string, a ...interface{}) error { - format = formatPlusW(format) - // Support a ": %[wsv]" suffix, which works well with xerrors.Formatter. - wrap := strings.HasSuffix(format, ": %w") - idx, format2, ok := parsePercentW(format) - percentWElsewhere := !wrap && idx >= 0 - if !percentWElsewhere && (wrap || strings.HasSuffix(format, ": %s") || strings.HasSuffix(format, ": %v")) { - err := errorAt(a, len(a)-1) - if err == nil { - return &noWrapError{fmt.Sprintf(format, a...), nil, Caller(1)} - } - // TODO: this is not entirely correct. The error value could be - // printed elsewhere in format if it mixes numbered with unnumbered - // substitutions. With relatively small changes to doPrintf we can - // have it optionally ignore extra arguments and pass the argument - // list in its entirety. - msg := fmt.Sprintf(format[:len(format)-len(": %s")], a[:len(a)-1]...) - frame := Frame{} - if internal.EnableTrace { - frame = Caller(1) - } - if wrap { - return &wrapError{msg, err, frame} - } - return &noWrapError{msg, err, frame} - } - // Support %w anywhere. - // TODO: don't repeat the wrapped error's message when %w occurs in the middle. - msg := fmt.Sprintf(format2, a...) - if idx < 0 { - return &noWrapError{msg, nil, Caller(1)} - } - err := errorAt(a, idx) - if !ok || err == nil { - // Too many %ws or argument of %w is not an error. Approximate the Go - // 1.13 fmt.Errorf message. - return &noWrapError{fmt.Sprintf("%sw(%s)", percentBangString, msg), nil, Caller(1)} - } - frame := Frame{} - if internal.EnableTrace { - frame = Caller(1) - } - return &wrapError{msg, err, frame} -} - -func errorAt(args []interface{}, i int) error { - if i < 0 || i >= len(args) { - return nil - } - err, ok := args[i].(error) - if !ok { - return nil - } - return err -} - -// formatPlusW is used to avoid the vet check that will barf at %w. -func formatPlusW(s string) string { - return s -} - -// Return the index of the only %w in format, or -1 if none. -// Also return a rewritten format string with %w replaced by %v, and -// false if there is more than one %w. -// TODO: handle "%[N]w". -func parsePercentW(format string) (idx int, newFormat string, ok bool) { - // Loosely copied from golang.org/x/tools/go/analysis/passes/printf/printf.go. - idx = -1 - ok = true - n := 0 - sz := 0 - var isW bool - for i := 0; i < len(format); i += sz { - if format[i] != '%' { - sz = 1 - continue - } - // "%%" is not a format directive. - if i+1 < len(format) && format[i+1] == '%' { - sz = 2 - continue - } - sz, isW = parsePrintfVerb(format[i:]) - if isW { - if idx >= 0 { - ok = false - } else { - idx = n - } - // "Replace" the last character, the 'w', with a 'v'. - p := i + sz - 1 - format = format[:p] + "v" + format[p+1:] - } - n++ - } - return idx, format, ok -} - -// Parse the printf verb starting with a % at s[0]. -// Return how many bytes it occupies and whether the verb is 'w'. -func parsePrintfVerb(s string) (int, bool) { - // Assume only that the directive is a sequence of non-letters followed by a single letter. - sz := 0 - var r rune - for i := 1; i < len(s); i += sz { - r, sz = utf8.DecodeRuneInString(s[i:]) - if unicode.IsLetter(r) { - return i + sz, r == 'w' - } - } - return len(s), false -} - -type noWrapError struct { - msg string - err error - frame Frame -} - -func (e *noWrapError) Error() string { - return fmt.Sprint(e) -} - -func (e *noWrapError) Format(s fmt.State, v rune) { FormatError(e, s, v) } - -func (e *noWrapError) FormatError(p Printer) (next error) { - p.Print(e.msg) - e.frame.Format(p) - return e.err -} - -type wrapError struct { - msg string - err error - frame Frame -} - -func (e *wrapError) Error() string { - return fmt.Sprint(e) -} - -func (e *wrapError) Format(s fmt.State, v rune) { FormatError(e, s, v) } - -func (e *wrapError) FormatError(p Printer) (next error) { - p.Print(e.msg) - e.frame.Format(p) - return e.err -} - -func (e *wrapError) Unwrap() error { - return e.err -} diff --git a/vendor/golang.org/x/xerrors/format.go b/vendor/golang.org/x/xerrors/format.go deleted file mode 100644 index 1bc9c26b9..000000000 --- a/vendor/golang.org/x/xerrors/format.go +++ /dev/null @@ -1,34 +0,0 @@ -// Copyright 2018 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package xerrors - -// A Formatter formats error messages. -type Formatter interface { - error - - // FormatError prints the receiver's first error and returns the next error in - // the error chain, if any. - FormatError(p Printer) (next error) -} - -// A Printer formats error messages. -// -// The most common implementation of Printer is the one provided by package fmt -// during Printf (as of Go 1.13). Localization packages such as golang.org/x/text/message -// typically provide their own implementations. -type Printer interface { - // Print appends args to the message output. - Print(args ...interface{}) - - // Printf writes a formatted string. - Printf(format string, args ...interface{}) - - // Detail reports whether error detail is requested. - // After the first call to Detail, all text written to the Printer - // is formatted as additional detail, or ignored when - // detail has not been requested. - // If Detail returns false, the caller can avoid printing the detail at all. - Detail() bool -} diff --git a/vendor/golang.org/x/xerrors/frame.go b/vendor/golang.org/x/xerrors/frame.go deleted file mode 100644 index 0de628ec5..000000000 --- a/vendor/golang.org/x/xerrors/frame.go +++ /dev/null @@ -1,56 +0,0 @@ -// Copyright 2018 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package xerrors - -import ( - "runtime" -) - -// A Frame contains part of a call stack. -type Frame struct { - // Make room for three PCs: the one we were asked for, what it called, - // and possibly a PC for skipPleaseUseCallersFrames. See: - // https://go.googlesource.com/go/+/032678e0fb/src/runtime/extern.go#169 - frames [3]uintptr -} - -// Caller returns a Frame that describes a frame on the caller's stack. -// The argument skip is the number of frames to skip over. -// Caller(0) returns the frame for the caller of Caller. -func Caller(skip int) Frame { - var s Frame - runtime.Callers(skip+1, s.frames[:]) - return s -} - -// location reports the file, line, and function of a frame. -// -// The returned function may be "" even if file and line are not. -func (f Frame) location() (function, file string, line int) { - frames := runtime.CallersFrames(f.frames[:]) - if _, ok := frames.Next(); !ok { - return "", "", 0 - } - fr, ok := frames.Next() - if !ok { - return "", "", 0 - } - return fr.Function, fr.File, fr.Line -} - -// Format prints the stack as error detail. -// It should be called from an error's Format implementation -// after printing any other error detail. -func (f Frame) Format(p Printer) { - if p.Detail() { - function, file, line := f.location() - if function != "" { - p.Printf("%s\n ", function) - } - if file != "" { - p.Printf("%s:%d\n", file, line) - } - } -} diff --git a/vendor/golang.org/x/xerrors/internal/internal.go b/vendor/golang.org/x/xerrors/internal/internal.go deleted file mode 100644 index 89f4eca5d..000000000 --- a/vendor/golang.org/x/xerrors/internal/internal.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2018 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package internal - -// EnableTrace indicates whether stack information should be recorded in errors. -var EnableTrace = true diff --git a/vendor/golang.org/x/xerrors/wrap.go b/vendor/golang.org/x/xerrors/wrap.go deleted file mode 100644 index 9842758ca..000000000 --- a/vendor/golang.org/x/xerrors/wrap.go +++ /dev/null @@ -1,112 +0,0 @@ -// Copyright 2018 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package xerrors - -import ( - "reflect" -) - -// A Wrapper provides context around another error. -type Wrapper interface { - // Unwrap returns the next error in the error chain. - // If there is no next error, Unwrap returns nil. - Unwrap() error -} - -// Opaque returns an error with the same error formatting as err -// but that does not match err and cannot be unwrapped. -func Opaque(err error) error { - return noWrapper{err} -} - -type noWrapper struct { - error -} - -func (e noWrapper) FormatError(p Printer) (next error) { - if f, ok := e.error.(Formatter); ok { - return f.FormatError(p) - } - p.Print(e.error) - return nil -} - -// Unwrap returns the result of calling the Unwrap method on err, if err implements -// Unwrap. Otherwise, Unwrap returns nil. -// -// Deprecated: As of Go 1.13, use errors.Unwrap instead. -func Unwrap(err error) error { - u, ok := err.(Wrapper) - if !ok { - return nil - } - return u.Unwrap() -} - -// Is reports whether any error in err's chain matches target. -// -// An error is considered to match a target if it is equal to that target or if -// it implements a method Is(error) bool such that Is(target) returns true. -// -// Deprecated: As of Go 1.13, use errors.Is instead. -func Is(err, target error) bool { - if target == nil { - return err == target - } - - isComparable := reflect.TypeOf(target).Comparable() - for { - if isComparable && err == target { - return true - } - if x, ok := err.(interface{ Is(error) bool }); ok && x.Is(target) { - return true - } - // TODO: consider supporing target.Is(err). This would allow - // user-definable predicates, but also may allow for coping with sloppy - // APIs, thereby making it easier to get away with them. - if err = Unwrap(err); err == nil { - return false - } - } -} - -// As finds the first error in err's chain that matches the type to which target -// points, and if so, sets the target to its value and returns true. An error -// matches a type if it is assignable to the target type, or if it has a method -// As(interface{}) bool such that As(target) returns true. As will panic if target -// is not a non-nil pointer to a type which implements error or is of interface type. -// -// The As method should set the target to its value and return true if err -// matches the type to which target points. -// -// Deprecated: As of Go 1.13, use errors.As instead. -func As(err error, target interface{}) bool { - if target == nil { - panic("errors: target cannot be nil") - } - val := reflect.ValueOf(target) - typ := val.Type() - if typ.Kind() != reflect.Ptr || val.IsNil() { - panic("errors: target must be a non-nil pointer") - } - if e := typ.Elem(); e.Kind() != reflect.Interface && !e.Implements(errorType) { - panic("errors: *target must be interface or implement error") - } - targetType := typ.Elem() - for err != nil { - if reflect.TypeOf(err).AssignableTo(targetType) { - val.Elem().Set(reflect.ValueOf(err)) - return true - } - if x, ok := err.(interface{ As(interface{}) bool }); ok && x.As(target) { - return true - } - err = Unwrap(err) - } - return false -} - -var errorType = reflect.TypeOf((*error)(nil)).Elem() diff --git a/vendor/google.golang.org/api/internal/settings.go b/vendor/google.golang.org/api/internal/settings.go index 84f9302dc..3356fa97b 100644 --- a/vendor/google.golang.org/api/internal/settings.go +++ b/vendor/google.golang.org/api/internal/settings.go @@ -55,6 +55,8 @@ type DialSettings struct { EnableDirectPathXds bool EnableNewAuthLibrary bool AllowNonDefaultServiceAccount bool + UniverseDomain string + DefaultUniverseDomain string // Google API system parameters. For more information please read: // https://cloud.google.com/apis/docs/system-parameters diff --git a/vendor/google.golang.org/api/internal/version.go b/vendor/google.golang.org/api/internal/version.go index 62a5a2386..a130609e5 100644 --- a/vendor/google.golang.org/api/internal/version.go +++ b/vendor/google.golang.org/api/internal/version.go @@ -5,4 +5,4 @@ package internal // Version is the current tagged release of the library. -const Version = "0.150.0" +const Version = "0.153.0" diff --git a/vendor/google.golang.org/api/option/internaloption/internaloption.go b/vendor/google.golang.org/api/option/internaloption/internaloption.go index b2b249eec..3fdee095c 100644 --- a/vendor/google.golang.org/api/option/internaloption/internaloption.go +++ b/vendor/google.golang.org/api/option/internaloption/internaloption.go @@ -126,6 +126,22 @@ func (w withDefaultScopes) Apply(o *internal.DialSettings) { copy(o.DefaultScopes, w) } +// WithDefaultUniverseDomain returns a ClientOption that sets the default universe domain. +// +// It should only be used internally by generated clients. +// +// This is similar to the public WithUniverse, but allows us to determine whether the user has +// overridden the default universe. +func WithDefaultUniverseDomain(ud string) option.ClientOption { + return withDefaultUniverseDomain(ud) +} + +type withDefaultUniverseDomain string + +func (w withDefaultUniverseDomain) Apply(o *internal.DialSettings) { + o.DefaultUniverseDomain = string(w) +} + // EnableJwtWithScope returns a ClientOption that specifies if scope can be used // with self-signed JWT. func EnableJwtWithScope() option.ClientOption { diff --git a/vendor/google.golang.org/api/option/option.go b/vendor/google.golang.org/api/option/option.go index b2085a194..c882c1eb4 100644 --- a/vendor/google.golang.org/api/option/option.go +++ b/vendor/google.golang.org/api/option/option.go @@ -343,3 +343,16 @@ func (w *withCreds) Apply(o *internal.DialSettings) { func WithCredentials(creds *google.Credentials) ClientOption { return (*withCreds)(creds) } + +// WithUniverseDomain returns a ClientOption that sets the universe domain. +// +// This is an EXPERIMENTAL API and may be changed or removed in the future. +func WithUniverseDomain(ud string) ClientOption { + return withUniverseDomain(ud) +} + +type withUniverseDomain string + +func (w withUniverseDomain) Apply(o *internal.DialSettings) { + o.UniverseDomain = string(w) +} diff --git a/vendor/google.golang.org/api/storage/v1/storage-api.json b/vendor/google.golang.org/api/storage/v1/storage-api.json index 5481a74cb..6c89799d5 100644 --- a/vendor/google.golang.org/api/storage/v1/storage-api.json +++ b/vendor/google.golang.org/api/storage/v1/storage-api.json @@ -26,7 +26,7 @@ "description": "Stores and retrieves potentially large, immutable data objects.", "discoveryVersion": "v1", "documentationLink": "https://developers.google.com/storage/docs/json_api/", - "etag": "\"39383633393336373936373236333033393737\"", + "etag": "\"38383938373230313033363637363637353533\"", "icons": { "x16": "https://www.google.com/images/icons/product/cloud_storage-16.png", "x32": "https://www.google.com/images/icons/product/cloud_storage-32.png" @@ -215,7 +215,7 @@ "type": "string" } }, - "path": "b/{bucket}/anywhereCache", + "path": "b/{bucket}/anywhereCaches", "response": { "$ref": "AnywhereCaches" }, @@ -3799,7 +3799,7 @@ } } }, - "revision": "20231028", + "revision": "20231117", "rootUrl": "https://storage.googleapis.com/", "schemas": { "AnywhereCache": { diff --git a/vendor/google.golang.org/api/storage/v1/storage-gen.go b/vendor/google.golang.org/api/storage/v1/storage-gen.go index 90320fcc0..c4331c04d 100644 --- a/vendor/google.golang.org/api/storage/v1/storage-gen.go +++ b/vendor/google.golang.org/api/storage/v1/storage-gen.go @@ -3593,7 +3593,7 @@ func (c *AnywhereCacheListCall) doRequest(alt string) (*http.Response, error) { var body io.Reader = nil c.urlParams_.Set("alt", alt) c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "b/{bucket}/anywhereCache") + urls := googleapi.ResolveRelative(c.s.BasePath, "b/{bucket}/anywhereCaches") urls += "?" + c.urlParams_.Encode() req, err := http.NewRequest("GET", urls, body) if err != nil { @@ -3670,7 +3670,7 @@ func (c *AnywhereCacheListCall) Do(opts ...googleapi.CallOption) (*AnywhereCache // "type": "string" // } // }, - // "path": "b/{bucket}/anywhereCache", + // "path": "b/{bucket}/anywhereCaches", // "response": { // "$ref": "AnywhereCaches" // }, diff --git a/vendor/modules.txt b/vendor/modules.txt index dc55450e4..b6d1fc143 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1,4 +1,4 @@ -# cloud.google.com/go v0.110.10 +# cloud.google.com/go v0.111.0 ## explicit; go 1.19 cloud.google.com/go/internal cloud.google.com/go/internal/optional @@ -42,7 +42,7 @@ github.com/Azure/azure-sdk-for-go/sdk/azcore/tracing # github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0 ## explicit; go 1.18 github.com/Azure/azure-sdk-for-go/sdk/azidentity -# github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.0 +# github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1 ## explicit; go 1.18 github.com/Azure/azure-sdk-for-go/sdk/internal/diag github.com/Azure/azure-sdk-for-go/sdk/internal/errorinfo @@ -89,7 +89,7 @@ github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/options github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/shared github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/version github.com/AzureAD/microsoft-authentication-library-for-go/apps/public -# github.com/VictoriaMetrics/fastcache v1.12.1 +# github.com/VictoriaMetrics/fastcache v1.12.2 ## explicit; go 1.13 github.com/VictoriaMetrics/fastcache # github.com/VictoriaMetrics/fasthttp v1.2.0 @@ -97,20 +97,20 @@ github.com/VictoriaMetrics/fastcache github.com/VictoriaMetrics/fasthttp github.com/VictoriaMetrics/fasthttp/fasthttputil github.com/VictoriaMetrics/fasthttp/stackless -# github.com/VictoriaMetrics/metrics v1.24.0 +# github.com/VictoriaMetrics/metrics v1.25.3 ## explicit; go 1.20 github.com/VictoriaMetrics/metrics -# github.com/VictoriaMetrics/metricsql v0.69.0 => github.com/VictoriaMetrics/metricsql v0.56.2 +# github.com/VictoriaMetrics/metricsql v0.70.0 => github.com/VictoriaMetrics/metricsql v0.56.2 ## explicit; go 1.13 github.com/VictoriaMetrics/metricsql github.com/VictoriaMetrics/metricsql/binaryop # github.com/VividCortex/ewma v1.2.0 ## explicit; go 1.12 github.com/VividCortex/ewma -# github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137 +# github.com/alecthomas/units v0.0.0-20231202071711-9a357b53e9c9 ## explicit; go 1.15 github.com/alecthomas/units -# github.com/aws/aws-sdk-go v1.47.11 +# github.com/aws/aws-sdk-go v1.48.16 ## explicit; go 1.19 github.com/aws/aws-sdk-go/aws github.com/aws/aws-sdk-go/aws/auth/bearer @@ -154,12 +154,13 @@ github.com/aws/aws-sdk-go/service/sso/ssoiface github.com/aws/aws-sdk-go/service/ssooidc github.com/aws/aws-sdk-go/service/sts github.com/aws/aws-sdk-go/service/sts/stsiface -# github.com/aws/aws-sdk-go-v2 v1.22.2 +# github.com/aws/aws-sdk-go-v2 v1.24.0 ## explicit; go 1.19 github.com/aws/aws-sdk-go-v2/aws github.com/aws/aws-sdk-go-v2/aws/arn github.com/aws/aws-sdk-go-v2/aws/defaults github.com/aws/aws-sdk-go-v2/aws/middleware +github.com/aws/aws-sdk-go-v2/aws/middleware/private/metrics github.com/aws/aws-sdk-go-v2/aws/protocol/query github.com/aws/aws-sdk-go-v2/aws/protocol/restjson github.com/aws/aws-sdk-go-v2/aws/protocol/xml @@ -169,7 +170,10 @@ github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4 github.com/aws/aws-sdk-go-v2/aws/signer/v4 github.com/aws/aws-sdk-go-v2/aws/transport/http github.com/aws/aws-sdk-go-v2/internal/auth +github.com/aws/aws-sdk-go-v2/internal/auth/smithy github.com/aws/aws-sdk-go-v2/internal/awsutil +github.com/aws/aws-sdk-go-v2/internal/context +github.com/aws/aws-sdk-go-v2/internal/endpoints github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn github.com/aws/aws-sdk-go-v2/internal/rand github.com/aws/aws-sdk-go-v2/internal/sdk @@ -178,14 +182,14 @@ github.com/aws/aws-sdk-go-v2/internal/shareddefaults github.com/aws/aws-sdk-go-v2/internal/strings github.com/aws/aws-sdk-go-v2/internal/sync/singleflight github.com/aws/aws-sdk-go-v2/internal/timeconv -# github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.0 +# github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.4 ## explicit; go 1.19 github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/eventstreamapi -# github.com/aws/aws-sdk-go-v2/config v1.25.0 +# github.com/aws/aws-sdk-go-v2/config v1.26.1 ## explicit; go 1.19 github.com/aws/aws-sdk-go-v2/config -# github.com/aws/aws-sdk-go-v2/credentials v1.16.0 +# github.com/aws/aws-sdk-go-v2/credentials v1.16.12 ## explicit; go 1.19 github.com/aws/aws-sdk-go-v2/credentials github.com/aws/aws-sdk-go-v2/credentials/ec2rolecreds @@ -194,67 +198,70 @@ github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client github.com/aws/aws-sdk-go-v2/credentials/processcreds github.com/aws/aws-sdk-go-v2/credentials/ssocreds github.com/aws/aws-sdk-go-v2/credentials/stscreds -# github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.3 +# github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.10 ## explicit; go 1.19 github.com/aws/aws-sdk-go-v2/feature/ec2/imds github.com/aws/aws-sdk-go-v2/feature/ec2/imds/internal/config -# github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.13.7 +# github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.15.7 ## explicit; go 1.19 github.com/aws/aws-sdk-go-v2/feature/s3/manager -# github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.2 +# github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.9 ## explicit; go 1.19 github.com/aws/aws-sdk-go-v2/internal/configsources -# github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.2 +# github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.9 ## explicit; go 1.19 github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 -# github.com/aws/aws-sdk-go-v2/internal/ini v1.7.0 +# github.com/aws/aws-sdk-go-v2/internal/ini v1.7.2 ## explicit; go 1.19 github.com/aws/aws-sdk-go-v2/internal/ini -# github.com/aws/aws-sdk-go-v2/internal/v4a v1.2.2 +# github.com/aws/aws-sdk-go-v2/internal/v4a v1.2.9 ## explicit; go 1.19 github.com/aws/aws-sdk-go-v2/internal/v4a github.com/aws/aws-sdk-go-v2/internal/v4a/internal/crypto github.com/aws/aws-sdk-go-v2/internal/v4a/internal/v4 -# github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.0 +# github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4 ## explicit; go 1.19 github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding -# github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.2 +# github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.9 ## explicit; go 1.19 github.com/aws/aws-sdk-go-v2/service/internal/checksum -# github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.2 +# github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.9 ## explicit; go 1.19 github.com/aws/aws-sdk-go-v2/service/internal/presigned-url -# github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.2 +# github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.9 ## explicit; go 1.19 github.com/aws/aws-sdk-go-v2/service/internal/s3shared github.com/aws/aws-sdk-go-v2/service/internal/s3shared/arn github.com/aws/aws-sdk-go-v2/service/internal/s3shared/config -# github.com/aws/aws-sdk-go-v2/service/s3 v1.42.1 +# github.com/aws/aws-sdk-go-v2/service/s3 v1.47.5 ## explicit; go 1.19 github.com/aws/aws-sdk-go-v2/service/s3 github.com/aws/aws-sdk-go-v2/service/s3/internal/arn github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations github.com/aws/aws-sdk-go-v2/service/s3/internal/endpoints github.com/aws/aws-sdk-go-v2/service/s3/types -# github.com/aws/aws-sdk-go-v2/service/sso v1.17.1 +# github.com/aws/aws-sdk-go-v2/service/sso v1.18.5 ## explicit; go 1.19 github.com/aws/aws-sdk-go-v2/service/sso github.com/aws/aws-sdk-go-v2/service/sso/internal/endpoints github.com/aws/aws-sdk-go-v2/service/sso/types -# github.com/aws/aws-sdk-go-v2/service/ssooidc v1.19.1 +# github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.5 ## explicit; go 1.19 github.com/aws/aws-sdk-go-v2/service/ssooidc github.com/aws/aws-sdk-go-v2/service/ssooidc/internal/endpoints github.com/aws/aws-sdk-go-v2/service/ssooidc/types -# github.com/aws/aws-sdk-go-v2/service/sts v1.25.1 +# github.com/aws/aws-sdk-go-v2/service/sts v1.26.5 ## explicit; go 1.19 github.com/aws/aws-sdk-go-v2/service/sts github.com/aws/aws-sdk-go-v2/service/sts/internal/endpoints github.com/aws/aws-sdk-go-v2/service/sts/types -# github.com/aws/smithy-go v1.16.0 +# github.com/aws/smithy-go v1.19.0 ## explicit; go 1.19 github.com/aws/smithy-go +github.com/aws/smithy-go/auth github.com/aws/smithy-go/auth/bearer +github.com/aws/smithy-go/container/private/cache +github.com/aws/smithy-go/container/private/cache/lru github.com/aws/smithy-go/context github.com/aws/smithy-go/document github.com/aws/smithy-go/encoding @@ -267,6 +274,7 @@ github.com/aws/smithy-go/internal/sync/singleflight github.com/aws/smithy-go/io github.com/aws/smithy-go/logging github.com/aws/smithy-go/middleware +github.com/aws/smithy-go/private/requestcompression github.com/aws/smithy-go/ptr github.com/aws/smithy-go/rand github.com/aws/smithy-go/sync @@ -321,7 +329,7 @@ github.com/gogo/protobuf/proto github.com/gogo/protobuf/protoc-gen-gogo/descriptor github.com/gogo/protobuf/sortkeys github.com/gogo/protobuf/types -# github.com/golang-jwt/jwt/v5 v5.1.0 +# github.com/golang-jwt/jwt/v5 v5.2.0 ## explicit; go 1.18 github.com/golang-jwt/jwt/v5 # github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da @@ -393,8 +401,8 @@ github.com/jpillora/backoff # github.com/json-iterator/go v1.1.12 ## explicit; go 1.12 github.com/json-iterator/go -# github.com/klauspost/compress v1.17.2 -## explicit; go 1.18 +# github.com/klauspost/compress v1.17.4 +## explicit; go 1.19 github.com/klauspost/compress github.com/klauspost/compress/flate github.com/klauspost/compress/fse @@ -468,7 +476,7 @@ github.com/prometheus/common/sigv4 github.com/prometheus/procfs github.com/prometheus/procfs/internal/fs github.com/prometheus/procfs/internal/util -# github.com/prometheus/prometheus v0.47.2 +# github.com/prometheus/prometheus v0.48.1 ## explicit; go 1.20 github.com/prometheus/prometheus/config github.com/prometheus/prometheus/discovery @@ -483,6 +491,7 @@ github.com/prometheus/prometheus/model/timestamp github.com/prometheus/prometheus/model/value github.com/prometheus/prometheus/prompb github.com/prometheus/prometheus/prompb/io/prometheus/client +github.com/prometheus/prometheus/promql/parser/posrange github.com/prometheus/prometheus/scrape github.com/prometheus/prometheus/storage github.com/prometheus/prometheus/storage/remote @@ -501,6 +510,7 @@ github.com/prometheus/prometheus/tsdb/record github.com/prometheus/prometheus/tsdb/tombstones github.com/prometheus/prometheus/tsdb/tsdbutil github.com/prometheus/prometheus/tsdb/wlog +github.com/prometheus/prometheus/util/annotations github.com/prometheus/prometheus/util/gate github.com/prometheus/prometheus/util/logging github.com/prometheus/prometheus/util/osutil @@ -517,7 +527,7 @@ github.com/russross/blackfriday/v2 ## explicit; go 1.20 github.com/stretchr/testify/assert github.com/stretchr/testify/require -# github.com/urfave/cli/v2 v2.25.7 +# github.com/urfave/cli/v2 v2.26.0 ## explicit; go 1.18 github.com/urfave/cli/v2 # github.com/valyala/bytebufferpool v1.0.0 @@ -564,7 +574,7 @@ go.opencensus.io/trace go.opencensus.io/trace/internal go.opencensus.io/trace/propagation go.opencensus.io/trace/tracestate -# go.opentelemetry.io/collector/pdata v1.0.0-rcv0018 +# go.opentelemetry.io/collector/pdata v1.0.0 ## explicit; go 1.20 go.opentelemetry.io/collector/pdata/internal go.opentelemetry.io/collector/pdata/internal/data @@ -581,14 +591,14 @@ go.opentelemetry.io/collector/pdata/internal/otlp go.opentelemetry.io/collector/pdata/pcommon go.opentelemetry.io/collector/pdata/pmetric go.opentelemetry.io/collector/pdata/pmetric/pmetricotlp -# go.opentelemetry.io/collector/semconv v0.89.0 +# go.opentelemetry.io/collector/semconv v0.90.1 ## explicit; go 1.20 go.opentelemetry.io/collector/semconv/v1.6.1 -# go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.0 +# go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1 ## explicit; go 1.20 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil -# go.opentelemetry.io/otel v1.20.0 +# go.opentelemetry.io/otel v1.21.0 ## explicit; go 1.20 go.opentelemetry.io/otel go.opentelemetry.io/otel/attribute @@ -600,11 +610,12 @@ go.opentelemetry.io/otel/internal/baggage go.opentelemetry.io/otel/internal/global go.opentelemetry.io/otel/propagation go.opentelemetry.io/otel/semconv/v1.17.0 -# go.opentelemetry.io/otel/metric v1.20.0 +go.opentelemetry.io/otel/semconv/v1.21.0 +# go.opentelemetry.io/otel/metric v1.21.0 ## explicit; go 1.20 go.opentelemetry.io/otel/metric go.opentelemetry.io/otel/metric/embedded -# go.opentelemetry.io/otel/trace v1.20.0 +# go.opentelemetry.io/otel/trace v1.21.0 ## explicit; go 1.20 go.opentelemetry.io/otel/trace go.opentelemetry.io/otel/trace/embedded @@ -618,7 +629,7 @@ go.uber.org/goleak/internal/stack # go.uber.org/multierr v1.11.0 ## explicit; go 1.19 go.uber.org/multierr -# golang.org/x/crypto v0.15.0 +# golang.org/x/crypto v0.16.0 ## explicit; go 1.18 golang.org/x/crypto/chacha20 golang.org/x/crypto/chacha20poly1305 @@ -629,11 +640,11 @@ golang.org/x/crypto/internal/alias golang.org/x/crypto/internal/poly1305 golang.org/x/crypto/pkcs12 golang.org/x/crypto/pkcs12/internal/rc2 -# golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa => golang.org/x/exp v0.0.0-20230713183714-613f0c0eb8a1 +# golang.org/x/exp v0.0.0-20231206192017-f3f8817b8deb ## explicit; go 1.20 golang.org/x/exp/constraints golang.org/x/exp/slices -# golang.org/x/net v0.18.0 +# golang.org/x/net v0.19.0 ## explicit; go 1.18 golang.org/x/net/http/httpguts golang.org/x/net/http/httpproxy @@ -644,7 +655,7 @@ golang.org/x/net/internal/socks golang.org/x/net/internal/timeseries golang.org/x/net/proxy golang.org/x/net/trace -# golang.org/x/oauth2 v0.14.0 +# golang.org/x/oauth2 v0.15.0 ## explicit; go 1.18 golang.org/x/oauth2 golang.org/x/oauth2/authhandler @@ -660,7 +671,7 @@ golang.org/x/oauth2/jwt ## explicit; go 1.18 golang.org/x/sync/errgroup golang.org/x/sync/semaphore -# golang.org/x/sys v0.14.0 +# golang.org/x/sys v0.15.0 ## explicit; go 1.18 golang.org/x/sys/cpu golang.org/x/sys/unix @@ -671,14 +682,12 @@ golang.org/x/text/secure/bidirule golang.org/x/text/transform golang.org/x/text/unicode/bidi golang.org/x/text/unicode/norm -# golang.org/x/time v0.4.0 +# golang.org/x/time v0.5.0 ## explicit; go 1.18 golang.org/x/time/rate # golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 ## explicit; go 1.18 -golang.org/x/xerrors -golang.org/x/xerrors/internal -# google.golang.org/api v0.150.0 +# google.golang.org/api v0.153.0 ## explicit; go 1.19 google.golang.org/api/googleapi google.golang.org/api/googleapi/transport @@ -708,16 +717,16 @@ google.golang.org/appengine/internal/modules google.golang.org/appengine/internal/remote_api google.golang.org/appengine/internal/urlfetch google.golang.org/appengine/urlfetch -# google.golang.org/genproto v0.0.0-20231106174013-bbf56f31fb17 +# google.golang.org/genproto v0.0.0-20231127180814-3a041ad873d4 ## explicit; go 1.19 google.golang.org/genproto/googleapis/type/date google.golang.org/genproto/googleapis/type/expr google.golang.org/genproto/internal -# google.golang.org/genproto/googleapis/api v0.0.0-20231106174013-bbf56f31fb17 +# google.golang.org/genproto/googleapis/api v0.0.0-20231127180814-3a041ad873d4 ## explicit; go 1.19 google.golang.org/genproto/googleapis/api google.golang.org/genproto/googleapis/api/annotations -# google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 +# google.golang.org/genproto/googleapis/rpc v0.0.0-20231127180814-3a041ad873d4 ## explicit; go 1.19 google.golang.org/genproto/googleapis/rpc/code google.golang.org/genproto/googleapis/rpc/errdetails @@ -829,4 +838,3 @@ gopkg.in/yaml.v2 ## explicit gopkg.in/yaml.v3 # github.com/VictoriaMetrics/metricsql => github.com/VictoriaMetrics/metricsql v0.56.2 -# golang.org/x/exp => golang.org/x/exp v0.0.0-20230713183714-613f0c0eb8a1