mirror of
https://github.com/VictoriaMetrics/VictoriaMetrics.git
synced 2024-11-21 14:44:00 +00:00
vendor: run make vendor-update
This commit is contained in:
parent
be959a5c01
commit
248e84754d
253 changed files with 16208 additions and 3711 deletions
59
go.mod
59
go.mod
|
@ -3,7 +3,7 @@ module github.com/VictoriaMetrics/VictoriaMetrics
|
|||
go 1.20
|
||||
|
||||
require (
|
||||
cloud.google.com/go/storage v1.36.0
|
||||
cloud.google.com/go/storage v1.37.0
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1
|
||||
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.2.1
|
||||
github.com/VictoriaMetrics/fastcache v1.12.2
|
||||
|
@ -14,18 +14,18 @@ require (
|
|||
github.com/VictoriaMetrics/metrics v1.31.0
|
||||
github.com/VictoriaMetrics/metricsql v0.70.0
|
||||
github.com/aws/aws-sdk-go-v2 v1.24.1
|
||||
github.com/aws/aws-sdk-go-v2/config v1.26.4
|
||||
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.15.12
|
||||
github.com/aws/aws-sdk-go-v2/service/s3 v1.48.0
|
||||
github.com/aws/aws-sdk-go-v2/config v1.26.6
|
||||
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.15.15
|
||||
github.com/aws/aws-sdk-go-v2/service/s3 v1.48.1
|
||||
github.com/bmatcuk/doublestar/v4 v4.6.1
|
||||
github.com/cespare/xxhash/v2 v2.2.0
|
||||
github.com/cheggaaa/pb/v3 v3.1.4
|
||||
github.com/cheggaaa/pb/v3 v3.1.5
|
||||
github.com/gogo/protobuf v1.3.2
|
||||
github.com/golang/snappy v0.0.4
|
||||
github.com/googleapis/gax-go/v2 v2.12.0
|
||||
github.com/influxdata/influxdb v1.11.4
|
||||
github.com/klauspost/compress v1.17.4
|
||||
github.com/prometheus/prometheus v0.48.1
|
||||
github.com/klauspost/compress v1.17.5
|
||||
github.com/prometheus/prometheus v0.49.1
|
||||
github.com/urfave/cli/v2 v2.27.1
|
||||
github.com/valyala/fastjson v1.6.4
|
||||
github.com/valyala/fastrand v1.1.0
|
||||
|
@ -36,33 +36,33 @@ require (
|
|||
golang.org/x/net v0.20.0
|
||||
golang.org/x/oauth2 v0.16.0
|
||||
golang.org/x/sys v0.16.0
|
||||
google.golang.org/api v0.156.0
|
||||
google.golang.org/api v0.161.0
|
||||
gopkg.in/yaml.v2 v2.4.0
|
||||
)
|
||||
|
||||
require (
|
||||
cloud.google.com/go v0.112.0 // indirect
|
||||
cloud.google.com/go/compute v1.23.3 // indirect
|
||||
cloud.google.com/go/compute v1.23.4 // indirect
|
||||
cloud.google.com/go/compute/metadata v0.2.3 // indirect
|
||||
cloud.google.com/go/iam v1.1.5 // indirect
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0 // indirect
|
||||
cloud.google.com/go/iam v1.1.6 // indirect
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1 // indirect
|
||||
github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1 // indirect
|
||||
github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 // indirect
|
||||
github.com/VividCortex/ewma v1.2.0 // indirect
|
||||
github.com/alecthomas/units v0.0.0-20231202071711-9a357b53e9c9 // indirect
|
||||
github.com/aws/aws-sdk-go v1.49.22 // indirect
|
||||
github.com/aws/aws-sdk-go v1.50.8 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.4 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/credentials v1.16.15 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/credentials v1.16.16 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/ini v1.7.2 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/ini v1.7.3 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/v4a v1.2.10 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.10 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.10 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/sso v1.18.6 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/sso v1.18.7 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.26.7 // indirect
|
||||
github.com/aws/smithy-go v1.19.0 // indirect
|
||||
|
@ -80,9 +80,10 @@ require (
|
|||
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
|
||||
github.com/golang/protobuf v1.5.3 // indirect
|
||||
github.com/google/s2a-go v0.1.7 // indirect
|
||||
github.com/google/uuid v1.5.0 // indirect
|
||||
github.com/google/uuid v1.6.0 // indirect
|
||||
github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
|
||||
github.com/grafana/regexp v0.0.0-20221122212121-6b5c0a4cb7fd // indirect
|
||||
github.com/hashicorp/go-version v1.6.0 // indirect
|
||||
github.com/jmespath/go-jmespath v0.4.0 // indirect
|
||||
github.com/jpillora/backoff v1.0.0 // indirect
|
||||
github.com/json-iterator/go v1.1.12 // indirect
|
||||
|
@ -102,33 +103,33 @@ require (
|
|||
github.com/prometheus/common v0.46.0 // indirect
|
||||
github.com/prometheus/common/sigv4 v0.1.0 // indirect
|
||||
github.com/prometheus/procfs v0.12.0 // indirect
|
||||
github.com/rivo/uniseg v0.4.4 // indirect
|
||||
github.com/rivo/uniseg v0.4.6 // indirect
|
||||
github.com/russross/blackfriday/v2 v2.1.0 // indirect
|
||||
github.com/stretchr/testify v1.8.4 // indirect
|
||||
github.com/valyala/bytebufferpool v1.0.0 // indirect
|
||||
github.com/xrash/smetrics v0.0.0-20231213231151-1d8dd44e695e // indirect
|
||||
go.opencensus.io v0.24.0 // indirect
|
||||
go.opentelemetry.io/collector/featuregate v1.0.1 // indirect
|
||||
go.opentelemetry.io/collector/pdata v1.0.1 // indirect
|
||||
go.opentelemetry.io/collector/semconv v0.92.0 // indirect
|
||||
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.1 // indirect
|
||||
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1 // indirect
|
||||
go.opentelemetry.io/otel v1.21.0 // indirect
|
||||
go.opentelemetry.io/otel/metric v1.21.0 // indirect
|
||||
go.opentelemetry.io/otel/trace v1.21.0 // indirect
|
||||
go.opentelemetry.io/collector/semconv v0.93.0 // indirect
|
||||
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0 // indirect
|
||||
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0 // indirect
|
||||
go.opentelemetry.io/otel v1.22.0 // indirect
|
||||
go.opentelemetry.io/otel/metric v1.22.0 // indirect
|
||||
go.opentelemetry.io/otel/trace v1.22.0 // indirect
|
||||
go.uber.org/atomic v1.11.0 // indirect
|
||||
go.uber.org/goleak v1.3.0 // indirect
|
||||
go.uber.org/multierr v1.11.0 // indirect
|
||||
golang.org/x/crypto v0.18.0 // indirect
|
||||
golang.org/x/exp v0.0.0-20240112132812-db7319d0e0e3 // indirect
|
||||
golang.org/x/exp v0.0.0-20240119083558-1b970713d09a // indirect
|
||||
golang.org/x/sync v0.6.0 // indirect
|
||||
golang.org/x/text v0.14.0 // indirect
|
||||
golang.org/x/time v0.5.0 // indirect
|
||||
golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect
|
||||
google.golang.org/appengine v1.6.8 // indirect
|
||||
google.golang.org/genproto v0.0.0-20240108191215-35c7eff3a6b1 // indirect
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20240108191215-35c7eff3a6b1 // indirect
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20240108191215-35c7eff3a6b1 // indirect
|
||||
google.golang.org/grpc v1.60.1 // indirect
|
||||
google.golang.org/genproto v0.0.0-20240125205218-1f4bbc51befe // indirect
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20240125205218-1f4bbc51befe // indirect
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20240125205218-1f4bbc51befe // indirect
|
||||
google.golang.org/grpc v1.61.0 // indirect
|
||||
google.golang.org/protobuf v1.32.0 // indirect
|
||||
gopkg.in/yaml.v3 v3.0.1 // indirect
|
||||
)
|
||||
|
|
146
go.sum
146
go.sum
|
@ -21,14 +21,14 @@ cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvf
|
|||
cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg=
|
||||
cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc=
|
||||
cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ=
|
||||
cloud.google.com/go/compute v1.23.3 h1:6sVlXXBmbd7jNX0Ipq0trII3e4n1/MsADLK6a+aiVlk=
|
||||
cloud.google.com/go/compute v1.23.3/go.mod h1:VCgBUoMnIVIR0CscqQiPJLAG25E3ZRZMzcFZeQ+h8CI=
|
||||
cloud.google.com/go/compute v1.23.4 h1:EBT9Nw4q3zyE7G45Wvv3MzolIrCJEuHys5muLY0wvAw=
|
||||
cloud.google.com/go/compute v1.23.4/go.mod h1:/EJMj55asU6kAFnuZET8zqgwgJ9FvXWXOkkfQZa4ioI=
|
||||
cloud.google.com/go/compute/metadata v0.2.3 h1:mg4jlk7mCAj6xXp9UJ4fjI9VUI5rubuGBW5aJ7UnBMY=
|
||||
cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2AawlZn8kiOGuCv6gTkwuA=
|
||||
cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE=
|
||||
cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk=
|
||||
cloud.google.com/go/iam v1.1.5 h1:1jTsCu4bcsNsE4iiqNT5SHwrDRCfRmIaaaVFhRveTJI=
|
||||
cloud.google.com/go/iam v1.1.5/go.mod h1:rB6P/Ic3mykPbFio+vo7403drjlgvoWfYpJhMXEbzv8=
|
||||
cloud.google.com/go/iam v1.1.6 h1:bEa06k05IO4f4uJonbB5iAgKTPpABy1ayxaIZV/GHVc=
|
||||
cloud.google.com/go/iam v1.1.6/go.mod h1:O0zxdPeGBoFdWW3HWmBxJsk0pfvNM/p/qa82rWOGTwI=
|
||||
cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I=
|
||||
cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw=
|
||||
cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA=
|
||||
|
@ -38,13 +38,13 @@ cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0Zeo
|
|||
cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk=
|
||||
cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
|
||||
cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
|
||||
cloud.google.com/go/storage v1.36.0 h1:P0mOkAcaJxhCTvAkMhxMfrTKiNcub4YmmPBtlhAyTr8=
|
||||
cloud.google.com/go/storage v1.36.0/go.mod h1:M6M/3V/D3KpzMTJyPOR/HU6n2Si5QdaXYEsng2xgOs8=
|
||||
cloud.google.com/go/storage v1.37.0 h1:WI8CsaFO8Q9KjPVtsZ5Cmi0dXV25zMoX0FklT7c3Jm4=
|
||||
cloud.google.com/go/storage v1.37.0/go.mod h1:i34TiT2IhiNDmcj65PqwCjcoUX7Z5pLzS8DEmoiFq1k=
|
||||
dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1 h1:lGlwhPtrX6EVml1hO0ivjkUxsSyl4dsiw9qcA1k/3IQ=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1/go.mod h1:RKUqNu35KJYcVG/fqTRqmuXJZYNhYkBrnC/hX7yGbTA=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0 h1:BMAjVKJM0U/CYF27gA0ZMmXGkOcvfFtD0oHVZ1TIPRI=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0/go.mod h1:1fXstnBMas5kzG+S3q8UoJcmyU6nUeunJcMDHcRYHhs=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1 h1:sO0/P7g68FrryJzljemN+6GTssUXdANk6aJ7T1ZxnsQ=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1/go.mod h1:h8hyGFDsU5HMivxiS2iYFZsgDbU9OnnJ163x5UGVKYo=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1 h1:6oNBlSdi1QqM1PNW7FPA6xOGA5UNsXnkaYZz9vdPGhA=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1/go.mod h1:s4kgfzA0covAXNicZHDMN58jExvcng2mC/DepXiF1EI=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v4 v4.2.1 h1:UPeCRD+XY7QlaGQte2EVI2iOcWvUYA2XY8w5T/8v0NQ=
|
||||
|
@ -57,6 +57,7 @@ github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 h1:DzHpqpoJVaC
|
|||
github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI=
|
||||
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
|
||||
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
|
||||
github.com/Code-Hex/go-generics-cache v1.3.1 h1:i8rLwyhoyhaerr7JpjtYjJZUcCbWOdiYO3fZXLiEC4g=
|
||||
github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow=
|
||||
github.com/VictoriaMetrics/fastcache v1.12.2 h1:N0y9ASrJ0F6h0QaC3o6uJb3NIZ9VKLjCM7NQbSmF7WI=
|
||||
github.com/VictoriaMetrics/fastcache v1.12.2/go.mod h1:AmC+Nzz1+3G2eCPapF6UcsnkThDcMsQicp4xDukwJYI=
|
||||
|
@ -82,26 +83,26 @@ github.com/andybalholm/brotli v1.0.2/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu
|
|||
github.com/andybalholm/brotli v1.0.3/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
|
||||
github.com/armon/go-metrics v0.4.1 h1:hR91U9KYmb6bLBYLQjyM+3j+rcd/UhE+G78SFnF8gJA=
|
||||
github.com/aws/aws-sdk-go v1.38.35/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
|
||||
github.com/aws/aws-sdk-go v1.49.22 h1:r01+cQJ3cORQI1PJxG8af0jzrZpUOL9L+/3kU2x1geU=
|
||||
github.com/aws/aws-sdk-go v1.49.22/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
|
||||
github.com/aws/aws-sdk-go v1.50.8 h1:gY0WoOW+/Wz6XmYSgDH9ge3wnAevYDSQWPxxJvqAkP4=
|
||||
github.com/aws/aws-sdk-go v1.50.8/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
|
||||
github.com/aws/aws-sdk-go-v2 v1.24.1 h1:xAojnj+ktS95YZlDf0zxWBkbFtymPeDP+rvUQIH3uAU=
|
||||
github.com/aws/aws-sdk-go-v2 v1.24.1/go.mod h1:LNh45Br1YAkEKaAqvmE1m8FUx6a5b/V0oAKV7of29b4=
|
||||
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.4 h1:OCs21ST2LrepDfD3lwlQiOqIGp6JiEUqG84GzTDoyJs=
|
||||
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.4/go.mod h1:usURWEKSNNAcAZuzRn/9ZYPT8aZQkR7xcCtunK/LkJo=
|
||||
github.com/aws/aws-sdk-go-v2/config v1.26.4 h1:Juj7LhtxNudNUlfX22K5AnLafO+v4eq9PA3VWSCIQs4=
|
||||
github.com/aws/aws-sdk-go-v2/config v1.26.4/go.mod h1:tioqQ7wvxMYnTDpoTTLHhV3Zh+z261i/f2oz+ds8eNI=
|
||||
github.com/aws/aws-sdk-go-v2/credentials v1.16.15 h1:P0/m1LU08MF2kRzx4P//+7lNjiJod1z4xI2WpWhdpTQ=
|
||||
github.com/aws/aws-sdk-go-v2/credentials v1.16.15/go.mod h1:pgtMCf7Dx4GWw5EpHOTc2Sy17LIP0A0N2C9nQ83pQ/0=
|
||||
github.com/aws/aws-sdk-go-v2/config v1.26.6 h1:Z/7w9bUqlRI0FFQpetVuFYEsjzE3h7fpU6HuGmfPL/o=
|
||||
github.com/aws/aws-sdk-go-v2/config v1.26.6/go.mod h1:uKU6cnDmYCvJ+pxO9S4cWDb2yWWIH5hra+32hVh1MI4=
|
||||
github.com/aws/aws-sdk-go-v2/credentials v1.16.16 h1:8q6Rliyv0aUFAVtzaldUEcS+T5gbadPbWdV1WcAddK8=
|
||||
github.com/aws/aws-sdk-go-v2/credentials v1.16.16/go.mod h1:UHVZrdUsv63hPXFo1H7c5fEneoVo9UXiz36QG1GEPi0=
|
||||
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11 h1:c5I5iH+DZcH3xOIMlz3/tCKJDaHFwYEmxvlh2fAcFo8=
|
||||
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.11/go.mod h1:cRrYDYAMUohBJUtUnOhydaMHtiK/1NZ0Otc9lIb6O0Y=
|
||||
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.15.12 h1:0FMZy36RSYvcvVzEf1xbNdebLHZewW40QWP+P8jCMVk=
|
||||
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.15.12/go.mod h1:+chyahvarkb3HibkNei9IQEM9P5cWD5w2kgXCa3Hh0I=
|
||||
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.15.15 h1:2MUXyGW6dVaQz6aqycpbdLIH1NMcUI6kW6vQ0RabGYg=
|
||||
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.15.15/go.mod h1:aHbhbR6WEQgHAiRj41EQ2W47yOYwNtIkWTXmcAtYqj8=
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10 h1:vF+Zgd9s+H4vOXd5BMaPWykta2a6Ih0AKLq/X6NYKn4=
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.10/go.mod h1:6BkRjejp/GR4411UGqkX8+wFMbFbqsUIimfK4XjOKR4=
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10 h1:nYPe006ktcqUji8S2mqXf9c/7NdiKriOwMvWQHgYztw=
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.10/go.mod h1:6UV4SZkVvmODfXKql4LCbaZUpF7HO2BX38FgBf9ZOLw=
|
||||
github.com/aws/aws-sdk-go-v2/internal/ini v1.7.2 h1:GrSw8s0Gs/5zZ0SX+gX4zQjRnRsMJDJ2sLur1gRBhEM=
|
||||
github.com/aws/aws-sdk-go-v2/internal/ini v1.7.2/go.mod h1:6fQQgfuGmw8Al/3M2IgIllycxV7ZW7WCdVSqfBeUiCY=
|
||||
github.com/aws/aws-sdk-go-v2/internal/ini v1.7.3 h1:n3GDfwqF2tzEkXlv5cuy4iy7LpKDtqDMcNLfZDu9rls=
|
||||
github.com/aws/aws-sdk-go-v2/internal/ini v1.7.3/go.mod h1:6fQQgfuGmw8Al/3M2IgIllycxV7ZW7WCdVSqfBeUiCY=
|
||||
github.com/aws/aws-sdk-go-v2/internal/v4a v1.2.10 h1:5oE2WzJE56/mVveuDZPJESKlg/00AaS2pY2QZcnxg4M=
|
||||
github.com/aws/aws-sdk-go-v2/internal/v4a v1.2.10/go.mod h1:FHbKWQtRBYUz4vO5WBWjzMD2by126ny5y/1EoaWoLfI=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4 h1:/b31bi3YVNlkzkBrm9LfpaKoaYZUxIAj4sHfOTmLfqw=
|
||||
|
@ -112,10 +113,10 @@ github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10 h1:DBYTXwIG
|
|||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.10/go.mod h1:wohMUQiFdzo0NtxbBg0mSRGZ4vL3n0dKjLTINdcIino=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.10 h1:KOxnQeWy5sXyS37fdKEvAsGHOr9fa/qvwxfJurR/BzE=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.10/go.mod h1:jMx5INQFYFYB3lQD9W0D8Ohgq6Wnl7NYOJ2TQndbulI=
|
||||
github.com/aws/aws-sdk-go-v2/service/s3 v1.48.0 h1:PJTdBMsyvra6FtED7JZtDpQrIAflYDHFoZAu/sKYkwU=
|
||||
github.com/aws/aws-sdk-go-v2/service/s3 v1.48.0/go.mod h1:4qXHrG1Ne3VGIMZPCB8OjH/pLFO94sKABIusjh0KWPU=
|
||||
github.com/aws/aws-sdk-go-v2/service/sso v1.18.6 h1:dGrs+Q/WzhsiUKh82SfTVN66QzyulXuMDTV/G8ZxOac=
|
||||
github.com/aws/aws-sdk-go-v2/service/sso v1.18.6/go.mod h1:+mJNDdF+qiUlNKNC3fxn74WWNN+sOiGOEImje+3ScPM=
|
||||
github.com/aws/aws-sdk-go-v2/service/s3 v1.48.1 h1:5XNlsBsEvBZBMO6p82y+sqpWg8j5aBCe+5C2GBFgqBQ=
|
||||
github.com/aws/aws-sdk-go-v2/service/s3 v1.48.1/go.mod h1:4qXHrG1Ne3VGIMZPCB8OjH/pLFO94sKABIusjh0KWPU=
|
||||
github.com/aws/aws-sdk-go-v2/service/sso v1.18.7 h1:eajuO3nykDPdYicLlP3AGgOyVN3MOlFmZv7WGTuJPow=
|
||||
github.com/aws/aws-sdk-go-v2/service/sso v1.18.7/go.mod h1:+mJNDdF+qiUlNKNC3fxn74WWNN+sOiGOEImje+3ScPM=
|
||||
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 h1:QPMJf+Jw8E1l7zqhZmMlFw6w1NmfkfiSK8mS4zOx3BA=
|
||||
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7/go.mod h1:ykf3COxYI0UJmxcfcxcVuz7b6uADi1FkiUz6Eb7AgM8=
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.26.7 h1:NzO4Vrau795RkUdSHKEwiR01FaGzGOH1EETJ+5QHnm0=
|
||||
|
@ -132,14 +133,14 @@ github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA
|
|||
github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
|
||||
github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
|
||||
github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
|
||||
github.com/cheggaaa/pb/v3 v3.1.4 h1:DN8j4TVVdKu3WxVwcRKu0sG00IIU6FewoABZzXbRQeo=
|
||||
github.com/cheggaaa/pb/v3 v3.1.4/go.mod h1:6wVjILNBaXMs8c21qRiaUM8BR82erfgau1DQ4iUXmSA=
|
||||
github.com/cheggaaa/pb/v3 v3.1.5 h1:QuuUzeM2WsAqG2gMqtzaWithDJv0i+i6UlnwSCI4QLk=
|
||||
github.com/cheggaaa/pb/v3 v3.1.5/go.mod h1:CrxkeghYTXi1lQBEI7jSn+3svI3cuc19haAj6jM60XI=
|
||||
github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
|
||||
github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
|
||||
github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
|
||||
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
|
||||
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
|
||||
github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4 h1:/inchEIKaYC1Akx+H+gqO04wryn5h75LSazbRlnya1k=
|
||||
github.com/cncf/xds/go v0.0.0-20231109132714-523115ebc101 h1:7To3pQ+pZo0i3dsWEbinPNFs5gPSBOsJtx3wTT94VBY=
|
||||
github.com/cpuguy83/go-md2man/v2 v2.0.3 h1:qMCsGGgs+MAzDFyp9LpAe1Lqy/fY/qCovCm0qnXZOBM=
|
||||
github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
|
||||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
|
@ -148,10 +149,10 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1
|
|||
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/dennwc/varint v1.0.0 h1:kGNFFSSw8ToIy3obO/kKr8U9GZYUAxQEVuix4zfDWzE=
|
||||
github.com/dennwc/varint v1.0.0/go.mod h1:hnItb35rvZvJrbTALZtY/iQfDs48JKRG1RPpgziApxA=
|
||||
github.com/digitalocean/godo v1.104.1 h1:SZNxjAsskM/su0YW9P8Wx3gU0W1Z13b6tZlYNpl5BnA=
|
||||
github.com/digitalocean/godo v1.106.0 h1:m5iErwl3xHovGFlawd50n54ntgXHt1BLsvU6BXsVxEU=
|
||||
github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI=
|
||||
github.com/docker/distribution v2.8.2+incompatible h1:T3de5rq0dB1j30rp0sA2rER+m322EBzniBPB6ZIzuh8=
|
||||
github.com/docker/docker v24.0.6+incompatible h1:hceabKCtUgDqPu+qm0NgsaXf28Ljf4/pWFL7xjWWDgE=
|
||||
github.com/docker/docker v24.0.7+incompatible h1:Wo6l37AuwP3JaMnZa226lzVXGA3F9Ig1seQen0cKYlM=
|
||||
github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ=
|
||||
github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4=
|
||||
github.com/edsrzf/mmap-go v1.1.0 h1:6EUwBLQ/Mcr1EYLE4Tn1VdW1A4ckqCQWZBw8Hr0kjpQ=
|
||||
|
@ -166,7 +167,7 @@ github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM=
|
|||
github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE=
|
||||
github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
|
||||
github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
|
||||
github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY=
|
||||
github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=
|
||||
github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
|
||||
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
|
||||
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
|
||||
|
@ -188,7 +189,7 @@ github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre
|
|||
github.com/go-openapi/jsonpointer v0.20.0 h1:ESKJdU9ASRfaPNOPRx12IUyA1vn3R9GiE3KYD14BXdQ=
|
||||
github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE=
|
||||
github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU=
|
||||
github.com/go-resty/resty/v2 v2.7.0 h1:me+K9p3uhSmXtrBZ4k9jcEAfJmuC8IivWHwaLZwPrFY=
|
||||
github.com/go-resty/resty/v2 v2.10.0 h1:Qla4W/+TMmv0fOeeRqzEpXPLfTUnR5HZ1+lGs+CkiCo=
|
||||
github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
|
||||
github.com/go-zookeeper/zk v1.0.3 h1:7M2kwOsc//9VeeFiPtf+uSJlVpU66x9Ba5+8XK7/TDg=
|
||||
github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
|
||||
|
@ -262,19 +263,19 @@ github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm4
|
|||
github.com/google/s2a-go v0.1.7 h1:60BLSyTrOV4/haCDW4zb1guZItoSq8foHCXrAnjBo/o=
|
||||
github.com/google/s2a-go v0.1.7/go.mod h1:50CgR4k1jNlWBu4UfS4AcfhVe1r6pdZPygJ3R8F0Qdw=
|
||||
github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||
github.com/google/uuid v1.5.0 h1:1p67kYwdtXjb0gL0BPiP1Av9wiZPo5A8z2cWkTZ+eyU=
|
||||
github.com/google/uuid v1.5.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
|
||||
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||
github.com/googleapis/enterprise-certificate-proxy v0.3.2 h1:Vie5ybvEvT75RniqhfFxPRy3Bf7vr3h0cechB90XaQs=
|
||||
github.com/googleapis/enterprise-certificate-proxy v0.3.2/go.mod h1:VLSiSSBs/ksPL8kq3OBOQ6WRI2QnaFynd1DCjZ62+V0=
|
||||
github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
|
||||
github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
|
||||
github.com/googleapis/gax-go/v2 v2.12.0 h1:A+gCJKdRfqXkr+BIRGtZLibNXf0m1f9E4HG56etFpas=
|
||||
github.com/googleapis/gax-go/v2 v2.12.0/go.mod h1:y+aIqrI5eb1YGMVJfuV3185Ts/D7qKpsEkdD5+I6QGU=
|
||||
github.com/gophercloud/gophercloud v1.7.0 h1:fyJGKh0LBvIZKLvBWvQdIgkaV5yTM3Jh9EYUh+UNCAs=
|
||||
github.com/gophercloud/gophercloud v1.8.0 h1:TM3Jawprb2NrdOnvcHhWJalmKmAmOGgfZElM/3oBYCk=
|
||||
github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc=
|
||||
github.com/grafana/regexp v0.0.0-20221122212121-6b5c0a4cb7fd h1:PpuIBO5P3e9hpqBD0O/HjhShYuM6XE0i/lbE6J94kww=
|
||||
github.com/grafana/regexp v0.0.0-20221122212121-6b5c0a4cb7fd/go.mod h1:M5qHK+eWfAv8VR/265dIuEpL3fNfeC21tXXp9itM24A=
|
||||
github.com/hashicorp/consul/api v1.25.1 h1:CqrdhYzc8XZuPnhIYZWH45toM0LB9ZeYr/gvpLVI3PE=
|
||||
github.com/hashicorp/consul/api v1.26.1 h1:5oSXOO5fboPZeW5SN+TdGFP/BILDgBm19OrPZ/pICIM=
|
||||
github.com/hashicorp/cronexpr v1.1.2 h1:wG/ZYIKT+RT3QkOdgYc+xsKWVRgnxJ1OJtjjy84fJ9A=
|
||||
github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
|
||||
github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ=
|
||||
|
@ -283,6 +284,8 @@ github.com/hashicorp/go-immutable-radix v1.3.1 h1:DKHmCUm2hRBK510BaiZlwvpD40f8bJ
|
|||
github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
|
||||
github.com/hashicorp/go-retryablehttp v0.7.4 h1:ZQgVdpTdAL7WpMIwLzCfbalOcSUdkDZnpUv3/+BxzFA=
|
||||
github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc=
|
||||
github.com/hashicorp/go-version v1.6.0 h1:feTTfFNnjP967rlCxM/I9g701jU+RN74YKx2mOkIeek=
|
||||
github.com/hashicorp/go-version v1.6.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
|
||||
github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
|
||||
github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
|
||||
github.com/hashicorp/golang-lru v0.6.0 h1:uL2shRDx7RTrOrTCUZEGP/wJUFiUI8QT6E7z5o8jga4=
|
||||
|
@ -293,7 +296,7 @@ github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:
|
|||
github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4=
|
||||
github.com/influxdata/influxdb v1.11.4 h1:H3pVW+/tWQ4lkHhZxVQ13Ov1hmhHYaAzz8L5aq3ZNtw=
|
||||
github.com/influxdata/influxdb v1.11.4/go.mod h1:VO6X2zlamfmEf+Esc9dR+7UQhdE/krspWNEZPwxCrp0=
|
||||
github.com/ionos-cloud/sdk-go/v6 v6.1.9 h1:Iq3VIXzeEbc8EbButuACgfLMiY5TPVWUPNrF+Vsddo4=
|
||||
github.com/ionos-cloud/sdk-go/v6 v6.1.10 h1:3815Q2Hw/wc4cJ8wD7bwfsmDsdfIEp80B7BQMj0YP2w=
|
||||
github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=
|
||||
github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
|
||||
github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8=
|
||||
|
@ -314,8 +317,8 @@ github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI
|
|||
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
|
||||
github.com/klauspost/compress v1.13.4/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
|
||||
github.com/klauspost/compress v1.13.5/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
|
||||
github.com/klauspost/compress v1.17.4 h1:Ej5ixsIri7BrIjBkRZLTo6ghwrEtHFk7ijlczPW4fZ4=
|
||||
github.com/klauspost/compress v1.17.4/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM=
|
||||
github.com/klauspost/compress v1.17.5 h1:d4vBd+7CHydUqpFBgUEKkSdtSugf9YFmSkvUYPquI5E=
|
||||
github.com/klauspost/compress v1.17.5/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM=
|
||||
github.com/kolo/xmlrpc v0.0.0-20220921171641-a4b6fa1dd06b h1:udzkj9S/zlT5X367kqJis0QP7YMxobob6zhzq6Yre00=
|
||||
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
|
||||
github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
|
||||
|
@ -327,7 +330,7 @@ github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
|
|||
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
||||
github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
|
||||
github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
|
||||
github.com/linode/linodego v1.23.0 h1:s0ReCZtuN9Z1IoUN9w1RLeYO1dMZUGPwOQ/IBFsBHtU=
|
||||
github.com/linode/linodego v1.25.0 h1:zYMz0lTasD503jBu3tSRhzEmXHQN1zptCw5o71ibyyU=
|
||||
github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0=
|
||||
github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
|
||||
github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
|
||||
|
@ -337,7 +340,7 @@ github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D
|
|||
github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U=
|
||||
github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
|
||||
github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
|
||||
github.com/miekg/dns v1.1.56 h1:5imZaSeoRNvpM9SzWNhEcP9QliKiz20/dA2QabIGVnE=
|
||||
github.com/miekg/dns v1.1.57 h1:Jzi7ApEIzwEPLHWRcafCN9LZSBbqQpxjt/wpgvg7wcM=
|
||||
github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
|
||||
github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
|
||||
github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
|
||||
|
@ -391,11 +394,11 @@ github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4O
|
|||
github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
|
||||
github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo=
|
||||
github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo=
|
||||
github.com/prometheus/prometheus v0.48.1 h1:CTszphSNTXkuCG6O0IfpKdHcJkvvnAAE1GbELKS+NFk=
|
||||
github.com/prometheus/prometheus v0.48.1/go.mod h1:SRw624aMAxTfryAcP8rOjg4S/sHHaetx2lyJJ2nM83g=
|
||||
github.com/prometheus/prometheus v0.49.1 h1:90mDvjrFnca2m+0qPSIDr3y7iHPTAagOAElz7j+HtGk=
|
||||
github.com/prometheus/prometheus v0.49.1/go.mod h1:aDogiyqmv3aBIWDb5z5Sdcxuuf2BOfiJwOIm9JGpMnI=
|
||||
github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
|
||||
github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis=
|
||||
github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
|
||||
github.com/rivo/uniseg v0.4.6 h1:Sovz9sDSwbOz9tgUy8JpT+KgCkPYJEN/oYzlJiYTNLg=
|
||||
github.com/rivo/uniseg v0.4.6/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
|
||||
github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
|
||||
github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
|
||||
github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
|
||||
|
@ -452,21 +455,23 @@ go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
|
|||
go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
|
||||
go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
|
||||
go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
|
||||
go.opentelemetry.io/collector/featuregate v1.0.1 h1:ok//hLSXttBbyu4sSV1pTx1nKdr5udSmrWy5sFMIIbM=
|
||||
go.opentelemetry.io/collector/featuregate v1.0.1/go.mod h1:QQXjP4etmJQhkQ20j4P/rapWuItYxoFozg/iIwuKnYg=
|
||||
go.opentelemetry.io/collector/pdata v1.0.1 h1:dGX2h7maA6zHbl5D3AsMnF1c3Nn+3EUftbVCLzeyNvA=
|
||||
go.opentelemetry.io/collector/pdata v1.0.1/go.mod h1:jutXeu0QOXYY8wcZ/hege+YAnSBP3+jpTqYU1+JTI5Y=
|
||||
go.opentelemetry.io/collector/semconv v0.92.0 h1:3+OGPPuVu4rtrz8qGbpbiw7eKKULj4iJaSDTV52HM40=
|
||||
go.opentelemetry.io/collector/semconv v0.92.0/go.mod h1:gZ0uzkXsN+J5NpiRcdp9xOhNGQDDui8Y62p15sKrlzo=
|
||||
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.1 h1:SpGay3w+nEwMpfVnbqOLH5gY52/foP8RE8UzTZ1pdSE=
|
||||
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.1/go.mod h1:4UoMYEZOC0yN/sPGH76KPkkU7zgiEWYWL9vwmbnTJPE=
|
||||
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1 h1:aFJWCqJMNjENlcleuuOkGAPH82y0yULBScfXcIEdS24=
|
||||
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1/go.mod h1:sEGXWArGqc3tVa+ekntsN65DmVbVeW+7lTKTjZF3/Fo=
|
||||
go.opentelemetry.io/otel v1.21.0 h1:hzLeKBZEL7Okw2mGzZ0cc4k/A7Fta0uoPgaJCr8fsFc=
|
||||
go.opentelemetry.io/otel v1.21.0/go.mod h1:QZzNPQPm1zLX4gZK4cMi+71eaorMSGT3A4znnUvNNEo=
|
||||
go.opentelemetry.io/otel/metric v1.21.0 h1:tlYWfeo+Bocx5kLEloTjbcDwBuELRrIFxwdQ36PlJu4=
|
||||
go.opentelemetry.io/otel/metric v1.21.0/go.mod h1:o1p3CA8nNHW8j5yuQLdc1eeqEaPfzug24uvsyIEJRWM=
|
||||
go.opentelemetry.io/collector/semconv v0.93.0 h1:eBlMcVNTwYYsVdAsCVDs4wvVYs75K1xcIDpqj16PG4c=
|
||||
go.opentelemetry.io/collector/semconv v0.93.0/go.mod h1:gZ0uzkXsN+J5NpiRcdp9xOhNGQDDui8Y62p15sKrlzo=
|
||||
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0 h1:UNQQKPfTDe1J81ViolILjTKPr9WetKW6uei2hFgJmFs=
|
||||
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0/go.mod h1:r9vWsPS/3AQItv3OSlEJ/E4mbrhUbbw18meOjArPtKQ=
|
||||
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0 h1:sv9kVfal0MK0wBMCOGr+HeJm9v803BkJxGrk2au7j08=
|
||||
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0/go.mod h1:SK2UL73Zy1quvRPonmOmRDiWk1KBV3LyIeeIxcEApWw=
|
||||
go.opentelemetry.io/otel v1.22.0 h1:xS7Ku+7yTFvDfDraDIJVpw7XPyuHlB9MCiqqX5mcJ6Y=
|
||||
go.opentelemetry.io/otel v1.22.0/go.mod h1:eoV4iAi3Ea8LkAEI9+GFT44O6T/D0GWAVFyZVCC6pMI=
|
||||
go.opentelemetry.io/otel/metric v1.22.0 h1:lypMQnGyJYeuYPhOM/bgjbFM6WE44W1/T45er4d8Hhg=
|
||||
go.opentelemetry.io/otel/metric v1.22.0/go.mod h1:evJGjVpZv0mQ5QBRJoBF64yMuOf4xCWdXjK8pzFvliY=
|
||||
go.opentelemetry.io/otel/sdk v1.21.0 h1:FTt8qirL1EysG6sTQRZ5TokkU8d0ugCj8htOgThZXQ8=
|
||||
go.opentelemetry.io/otel/trace v1.21.0 h1:WD9i5gzvoUPuXIXH24ZNBudiarZDKuekPqi/E8fpfLc=
|
||||
go.opentelemetry.io/otel/trace v1.21.0/go.mod h1:LGbsEB0f9LGjN+OZaQQ26sohbOmiMR+BaslueVtS/qQ=
|
||||
go.opentelemetry.io/otel/trace v1.22.0 h1:Hg6pPujv0XG9QaVbGOBVHunyuLcCC3jN7WEhPx83XD0=
|
||||
go.opentelemetry.io/otel/trace v1.22.0/go.mod h1:RbbHXVqKES9QhzZq/fE5UnOSILqRt40a21sPw2He1xo=
|
||||
go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE=
|
||||
go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
|
||||
go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
|
||||
|
@ -493,8 +498,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0
|
|||
golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
|
||||
golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
|
||||
golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
|
||||
golang.org/x/exp v0.0.0-20240112132812-db7319d0e0e3 h1:hNQpMuAJe5CtcUqCXaWga3FHu+kQvCqcsoVaQgSV60o=
|
||||
golang.org/x/exp v0.0.0-20240112132812-db7319d0e0e3/go.mod h1:idGWGoKP1toJGkd5/ig9ZLuPcZBC3ewk7SzmH0uou08=
|
||||
golang.org/x/exp v0.0.0-20240119083558-1b970713d09a h1:Q8/wZp0KX97QFTc2ywcOE0YRjZPVIx+MXInMzdvQqcA=
|
||||
golang.org/x/exp v0.0.0-20240119083558-1b970713d09a/go.mod h1:idGWGoKP1toJGkd5/ig9ZLuPcZBC3ewk7SzmH0uou08=
|
||||
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
|
||||
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
|
||||
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
|
||||
|
@ -689,7 +694,6 @@ golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8T
|
|||
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 h1:+cNy6SZtPcJQH3LJVLOSmiC7MMxXNOb3PU/VUEz+EhU=
|
||||
golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028/go.mod h1:NDW/Ps6MPRej6fsCIbMTohpP40sJ/P/vI1MoTEGwX90=
|
||||
google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
|
||||
google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M=
|
||||
google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
|
||||
|
@ -706,8 +710,8 @@ google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0M
|
|||
google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
|
||||
google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM=
|
||||
google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc=
|
||||
google.golang.org/api v0.156.0 h1:yloYcGbBtVYjLKQe4enCunxvwn3s2w/XPrrhVf6MsvQ=
|
||||
google.golang.org/api v0.156.0/go.mod h1:bUSmn4KFO0Q+69zo9CNIDp4Psi6BqM0np0CbzKRSiSY=
|
||||
google.golang.org/api v0.161.0 h1:oYzk/bs26WN10AV7iU7MVJVXBH8oCPS2hHyBiEeFoSU=
|
||||
google.golang.org/api v0.161.0/go.mod h1:0mu0TpK33qnydLvWqbImq2b1eQ5FHRSDCBzAxX9ZHyw=
|
||||
google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
|
||||
google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
|
||||
google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
|
||||
|
@ -745,12 +749,12 @@ google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7Fc
|
|||
google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
|
||||
google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
|
||||
google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
|
||||
google.golang.org/genproto v0.0.0-20240108191215-35c7eff3a6b1 h1:/IWabOtPziuXTEtI1KYCpM6Ss7vaAkeMxk+uXV/xvZs=
|
||||
google.golang.org/genproto v0.0.0-20240108191215-35c7eff3a6b1/go.mod h1:+Rvu7ElI+aLzyDQhpHMFMMltsD6m7nqpuWDd2CwJw3k=
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20240108191215-35c7eff3a6b1 h1:OPXtXn7fNMaXwO3JvOmF1QyTc00jsSFFz1vXXBOdCDo=
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20240108191215-35c7eff3a6b1/go.mod h1:B5xPO//w8qmBDjGReYLpR6UJPnkldGkCSMoH/2vxJeg=
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20240108191215-35c7eff3a6b1 h1:gphdwh0npgs8elJ4T6J+DQJHPVF7RsuJHCfwztUb4J4=
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20240108191215-35c7eff3a6b1/go.mod h1:daQN87bsDqDoe316QbbvX60nMoJQa4r6Ds0ZuoAe5yA=
|
||||
google.golang.org/genproto v0.0.0-20240125205218-1f4bbc51befe h1:USL2DhxfgRchafRvt/wYyyQNzwgL7ZiURcozOE/Pkvo=
|
||||
google.golang.org/genproto v0.0.0-20240125205218-1f4bbc51befe/go.mod h1:cc8bqMqtv9gMOr0zHg2Vzff5ULhhL2IXP4sbcn32Dro=
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20240125205218-1f4bbc51befe h1:0poefMBYvYbs7g5UkjS6HcxBPaTRAmznle9jnxYoAI8=
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20240125205218-1f4bbc51befe/go.mod h1:4jWUdICTdgc3Ibxmr8nAJiiLHwQBY0UI0XZcEMaFKaA=
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20240125205218-1f4bbc51befe h1:bQnxqljG/wqi4NTXu2+DJ3n7APcEA882QZ1JvhQAq9o=
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20240125205218-1f4bbc51befe/go.mod h1:PAREbraiVEVGVdTZsVWjSbbTtSyGbAgIIvni8a8CD5s=
|
||||
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
|
||||
google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
|
||||
google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
|
||||
|
@ -764,8 +768,8 @@ google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3Iji
|
|||
google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
|
||||
google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
|
||||
google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
|
||||
google.golang.org/grpc v1.60.1 h1:26+wFr+cNqSGFcOXcabYC0lUVJVRa2Sb2ortSK7VrEU=
|
||||
google.golang.org/grpc v1.60.1/go.mod h1:OlCHIeLYqSSsLi6i49B5QGdzaMZK9+M7LXN2FKz4eGM=
|
||||
google.golang.org/grpc v1.61.0 h1:TOvOcuXn30kRao+gfcvsebNEa5iZIiLkisYEkf7R7o0=
|
||||
google.golang.org/grpc v1.61.0/go.mod h1:VUbo7IFqmF1QtCAstipjG0GIoq49KvMe9+h1jFLBNJs=
|
||||
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
|
||||
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
|
||||
google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
|
||||
|
@ -806,11 +810,11 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh
|
|||
honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
|
||||
honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
||||
honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
||||
k8s.io/api v0.28.2 h1:9mpl5mOb6vXZvqbQmankOfPIGiudghwCoLl1EYfUZbw=
|
||||
k8s.io/apimachinery v0.28.2 h1:KCOJLrc6gu+wV1BYgwik4AF4vXOlVJPdiqn0yAWWwXQ=
|
||||
k8s.io/client-go v0.28.2 h1:DNoYI1vGq0slMBN/SWKMZMw0Rq+0EQW6/AK4v9+3VeY=
|
||||
k8s.io/api v0.28.4 h1:8ZBrLjwosLl/NYgv1P7EQLqoO8MGQApnbgH8tu3BMzY=
|
||||
k8s.io/apimachinery v0.28.4 h1:zOSJe1mc+GxuMnFzD4Z/U1wst50X28ZNsn5bhgIIao8=
|
||||
k8s.io/client-go v0.28.4 h1:Np5ocjlZcTrkyRJ3+T3PkXDpe4UpatQxj85+xjaD2wY=
|
||||
k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8=
|
||||
k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg=
|
||||
k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0=
|
||||
k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ=
|
||||
k8s.io/utils v0.0.0-20230711102312-30195339c3c7 h1:ZgnF1KZsYxWIifwSNZFZgNtWE89WI5yiP5WwlfDoIyc=
|
||||
rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
|
||||
|
|
2
vendor/cloud.google.com/go/compute/internal/version.go
generated
vendored
2
vendor/cloud.google.com/go/compute/internal/version.go
generated
vendored
|
@ -15,4 +15,4 @@
|
|||
package internal
|
||||
|
||||
// Version is the current tagged release of the library.
|
||||
const Version = "1.23.3"
|
||||
const Version = "1.23.4"
|
||||
|
|
7
vendor/cloud.google.com/go/iam/CHANGES.md
generated
vendored
7
vendor/cloud.google.com/go/iam/CHANGES.md
generated
vendored
|
@ -1,6 +1,13 @@
|
|||
# Changes
|
||||
|
||||
|
||||
## [1.1.6](https://github.com/googleapis/google-cloud-go/compare/iam/v1.1.5...iam/v1.1.6) (2024-01-30)
|
||||
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* **iam:** Enable universe domain resolution options ([fd1d569](https://github.com/googleapis/google-cloud-go/commit/fd1d56930fa8a747be35a224611f4797b8aeb698))
|
||||
|
||||
## [1.1.5](https://github.com/googleapis/google-cloud-go/compare/iam/v1.1.4...iam/v1.1.5) (2023-11-01)
|
||||
|
||||
|
||||
|
|
2
vendor/cloud.google.com/go/iam/apiv1/iampb/iam_policy.pb.go
generated
vendored
2
vendor/cloud.google.com/go/iam/apiv1/iampb/iam_policy.pb.go
generated
vendored
|
@ -14,7 +14,7 @@
|
|||
|
||||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||
// versions:
|
||||
// protoc-gen-go v1.31.0
|
||||
// protoc-gen-go v1.32.0
|
||||
// protoc v4.23.2
|
||||
// source: google/iam/v1/iam_policy.proto
|
||||
|
||||
|
|
2
vendor/cloud.google.com/go/iam/apiv1/iampb/options.pb.go
generated
vendored
2
vendor/cloud.google.com/go/iam/apiv1/iampb/options.pb.go
generated
vendored
|
@ -14,7 +14,7 @@
|
|||
|
||||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||
// versions:
|
||||
// protoc-gen-go v1.31.0
|
||||
// protoc-gen-go v1.32.0
|
||||
// protoc v4.23.2
|
||||
// source: google/iam/v1/options.proto
|
||||
|
||||
|
|
74
vendor/cloud.google.com/go/iam/apiv1/iampb/policy.pb.go
generated
vendored
74
vendor/cloud.google.com/go/iam/apiv1/iampb/policy.pb.go
generated
vendored
|
@ -14,7 +14,7 @@
|
|||
|
||||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||
// versions:
|
||||
// protoc-gen-go v1.31.0
|
||||
// protoc-gen-go v1.32.0
|
||||
// protoc v4.23.2
|
||||
// source: google/iam/v1/policy.proto
|
||||
|
||||
|
@ -289,11 +289,11 @@ type Policy struct {
|
|||
// Any operation that affects conditional role bindings must specify version
|
||||
// `3`. This requirement applies to the following operations:
|
||||
//
|
||||
// * Getting a policy that includes a conditional role binding
|
||||
// * Adding a conditional role binding to a policy
|
||||
// * Changing a conditional role binding in a policy
|
||||
// * Removing any role binding, with or without a condition, from a policy
|
||||
// that includes conditions
|
||||
// - Getting a policy that includes a conditional role binding
|
||||
// - Adding a conditional role binding to a policy
|
||||
// - Changing a conditional role binding in a policy
|
||||
// - Removing any role binding, with or without a condition, from a policy
|
||||
// that includes conditions
|
||||
//
|
||||
// **Important:** If you use IAM Conditions, you must include the `etag` field
|
||||
// whenever you call `setIamPolicy`. If you omit this field, then IAM allows
|
||||
|
@ -407,47 +407,43 @@ type Binding struct {
|
|||
// Specifies the principals requesting access for a Google Cloud resource.
|
||||
// `members` can have the following values:
|
||||
//
|
||||
// * `allUsers`: A special identifier that represents anyone who is
|
||||
// on the internet; with or without a Google account.
|
||||
// - `allUsers`: A special identifier that represents anyone who is
|
||||
// on the internet; with or without a Google account.
|
||||
//
|
||||
// * `allAuthenticatedUsers`: A special identifier that represents anyone
|
||||
// who is authenticated with a Google account or a service account.
|
||||
// - `allAuthenticatedUsers`: A special identifier that represents anyone
|
||||
// who is authenticated with a Google account or a service account.
|
||||
//
|
||||
// * `user:{emailid}`: An email address that represents a specific Google
|
||||
// account. For example, `alice@example.com` .
|
||||
// - `user:{emailid}`: An email address that represents a specific Google
|
||||
// account. For example, `alice@example.com` .
|
||||
//
|
||||
// - `serviceAccount:{emailid}`: An email address that represents a service
|
||||
// account. For example, `my-other-app@appspot.gserviceaccount.com`.
|
||||
//
|
||||
// * `serviceAccount:{emailid}`: An email address that represents a service
|
||||
// account. For example, `my-other-app@appspot.gserviceaccount.com`.
|
||||
// - `group:{emailid}`: An email address that represents a Google group.
|
||||
// For example, `admins@example.com`.
|
||||
//
|
||||
// * `group:{emailid}`: An email address that represents a Google group.
|
||||
// For example, `admins@example.com`.
|
||||
// - `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique
|
||||
// identifier) representing a user that has been recently deleted. For
|
||||
// example, `alice@example.com?uid=123456789012345678901`. If the user is
|
||||
// recovered, this value reverts to `user:{emailid}` and the recovered user
|
||||
// retains the role in the binding.
|
||||
//
|
||||
// * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique
|
||||
// identifier) representing a user that has been recently deleted. For
|
||||
// example, `alice@example.com?uid=123456789012345678901`. If the user is
|
||||
// recovered, this value reverts to `user:{emailid}` and the recovered user
|
||||
// retains the role in the binding.
|
||||
//
|
||||
// * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus
|
||||
// unique identifier) representing a service account that has been recently
|
||||
// deleted. For example,
|
||||
// `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.
|
||||
// If the service account is undeleted, this value reverts to
|
||||
// `serviceAccount:{emailid}` and the undeleted service account retains the
|
||||
// role in the binding.
|
||||
//
|
||||
// * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique
|
||||
// identifier) representing a Google group that has been recently
|
||||
// deleted. For example, `admins@example.com?uid=123456789012345678901`. If
|
||||
// the group is recovered, this value reverts to `group:{emailid}` and the
|
||||
// recovered group retains the role in the binding.
|
||||
//
|
||||
//
|
||||
// * `domain:{domain}`: The G Suite domain (primary) that represents all the
|
||||
// users of that domain. For example, `google.com` or `example.com`.
|
||||
// - `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus
|
||||
// unique identifier) representing a service account that has been recently
|
||||
// deleted. For example,
|
||||
// `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.
|
||||
// If the service account is undeleted, this value reverts to
|
||||
// `serviceAccount:{emailid}` and the undeleted service account retains the
|
||||
// role in the binding.
|
||||
//
|
||||
// - `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique
|
||||
// identifier) representing a Google group that has been recently
|
||||
// deleted. For example, `admins@example.com?uid=123456789012345678901`. If
|
||||
// the group is recovered, this value reverts to `group:{emailid}` and the
|
||||
// recovered group retains the role in the binding.
|
||||
//
|
||||
// - `domain:{domain}`: The G Suite domain (primary) that represents all the
|
||||
// users of that domain. For example, `google.com` or `example.com`.
|
||||
Members []string `protobuf:"bytes,2,rep,name=members,proto3" json:"members,omitempty"`
|
||||
// The condition that is associated with this binding.
|
||||
//
|
||||
|
|
13
vendor/cloud.google.com/go/storage/CHANGES.md
generated
vendored
13
vendor/cloud.google.com/go/storage/CHANGES.md
generated
vendored
|
@ -1,6 +1,19 @@
|
|||
# Changes
|
||||
|
||||
|
||||
## [1.37.0](https://github.com/googleapis/google-cloud-go/compare/storage/v1.36.0...storage/v1.37.0) (2024-01-24)
|
||||
|
||||
|
||||
### Features
|
||||
|
||||
* **storage:** Add maxAttempts RetryOption ([#9215](https://github.com/googleapis/google-cloud-go/issues/9215)) ([e348cc5](https://github.com/googleapis/google-cloud-go/commit/e348cc5340e127b530e8ee4664fd995e6f038b2c))
|
||||
* **storage:** Support IncludeFoldersAsPrefixes ([#9211](https://github.com/googleapis/google-cloud-go/issues/9211)) ([98c9d71](https://github.com/googleapis/google-cloud-go/commit/98c9d7157306de5134547a67c084c248484c9a51))
|
||||
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* **storage:** Migrate deprecated proto dep ([#9232](https://github.com/googleapis/google-cloud-go/issues/9232)) ([ebbb610](https://github.com/googleapis/google-cloud-go/commit/ebbb610e0f58035fd01ad7893971382d8bbd092f)), refs [#9189](https://github.com/googleapis/google-cloud-go/issues/9189)
|
||||
|
||||
## [1.36.0](https://github.com/googleapis/google-cloud-go/compare/storage/v1.35.1...storage/v1.36.0) (2023-12-14)
|
||||
|
||||
|
||||
|
|
5
vendor/cloud.google.com/go/storage/grpc_client.go
generated
vendored
5
vendor/cloud.google.com/go/storage/grpc_client.go
generated
vendored
|
@ -420,6 +420,11 @@ func (c *grpcStorageClient) ListObjects(ctx context.Context, bucket string, q *Q
|
|||
ctx = setUserProjectMetadata(ctx, s.userProject)
|
||||
}
|
||||
fetch := func(pageSize int, pageToken string) (token string, err error) {
|
||||
// IncludeFoldersAsPrefixes is not supported for gRPC
|
||||
// TODO: remove this when support is added in the proto.
|
||||
if it.query.IncludeFoldersAsPrefixes {
|
||||
return "", status.Errorf(codes.Unimplemented, "storage: IncludeFoldersAsPrefixes is not supported in gRPC")
|
||||
}
|
||||
var objects []*storagepb.Object
|
||||
var gitr *gapic.ObjectIterator
|
||||
err = run(it.ctx, func(ctx context.Context) error {
|
||||
|
|
1
vendor/cloud.google.com/go/storage/http_client.go
generated
vendored
1
vendor/cloud.google.com/go/storage/http_client.go
generated
vendored
|
@ -348,6 +348,7 @@ func (c *httpStorageClient) ListObjects(ctx context.Context, bucket string, q *Q
|
|||
req.Versions(it.query.Versions)
|
||||
req.IncludeTrailingDelimiter(it.query.IncludeTrailingDelimiter)
|
||||
req.MatchGlob(it.query.MatchGlob)
|
||||
req.IncludeFoldersAsPrefixes(it.query.IncludeFoldersAsPrefixes)
|
||||
if selection := it.query.toFieldSelection(); selection != "" {
|
||||
req.Fields("nextPageToken", googleapi.Field(selection))
|
||||
}
|
||||
|
|
2
vendor/cloud.google.com/go/storage/internal/apiv2/auxiliary.go
generated
vendored
2
vendor/cloud.google.com/go/storage/internal/apiv2/auxiliary.go
generated
vendored
|
@ -1,4 +1,4 @@
|
|||
// Copyright 2023 Google LLC
|
||||
// Copyright 2024 Google LLC
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
|
|
2
vendor/cloud.google.com/go/storage/internal/apiv2/doc.go
generated
vendored
2
vendor/cloud.google.com/go/storage/internal/apiv2/doc.go
generated
vendored
|
@ -1,4 +1,4 @@
|
|||
// Copyright 2023 Google LLC
|
||||
// Copyright 2024 Google LLC
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
|
|
2
vendor/cloud.google.com/go/storage/internal/apiv2/storage_client.go
generated
vendored
2
vendor/cloud.google.com/go/storage/internal/apiv2/storage_client.go
generated
vendored
|
@ -1,4 +1,4 @@
|
|||
// Copyright 2023 Google LLC
|
||||
// Copyright 2024 Google LLC
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
|
|
2
vendor/cloud.google.com/go/storage/internal/version.go
generated
vendored
2
vendor/cloud.google.com/go/storage/internal/version.go
generated
vendored
|
@ -15,4 +15,4 @@
|
|||
package internal
|
||||
|
||||
// Version is the current tagged release of the library.
|
||||
const Version = "1.36.0"
|
||||
const Version = "1.37.0"
|
||||
|
|
3
vendor/cloud.google.com/go/storage/invoke.go
generated
vendored
3
vendor/cloud.google.com/go/storage/invoke.go
generated
vendored
|
@ -70,6 +70,9 @@ func run(ctx context.Context, call func(ctx context.Context) error, retry *retry
|
|||
return internal.Retry(ctx, bo, func() (stop bool, err error) {
|
||||
ctxWithHeaders := setInvocationHeaders(ctx, invocationID, attempts)
|
||||
err = call(ctxWithHeaders)
|
||||
if retry.maxAttempts != nil && attempts >= *retry.maxAttempts {
|
||||
return true, err
|
||||
}
|
||||
attempts++
|
||||
return !errorFunc(err), err
|
||||
})
|
||||
|
|
27
vendor/cloud.google.com/go/storage/storage.go
generated
vendored
27
vendor/cloud.google.com/go/storage/storage.go
generated
vendored
|
@ -1620,6 +1620,11 @@ type Query struct {
|
|||
// for syntax details. When Delimiter is set in conjunction with MatchGlob,
|
||||
// it must be set to /.
|
||||
MatchGlob string
|
||||
|
||||
// IncludeFoldersAsPrefixes includes Folders and Managed Folders in the set of
|
||||
// prefixes returned by the query. Only applicable if Delimiter is set to /.
|
||||
// IncludeFoldersAsPrefixes is not yet implemented in the gRPC API.
|
||||
IncludeFoldersAsPrefixes bool
|
||||
}
|
||||
|
||||
// attrToFieldMap maps the field names of ObjectAttrs to the underlying field
|
||||
|
@ -2076,6 +2081,26 @@ func (wb *withBackoff) apply(config *retryConfig) {
|
|||
config.backoff = &wb.backoff
|
||||
}
|
||||
|
||||
// WithMaxAttempts configures the maximum number of times an API call can be made
|
||||
// in the case of retryable errors.
|
||||
// For example, if you set WithMaxAttempts(5), the operation will be attempted up to 5
|
||||
// times total (initial call plus 4 retries).
|
||||
// Without this setting, operations will continue retrying indefinitely
|
||||
// until either the context is canceled or a deadline is reached.
|
||||
func WithMaxAttempts(maxAttempts int) RetryOption {
|
||||
return &withMaxAttempts{
|
||||
maxAttempts: maxAttempts,
|
||||
}
|
||||
}
|
||||
|
||||
type withMaxAttempts struct {
|
||||
maxAttempts int
|
||||
}
|
||||
|
||||
func (wb *withMaxAttempts) apply(config *retryConfig) {
|
||||
config.maxAttempts = &wb.maxAttempts
|
||||
}
|
||||
|
||||
// RetryPolicy describes the available policies for which operations should be
|
||||
// retried. The default is `RetryIdempotent`.
|
||||
type RetryPolicy int
|
||||
|
@ -2148,6 +2173,7 @@ type retryConfig struct {
|
|||
backoff *gax.Backoff
|
||||
policy RetryPolicy
|
||||
shouldRetry func(err error) bool
|
||||
maxAttempts *int
|
||||
}
|
||||
|
||||
func (r *retryConfig) clone() *retryConfig {
|
||||
|
@ -2168,6 +2194,7 @@ func (r *retryConfig) clone() *retryConfig {
|
|||
backoff: bo,
|
||||
policy: r.policy,
|
||||
shouldRetry: r.shouldRetry,
|
||||
maxAttempts: r.maxAttempts,
|
||||
}
|
||||
}
|
||||
|
||||
|
|
224
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/internal/resource/resource_identifier.go
generated
vendored
Normal file
224
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/internal/resource/resource_identifier.go
generated
vendored
Normal file
|
@ -0,0 +1,224 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package resource
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"strings"
|
||||
)
|
||||
|
||||
const (
|
||||
providersKey = "providers"
|
||||
subscriptionsKey = "subscriptions"
|
||||
resourceGroupsLowerKey = "resourcegroups"
|
||||
locationsKey = "locations"
|
||||
builtInResourceNamespace = "Microsoft.Resources"
|
||||
)
|
||||
|
||||
// RootResourceID defines the tenant as the root parent of all other ResourceID.
|
||||
var RootResourceID = &ResourceID{
|
||||
Parent: nil,
|
||||
ResourceType: TenantResourceType,
|
||||
Name: "",
|
||||
}
|
||||
|
||||
// ResourceID represents a resource ID such as `/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myRg`.
|
||||
// Don't create this type directly, use ParseResourceID instead.
|
||||
type ResourceID struct {
|
||||
// Parent is the parent ResourceID of this instance.
|
||||
// Can be nil if there is no parent.
|
||||
Parent *ResourceID
|
||||
|
||||
// SubscriptionID is the subscription ID in this resource ID.
|
||||
// The value can be empty if the resource ID does not contain a subscription ID.
|
||||
SubscriptionID string
|
||||
|
||||
// ResourceGroupName is the resource group name in this resource ID.
|
||||
// The value can be empty if the resource ID does not contain a resource group name.
|
||||
ResourceGroupName string
|
||||
|
||||
// Provider represents the provider name in this resource ID.
|
||||
// This is only valid when the resource ID represents a resource provider.
|
||||
// Example: `/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Insights`
|
||||
Provider string
|
||||
|
||||
// Location is the location in this resource ID.
|
||||
// The value can be empty if the resource ID does not contain a location name.
|
||||
Location string
|
||||
|
||||
// ResourceType represents the type of this resource ID.
|
||||
ResourceType ResourceType
|
||||
|
||||
// Name is the resource name of this resource ID.
|
||||
Name string
|
||||
|
||||
isChild bool
|
||||
stringValue string
|
||||
}
|
||||
|
||||
// ParseResourceID parses a string to an instance of ResourceID
|
||||
func ParseResourceID(id string) (*ResourceID, error) {
|
||||
if len(id) == 0 {
|
||||
return nil, fmt.Errorf("invalid resource ID: id cannot be empty")
|
||||
}
|
||||
|
||||
if !strings.HasPrefix(id, "/") {
|
||||
return nil, fmt.Errorf("invalid resource ID: resource id '%s' must start with '/'", id)
|
||||
}
|
||||
|
||||
parts := splitStringAndOmitEmpty(id, "/")
|
||||
|
||||
if len(parts) < 2 {
|
||||
return nil, fmt.Errorf("invalid resource ID: %s", id)
|
||||
}
|
||||
|
||||
if !strings.EqualFold(parts[0], subscriptionsKey) && !strings.EqualFold(parts[0], providersKey) {
|
||||
return nil, fmt.Errorf("invalid resource ID: %s", id)
|
||||
}
|
||||
|
||||
return appendNext(RootResourceID, parts, id)
|
||||
}
|
||||
|
||||
// String returns the string of the ResourceID
|
||||
func (id *ResourceID) String() string {
|
||||
if len(id.stringValue) > 0 {
|
||||
return id.stringValue
|
||||
}
|
||||
|
||||
if id.Parent == nil {
|
||||
return ""
|
||||
}
|
||||
|
||||
builder := strings.Builder{}
|
||||
builder.WriteString(id.Parent.String())
|
||||
|
||||
if id.isChild {
|
||||
builder.WriteString(fmt.Sprintf("/%s", id.ResourceType.lastType()))
|
||||
if len(id.Name) > 0 {
|
||||
builder.WriteString(fmt.Sprintf("/%s", id.Name))
|
||||
}
|
||||
} else {
|
||||
builder.WriteString(fmt.Sprintf("/providers/%s/%s/%s", id.ResourceType.Namespace, id.ResourceType.Type, id.Name))
|
||||
}
|
||||
|
||||
id.stringValue = builder.String()
|
||||
|
||||
return id.stringValue
|
||||
}
|
||||
|
||||
func newResourceID(parent *ResourceID, resourceTypeName string, resourceName string) *ResourceID {
|
||||
id := &ResourceID{}
|
||||
id.init(parent, chooseResourceType(resourceTypeName, parent), resourceName, true)
|
||||
return id
|
||||
}
|
||||
|
||||
func newResourceIDWithResourceType(parent *ResourceID, resourceType ResourceType, resourceName string) *ResourceID {
|
||||
id := &ResourceID{}
|
||||
id.init(parent, resourceType, resourceName, true)
|
||||
return id
|
||||
}
|
||||
|
||||
func newResourceIDWithProvider(parent *ResourceID, providerNamespace, resourceTypeName, resourceName string) *ResourceID {
|
||||
id := &ResourceID{}
|
||||
id.init(parent, NewResourceType(providerNamespace, resourceTypeName), resourceName, false)
|
||||
return id
|
||||
}
|
||||
|
||||
func chooseResourceType(resourceTypeName string, parent *ResourceID) ResourceType {
|
||||
if strings.EqualFold(resourceTypeName, resourceGroupsLowerKey) {
|
||||
return ResourceGroupResourceType
|
||||
} else if strings.EqualFold(resourceTypeName, subscriptionsKey) && parent != nil && parent.ResourceType.String() == TenantResourceType.String() {
|
||||
return SubscriptionResourceType
|
||||
}
|
||||
|
||||
return parent.ResourceType.AppendChild(resourceTypeName)
|
||||
}
|
||||
|
||||
func (id *ResourceID) init(parent *ResourceID, resourceType ResourceType, name string, isChild bool) {
|
||||
if parent != nil {
|
||||
id.Provider = parent.Provider
|
||||
id.SubscriptionID = parent.SubscriptionID
|
||||
id.ResourceGroupName = parent.ResourceGroupName
|
||||
id.Location = parent.Location
|
||||
}
|
||||
|
||||
if resourceType.String() == SubscriptionResourceType.String() {
|
||||
id.SubscriptionID = name
|
||||
}
|
||||
|
||||
if resourceType.lastType() == locationsKey {
|
||||
id.Location = name
|
||||
}
|
||||
|
||||
if resourceType.String() == ResourceGroupResourceType.String() {
|
||||
id.ResourceGroupName = name
|
||||
}
|
||||
|
||||
if resourceType.String() == ProviderResourceType.String() {
|
||||
id.Provider = name
|
||||
}
|
||||
|
||||
if parent == nil {
|
||||
id.Parent = RootResourceID
|
||||
} else {
|
||||
id.Parent = parent
|
||||
}
|
||||
id.isChild = isChild
|
||||
id.ResourceType = resourceType
|
||||
id.Name = name
|
||||
}
|
||||
|
||||
func appendNext(parent *ResourceID, parts []string, id string) (*ResourceID, error) {
|
||||
if len(parts) == 0 {
|
||||
return parent, nil
|
||||
}
|
||||
|
||||
if len(parts) == 1 {
|
||||
// subscriptions and resourceGroups are not valid ids without their names
|
||||
if strings.EqualFold(parts[0], subscriptionsKey) || strings.EqualFold(parts[0], resourceGroupsLowerKey) {
|
||||
return nil, fmt.Errorf("invalid resource ID: %s", id)
|
||||
}
|
||||
|
||||
// resourceGroup must contain either child or provider resource type
|
||||
if parent.ResourceType.String() == ResourceGroupResourceType.String() {
|
||||
return nil, fmt.Errorf("invalid resource ID: %s", id)
|
||||
}
|
||||
|
||||
return newResourceID(parent, parts[0], ""), nil
|
||||
}
|
||||
|
||||
if strings.EqualFold(parts[0], providersKey) && (len(parts) == 2 || strings.EqualFold(parts[2], providersKey)) {
|
||||
//provider resource can only be on a tenant or a subscription parent
|
||||
if parent.ResourceType.String() != SubscriptionResourceType.String() && parent.ResourceType.String() != TenantResourceType.String() {
|
||||
return nil, fmt.Errorf("invalid resource ID: %s", id)
|
||||
}
|
||||
|
||||
return appendNext(newResourceIDWithResourceType(parent, ProviderResourceType, parts[1]), parts[2:], id)
|
||||
}
|
||||
|
||||
if len(parts) > 3 && strings.EqualFold(parts[0], providersKey) {
|
||||
return appendNext(newResourceIDWithProvider(parent, parts[1], parts[2], parts[3]), parts[4:], id)
|
||||
}
|
||||
|
||||
if len(parts) > 1 && !strings.EqualFold(parts[0], providersKey) {
|
||||
return appendNext(newResourceID(parent, parts[0], parts[1]), parts[2:], id)
|
||||
}
|
||||
|
||||
return nil, fmt.Errorf("invalid resource ID: %s", id)
|
||||
}
|
||||
|
||||
func splitStringAndOmitEmpty(v, sep string) []string {
|
||||
r := make([]string, 0)
|
||||
for _, s := range strings.Split(v, sep) {
|
||||
if len(s) == 0 {
|
||||
continue
|
||||
}
|
||||
r = append(r, s)
|
||||
}
|
||||
|
||||
return r
|
||||
}
|
114
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/internal/resource/resource_type.go
generated
vendored
Normal file
114
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/internal/resource/resource_type.go
generated
vendored
Normal file
|
@ -0,0 +1,114 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package resource
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"strings"
|
||||
)
|
||||
|
||||
// SubscriptionResourceType is the ResourceType of a subscription
|
||||
var SubscriptionResourceType = NewResourceType(builtInResourceNamespace, "subscriptions")
|
||||
|
||||
// ResourceGroupResourceType is the ResourceType of a resource group
|
||||
var ResourceGroupResourceType = NewResourceType(builtInResourceNamespace, "resourceGroups")
|
||||
|
||||
// TenantResourceType is the ResourceType of a tenant
|
||||
var TenantResourceType = NewResourceType(builtInResourceNamespace, "tenants")
|
||||
|
||||
// ProviderResourceType is the ResourceType of a provider
|
||||
var ProviderResourceType = NewResourceType(builtInResourceNamespace, "providers")
|
||||
|
||||
// ResourceType represents an Azure resource type, e.g. "Microsoft.Network/virtualNetworks/subnets".
|
||||
// Don't create this type directly, use ParseResourceType or NewResourceType instead.
|
||||
type ResourceType struct {
|
||||
// Namespace is the namespace of the resource type.
|
||||
// e.g. "Microsoft.Network" in resource type "Microsoft.Network/virtualNetworks/subnets"
|
||||
Namespace string
|
||||
|
||||
// Type is the full type name of the resource type.
|
||||
// e.g. "virtualNetworks/subnets" in resource type "Microsoft.Network/virtualNetworks/subnets"
|
||||
Type string
|
||||
|
||||
// Types is the slice of all the sub-types of this resource type.
|
||||
// e.g. ["virtualNetworks", "subnets"] in resource type "Microsoft.Network/virtualNetworks/subnets"
|
||||
Types []string
|
||||
|
||||
stringValue string
|
||||
}
|
||||
|
||||
// String returns the string of the ResourceType
|
||||
func (t ResourceType) String() string {
|
||||
return t.stringValue
|
||||
}
|
||||
|
||||
// IsParentOf returns true when the receiver is the parent resource type of the child.
|
||||
func (t ResourceType) IsParentOf(child ResourceType) bool {
|
||||
if !strings.EqualFold(t.Namespace, child.Namespace) {
|
||||
return false
|
||||
}
|
||||
if len(t.Types) >= len(child.Types) {
|
||||
return false
|
||||
}
|
||||
for i := range t.Types {
|
||||
if !strings.EqualFold(t.Types[i], child.Types[i]) {
|
||||
return false
|
||||
}
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
|
||||
// AppendChild creates an instance of ResourceType using the receiver as the parent with childType appended to it.
|
||||
func (t ResourceType) AppendChild(childType string) ResourceType {
|
||||
return NewResourceType(t.Namespace, fmt.Sprintf("%s/%s", t.Type, childType))
|
||||
}
|
||||
|
||||
// NewResourceType creates an instance of ResourceType using a provider namespace
|
||||
// such as "Microsoft.Network" and type such as "virtualNetworks/subnets".
|
||||
func NewResourceType(providerNamespace, typeName string) ResourceType {
|
||||
return ResourceType{
|
||||
Namespace: providerNamespace,
|
||||
Type: typeName,
|
||||
Types: splitStringAndOmitEmpty(typeName, "/"),
|
||||
stringValue: fmt.Sprintf("%s/%s", providerNamespace, typeName),
|
||||
}
|
||||
}
|
||||
|
||||
// ParseResourceType parses the ResourceType from a resource type string (e.g. Microsoft.Network/virtualNetworks/subsets)
|
||||
// or a resource identifier string.
|
||||
// e.g. /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myRg/providers/Microsoft.Network/virtualNetworks/vnet/subnets/mySubnet)
|
||||
func ParseResourceType(resourceIDOrType string) (ResourceType, error) {
|
||||
// split the path into segments
|
||||
parts := splitStringAndOmitEmpty(resourceIDOrType, "/")
|
||||
|
||||
// There must be at least a namespace and type name
|
||||
if len(parts) < 1 {
|
||||
return ResourceType{}, fmt.Errorf("invalid resource ID or type: %s", resourceIDOrType)
|
||||
}
|
||||
|
||||
// if the type is just subscriptions, it is a built-in type in the Microsoft.Resources namespace
|
||||
if len(parts) == 1 {
|
||||
// Simple resource type
|
||||
return NewResourceType(builtInResourceNamespace, parts[0]), nil
|
||||
} else if strings.Contains(parts[0], ".") {
|
||||
// Handle resource types (Microsoft.Compute/virtualMachines, Microsoft.Network/virtualNetworks/subnets)
|
||||
// it is a full type name
|
||||
return NewResourceType(parts[0], strings.Join(parts[1:], "/")), nil
|
||||
} else {
|
||||
// Check if ResourceID
|
||||
id, err := ParseResourceID(resourceIDOrType)
|
||||
if err != nil {
|
||||
return ResourceType{}, err
|
||||
}
|
||||
return NewResourceType(id.ResourceType.Namespace, id.ResourceType.Type), nil
|
||||
}
|
||||
}
|
||||
|
||||
func (t ResourceType) lastType() string {
|
||||
return t.Types[len(t.Types)-1]
|
||||
}
|
98
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/policy/policy.go
generated
vendored
Normal file
98
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/policy/policy.go
generated
vendored
Normal file
|
@ -0,0 +1,98 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package policy
|
||||
|
||||
import (
|
||||
"time"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
)
|
||||
|
||||
// BearerTokenOptions configures the bearer token policy's behavior.
|
||||
type BearerTokenOptions struct {
|
||||
// AuxiliaryTenants are additional tenant IDs for authenticating cross-tenant requests.
|
||||
// The policy will add a token from each of these tenants to every request. The
|
||||
// authenticating user or service principal must be a guest in these tenants, and the
|
||||
// policy's credential must support multitenant authentication.
|
||||
AuxiliaryTenants []string
|
||||
|
||||
// Scopes contains the list of permission scopes required for the token.
|
||||
Scopes []string
|
||||
}
|
||||
|
||||
// RegistrationOptions configures the registration policy's behavior.
|
||||
// All zero-value fields will be initialized with their default values.
|
||||
type RegistrationOptions struct {
|
||||
policy.ClientOptions
|
||||
|
||||
// MaxAttempts is the total number of times to attempt automatic registration
|
||||
// in the event that an attempt fails.
|
||||
// The default value is 3.
|
||||
// Set to a value less than zero to disable the policy.
|
||||
MaxAttempts int
|
||||
|
||||
// PollingDelay is the amount of time to sleep between polling intervals.
|
||||
// The default value is 15 seconds.
|
||||
// A value less than zero means no delay between polling intervals (not recommended).
|
||||
PollingDelay time.Duration
|
||||
|
||||
// PollingDuration is the amount of time to wait before abandoning polling.
|
||||
// The default valule is 5 minutes.
|
||||
// NOTE: Setting this to a small value might cause the policy to prematurely fail.
|
||||
PollingDuration time.Duration
|
||||
}
|
||||
|
||||
// ClientOptions contains configuration settings for a client's pipeline.
|
||||
type ClientOptions struct {
|
||||
policy.ClientOptions
|
||||
|
||||
// AuxiliaryTenants are additional tenant IDs for authenticating cross-tenant requests.
|
||||
// The client will add a token from each of these tenants to every request. The
|
||||
// authenticating user or service principal must be a guest in these tenants, and the
|
||||
// client's credential must support multitenant authentication.
|
||||
AuxiliaryTenants []string
|
||||
|
||||
// DisableRPRegistration disables the auto-RP registration policy. Defaults to false.
|
||||
DisableRPRegistration bool
|
||||
}
|
||||
|
||||
// Clone return a deep copy of the current options.
|
||||
func (o *ClientOptions) Clone() *ClientOptions {
|
||||
if o == nil {
|
||||
return nil
|
||||
}
|
||||
copiedOptions := *o
|
||||
copiedOptions.Cloud.Services = copyMap(copiedOptions.Cloud.Services)
|
||||
copiedOptions.Logging.AllowedHeaders = copyArray(copiedOptions.Logging.AllowedHeaders)
|
||||
copiedOptions.Logging.AllowedQueryParams = copyArray(copiedOptions.Logging.AllowedQueryParams)
|
||||
copiedOptions.Retry.StatusCodes = copyArray(copiedOptions.Retry.StatusCodes)
|
||||
copiedOptions.PerRetryPolicies = copyArray(copiedOptions.PerRetryPolicies)
|
||||
copiedOptions.PerCallPolicies = copyArray(copiedOptions.PerCallPolicies)
|
||||
return &copiedOptions
|
||||
}
|
||||
|
||||
// copyMap return a new map with all the key value pair in the src map
|
||||
func copyMap[K comparable, V any](src map[K]V) map[K]V {
|
||||
if src == nil {
|
||||
return nil
|
||||
}
|
||||
copiedMap := make(map[K]V)
|
||||
for k, v := range src {
|
||||
copiedMap[k] = v
|
||||
}
|
||||
return copiedMap
|
||||
}
|
||||
|
||||
// copyMap return a new array with all the elements in the src array
|
||||
func copyArray[T any](src []T) []T {
|
||||
if src == nil {
|
||||
return nil
|
||||
}
|
||||
copiedArray := make([]T, len(src))
|
||||
copy(copiedArray, src)
|
||||
return copiedArray
|
||||
}
|
65
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/runtime/pipeline.go
generated
vendored
Normal file
65
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/runtime/pipeline.go
generated
vendored
Normal file
|
@ -0,0 +1,65 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package runtime
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"reflect"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
armpolicy "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/cloud"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/internal/exported"
|
||||
azpolicy "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
azruntime "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
)
|
||||
|
||||
// NewPipeline creates a pipeline from connection options. Policies from ClientOptions are
|
||||
// placed after policies from PipelineOptions. The telemetry policy, when enabled, will
|
||||
// use the specified module and version info.
|
||||
func NewPipeline(module, version string, cred azcore.TokenCredential, plOpts azruntime.PipelineOptions, options *armpolicy.ClientOptions) (azruntime.Pipeline, error) {
|
||||
if options == nil {
|
||||
options = &armpolicy.ClientOptions{}
|
||||
}
|
||||
conf, err := getConfiguration(&options.ClientOptions)
|
||||
if err != nil {
|
||||
return azruntime.Pipeline{}, err
|
||||
}
|
||||
authPolicy := NewBearerTokenPolicy(cred, &armpolicy.BearerTokenOptions{
|
||||
AuxiliaryTenants: options.AuxiliaryTenants,
|
||||
Scopes: []string{conf.Audience + "/.default"},
|
||||
})
|
||||
perRetry := make([]azpolicy.Policy, len(plOpts.PerRetry), len(plOpts.PerRetry)+1)
|
||||
copy(perRetry, plOpts.PerRetry)
|
||||
plOpts.PerRetry = append(perRetry, authPolicy, exported.PolicyFunc(httpTraceNamespacePolicy))
|
||||
if !options.DisableRPRegistration {
|
||||
regRPOpts := armpolicy.RegistrationOptions{ClientOptions: options.ClientOptions}
|
||||
regPolicy, err := NewRPRegistrationPolicy(cred, ®RPOpts)
|
||||
if err != nil {
|
||||
return azruntime.Pipeline{}, err
|
||||
}
|
||||
perCall := make([]azpolicy.Policy, len(plOpts.PerCall), len(plOpts.PerCall)+1)
|
||||
copy(perCall, plOpts.PerCall)
|
||||
plOpts.PerCall = append(perCall, regPolicy)
|
||||
}
|
||||
if plOpts.APIVersion.Name == "" {
|
||||
plOpts.APIVersion.Name = "api-version"
|
||||
}
|
||||
return azruntime.NewPipeline(module, version, plOpts, &options.ClientOptions), nil
|
||||
}
|
||||
|
||||
func getConfiguration(o *azpolicy.ClientOptions) (cloud.ServiceConfiguration, error) {
|
||||
c := cloud.AzurePublic
|
||||
if !reflect.ValueOf(o.Cloud).IsZero() {
|
||||
c = o.Cloud
|
||||
}
|
||||
if conf, ok := c.Services[cloud.ResourceManager]; ok && conf.Endpoint != "" && conf.Audience != "" {
|
||||
return conf, nil
|
||||
} else {
|
||||
return conf, errors.New("provided Cloud field is missing Azure Resource Manager configuration")
|
||||
}
|
||||
}
|
145
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/runtime/policy_bearer_token.go
generated
vendored
Normal file
145
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/runtime/policy_bearer_token.go
generated
vendored
Normal file
|
@ -0,0 +1,145 @@
|
|||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package runtime
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/base64"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
armpolicy "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/internal/shared"
|
||||
azpolicy "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
azruntime "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/internal/temporal"
|
||||
)
|
||||
|
||||
const headerAuxiliaryAuthorization = "x-ms-authorization-auxiliary"
|
||||
|
||||
// acquiringResourceState holds data for an auxiliary token request
|
||||
type acquiringResourceState struct {
|
||||
ctx context.Context
|
||||
p *BearerTokenPolicy
|
||||
tenant string
|
||||
}
|
||||
|
||||
// acquireAuxToken acquires a token from an auxiliary tenant. Only one thread/goroutine at a time ever calls this function.
|
||||
func acquireAuxToken(state acquiringResourceState) (newResource azcore.AccessToken, newExpiration time.Time, err error) {
|
||||
tk, err := state.p.cred.GetToken(state.ctx, azpolicy.TokenRequestOptions{
|
||||
EnableCAE: true,
|
||||
Scopes: state.p.scopes,
|
||||
TenantID: state.tenant,
|
||||
})
|
||||
if err != nil {
|
||||
return azcore.AccessToken{}, time.Time{}, err
|
||||
}
|
||||
return tk, tk.ExpiresOn, nil
|
||||
}
|
||||
|
||||
// BearerTokenPolicy authorizes requests with bearer tokens acquired from a TokenCredential.
|
||||
type BearerTokenPolicy struct {
|
||||
auxResources map[string]*temporal.Resource[azcore.AccessToken, acquiringResourceState]
|
||||
btp *azruntime.BearerTokenPolicy
|
||||
cred azcore.TokenCredential
|
||||
scopes []string
|
||||
}
|
||||
|
||||
// NewBearerTokenPolicy creates a policy object that authorizes requests with bearer tokens.
|
||||
// cred: an azcore.TokenCredential implementation such as a credential object from azidentity
|
||||
// opts: optional settings. Pass nil to accept default values; this is the same as passing a zero-value options.
|
||||
func NewBearerTokenPolicy(cred azcore.TokenCredential, opts *armpolicy.BearerTokenOptions) *BearerTokenPolicy {
|
||||
if opts == nil {
|
||||
opts = &armpolicy.BearerTokenOptions{}
|
||||
}
|
||||
p := &BearerTokenPolicy{cred: cred}
|
||||
p.auxResources = make(map[string]*temporal.Resource[azcore.AccessToken, acquiringResourceState], len(opts.AuxiliaryTenants))
|
||||
for _, t := range opts.AuxiliaryTenants {
|
||||
p.auxResources[t] = temporal.NewResource(acquireAuxToken)
|
||||
}
|
||||
p.scopes = make([]string, len(opts.Scopes))
|
||||
copy(p.scopes, opts.Scopes)
|
||||
p.btp = azruntime.NewBearerTokenPolicy(cred, opts.Scopes, &azpolicy.BearerTokenOptions{
|
||||
AuthorizationHandler: azpolicy.AuthorizationHandler{
|
||||
OnChallenge: p.onChallenge,
|
||||
OnRequest: p.onRequest,
|
||||
},
|
||||
})
|
||||
return p
|
||||
}
|
||||
|
||||
func (b *BearerTokenPolicy) onChallenge(req *azpolicy.Request, res *http.Response, authNZ func(azpolicy.TokenRequestOptions) error) error {
|
||||
challenge := res.Header.Get(shared.HeaderWWWAuthenticate)
|
||||
claims, err := parseChallenge(challenge)
|
||||
if err != nil {
|
||||
// the challenge contains claims we can't parse
|
||||
return err
|
||||
} else if claims != "" {
|
||||
// request a new token having the specified claims, send the request again
|
||||
return authNZ(azpolicy.TokenRequestOptions{Claims: claims, EnableCAE: true, Scopes: b.scopes})
|
||||
}
|
||||
// auth challenge didn't include claims, so this is a simple authorization failure
|
||||
return azruntime.NewResponseError(res)
|
||||
}
|
||||
|
||||
// onRequest authorizes requests with one or more bearer tokens
|
||||
func (b *BearerTokenPolicy) onRequest(req *azpolicy.Request, authNZ func(azpolicy.TokenRequestOptions) error) error {
|
||||
// authorize the request with a token for the primary tenant
|
||||
err := authNZ(azpolicy.TokenRequestOptions{EnableCAE: true, Scopes: b.scopes})
|
||||
if err != nil || len(b.auxResources) == 0 {
|
||||
return err
|
||||
}
|
||||
// add tokens for auxiliary tenants
|
||||
as := acquiringResourceState{
|
||||
ctx: req.Raw().Context(),
|
||||
p: b,
|
||||
}
|
||||
auxTokens := make([]string, 0, len(b.auxResources))
|
||||
for tenant, er := range b.auxResources {
|
||||
as.tenant = tenant
|
||||
auxTk, err := er.Get(as)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
auxTokens = append(auxTokens, fmt.Sprintf("%s%s", shared.BearerTokenPrefix, auxTk.Token))
|
||||
}
|
||||
req.Raw().Header.Set(headerAuxiliaryAuthorization, strings.Join(auxTokens, ", "))
|
||||
return nil
|
||||
}
|
||||
|
||||
// Do authorizes a request with a bearer token
|
||||
func (b *BearerTokenPolicy) Do(req *azpolicy.Request) (*http.Response, error) {
|
||||
return b.btp.Do(req)
|
||||
}
|
||||
|
||||
// parseChallenge parses claims from an authentication challenge issued by ARM so a client can request a token
|
||||
// that will satisfy conditional access policies. It returns a non-nil error when the given value contains
|
||||
// claims it can't parse. If the value contains no claims, it returns an empty string and a nil error.
|
||||
func parseChallenge(wwwAuthenticate string) (string, error) {
|
||||
claims := ""
|
||||
var err error
|
||||
for _, param := range strings.Split(wwwAuthenticate, ",") {
|
||||
if _, after, found := strings.Cut(param, "claims="); found {
|
||||
if claims != "" {
|
||||
// The header contains multiple challenges, at least two of which specify claims. The specs allow this
|
||||
// but it's unclear what a client should do in this case and there's as yet no concrete example of it.
|
||||
err = fmt.Errorf("found multiple claims challenges in %q", wwwAuthenticate)
|
||||
break
|
||||
}
|
||||
// trim stuff that would get an error from RawURLEncoding; claims may or may not be padded
|
||||
claims = strings.Trim(after, `\"=`)
|
||||
// we don't return this error because it's something unhelpful like "illegal base64 data at input byte 42"
|
||||
if b, decErr := base64.RawURLEncoding.DecodeString(claims); decErr == nil {
|
||||
claims = string(b)
|
||||
} else {
|
||||
err = fmt.Errorf("failed to parse claims from %q", wwwAuthenticate)
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
return claims, err
|
||||
}
|
347
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/runtime/policy_register_rp.go
generated
vendored
Normal file
347
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/runtime/policy_register_rp.go
generated
vendored
Normal file
|
@ -0,0 +1,347 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package runtime
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
armpolicy "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/internal/exported"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/internal/shared"
|
||||
azpolicy "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/internal/log"
|
||||
)
|
||||
|
||||
const (
|
||||
// LogRPRegistration entries contain information specific to the automatic registration of an RP.
|
||||
// Entries of this classification are written IFF the policy needs to take any action.
|
||||
LogRPRegistration log.Event = "RPRegistration"
|
||||
)
|
||||
|
||||
// init sets any default values
|
||||
func setDefaults(r *armpolicy.RegistrationOptions) {
|
||||
if r.MaxAttempts == 0 {
|
||||
r.MaxAttempts = 3
|
||||
} else if r.MaxAttempts < 0 {
|
||||
r.MaxAttempts = 0
|
||||
}
|
||||
if r.PollingDelay == 0 {
|
||||
r.PollingDelay = 15 * time.Second
|
||||
} else if r.PollingDelay < 0 {
|
||||
r.PollingDelay = 0
|
||||
}
|
||||
if r.PollingDuration == 0 {
|
||||
r.PollingDuration = 5 * time.Minute
|
||||
}
|
||||
}
|
||||
|
||||
// NewRPRegistrationPolicy creates a policy object configured using the specified options.
|
||||
// The policy controls whether an unregistered resource provider should automatically be
|
||||
// registered. See https://aka.ms/rps-not-found for more information.
|
||||
func NewRPRegistrationPolicy(cred azcore.TokenCredential, o *armpolicy.RegistrationOptions) (azpolicy.Policy, error) {
|
||||
if o == nil {
|
||||
o = &armpolicy.RegistrationOptions{}
|
||||
}
|
||||
conf, err := getConfiguration(&o.ClientOptions)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
authPolicy := NewBearerTokenPolicy(cred, &armpolicy.BearerTokenOptions{Scopes: []string{conf.Audience + "/.default"}})
|
||||
p := &rpRegistrationPolicy{
|
||||
endpoint: conf.Endpoint,
|
||||
pipeline: runtime.NewPipeline(shared.Module, shared.Version, runtime.PipelineOptions{PerRetry: []azpolicy.Policy{authPolicy}}, &o.ClientOptions),
|
||||
options: *o,
|
||||
}
|
||||
// init the copy
|
||||
setDefaults(&p.options)
|
||||
return p, nil
|
||||
}
|
||||
|
||||
type rpRegistrationPolicy struct {
|
||||
endpoint string
|
||||
pipeline runtime.Pipeline
|
||||
options armpolicy.RegistrationOptions
|
||||
}
|
||||
|
||||
func (r *rpRegistrationPolicy) Do(req *azpolicy.Request) (*http.Response, error) {
|
||||
if r.options.MaxAttempts == 0 {
|
||||
// policy is disabled
|
||||
return req.Next()
|
||||
}
|
||||
const registeredState = "Registered"
|
||||
var rp string
|
||||
var resp *http.Response
|
||||
for attempts := 0; attempts < r.options.MaxAttempts; attempts++ {
|
||||
var err error
|
||||
// make the original request
|
||||
resp, err = req.Next()
|
||||
// getting a 409 is the first indication that the RP might need to be registered, check error response
|
||||
if err != nil || resp.StatusCode != http.StatusConflict {
|
||||
return resp, err
|
||||
}
|
||||
var reqErr requestError
|
||||
if err = runtime.UnmarshalAsJSON(resp, &reqErr); err != nil {
|
||||
return resp, err
|
||||
}
|
||||
if reqErr.ServiceError == nil {
|
||||
// missing service error info. just return the response
|
||||
// to the caller so its error unmarshalling will kick in
|
||||
return resp, err
|
||||
}
|
||||
if !isUnregisteredRPCode(reqErr.ServiceError.Code) {
|
||||
// not a 409 due to unregistered RP. just return the response
|
||||
// to the caller so its error unmarshalling will kick in
|
||||
return resp, err
|
||||
}
|
||||
// RP needs to be registered. start by getting the subscription ID from the original request
|
||||
subID, err := getSubscription(req.Raw().URL.Path)
|
||||
if err != nil {
|
||||
return resp, err
|
||||
}
|
||||
// now get the RP from the error
|
||||
rp, err = getProvider(reqErr)
|
||||
if err != nil {
|
||||
return resp, err
|
||||
}
|
||||
logRegistrationExit := func(v interface{}) {
|
||||
log.Writef(LogRPRegistration, "END registration for %s: %v", rp, v)
|
||||
}
|
||||
log.Writef(LogRPRegistration, "BEGIN registration for %s", rp)
|
||||
// create client and make the registration request
|
||||
// we use the scheme and host from the original request
|
||||
rpOps := &providersOperations{
|
||||
p: r.pipeline,
|
||||
u: r.endpoint,
|
||||
subID: subID,
|
||||
}
|
||||
if _, err = rpOps.Register(&shared.ContextWithDeniedValues{Context: req.Raw().Context()}, rp); err != nil {
|
||||
logRegistrationExit(err)
|
||||
return resp, err
|
||||
}
|
||||
|
||||
// RP was registered, however we need to wait for the registration to complete
|
||||
pollCtx, pollCancel := context.WithTimeout(&shared.ContextWithDeniedValues{Context: req.Raw().Context()}, r.options.PollingDuration)
|
||||
var lastRegState string
|
||||
for {
|
||||
// get the current registration state
|
||||
getResp, err := rpOps.Get(pollCtx, rp)
|
||||
if err != nil {
|
||||
pollCancel()
|
||||
logRegistrationExit(err)
|
||||
return resp, err
|
||||
}
|
||||
if getResp.Provider.RegistrationState != nil && !strings.EqualFold(*getResp.Provider.RegistrationState, lastRegState) {
|
||||
// registration state has changed, or was updated for the first time
|
||||
lastRegState = *getResp.Provider.RegistrationState
|
||||
log.Writef(LogRPRegistration, "registration state is %s", lastRegState)
|
||||
}
|
||||
if strings.EqualFold(lastRegState, registeredState) {
|
||||
// registration complete
|
||||
pollCancel()
|
||||
logRegistrationExit(lastRegState)
|
||||
break
|
||||
}
|
||||
// wait before trying again
|
||||
select {
|
||||
case <-time.After(r.options.PollingDelay):
|
||||
// continue polling
|
||||
case <-pollCtx.Done():
|
||||
pollCancel()
|
||||
logRegistrationExit(pollCtx.Err())
|
||||
return resp, pollCtx.Err()
|
||||
}
|
||||
}
|
||||
// RP was successfully registered, retry the original request
|
||||
err = req.RewindBody()
|
||||
if err != nil {
|
||||
return resp, err
|
||||
}
|
||||
}
|
||||
// if we get here it means we exceeded the number of attempts
|
||||
return resp, fmt.Errorf("exceeded attempts to register %s", rp)
|
||||
}
|
||||
|
||||
var unregisteredRPCodes = []string{
|
||||
"MissingSubscriptionRegistration",
|
||||
"MissingRegistrationForResourceProvider",
|
||||
"Subscription Not Registered",
|
||||
"SubscriptionNotRegistered",
|
||||
}
|
||||
|
||||
func isUnregisteredRPCode(errorCode string) bool {
|
||||
for _, code := range unregisteredRPCodes {
|
||||
if strings.EqualFold(errorCode, code) {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
func getSubscription(path string) (string, error) {
|
||||
parts := strings.Split(path, "/")
|
||||
for i, v := range parts {
|
||||
if v == "subscriptions" && (i+1) < len(parts) {
|
||||
return parts[i+1], nil
|
||||
}
|
||||
}
|
||||
return "", fmt.Errorf("failed to obtain subscription ID from %s", path)
|
||||
}
|
||||
|
||||
func getProvider(re requestError) (string, error) {
|
||||
if len(re.ServiceError.Details) > 0 {
|
||||
return re.ServiceError.Details[0].Target, nil
|
||||
}
|
||||
return "", errors.New("unexpected empty Details")
|
||||
}
|
||||
|
||||
// minimal error definitions to simplify detection
|
||||
type requestError struct {
|
||||
ServiceError *serviceError `json:"error"`
|
||||
}
|
||||
|
||||
type serviceError struct {
|
||||
Code string `json:"code"`
|
||||
Details []serviceErrorDetails `json:"details"`
|
||||
}
|
||||
|
||||
type serviceErrorDetails struct {
|
||||
Code string `json:"code"`
|
||||
Target string `json:"target"`
|
||||
}
|
||||
|
||||
///////////////////////////////////////////////////////////////////////////////////////////////
|
||||
// the following code was copied from module armresources, providers.go and models.go
|
||||
// only the minimum amount of code was copied to get this working and some edits were made.
|
||||
///////////////////////////////////////////////////////////////////////////////////////////////
|
||||
|
||||
type providersOperations struct {
|
||||
p runtime.Pipeline
|
||||
u string
|
||||
subID string
|
||||
}
|
||||
|
||||
// Get - Gets the specified resource provider.
|
||||
func (client *providersOperations) Get(ctx context.Context, resourceProviderNamespace string) (providerResponse, error) {
|
||||
req, err := client.getCreateRequest(ctx, resourceProviderNamespace)
|
||||
if err != nil {
|
||||
return providerResponse{}, err
|
||||
}
|
||||
resp, err := client.p.Do(req)
|
||||
if err != nil {
|
||||
return providerResponse{}, err
|
||||
}
|
||||
result, err := client.getHandleResponse(resp)
|
||||
if err != nil {
|
||||
return providerResponse{}, err
|
||||
}
|
||||
return result, nil
|
||||
}
|
||||
|
||||
// getCreateRequest creates the Get request.
|
||||
func (client *providersOperations) getCreateRequest(ctx context.Context, resourceProviderNamespace string) (*azpolicy.Request, error) {
|
||||
urlPath := "/subscriptions/{subscriptionId}/providers/{resourceProviderNamespace}"
|
||||
urlPath = strings.ReplaceAll(urlPath, "{resourceProviderNamespace}", url.PathEscape(resourceProviderNamespace))
|
||||
urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subID))
|
||||
req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.u, urlPath))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
query := req.Raw().URL.Query()
|
||||
query.Set("api-version", "2019-05-01")
|
||||
req.Raw().URL.RawQuery = query.Encode()
|
||||
return req, nil
|
||||
}
|
||||
|
||||
// getHandleResponse handles the Get response.
|
||||
func (client *providersOperations) getHandleResponse(resp *http.Response) (providerResponse, error) {
|
||||
if !runtime.HasStatusCode(resp, http.StatusOK) {
|
||||
return providerResponse{}, exported.NewResponseError(resp)
|
||||
}
|
||||
result := providerResponse{RawResponse: resp}
|
||||
err := runtime.UnmarshalAsJSON(resp, &result.Provider)
|
||||
if err != nil {
|
||||
return providerResponse{}, err
|
||||
}
|
||||
return result, err
|
||||
}
|
||||
|
||||
// Register - Registers a subscription with a resource provider.
|
||||
func (client *providersOperations) Register(ctx context.Context, resourceProviderNamespace string) (providerResponse, error) {
|
||||
req, err := client.registerCreateRequest(ctx, resourceProviderNamespace)
|
||||
if err != nil {
|
||||
return providerResponse{}, err
|
||||
}
|
||||
resp, err := client.p.Do(req)
|
||||
if err != nil {
|
||||
return providerResponse{}, err
|
||||
}
|
||||
result, err := client.registerHandleResponse(resp)
|
||||
if err != nil {
|
||||
return providerResponse{}, err
|
||||
}
|
||||
return result, nil
|
||||
}
|
||||
|
||||
// registerCreateRequest creates the Register request.
|
||||
func (client *providersOperations) registerCreateRequest(ctx context.Context, resourceProviderNamespace string) (*azpolicy.Request, error) {
|
||||
urlPath := "/subscriptions/{subscriptionId}/providers/{resourceProviderNamespace}/register"
|
||||
urlPath = strings.ReplaceAll(urlPath, "{resourceProviderNamespace}", url.PathEscape(resourceProviderNamespace))
|
||||
urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subID))
|
||||
req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.u, urlPath))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
query := req.Raw().URL.Query()
|
||||
query.Set("api-version", "2019-05-01")
|
||||
req.Raw().URL.RawQuery = query.Encode()
|
||||
return req, nil
|
||||
}
|
||||
|
||||
// registerHandleResponse handles the Register response.
|
||||
func (client *providersOperations) registerHandleResponse(resp *http.Response) (providerResponse, error) {
|
||||
if !runtime.HasStatusCode(resp, http.StatusOK) {
|
||||
return providerResponse{}, exported.NewResponseError(resp)
|
||||
}
|
||||
result := providerResponse{RawResponse: resp}
|
||||
err := runtime.UnmarshalAsJSON(resp, &result.Provider)
|
||||
if err != nil {
|
||||
return providerResponse{}, err
|
||||
}
|
||||
return result, err
|
||||
}
|
||||
|
||||
// ProviderResponse is the response envelope for operations that return a Provider type.
|
||||
type providerResponse struct {
|
||||
// Resource provider information.
|
||||
Provider *provider
|
||||
|
||||
// RawResponse contains the underlying HTTP response.
|
||||
RawResponse *http.Response
|
||||
}
|
||||
|
||||
// Provider - Resource provider information.
|
||||
type provider struct {
|
||||
// The provider ID.
|
||||
ID *string `json:"id,omitempty"`
|
||||
|
||||
// The namespace of the resource provider.
|
||||
Namespace *string `json:"namespace,omitempty"`
|
||||
|
||||
// The registration policy of the resource provider.
|
||||
RegistrationPolicy *string `json:"registrationPolicy,omitempty"`
|
||||
|
||||
// The registration state of the resource provider.
|
||||
RegistrationState *string `json:"registrationState,omitempty"`
|
||||
}
|
30
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/runtime/policy_trace_namespace.go
generated
vendored
Normal file
30
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/runtime/policy_trace_namespace.go
generated
vendored
Normal file
|
@ -0,0 +1,30 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package runtime
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/internal/resource"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/internal/shared"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/tracing"
|
||||
)
|
||||
|
||||
// httpTraceNamespacePolicy is a policy that adds the az.namespace attribute to the current Span
|
||||
func httpTraceNamespacePolicy(req *policy.Request) (resp *http.Response, err error) {
|
||||
rawTracer := req.Raw().Context().Value(shared.CtxWithTracingTracer{})
|
||||
if tracer, ok := rawTracer.(tracing.Tracer); ok && tracer.Enabled() {
|
||||
rt, err := resource.ParseResourceType(req.Raw().URL.Path)
|
||||
if err == nil {
|
||||
// add the namespace attribute to the current span
|
||||
span := tracer.SpanFromContext(req.Raw().Context())
|
||||
span.SetAttributes(tracing.Attribute{Key: shared.TracingNamespaceAttrName, Value: rt.Namespace})
|
||||
}
|
||||
}
|
||||
return req.Next()
|
||||
}
|
24
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/runtime/runtime.go
generated
vendored
Normal file
24
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/runtime/runtime.go
generated
vendored
Normal file
|
@ -0,0 +1,24 @@
|
|||
//go:build go1.16
|
||||
// +build go1.16
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package runtime
|
||||
|
||||
import "github.com/Azure/azure-sdk-for-go/sdk/azcore/cloud"
|
||||
|
||||
func init() {
|
||||
cloud.AzureChina.Services[cloud.ResourceManager] = cloud.ServiceConfiguration{
|
||||
Audience: "https://management.core.chinacloudapi.cn",
|
||||
Endpoint: "https://management.chinacloudapi.cn",
|
||||
}
|
||||
cloud.AzureGovernment.Services[cloud.ResourceManager] = cloud.ServiceConfiguration{
|
||||
Audience: "https://management.core.usgovcloudapi.net",
|
||||
Endpoint: "https://management.usgovcloudapi.net",
|
||||
}
|
||||
cloud.AzurePublic.Services[cloud.ResourceManager] = cloud.ServiceConfiguration{
|
||||
Audience: "https://management.core.windows.net/",
|
||||
Endpoint: "https://management.azure.com",
|
||||
}
|
||||
}
|
39
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/CHANGELOG.md
generated
vendored
39
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/CHANGELOG.md
generated
vendored
|
@ -1,5 +1,38 @@
|
|||
# Release History
|
||||
|
||||
## 1.5.1 (2024-01-17)
|
||||
|
||||
### Bugs Fixed
|
||||
* `InteractiveBrowserCredential` handles `AdditionallyAllowedTenants` correctly
|
||||
|
||||
## 1.5.0 (2024-01-16)
|
||||
|
||||
### Breaking Changes
|
||||
> These changes affect only code written against a beta version such as v1.5.0-beta.1
|
||||
* Removed persistent token caching. It will return in v1.6.0-beta.1
|
||||
|
||||
### Bugs Fixed
|
||||
* Credentials now preserve MSAL headers e.g. X-Client-Sku
|
||||
|
||||
### Other Changes
|
||||
* Upgraded dependencies
|
||||
|
||||
## 1.5.0-beta.2 (2023-11-07)
|
||||
|
||||
### Features Added
|
||||
* `DefaultAzureCredential` and `ManagedIdentityCredential` support Azure ML managed identity
|
||||
* Added spans for distributed tracing.
|
||||
|
||||
## 1.5.0-beta.1 (2023-10-10)
|
||||
|
||||
### Features Added
|
||||
* Optional persistent token caching for most credentials. Set `TokenCachePersistenceOptions`
|
||||
on a credential's options to enable and configure this. See the package documentation for
|
||||
this version and [TOKEN_CACHING.md](https://aka.ms/azsdk/go/identity/caching) for more
|
||||
details.
|
||||
* `AzureDeveloperCLICredential` authenticates with the Azure Developer CLI (`azd`). This
|
||||
credential is also part of the `DefaultAzureCredential` authentication flow.
|
||||
|
||||
## 1.4.0 (2023-10-10)
|
||||
|
||||
### Bugs Fixed
|
||||
|
@ -94,14 +127,14 @@
|
|||
### Features Added
|
||||
* By default, credentials set client capability "CP1" to enable support for
|
||||
[Continuous Access Evaluation (CAE)](https://docs.microsoft.com/azure/active-directory/develop/app-resilience-continuous-access-evaluation).
|
||||
This indicates to Azure Active Directory that your application can handle CAE claims challenges.
|
||||
This indicates to Microsoft Entra ID that your application can handle CAE claims challenges.
|
||||
You can disable this behavior by setting the environment variable "AZURE_IDENTITY_DISABLE_CP1" to "true".
|
||||
* `InteractiveBrowserCredentialOptions.LoginHint` enables pre-populating the login
|
||||
prompt with a username ([#15599](https://github.com/Azure/azure-sdk-for-go/pull/15599))
|
||||
* Service principal and user credentials support ADFS authentication on Azure Stack.
|
||||
Specify "adfs" as the credential's tenant.
|
||||
* Applications running in private or disconnected clouds can prevent credentials from
|
||||
requesting Azure AD instance metadata by setting the `DisableInstanceDiscovery`
|
||||
requesting Microsoft Entra instance metadata by setting the `DisableInstanceDiscovery`
|
||||
field on credential options.
|
||||
* Many credentials can now be configured to authenticate in multiple tenants. The
|
||||
options types for these credentials have an `AdditionallyAllowedTenants` field
|
||||
|
@ -454,4 +487,4 @@
|
|||
|
||||
## 0.1.0 (2020-07-23)
|
||||
### Features Added
|
||||
* Initial Release. Azure Identity library that provides Azure Active Directory token authentication support for the SDK.
|
||||
* Initial Release. Azure Identity library that provides Microsoft Entra token authentication support for the SDK.
|
||||
|
|
6
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/MIGRATION.md
generated
vendored
6
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/MIGRATION.md
generated
vendored
|
@ -1,6 +1,6 @@
|
|||
# Migrating from autorest/adal to azidentity
|
||||
|
||||
`azidentity` provides Azure Active Directory (Azure AD) authentication for the newest Azure SDK modules (`github.com/azure-sdk-for-go/sdk/...`). Older Azure SDK packages (`github.com/azure-sdk-for-go/services/...`) use types from `github.com/go-autorest/autorest/adal` instead.
|
||||
`azidentity` provides Microsoft Entra ID ([formerly Azure Active Directory](https://learn.microsoft.com/azure/active-directory/fundamentals/new-name)) authentication for the newest Azure SDK modules (`github.com/azure-sdk-for-go/sdk/...`). Older Azure SDK packages (`github.com/azure-sdk-for-go/services/...`) use types from `github.com/go-autorest/autorest/adal` instead.
|
||||
|
||||
This guide shows common authentication code using `autorest/adal` and its equivalent using `azidentity`.
|
||||
|
||||
|
@ -18,7 +18,7 @@ This guide shows common authentication code using `autorest/adal` and its equiva
|
|||
|
||||
### `autorest/adal`
|
||||
|
||||
Token providers require a token audience (resource identifier) and an instance of `adal.OAuthConfig`, which requires an Azure AD endpoint and tenant:
|
||||
Token providers require a token audience (resource identifier) and an instance of `adal.OAuthConfig`, which requires a Microsoft Entra endpoint and tenant:
|
||||
|
||||
```go
|
||||
import "github.com/Azure/go-autorest/autorest/adal"
|
||||
|
@ -284,7 +284,7 @@ if err == nil {
|
|||
}
|
||||
```
|
||||
|
||||
Note that `azidentity` credentials use the Azure AD v2.0 endpoint, which requires OAuth 2 scopes instead of the resource identifiers `autorest/adal` expects. For more information, see [Azure AD documentation](https://docs.microsoft.com/azure/active-directory/develop/v2-permissions-and-consent).
|
||||
Note that `azidentity` credentials use the Microsoft Entra endpoint, which requires OAuth 2 scopes instead of the resource identifiers `autorest/adal` expects. For more information, see [Microsoft Entra ID documentation](https://learn.microsoft.com/azure/active-directory/develop/permissions-consent-overview).
|
||||
|
||||
## Use azidentity credentials with older packages
|
||||
|
||||
|
|
40
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/README.md
generated
vendored
40
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/README.md
generated
vendored
|
@ -1,9 +1,9 @@
|
|||
# Azure Identity Client Module for Go
|
||||
|
||||
The Azure Identity module provides Azure Active Directory (Azure AD) token authentication support across the Azure SDK. It includes a set of `TokenCredential` implementations, which can be used with Azure SDK clients supporting token authentication.
|
||||
The Azure Identity module provides Microsoft Entra ID ([formerly Azure Active Directory](https://learn.microsoft.com/azure/active-directory/fundamentals/new-name)) token authentication support across the Azure SDK. It includes a set of `TokenCredential` implementations, which can be used with Azure SDK clients supporting token authentication.
|
||||
|
||||
[![PkgGoDev](https://pkg.go.dev/badge/github.com/Azure/azure-sdk-for-go/sdk/azidentity)](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity)
|
||||
| [Azure Active Directory documentation](https://docs.microsoft.com/azure/active-directory/)
|
||||
| [Microsoft Entra ID documentation](https://learn.microsoft.com/azure/active-directory/)
|
||||
| [Source code](https://github.com/Azure/azure-sdk-for-go/tree/main/sdk/azidentity)
|
||||
|
||||
# Getting started
|
||||
|
@ -35,6 +35,12 @@ signed in to the [Azure CLI](https://docs.microsoft.com/cli/azure). To sign in t
|
|||
When no default browser is available, `az login` will use the device code
|
||||
authentication flow. This can also be selected manually by running `az login --use-device-code`.
|
||||
|
||||
#### Authenticate via the Azure Developer CLI
|
||||
|
||||
Developers coding outside of an IDE can also use the [Azure Developer CLI](https://aka.ms/azure-dev) to authenticate. Applications using the `DefaultAzureCredential` or the `AzureDeveloperCLICredential` can use the account logged in to the Azure Developer CLI to authenticate calls in their application when running locally.
|
||||
|
||||
To authenticate with the Azure Developer CLI, run `azd auth login`. On a system with a default web browser, `azd` will launch the browser to authenticate. On systems without a default web browser, run `azd auth login --use-device-code` to use the device code authentication flow.
|
||||
|
||||
## Key concepts
|
||||
|
||||
### Credentials
|
||||
|
@ -44,9 +50,7 @@ service client to authenticate requests. Service clients across the Azure SDK
|
|||
accept a credential instance when they are constructed, and use that credential
|
||||
to authenticate requests.
|
||||
|
||||
The `azidentity` module focuses on OAuth authentication with Azure Active
|
||||
Directory (AAD). It offers a variety of credential types capable of acquiring
|
||||
an Azure AD access token. See [Credential Types](#credential-types "Credential Types") for a list of this module's credential types.
|
||||
The `azidentity` module focuses on OAuth authentication with Microsoft Entra ID. It offers a variety of credential types capable of acquiring a Microsoft Entra access token. See [Credential Types](#credential-types "Credential Types") for a list of this module's credential types.
|
||||
|
||||
### DefaultAzureCredential
|
||||
|
||||
|
@ -58,6 +62,7 @@ an Azure AD access token. See [Credential Types](#credential-types "Credential T
|
|||
1. **Workload Identity** - If the app is deployed on Kubernetes with environment variables set by the workload identity webhook, `DefaultAzureCredential` will authenticate the configured identity.
|
||||
1. **Managed Identity** - If the app is deployed to an Azure host with managed identity enabled, `DefaultAzureCredential` will authenticate with it.
|
||||
1. **Azure CLI** - If a user or service principal has authenticated via the Azure CLI `az login` command, `DefaultAzureCredential` will authenticate that identity.
|
||||
1. **Azure Developer CLI** - If the developer has authenticated via the Azure Developer CLI `azd auth login` command, the `DefaultAzureCredential` will authenticate with that account.
|
||||
|
||||
> Note: `DefaultAzureCredential` is intended to simplify getting started with the SDK by handling common scenarios with reasonable default behaviors. Developers who want more control or whose scenario isn't served by the default settings should use other credential types.
|
||||
|
||||
|
@ -152,6 +157,7 @@ client := armresources.NewResourceGroupsClient("subscription ID", chain, nil)
|
|||
|Credential|Usage
|
||||
|-|-
|
||||
|[AzureCLICredential](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity#AzureCLICredential)|Authenticate as the user signed in to the Azure CLI
|
||||
|[`AzureDeveloperCLICredential`](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity#AzureDeveloperCLICredential)|Authenticates as the user signed in to the Azure Developer CLI
|
||||
|
||||
## Environment Variables
|
||||
|
||||
|
@ -161,16 +167,16 @@ client := armresources.NewResourceGroupsClient("subscription ID", chain, nil)
|
|||
|
||||
|variable name|value
|
||||
|-|-
|
||||
|`AZURE_CLIENT_ID`|ID of an Azure Active Directory application
|
||||
|`AZURE_TENANT_ID`|ID of the application's Azure Active Directory tenant
|
||||
|`AZURE_CLIENT_ID`|ID of a Microsoft Entra application
|
||||
|`AZURE_TENANT_ID`|ID of the application's Microsoft Entra tenant
|
||||
|`AZURE_CLIENT_SECRET`|one of the application's client secrets
|
||||
|
||||
#### Service principal with certificate
|
||||
|
||||
|variable name|value
|
||||
|-|-
|
||||
|`AZURE_CLIENT_ID`|ID of an Azure Active Directory application
|
||||
|`AZURE_TENANT_ID`|ID of the application's Azure Active Directory tenant
|
||||
|`AZURE_CLIENT_ID`|ID of a Microsoft Entra application
|
||||
|`AZURE_TENANT_ID`|ID of the application's Microsoft Entra tenant
|
||||
|`AZURE_CLIENT_CERTIFICATE_PATH`|path to a certificate file including private key
|
||||
|`AZURE_CLIENT_CERTIFICATE_PASSWORD`|password of the certificate file, if any
|
||||
|
||||
|
@ -178,22 +184,30 @@ client := armresources.NewResourceGroupsClient("subscription ID", chain, nil)
|
|||
|
||||
|variable name|value
|
||||
|-|-
|
||||
|`AZURE_CLIENT_ID`|ID of an Azure Active Directory application
|
||||
|`AZURE_CLIENT_ID`|ID of a Microsoft Entra application
|
||||
|`AZURE_USERNAME`|a username (usually an email address)
|
||||
|`AZURE_PASSWORD`|that user's password
|
||||
|
||||
Configuration is attempted in the above order. For example, if values for a
|
||||
client secret and certificate are both present, the client secret will be used.
|
||||
|
||||
## Token caching
|
||||
|
||||
Token caching is an `azidentity` feature that allows apps to:
|
||||
|
||||
* Cache tokens in memory (default) or on disk (opt-in).
|
||||
* Improve resilience and performance.
|
||||
* Reduce the number of requests made to Microsoft Entra ID to obtain access tokens.
|
||||
|
||||
For more details, see the [token caching documentation](https://aka.ms/azsdk/go/identity/caching).
|
||||
|
||||
## Troubleshooting
|
||||
|
||||
### Error Handling
|
||||
|
||||
Credentials return an `error` when they fail to authenticate or lack data they require to authenticate. For guidance on resolving errors from specific credential types, see the [troubleshooting guide](https://aka.ms/azsdk/go/identity/troubleshoot).
|
||||
|
||||
For more details on handling specific Azure Active Directory errors please refer to the
|
||||
Azure Active Directory
|
||||
[error code documentation](https://docs.microsoft.com/azure/active-directory/develop/reference-aadsts-error-codes).
|
||||
For more details on handling specific Microsoft Entra errors, see the Microsoft Entra [error code documentation](https://learn.microsoft.com/azure/active-directory/develop/reference-error-codes).
|
||||
|
||||
### Logging
|
||||
|
||||
|
|
70
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/TOKEN_CACHING.MD
generated
vendored
Normal file
70
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/TOKEN_CACHING.MD
generated
vendored
Normal file
|
@ -0,0 +1,70 @@
|
|||
## Token caching in the Azure Identity client module
|
||||
|
||||
*Token caching* is a feature provided by the Azure Identity library that allows apps to:
|
||||
|
||||
- Improve their resilience and performance.
|
||||
- Reduce the number of requests made to Microsoft Entra ID to obtain access tokens.
|
||||
- Reduce the number of times the user is prompted to authenticate.
|
||||
|
||||
When an app needs to access a protected Azure resource, it typically needs to obtain an access token from Entra ID. Obtaining that token involves sending a request to Entra ID and may also involve prompting the user. Entra ID then validates the credentials provided in the request and issues an access token.
|
||||
|
||||
Token caching, via the Azure Identity library, allows the app to store this access token [in memory](#in-memory-token-caching), where it's accessible to the current process, or [on disk](#persistent-token-caching) where it can be accessed across application or process invocations. The token can then be retrieved quickly and easily the next time the app needs to access the same resource. The app can avoid making another request to Entra ID, which reduces network traffic and improves resilience. Additionally, in scenarios where the app is authenticating users, token caching also avoids prompting the user each time new tokens are requested.
|
||||
|
||||
### In-memory token caching
|
||||
|
||||
*In-memory token caching* is the default option provided by the Azure Identity library. This caching approach allows apps to store access tokens in memory. With in-memory token caching, the library first determines if a valid access token for the requested resource is already stored in memory. If a valid token is found, it's returned to the app without the need to make another request to Entra ID. If a valid token isn't found, the library will automatically acquire a token by sending a request to Entra ID. The in-memory token cache provided by the Azure Identity library is thread-safe.
|
||||
|
||||
**Note:** When Azure Identity library credentials are used with Azure service libraries (for example, Azure Blob Storage), the in-memory token caching is active in the `Pipeline` layer as well. All `TokenCredential` implementations are supported there, including custom implementations external to the Azure Identity library.
|
||||
|
||||
#### Caching cannot be disabled
|
||||
|
||||
As there are many levels of caching, it's not possible disable in-memory caching. However, the in-memory cache may be cleared by creating a new credential instance.
|
||||
|
||||
### Persistent token caching
|
||||
|
||||
> Only azidentity v1.5.0-beta versions support persistent token caching
|
||||
|
||||
*Persistent disk token caching* is an opt-in feature in the Azure Identity library. The feature allows apps to cache access tokens in an encrypted, persistent storage mechanism. As indicated in the following table, the storage mechanism differs across operating systems.
|
||||
|
||||
| Operating system | Storage mechanism |
|
||||
|------------------|---------------------------------------|
|
||||
| Linux | kernel key retention service (keyctl) |
|
||||
| macOS | Keychain |
|
||||
| Windows | DPAPI |
|
||||
|
||||
By default the token cache will protect any data which is persisted using the user data protection APIs available on the current platform.
|
||||
However, there are cases where no data protection is available, and applications may choose to allow storing the token cache in an unencrypted state by setting `TokenCachePersistenceOptions.AllowUnencryptedStorage` to `true`. This allows a credential to fall back to unencrypted storage if it can't encrypt the cache. However, we do not recommend using this storage method due to its significantly lower security measures. In addition, tokens are not encrypted solely to the current user, which could potentially allow unauthorized access to the cache by individuals with machine access.
|
||||
|
||||
With persistent disk token caching enabled, the library first determines if a valid access token for the requested resource is already stored in the persistent cache. If a valid token is found, it's returned to the app without the need to make another request to Entra ID. Additionally, the tokens are preserved across app runs, which:
|
||||
|
||||
- Makes the app more resilient to failures.
|
||||
- Ensures the app can continue to function during an Entra ID outage or disruption.
|
||||
- Avoids having to prompt users to authenticate each time the process is restarted.
|
||||
|
||||
>IMPORTANT! The token cache contains sensitive data and **MUST** be protected to prevent compromising accounts. All application decisions regarding the persistence of the token cache must consider that a breach of its content will fully compromise all the accounts it contains.
|
||||
|
||||
#### Example code
|
||||
|
||||
See the [package documentation](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.5.0-beta.1#pkg-overview) for code examples demonstrating how to configure persistent caching and access cached data.
|
||||
|
||||
### Credentials supporting token caching
|
||||
|
||||
The following table indicates the state of in-memory and persistent caching in each credential type.
|
||||
|
||||
**Note:** In-memory caching is activated by default. Persistent token caching needs to be enabled as shown in [this example](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.5.0-beta.1#example-package-PersistentCache).
|
||||
|
||||
| Credential | In-memory token caching | Persistent token caching |
|
||||
|--------------------------------|---------------------------------------------------------------------|--------------------------|
|
||||
| `AzureCLICredential` | Not Supported | Not Supported |
|
||||
| `AzureDeveloperCLICredential` | Not Supported | Not Supported |
|
||||
| `ClientAssertionCredential` | Supported | Supported |
|
||||
| `ClientCertificateCredential` | Supported | Supported |
|
||||
| `ClientSecretCredential` | Supported | Supported |
|
||||
| `DefaultAzureCredential` | Supported if the target credential in the default chain supports it | Not Supported |
|
||||
| `DeviceCodeCredential` | Supported | Supported |
|
||||
| `EnvironmentCredential` | Supported | Not Supported |
|
||||
| `InteractiveBrowserCredential` | Supported | Supported |
|
||||
| `ManagedIdentityCredential` | Supported | Not Supported |
|
||||
| `OnBehalfOfCredential` | Supported | Supported |
|
||||
| `UsernamePasswordCredential` | Supported | Supported |
|
||||
| `WorkloadIdentityCredential` | Supported | Supported |
|
46
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/TROUBLESHOOTING.md
generated
vendored
46
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/TROUBLESHOOTING.md
generated
vendored
|
@ -8,7 +8,8 @@ This troubleshooting guide covers failure investigation techniques, common error
|
|||
- [Permission issues](#permission-issues)
|
||||
- [Find relevant information in errors](#find-relevant-information-in-errors)
|
||||
- [Enable and configure logging](#enable-and-configure-logging)
|
||||
- [Troubleshoot AzureCliCredential authentication issues](#troubleshoot-azureclicredential-authentication-issues)
|
||||
- [Troubleshoot AzureCLICredential authentication issues](#troubleshoot-azureclicredential-authentication-issues)
|
||||
- [Troubleshoot AzureDeveloperCLICredential authentication issues](#troubleshoot-azuredeveloperclicredential-authentication-issues)
|
||||
- [Troubleshoot ClientCertificateCredential authentication issues](#troubleshoot-clientcertificatecredential-authentication-issues)
|
||||
- [Troubleshoot ClientSecretCredential authentication issues](#troubleshoot-clientsecretcredential-authentication-issues)
|
||||
- [Troubleshoot DefaultAzureCredential authentication issues](#troubleshoot-defaultazurecredential-authentication-issues)
|
||||
|
@ -23,7 +24,7 @@ This troubleshooting guide covers failure investigation techniques, common error
|
|||
|
||||
## Handle azidentity errors
|
||||
|
||||
Any service client method that makes a request to the service may return an error due to authentication failure. This is because the credential authenticates on the first call to the service and on any subsequent call that needs to refresh an access token. Authentication errors include a description of the failure and possibly an error message from Azure Active Directory (Azure AD). Depending on the application, these errors may or may not be recoverable.
|
||||
Any service client method that makes a request to the service may return an error due to authentication failure. This is because the credential authenticates on the first call to the service and on any subsequent call that needs to refresh an access token. Authentication errors include a description of the failure and possibly an error message from Microsoft Entra ID. Depending on the application, these errors may or may not be recoverable.
|
||||
|
||||
### Permission issues
|
||||
|
||||
|
@ -31,7 +32,7 @@ Service client errors with a status code of 401 or 403 often indicate that authe
|
|||
|
||||
## Find relevant information in errors
|
||||
|
||||
Authentication errors can include responses from Azure AD and often contain information helpful in diagnosis. Consider the following error message:
|
||||
Authentication errors can include responses from Microsoft Entra ID and often contain information helpful in diagnosis. Consider the following error message:
|
||||
|
||||
```
|
||||
ClientSecretCredential authentication failed
|
||||
|
@ -57,9 +58,9 @@ This error contains several pieces of information:
|
|||
|
||||
- __Failing Credential Type__: The type of credential that failed to authenticate. This can be helpful when diagnosing issues with chained credential types such as `DefaultAzureCredential` or `ChainedTokenCredential`.
|
||||
|
||||
- __Azure AD Error Code and Message__: The error code and message returned by Azure AD. This can give insight into the specific reason the request failed. For instance, in this case authentication failed because the provided client secret is incorrect. [Azure AD documentation](https://docs.microsoft.com/azure/active-directory/develop/reference-aadsts-error-codes#aadsts-error-codes) has more information on AADSTS error codes.
|
||||
- __Microsoft Entra ID Error Code and Message__: The error code and message returned by Microsoft Entra ID. This can give insight into the specific reason the request failed. For instance, in this case authentication failed because the provided client secret is incorrect. [Microsoft Entra ID documentation](https://learn.microsoft.com/azure/active-directory/develop/reference-error-codes#aadsts-error-codes) has more information on AADSTS error codes.
|
||||
|
||||
- __Correlation ID and Timestamp__: The correlation ID and timestamp identify the request in server-side logs. This information can be useful to support engineers diagnosing unexpected Azure AD failures.
|
||||
- __Correlation ID and Timestamp__: The correlation ID and timestamp identify the request in server-side logs. This information can be useful to support engineers diagnosing unexpected Microsoft Entra failures.
|
||||
|
||||
### Enable and configure logging
|
||||
|
||||
|
@ -96,17 +97,17 @@ azlog.SetEvents(azidentity.EventAuthentication)
|
|||
|
||||
| Error Code | Issue | Mitigation |
|
||||
|---|---|---|
|
||||
|AADSTS7000215|An invalid client secret was provided.|Ensure the secret provided to the credential constructor is valid. If unsure, create a new client secret using the Azure portal. Details on creating a new client secret are in [Azure AD documentation](https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal#option-2-create-a-new-application-secret).|
|
||||
|AADSTS7000222|An expired client secret was provided.|Create a new client secret using the Azure portal. Details on creating a new client secret are in [Azure AD documentation](https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal#option-2-create-a-new-application-secret).|
|
||||
|AADSTS700016|The specified application wasn't found in the specified tenant.|Ensure the client and tenant IDs provided to the credential constructor are correct for your application registration. For multi-tenant apps, ensure the application has been added to the desired tenant by a tenant admin. To add a new application in the desired tenant, follow the [Azure AD instructions](https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal).|
|
||||
|AADSTS7000215|An invalid client secret was provided.|Ensure the secret provided to the credential constructor is valid. If unsure, create a new client secret using the Azure portal. Details on creating a new client secret are in [Microsoft Entra ID documentation](https://learn.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal#option-2-create-a-new-application-secret).|
|
||||
|AADSTS7000222|An expired client secret was provided.|Create a new client secret using the Azure portal. Details on creating a new client secret are in [Microsoft Entra ID documentation](https://learn.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal#option-2-create-a-new-application-secret).|
|
||||
|AADSTS700016|The specified application wasn't found in the specified tenant.|Ensure the client and tenant IDs provided to the credential constructor are correct for your application registration. For multi-tenant apps, ensure the application has been added to the desired tenant by a tenant admin. To add a new application in the desired tenant, follow the [Microsoft Entra ID instructions](https://learn.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal).|
|
||||
|
||||
<a id="client-cert"></a>
|
||||
## Troubleshoot ClientCertificateCredential authentication issues
|
||||
|
||||
| Error Code | Description | Mitigation |
|
||||
|---|---|---|
|
||||
|AADSTS700027|Client assertion contains an invalid signature.|Ensure the specified certificate has been uploaded to the application registration as described in [Azure AD documentation](https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal#option-1-upload-a-certificate).|
|
||||
|AADSTS700016|The specified application wasn't found in the specified tenant.|Ensure the client and tenant IDs provided to the credential constructor are correct for your application registration. For multi-tenant apps, ensure the application has been added to the desired tenant by a tenant admin. To add a new application in the desired tenant, follow the [Azure AD instructions](https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal).|
|
||||
|AADSTS700027|Client assertion contains an invalid signature.|Ensure the specified certificate has been uploaded to the application registration as described in [Microsoft Entra ID documentation](https://learn.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal#option-1-upload-a-certificate).|
|
||||
|AADSTS700016|The specified application wasn't found in the specified tenant.|Ensure the client and tenant IDs provided to the credential constructor are correct for your application registration. For multi-tenant apps, ensure the application has been added to the desired tenant by a tenant admin. To add a new application in the desired tenant, follow the [Microsoft Entra ID instructions](https://learn.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal).|
|
||||
|
||||
<a id="username-password"></a>
|
||||
## Troubleshoot UsernamePasswordCredential authentication issues
|
||||
|
@ -172,7 +173,7 @@ curl "$IDENTITY_ENDPOINT?resource=https://management.core.windows.net&api-versio
|
|||
|"no azure identity found for request clientID"|The application attempted to authenticate before an identity was assigned to its pod|Verify the pod is labeled correctly. This also occurs when a correctly labeled pod authenticates before the identity is ready. To prevent initialization races, configure NMI to set the Retry-After header in its responses as described in [Pod Identity documentation](https://azure.github.io/aad-pod-identity/docs/configure/feature_flags/#set-retry-after-header-in-nmi-response).
|
||||
|
||||
<a id="azure-cli"></a>
|
||||
## Troubleshoot AzureCliCredential authentication issues
|
||||
## Troubleshoot AzureCLICredential authentication issues
|
||||
|
||||
| Error Message |Description| Mitigation |
|
||||
|---|---|---|
|
||||
|
@ -195,6 +196,29 @@ az account get-access-token --output json --resource https://management.core.win
|
|||
|
||||
> This command's output will contain an access token and SHOULD NOT BE SHARED, to avoid compromising account security.
|
||||
|
||||
<a id="azd"></a>
|
||||
## Troubleshoot AzureDeveloperCLICredential authentication issues
|
||||
|
||||
| Error Message |Description| Mitigation |
|
||||
|---|---|---|
|
||||
|Azure Developer CLI not found on path|The Azure Developer CLI isn't installed or couldn't be found.|<ul><li>Ensure the Azure Developer CLI is properly installed. See the installation instructions at [Install or update the Azure Developer CLI](https://learn.microsoft.com/azure/developer/azure-developer-cli/install-azd).</li><li>Validate the installation location has been added to the `PATH` environment variable.</li></ul>|
|
||||
|Please run "azd auth login"|No account is logged into the Azure Developer CLI, or the login has expired.|<ul><li>Log in to the Azure Developer CLI using the `azd login` command.</li><li>Validate that the Azure Developer CLI can obtain tokens. For instructions, see [Verify the Azure Developer CLI can obtain tokens](#verify-the-azure-developer-cli-can-obtain-tokens).</li></ul>|
|
||||
|
||||
#### Verify the Azure Developer CLI can obtain tokens
|
||||
|
||||
You can manually verify that the Azure Developer CLI is properly authenticated and can obtain tokens. First, use the `config` command to verify the account that is currently logged in to the Azure Developer CLI.
|
||||
|
||||
```sh
|
||||
azd config list
|
||||
```
|
||||
|
||||
Once you've verified the Azure Developer CLI is using correct account, you can validate that it's able to obtain tokens for this account.
|
||||
|
||||
```sh
|
||||
azd auth token --output json --scope https://management.core.windows.net/.default
|
||||
```
|
||||
>Note that output of this command will contain a valid access token, and SHOULD NOT BE SHARED to avoid compromising account security.
|
||||
|
||||
<a id="workload"></a>
|
||||
## Troubleshoot `WorkloadIdentityCredential` authentication issues
|
||||
|
||||
|
|
2
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/assets.json
generated
vendored
2
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/assets.json
generated
vendored
|
@ -2,5 +2,5 @@
|
|||
"AssetsRepo": "Azure/azure-sdk-assets",
|
||||
"AssetsRepoPrefixPath": "go",
|
||||
"TagPrefix": "go/azidentity",
|
||||
"Tag": "go/azidentity_6225ab0470"
|
||||
"Tag": "go/azidentity_db4a26f583"
|
||||
}
|
||||
|
|
95
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/authentication_record.go
generated
vendored
Normal file
95
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/authentication_record.go
generated
vendored
Normal file
|
@ -0,0 +1,95 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package azidentity
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net/url"
|
||||
"strings"
|
||||
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/public"
|
||||
)
|
||||
|
||||
var supportedAuthRecordVersions = []string{"1.0"}
|
||||
|
||||
// authenticationRecord is non-secret account information about an authenticated user that user credentials such as
|
||||
// [DeviceCodeCredential] and [InteractiveBrowserCredential] can use to access previously cached authentication
|
||||
// data. Call these credentials' Authenticate method to get an authenticationRecord for a user.
|
||||
type authenticationRecord struct {
|
||||
// Authority is the URL of the authority that issued the token.
|
||||
Authority string `json:"authority"`
|
||||
|
||||
// ClientID is the ID of the application that authenticated the user.
|
||||
ClientID string `json:"clientId"`
|
||||
|
||||
// HomeAccountID uniquely identifies the account.
|
||||
HomeAccountID string `json:"homeAccountId"`
|
||||
|
||||
// TenantID identifies the tenant in which the user authenticated.
|
||||
TenantID string `json:"tenantId"`
|
||||
|
||||
// Username is the user's preferred username.
|
||||
Username string `json:"username"`
|
||||
|
||||
// Version of the AuthenticationRecord.
|
||||
Version string `json:"version"`
|
||||
}
|
||||
|
||||
// UnmarshalJSON implements json.Unmarshaler for AuthenticationRecord
|
||||
func (a *authenticationRecord) UnmarshalJSON(b []byte) error {
|
||||
// Default unmarshaling is fine but we want to return an error if the record's version isn't supported i.e., we
|
||||
// want to inspect the unmarshalled values before deciding whether to return an error. Unmarshaling a formally
|
||||
// different type enables this by assigning all the fields without recursing into this method.
|
||||
type r authenticationRecord
|
||||
err := json.Unmarshal(b, (*r)(a))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if a.Version == "" {
|
||||
return errors.New("AuthenticationRecord must have a version")
|
||||
}
|
||||
for _, v := range supportedAuthRecordVersions {
|
||||
if a.Version == v {
|
||||
return nil
|
||||
}
|
||||
}
|
||||
return fmt.Errorf("unsupported AuthenticationRecord version %q. This module supports %v", a.Version, supportedAuthRecordVersions)
|
||||
}
|
||||
|
||||
// account returns the AuthenticationRecord as an MSAL Account. The account is zero-valued when the AuthenticationRecord is zero-valued.
|
||||
func (a *authenticationRecord) account() public.Account {
|
||||
return public.Account{
|
||||
Environment: a.Authority,
|
||||
HomeAccountID: a.HomeAccountID,
|
||||
PreferredUsername: a.Username,
|
||||
}
|
||||
}
|
||||
|
||||
func newAuthenticationRecord(ar public.AuthResult) (authenticationRecord, error) {
|
||||
u, err := url.Parse(ar.IDToken.Issuer)
|
||||
if err != nil {
|
||||
return authenticationRecord{}, fmt.Errorf("Authenticate expected a URL issuer but got %q", ar.IDToken.Issuer)
|
||||
}
|
||||
tenant := ar.IDToken.TenantID
|
||||
if tenant == "" {
|
||||
tenant = strings.Trim(u.Path, "/")
|
||||
}
|
||||
username := ar.IDToken.PreferredUsername
|
||||
if username == "" {
|
||||
username = ar.IDToken.UPN
|
||||
}
|
||||
return authenticationRecord{
|
||||
Authority: fmt.Sprintf("%s://%s", u.Scheme, u.Host),
|
||||
ClientID: ar.IDToken.Audience,
|
||||
HomeAccountID: ar.Account.HomeAccountID,
|
||||
TenantID: tenant,
|
||||
Username: username,
|
||||
Version: "1.0",
|
||||
}, nil
|
||||
}
|
51
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azidentity.go
generated
vendored
51
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azidentity.go
generated
vendored
|
@ -15,12 +15,12 @@ import (
|
|||
"net/http"
|
||||
"net/url"
|
||||
"os"
|
||||
"regexp"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/cloud"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/streaming"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azidentity/internal"
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/public"
|
||||
)
|
||||
|
@ -41,6 +41,10 @@ const (
|
|||
organizationsTenantID = "organizations"
|
||||
developerSignOnClientID = "04b07795-8ddb-461a-bbee-02f9e1bf7b46"
|
||||
defaultSuffix = "/.default"
|
||||
|
||||
traceNamespace = "Microsoft.Entra"
|
||||
traceOpGetToken = "GetToken"
|
||||
traceOpAuthenticate = "Authenticate"
|
||||
)
|
||||
|
||||
var (
|
||||
|
@ -49,6 +53,9 @@ var (
|
|||
errInvalidTenantID = errors.New("invalid tenantID. You can locate your tenantID by following the instructions listed here: https://learn.microsoft.com/partner-center/find-ids-and-domain-names")
|
||||
)
|
||||
|
||||
// tokenCachePersistenceOptions contains options for persistent token caching
|
||||
type tokenCachePersistenceOptions = internal.TokenCachePersistenceOptions
|
||||
|
||||
// setAuthorityHost initializes the authority host for credentials. Precedence is:
|
||||
// 1. cloud.Configuration.ActiveDirectoryAuthorityHost value set by user
|
||||
// 2. value of AZURE_AUTHORITY_HOST
|
||||
|
@ -109,29 +116,20 @@ func resolveTenant(defaultTenant, specified, credName string, additionalTenants
|
|||
return "", fmt.Errorf(`%s isn't configured to acquire tokens for tenant %q. To enable acquiring tokens for this tenant add it to the AdditionallyAllowedTenants on the credential options, or add "*" to allow acquiring tokens for any tenant`, credName, specified)
|
||||
}
|
||||
|
||||
// validTenantID return true is it receives a valid tenantID, returns false otherwise
|
||||
func alphanumeric(r rune) bool {
|
||||
return ('0' <= r && r <= '9') || ('a' <= r && r <= 'z') || ('A' <= r && r <= 'Z')
|
||||
}
|
||||
|
||||
func validTenantID(tenantID string) bool {
|
||||
match, err := regexp.MatchString("^[0-9a-zA-Z-.]+$", tenantID)
|
||||
if err != nil {
|
||||
return false
|
||||
for _, r := range tenantID {
|
||||
if !(alphanumeric(r) || r == '.' || r == '-') {
|
||||
return false
|
||||
}
|
||||
}
|
||||
return match
|
||||
return true
|
||||
}
|
||||
|
||||
func newPipelineAdapter(opts *azcore.ClientOptions) pipelineAdapter {
|
||||
pl := runtime.NewPipeline(component, version, runtime.PipelineOptions{}, opts)
|
||||
return pipelineAdapter{pl: pl}
|
||||
}
|
||||
|
||||
type pipelineAdapter struct {
|
||||
pl runtime.Pipeline
|
||||
}
|
||||
|
||||
func (p pipelineAdapter) CloseIdleConnections() {
|
||||
// do nothing
|
||||
}
|
||||
|
||||
func (p pipelineAdapter) Do(r *http.Request) (*http.Response, error) {
|
||||
func doForClient(client *azcore.Client, r *http.Request) (*http.Response, error) {
|
||||
req, err := runtime.NewRequest(r.Context(), r.Method, r.URL.String())
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
@ -153,7 +151,18 @@ func (p pipelineAdapter) Do(r *http.Request) (*http.Response, error) {
|
|||
return nil, err
|
||||
}
|
||||
}
|
||||
resp, err := p.pl.Do(req)
|
||||
|
||||
// copy headers to the new request, ignoring any for which the new request has a value
|
||||
h := req.Raw().Header
|
||||
for key, vals := range r.Header {
|
||||
if _, has := h[key]; !has {
|
||||
for _, val := range vals {
|
||||
h.Add(key, val)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
resp, err := client.Pipeline().Do(req)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
70
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azure_cli_credential.go
generated
vendored
70
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azure_cli_credential.go
generated
vendored
|
@ -14,7 +14,6 @@ import (
|
|||
"fmt"
|
||||
"os"
|
||||
"os/exec"
|
||||
"regexp"
|
||||
"runtime"
|
||||
"strings"
|
||||
"sync"
|
||||
|
@ -25,13 +24,9 @@ import (
|
|||
"github.com/Azure/azure-sdk-for-go/sdk/internal/log"
|
||||
)
|
||||
|
||||
const (
|
||||
credNameAzureCLI = "AzureCLICredential"
|
||||
timeoutCLIRequest = 10 * time.Second
|
||||
)
|
||||
const credNameAzureCLI = "AzureCLICredential"
|
||||
|
||||
// used by tests to fake invoking the CLI
|
||||
type azureCLITokenProvider func(ctx context.Context, resource string, tenantID string) ([]byte, error)
|
||||
type azTokenProvider func(ctx context.Context, scopes []string, tenant, subscription string) ([]byte, error)
|
||||
|
||||
// AzureCLICredentialOptions contains optional parameters for AzureCLICredential.
|
||||
type AzureCLICredentialOptions struct {
|
||||
|
@ -39,17 +34,25 @@ type AzureCLICredentialOptions struct {
|
|||
// to TenantID. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant the
|
||||
// logged in account can access.
|
||||
AdditionallyAllowedTenants []string
|
||||
|
||||
// subscription is the name or ID of a subscription. Set this to acquire tokens for an account other
|
||||
// than the Azure CLI's current account.
|
||||
subscription string
|
||||
|
||||
// TenantID identifies the tenant the credential should authenticate in.
|
||||
// Defaults to the CLI's default tenant, which is typically the home tenant of the logged in user.
|
||||
TenantID string
|
||||
|
||||
tokenProvider azureCLITokenProvider
|
||||
// inDefaultChain is true when the credential is part of DefaultAzureCredential
|
||||
inDefaultChain bool
|
||||
// tokenProvider is used by tests to fake invoking az
|
||||
tokenProvider azTokenProvider
|
||||
}
|
||||
|
||||
// init returns an instance of AzureCLICredentialOptions initialized with default values.
|
||||
func (o *AzureCLICredentialOptions) init() {
|
||||
if o.tokenProvider == nil {
|
||||
o.tokenProvider = defaultTokenProvider
|
||||
o.tokenProvider = defaultAzTokenProvider
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -65,6 +68,14 @@ func NewAzureCLICredential(options *AzureCLICredentialOptions) (*AzureCLICredent
|
|||
if options != nil {
|
||||
cp = *options
|
||||
}
|
||||
for _, r := range cp.subscription {
|
||||
if !(alphanumeric(r) || r == '-' || r == '_' || r == ' ' || r == '.') {
|
||||
return nil, fmt.Errorf("%s: invalid Subscription %q", credNameAzureCLI, cp.subscription)
|
||||
}
|
||||
}
|
||||
if cp.TenantID != "" && !validTenantID(cp.TenantID) {
|
||||
return nil, errInvalidTenantID
|
||||
}
|
||||
cp.init()
|
||||
cp.AdditionallyAllowedTenants = resolveAdditionalTenants(cp.AdditionallyAllowedTenants)
|
||||
return &AzureCLICredential{mu: &sync.Mutex{}, opts: cp}, nil
|
||||
|
@ -73,50 +84,51 @@ func NewAzureCLICredential(options *AzureCLICredentialOptions) (*AzureCLICredent
|
|||
// GetToken requests a token from the Azure CLI. This credential doesn't cache tokens, so every call invokes the CLI.
|
||||
// This method is called automatically by Azure SDK clients.
|
||||
func (c *AzureCLICredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
at := azcore.AccessToken{}
|
||||
if len(opts.Scopes) != 1 {
|
||||
return azcore.AccessToken{}, errors.New(credNameAzureCLI + ": GetToken() requires exactly one scope")
|
||||
return at, errors.New(credNameAzureCLI + ": GetToken() requires exactly one scope")
|
||||
}
|
||||
if !validScope(opts.Scopes[0]) {
|
||||
return at, fmt.Errorf("%s.GetToken(): invalid scope %q", credNameAzureCLI, opts.Scopes[0])
|
||||
}
|
||||
tenant, err := resolveTenant(c.opts.TenantID, opts.TenantID, credNameAzureCLI, c.opts.AdditionallyAllowedTenants)
|
||||
if err != nil {
|
||||
return azcore.AccessToken{}, err
|
||||
return at, err
|
||||
}
|
||||
// pass the CLI an AAD v1 resource because we don't know which CLI version is installed and older ones don't support v2 scopes
|
||||
opts.Scopes = []string{strings.TrimSuffix(opts.Scopes[0], defaultSuffix)}
|
||||
c.mu.Lock()
|
||||
defer c.mu.Unlock()
|
||||
b, err := c.opts.tokenProvider(ctx, opts.Scopes[0], tenant)
|
||||
if err != nil {
|
||||
return azcore.AccessToken{}, err
|
||||
b, err := c.opts.tokenProvider(ctx, opts.Scopes, tenant, c.opts.subscription)
|
||||
if err == nil {
|
||||
at, err = c.createAccessToken(b)
|
||||
}
|
||||
at, err := c.createAccessToken(b)
|
||||
if err != nil {
|
||||
return azcore.AccessToken{}, err
|
||||
err = unavailableIfInChain(err, c.opts.inDefaultChain)
|
||||
return at, err
|
||||
}
|
||||
msg := fmt.Sprintf("%s.GetToken() acquired a token for scope %q", credNameAzureCLI, strings.Join(opts.Scopes, ", "))
|
||||
log.Write(EventAuthentication, msg)
|
||||
return at, nil
|
||||
}
|
||||
|
||||
var defaultTokenProvider azureCLITokenProvider = func(ctx context.Context, resource string, tenantID string) ([]byte, error) {
|
||||
match, err := regexp.MatchString("^[0-9a-zA-Z-.:/]+$", resource)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if !match {
|
||||
return nil, fmt.Errorf(`%s: unexpected scope "%s". Only alphanumeric characters and ".", ";", "-", and "/" are allowed`, credNameAzureCLI, resource)
|
||||
}
|
||||
|
||||
// defaultAzTokenProvider invokes the Azure CLI to acquire a token. It assumes
|
||||
// callers have verified that all string arguments are safe to pass to the CLI.
|
||||
var defaultAzTokenProvider azTokenProvider = func(ctx context.Context, scopes []string, tenantID, subscription string) ([]byte, error) {
|
||||
// pass the CLI a Microsoft Entra ID v1 resource because we don't know which CLI version is installed and older ones don't support v2 scopes
|
||||
resource := strings.TrimSuffix(scopes[0], defaultSuffix)
|
||||
// set a default timeout for this authentication iff the application hasn't done so already
|
||||
var cancel context.CancelFunc
|
||||
if _, hasDeadline := ctx.Deadline(); !hasDeadline {
|
||||
ctx, cancel = context.WithTimeout(ctx, timeoutCLIRequest)
|
||||
ctx, cancel = context.WithTimeout(ctx, cliTimeout)
|
||||
defer cancel()
|
||||
}
|
||||
|
||||
commandLine := "az account get-access-token -o json --resource " + resource
|
||||
if tenantID != "" {
|
||||
commandLine += " --tenant " + tenantID
|
||||
}
|
||||
if subscription != "" {
|
||||
// subscription needs quotes because it may contain spaces
|
||||
commandLine += ` --subscription "` + subscription + `"`
|
||||
}
|
||||
var cliCmd *exec.Cmd
|
||||
if runtime.GOOS == "windows" {
|
||||
dir := os.Getenv("SYSTEMROOT")
|
||||
|
|
169
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azure_developer_cli_credential.go
generated
vendored
Normal file
169
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azure_developer_cli_credential.go
generated
vendored
Normal file
|
@ -0,0 +1,169 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package azidentity
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"os"
|
||||
"os/exec"
|
||||
"runtime"
|
||||
"strings"
|
||||
"sync"
|
||||
"time"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/internal/log"
|
||||
)
|
||||
|
||||
const credNameAzureDeveloperCLI = "AzureDeveloperCLICredential"
|
||||
|
||||
type azdTokenProvider func(ctx context.Context, scopes []string, tenant string) ([]byte, error)
|
||||
|
||||
// AzureDeveloperCLICredentialOptions contains optional parameters for AzureDeveloperCLICredential.
|
||||
type AzureDeveloperCLICredentialOptions struct {
|
||||
// AdditionallyAllowedTenants specifies tenants for which the credential may acquire tokens, in addition
|
||||
// to TenantID. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant the
|
||||
// logged in account can access.
|
||||
AdditionallyAllowedTenants []string
|
||||
|
||||
// TenantID identifies the tenant the credential should authenticate in. Defaults to the azd environment,
|
||||
// which is the tenant of the selected Azure subscription.
|
||||
TenantID string
|
||||
|
||||
// inDefaultChain is true when the credential is part of DefaultAzureCredential
|
||||
inDefaultChain bool
|
||||
// tokenProvider is used by tests to fake invoking azd
|
||||
tokenProvider azdTokenProvider
|
||||
}
|
||||
|
||||
// AzureDeveloperCLICredential authenticates as the identity logged in to the [Azure Developer CLI].
|
||||
//
|
||||
// [Azure Developer CLI]: https://learn.microsoft.com/azure/developer/azure-developer-cli/overview
|
||||
type AzureDeveloperCLICredential struct {
|
||||
mu *sync.Mutex
|
||||
opts AzureDeveloperCLICredentialOptions
|
||||
}
|
||||
|
||||
// NewAzureDeveloperCLICredential constructs an AzureDeveloperCLICredential. Pass nil to accept default options.
|
||||
func NewAzureDeveloperCLICredential(options *AzureDeveloperCLICredentialOptions) (*AzureDeveloperCLICredential, error) {
|
||||
cp := AzureDeveloperCLICredentialOptions{}
|
||||
if options != nil {
|
||||
cp = *options
|
||||
}
|
||||
if cp.TenantID != "" && !validTenantID(cp.TenantID) {
|
||||
return nil, errInvalidTenantID
|
||||
}
|
||||
if cp.tokenProvider == nil {
|
||||
cp.tokenProvider = defaultAzdTokenProvider
|
||||
}
|
||||
return &AzureDeveloperCLICredential{mu: &sync.Mutex{}, opts: cp}, nil
|
||||
}
|
||||
|
||||
// GetToken requests a token from the Azure Developer CLI. This credential doesn't cache tokens, so every call invokes azd.
|
||||
// This method is called automatically by Azure SDK clients.
|
||||
func (c *AzureDeveloperCLICredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
at := azcore.AccessToken{}
|
||||
if len(opts.Scopes) == 0 {
|
||||
return at, errors.New(credNameAzureDeveloperCLI + ": GetToken() requires at least one scope")
|
||||
}
|
||||
for _, scope := range opts.Scopes {
|
||||
if !validScope(scope) {
|
||||
return at, fmt.Errorf("%s.GetToken(): invalid scope %q", credNameAzureDeveloperCLI, scope)
|
||||
}
|
||||
}
|
||||
tenant, err := resolveTenant(c.opts.TenantID, opts.TenantID, credNameAzureDeveloperCLI, c.opts.AdditionallyAllowedTenants)
|
||||
if err != nil {
|
||||
return at, err
|
||||
}
|
||||
c.mu.Lock()
|
||||
defer c.mu.Unlock()
|
||||
b, err := c.opts.tokenProvider(ctx, opts.Scopes, tenant)
|
||||
if err == nil {
|
||||
at, err = c.createAccessToken(b)
|
||||
}
|
||||
if err != nil {
|
||||
err = unavailableIfInChain(err, c.opts.inDefaultChain)
|
||||
return at, err
|
||||
}
|
||||
msg := fmt.Sprintf("%s.GetToken() acquired a token for scope %q", credNameAzureDeveloperCLI, strings.Join(opts.Scopes, ", "))
|
||||
log.Write(EventAuthentication, msg)
|
||||
return at, nil
|
||||
}
|
||||
|
||||
// defaultAzTokenProvider invokes the Azure Developer CLI to acquire a token. It assumes
|
||||
// callers have verified that all string arguments are safe to pass to the CLI.
|
||||
var defaultAzdTokenProvider azdTokenProvider = func(ctx context.Context, scopes []string, tenant string) ([]byte, error) {
|
||||
// set a default timeout for this authentication iff the application hasn't done so already
|
||||
var cancel context.CancelFunc
|
||||
if _, hasDeadline := ctx.Deadline(); !hasDeadline {
|
||||
ctx, cancel = context.WithTimeout(ctx, cliTimeout)
|
||||
defer cancel()
|
||||
}
|
||||
commandLine := "azd auth token -o json"
|
||||
if tenant != "" {
|
||||
commandLine += " --tenant-id " + tenant
|
||||
}
|
||||
for _, scope := range scopes {
|
||||
commandLine += " --scope " + scope
|
||||
}
|
||||
var cliCmd *exec.Cmd
|
||||
if runtime.GOOS == "windows" {
|
||||
dir := os.Getenv("SYSTEMROOT")
|
||||
if dir == "" {
|
||||
return nil, newCredentialUnavailableError(credNameAzureDeveloperCLI, "environment variable 'SYSTEMROOT' has no value")
|
||||
}
|
||||
cliCmd = exec.CommandContext(ctx, "cmd.exe", "/c", commandLine)
|
||||
cliCmd.Dir = dir
|
||||
} else {
|
||||
cliCmd = exec.CommandContext(ctx, "/bin/sh", "-c", commandLine)
|
||||
cliCmd.Dir = "/bin"
|
||||
}
|
||||
cliCmd.Env = os.Environ()
|
||||
var stderr bytes.Buffer
|
||||
cliCmd.Stderr = &stderr
|
||||
output, err := cliCmd.Output()
|
||||
if err != nil {
|
||||
msg := stderr.String()
|
||||
var exErr *exec.ExitError
|
||||
if errors.As(err, &exErr) && exErr.ExitCode() == 127 || strings.HasPrefix(msg, "'azd' is not recognized") {
|
||||
msg = "Azure Developer CLI not found on path"
|
||||
} else if strings.Contains(msg, "azd auth login") {
|
||||
msg = `please run "azd auth login" from a command prompt to authenticate before using this credential`
|
||||
}
|
||||
if msg == "" {
|
||||
msg = err.Error()
|
||||
}
|
||||
return nil, newCredentialUnavailableError(credNameAzureDeveloperCLI, msg)
|
||||
}
|
||||
return output, nil
|
||||
}
|
||||
|
||||
func (c *AzureDeveloperCLICredential) createAccessToken(tk []byte) (azcore.AccessToken, error) {
|
||||
t := struct {
|
||||
AccessToken string `json:"token"`
|
||||
ExpiresOn string `json:"expiresOn"`
|
||||
}{}
|
||||
err := json.Unmarshal(tk, &t)
|
||||
if err != nil {
|
||||
return azcore.AccessToken{}, err
|
||||
}
|
||||
exp, err := time.Parse("2006-01-02T15:04:05Z", t.ExpiresOn)
|
||||
if err != nil {
|
||||
return azcore.AccessToken{}, fmt.Errorf("error parsing token expiration time %q: %v", t.ExpiresOn, err)
|
||||
}
|
||||
return azcore.AccessToken{
|
||||
ExpiresOn: exp.UTC(),
|
||||
Token: t.AccessToken,
|
||||
}, nil
|
||||
}
|
||||
|
||||
var _ azcore.TokenCredential = (*AzureDeveloperCLICredential)(nil)
|
1
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/ci.yml
generated
vendored
1
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/ci.yml
generated
vendored
|
@ -25,6 +25,7 @@ stages:
|
|||
- template: /eng/pipelines/templates/jobs/archetype-sdk-client.yml
|
||||
parameters:
|
||||
RunLiveTests: true
|
||||
UsePipelineProxy: false
|
||||
ServiceDirectory: 'azidentity'
|
||||
CloudConfig:
|
||||
Public:
|
||||
|
|
26
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/client_assertion_credential.go
generated
vendored
26
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/client_assertion_credential.go
generated
vendored
|
@ -12,6 +12,7 @@ import (
|
|||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
|
||||
)
|
||||
|
||||
|
@ -20,9 +21,9 @@ const credNameAssertion = "ClientAssertionCredential"
|
|||
// ClientAssertionCredential authenticates an application with assertions provided by a callback function.
|
||||
// This credential is for advanced scenarios. [ClientCertificateCredential] has a more convenient API for
|
||||
// the most common assertion scenario, authenticating a service principal with a certificate. See
|
||||
// [Azure AD documentation] for details of the assertion format.
|
||||
// [Microsoft Entra ID documentation] for details of the assertion format.
|
||||
//
|
||||
// [Azure AD documentation]: https://docs.microsoft.com/azure/active-directory/develop/active-directory-certificate-credentials#assertion-format
|
||||
// [Microsoft Entra ID documentation]: https://learn.microsoft.com/azure/active-directory/develop/active-directory-certificate-credentials#assertion-format
|
||||
type ClientAssertionCredential struct {
|
||||
client *confidentialClient
|
||||
}
|
||||
|
@ -35,11 +36,15 @@ type ClientAssertionCredentialOptions struct {
|
|||
// Add the wildcard value "*" to allow the credential to acquire tokens for any tenant in which the
|
||||
// application is registered.
|
||||
AdditionallyAllowedTenants []string
|
||||
|
||||
// DisableInstanceDiscovery should be set true only by applications authenticating in disconnected clouds, or
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Azure AD instance metadata
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Microsoft Entra instance metadata
|
||||
// from https://login.microsoft.com before authenticating. Setting this to true will skip this request, making
|
||||
// the application responsible for ensuring the configured authority is valid and trustworthy.
|
||||
DisableInstanceDiscovery bool
|
||||
|
||||
// tokenCachePersistenceOptions enables persistent token caching when not nil.
|
||||
tokenCachePersistenceOptions *tokenCachePersistenceOptions
|
||||
}
|
||||
|
||||
// NewClientAssertionCredential constructs a ClientAssertionCredential. The getAssertion function must be thread safe. Pass nil for options to accept defaults.
|
||||
|
@ -56,9 +61,10 @@ func NewClientAssertionCredential(tenantID, clientID string, getAssertion func(c
|
|||
},
|
||||
)
|
||||
msalOpts := confidentialClientOptions{
|
||||
AdditionallyAllowedTenants: options.AdditionallyAllowedTenants,
|
||||
ClientOptions: options.ClientOptions,
|
||||
DisableInstanceDiscovery: options.DisableInstanceDiscovery,
|
||||
AdditionallyAllowedTenants: options.AdditionallyAllowedTenants,
|
||||
ClientOptions: options.ClientOptions,
|
||||
DisableInstanceDiscovery: options.DisableInstanceDiscovery,
|
||||
tokenCachePersistenceOptions: options.tokenCachePersistenceOptions,
|
||||
}
|
||||
c, err := newConfidentialClient(tenantID, clientID, credNameAssertion, cred, msalOpts)
|
||||
if err != nil {
|
||||
|
@ -67,9 +73,13 @@ func NewClientAssertionCredential(tenantID, clientID string, getAssertion func(c
|
|||
return &ClientAssertionCredential{client: c}, nil
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Azure Active Directory. This method is called automatically by Azure SDK clients.
|
||||
// GetToken requests an access token from Microsoft Entra ID. This method is called automatically by Azure SDK clients.
|
||||
func (c *ClientAssertionCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
return c.client.GetToken(ctx, opts)
|
||||
var err error
|
||||
ctx, endSpan := runtime.StartSpan(ctx, credNameAssertion+"."+traceOpGetToken, c.client.azClient.Tracer(), nil)
|
||||
defer func() { endSpan(err) }()
|
||||
tk, err := c.client.GetToken(ctx, opts)
|
||||
return tk, err
|
||||
}
|
||||
|
||||
var _ azcore.TokenCredential = (*ClientAssertionCredential)(nil)
|
||||
|
|
25
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/client_certificate_credential.go
generated
vendored
25
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/client_certificate_credential.go
generated
vendored
|
@ -15,6 +15,7 @@ import (
|
|||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
|
||||
"golang.org/x/crypto/pkcs12"
|
||||
)
|
||||
|
@ -29,15 +30,20 @@ type ClientCertificateCredentialOptions struct {
|
|||
// Add the wildcard value "*" to allow the credential to acquire tokens for any tenant in which the
|
||||
// application is registered.
|
||||
AdditionallyAllowedTenants []string
|
||||
|
||||
// DisableInstanceDiscovery should be set true only by applications authenticating in disconnected clouds, or
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Azure AD instance metadata
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Microsoft Entra instance metadata
|
||||
// from https://login.microsoft.com before authenticating. Setting this to true will skip this request, making
|
||||
// the application responsible for ensuring the configured authority is valid and trustworthy.
|
||||
DisableInstanceDiscovery bool
|
||||
|
||||
// SendCertificateChain controls whether the credential sends the public certificate chain in the x5c
|
||||
// header of each token request's JWT. This is required for Subject Name/Issuer (SNI) authentication.
|
||||
// Defaults to False.
|
||||
SendCertificateChain bool
|
||||
|
||||
// tokenCachePersistenceOptions enables persistent token caching when not nil.
|
||||
tokenCachePersistenceOptions *tokenCachePersistenceOptions
|
||||
}
|
||||
|
||||
// ClientCertificateCredential authenticates a service principal with a certificate.
|
||||
|
@ -58,10 +64,11 @@ func NewClientCertificateCredential(tenantID string, clientID string, certs []*x
|
|||
return nil, err
|
||||
}
|
||||
msalOpts := confidentialClientOptions{
|
||||
AdditionallyAllowedTenants: options.AdditionallyAllowedTenants,
|
||||
ClientOptions: options.ClientOptions,
|
||||
DisableInstanceDiscovery: options.DisableInstanceDiscovery,
|
||||
SendX5C: options.SendCertificateChain,
|
||||
AdditionallyAllowedTenants: options.AdditionallyAllowedTenants,
|
||||
ClientOptions: options.ClientOptions,
|
||||
DisableInstanceDiscovery: options.DisableInstanceDiscovery,
|
||||
SendX5C: options.SendCertificateChain,
|
||||
tokenCachePersistenceOptions: options.tokenCachePersistenceOptions,
|
||||
}
|
||||
c, err := newConfidentialClient(tenantID, clientID, credNameCert, cred, msalOpts)
|
||||
if err != nil {
|
||||
|
@ -70,9 +77,13 @@ func NewClientCertificateCredential(tenantID string, clientID string, certs []*x
|
|||
return &ClientCertificateCredential{client: c}, nil
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Azure Active Directory. This method is called automatically by Azure SDK clients.
|
||||
// GetToken requests an access token from Microsoft Entra ID. This method is called automatically by Azure SDK clients.
|
||||
func (c *ClientCertificateCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
return c.client.GetToken(ctx, opts)
|
||||
var err error
|
||||
ctx, endSpan := runtime.StartSpan(ctx, credNameCert+"."+traceOpGetToken, c.client.azClient.Tracer(), nil)
|
||||
defer func() { endSpan(err) }()
|
||||
tk, err := c.client.GetToken(ctx, opts)
|
||||
return tk, err
|
||||
}
|
||||
|
||||
// ParseCertificates loads certificates and a private key, in PEM or PKCS12 format, for use with NewClientCertificateCredential.
|
||||
|
|
24
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/client_secret_credential.go
generated
vendored
24
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/client_secret_credential.go
generated
vendored
|
@ -11,6 +11,7 @@ import (
|
|||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
|
||||
)
|
||||
|
||||
|
@ -24,11 +25,15 @@ type ClientSecretCredentialOptions struct {
|
|||
// Add the wildcard value "*" to allow the credential to acquire tokens for any tenant in which the
|
||||
// application is registered.
|
||||
AdditionallyAllowedTenants []string
|
||||
|
||||
// DisableInstanceDiscovery should be set true only by applications authenticating in disconnected clouds, or
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Azure AD instance metadata
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Microsoft Entra instance metadata
|
||||
// from https://login.microsoft.com before authenticating. Setting this to true will skip this request, making
|
||||
// the application responsible for ensuring the configured authority is valid and trustworthy.
|
||||
DisableInstanceDiscovery bool
|
||||
|
||||
// tokenCachePersistenceOptions enables persistent token caching when not nil.
|
||||
tokenCachePersistenceOptions *tokenCachePersistenceOptions
|
||||
}
|
||||
|
||||
// ClientSecretCredential authenticates an application with a client secret.
|
||||
|
@ -46,20 +51,25 @@ func NewClientSecretCredential(tenantID string, clientID string, clientSecret st
|
|||
return nil, err
|
||||
}
|
||||
msalOpts := confidentialClientOptions{
|
||||
AdditionallyAllowedTenants: options.AdditionallyAllowedTenants,
|
||||
ClientOptions: options.ClientOptions,
|
||||
DisableInstanceDiscovery: options.DisableInstanceDiscovery,
|
||||
AdditionallyAllowedTenants: options.AdditionallyAllowedTenants,
|
||||
ClientOptions: options.ClientOptions,
|
||||
DisableInstanceDiscovery: options.DisableInstanceDiscovery,
|
||||
tokenCachePersistenceOptions: options.tokenCachePersistenceOptions,
|
||||
}
|
||||
c, err := newConfidentialClient(tenantID, clientID, credNameSecret, cred, msalOpts)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &ClientSecretCredential{c}, nil
|
||||
return &ClientSecretCredential{client: c}, nil
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Azure Active Directory. This method is called automatically by Azure SDK clients.
|
||||
// GetToken requests an access token from Microsoft Entra ID. This method is called automatically by Azure SDK clients.
|
||||
func (c *ClientSecretCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
return c.client.GetToken(ctx, opts)
|
||||
var err error
|
||||
ctx, endSpan := runtime.StartSpan(ctx, credNameSecret+"."+traceOpGetToken, c.client.azClient.Tracer(), nil)
|
||||
defer func() { endSpan(err) }()
|
||||
tk, err := c.client.GetToken(ctx, opts)
|
||||
return tk, err
|
||||
}
|
||||
|
||||
var _ azcore.TokenCredential = (*ClientSecretCredential)(nil)
|
||||
|
|
32
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/confidential_client.go
generated
vendored
32
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/confidential_client.go
generated
vendored
|
@ -10,6 +10,7 @@ import (
|
|||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"os"
|
||||
"strings"
|
||||
"sync"
|
||||
|
@ -17,6 +18,7 @@ import (
|
|||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azidentity/internal"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/internal/log"
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
|
||||
)
|
||||
|
@ -28,6 +30,7 @@ type confidentialClientOptions struct {
|
|||
// Assertion for on-behalf-of authentication
|
||||
Assertion string
|
||||
DisableInstanceDiscovery, SendX5C bool
|
||||
tokenCachePersistenceOptions *tokenCachePersistenceOptions
|
||||
}
|
||||
|
||||
// confidentialClient wraps the MSAL confidential client
|
||||
|
@ -40,6 +43,7 @@ type confidentialClient struct {
|
|||
name string
|
||||
opts confidentialClientOptions
|
||||
region string
|
||||
azClient *azcore.Client
|
||||
}
|
||||
|
||||
func newConfidentialClient(tenantID, clientID, name string, cred confidential.Credential, opts confidentialClientOptions) (*confidentialClient, error) {
|
||||
|
@ -50,6 +54,14 @@ func newConfidentialClient(tenantID, clientID, name string, cred confidential.Cr
|
|||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
client, err := azcore.NewClient(module, version, runtime.PipelineOptions{
|
||||
Tracing: runtime.TracingOptions{
|
||||
Namespace: traceNamespace,
|
||||
},
|
||||
}, &opts.ClientOptions)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
opts.AdditionallyAllowedTenants = resolveAdditionalTenants(opts.AdditionallyAllowedTenants)
|
||||
return &confidentialClient{
|
||||
caeMu: &sync.Mutex{},
|
||||
|
@ -62,6 +74,7 @@ func newConfidentialClient(tenantID, clientID, name string, cred confidential.Cr
|
|||
opts: opts,
|
||||
region: os.Getenv(azureRegionalAuthorityName),
|
||||
tenantID: tenantID,
|
||||
azClient: client,
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
@ -132,10 +145,15 @@ func (c *confidentialClient) client(ctx context.Context, tro policy.TokenRequest
|
|||
}
|
||||
|
||||
func (c *confidentialClient) newMSALClient(enableCAE bool) (msalConfidentialClient, error) {
|
||||
cache, err := internal.NewCache(c.opts.tokenCachePersistenceOptions, enableCAE)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
authority := runtime.JoinPaths(c.host, c.tenantID)
|
||||
o := []confidential.Option{
|
||||
confidential.WithAzureRegion(c.region),
|
||||
confidential.WithHTTPClient(newPipelineAdapter(&c.opts.ClientOptions)),
|
||||
confidential.WithCache(cache),
|
||||
confidential.WithHTTPClient(c),
|
||||
}
|
||||
if enableCAE {
|
||||
o = append(o, confidential.WithClientCapabilities(cp1))
|
||||
|
@ -149,8 +167,18 @@ func (c *confidentialClient) newMSALClient(enableCAE bool) (msalConfidentialClie
|
|||
return confidential.New(authority, c.clientID, c.cred, o...)
|
||||
}
|
||||
|
||||
// resolveTenant returns the correct tenant for a token request given the client's
|
||||
// resolveTenant returns the correct WithTenantID() argument for a token request given the client's
|
||||
// configuration, or an error when that configuration doesn't allow the specified tenant
|
||||
func (c *confidentialClient) resolveTenant(specified string) (string, error) {
|
||||
return resolveTenant(c.tenantID, specified, c.name, c.opts.AdditionallyAllowedTenants)
|
||||
}
|
||||
|
||||
// these methods satisfy the MSAL ops.HTTPClient interface
|
||||
|
||||
func (c *confidentialClient) CloseIdleConnections() {
|
||||
// do nothing
|
||||
}
|
||||
|
||||
func (c *confidentialClient) Do(r *http.Request) (*http.Response, error) {
|
||||
return doForClient(c.azClient, r)
|
||||
}
|
||||
|
|
16
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/default_azure_credential.go
generated
vendored
16
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/default_azure_credential.go
generated
vendored
|
@ -30,7 +30,7 @@ type DefaultAzureCredentialOptions struct {
|
|||
// set as a semicolon delimited list of tenants in the environment variable AZURE_ADDITIONALLY_ALLOWED_TENANTS.
|
||||
AdditionallyAllowedTenants []string
|
||||
// DisableInstanceDiscovery should be set true only by applications authenticating in disconnected clouds, or
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Azure AD instance metadata
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Microsoft Entra instance metadata
|
||||
// from https://login.microsoft.com before authenticating. Setting this to true will skip this request, making
|
||||
// the application responsible for ensuring the configured authority is valid and trustworthy.
|
||||
DisableInstanceDiscovery bool
|
||||
|
@ -49,6 +49,7 @@ type DefaultAzureCredentialOptions struct {
|
|||
// more control over its configuration.
|
||||
// - [ManagedIdentityCredential]
|
||||
// - [AzureCLICredential]
|
||||
// - [AzureDeveloperCLICredential]
|
||||
//
|
||||
// Consult the documentation for these credential types for more information on how they authenticate.
|
||||
// Once a credential has successfully authenticated, DefaultAzureCredential will use that credential for
|
||||
|
@ -117,6 +118,17 @@ func NewDefaultAzureCredential(options *DefaultAzureCredentialOptions) (*Default
|
|||
creds = append(creds, &defaultCredentialErrorReporter{credType: credNameAzureCLI, err: err})
|
||||
}
|
||||
|
||||
azdCred, err := NewAzureDeveloperCLICredential(&AzureDeveloperCLICredentialOptions{
|
||||
AdditionallyAllowedTenants: additionalTenants,
|
||||
TenantID: options.TenantID,
|
||||
})
|
||||
if err == nil {
|
||||
creds = append(creds, azdCred)
|
||||
} else {
|
||||
errorMessages = append(errorMessages, credNameAzureDeveloperCLI+": "+err.Error())
|
||||
creds = append(creds, &defaultCredentialErrorReporter{credType: credNameAzureDeveloperCLI, err: err})
|
||||
}
|
||||
|
||||
if len(errorMessages) > 0 {
|
||||
log.Writef(EventAuthentication, "NewDefaultAzureCredential failed to initialize some credentials:\n\t%s", strings.Join(errorMessages, "\n\t"))
|
||||
}
|
||||
|
@ -129,7 +141,7 @@ func NewDefaultAzureCredential(options *DefaultAzureCredentialOptions) (*Default
|
|||
return &DefaultAzureCredential{chain: chain}, nil
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Azure Active Directory. This method is called automatically by Azure SDK clients.
|
||||
// GetToken requests an access token from Microsoft Entra ID. This method is called automatically by Azure SDK clients.
|
||||
func (c *DefaultAzureCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
return c.chain.GetToken(ctx, opts)
|
||||
}
|
||||
|
|
38
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/developer_credential_util.go
generated
vendored
Normal file
38
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/developer_credential_util.go
generated
vendored
Normal file
|
@ -0,0 +1,38 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package azidentity
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"time"
|
||||
)
|
||||
|
||||
// cliTimeout is the default timeout for authentication attempts via CLI tools
|
||||
const cliTimeout = 10 * time.Second
|
||||
|
||||
// unavailableIfInChain returns err or, if the credential was invoked by DefaultAzureCredential, a
|
||||
// credentialUnavailableError having the same message. This ensures DefaultAzureCredential will try
|
||||
// the next credential in its chain (another developer credential).
|
||||
func unavailableIfInChain(err error, inDefaultChain bool) error {
|
||||
if err != nil && inDefaultChain {
|
||||
var unavailableErr *credentialUnavailableError
|
||||
if !errors.As(err, &unavailableErr) {
|
||||
err = newCredentialUnavailableError(credNameAzureDeveloperCLI, err.Error())
|
||||
}
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
||||
// validScope is for credentials authenticating via external tools. The authority validates scopes for all other credentials.
|
||||
func validScope(scope string) bool {
|
||||
for _, r := range scope {
|
||||
if !(alphanumeric(r) || r == '.' || r == '-' || r == '_' || r == '/' || r == ':') {
|
||||
return false
|
||||
}
|
||||
}
|
||||
return true
|
||||
}
|
54
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/device_code_credential.go
generated
vendored
54
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/device_code_credential.go
generated
vendored
|
@ -12,6 +12,7 @@ import (
|
|||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
)
|
||||
|
||||
const credNameDeviceCode = "DeviceCodeCredential"
|
||||
|
@ -23,19 +24,34 @@ type DeviceCodeCredentialOptions struct {
|
|||
// AdditionallyAllowedTenants specifies additional tenants for which the credential may acquire
|
||||
// tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant.
|
||||
AdditionallyAllowedTenants []string
|
||||
|
||||
// authenticationRecord returned by a call to a credential's Authenticate method. Set this option
|
||||
// to enable the credential to use data from a previous authentication.
|
||||
authenticationRecord authenticationRecord
|
||||
|
||||
// ClientID is the ID of the application users will authenticate to.
|
||||
// Defaults to the ID of an Azure development application.
|
||||
ClientID string
|
||||
|
||||
// disableAutomaticAuthentication prevents the credential from automatically prompting the user to authenticate.
|
||||
// When this option is true, [DeviceCodeCredential.GetToken] will return [ErrAuthenticationRequired] when user
|
||||
// interaction is necessary to acquire a token.
|
||||
disableAutomaticAuthentication bool
|
||||
|
||||
// DisableInstanceDiscovery should be set true only by applications authenticating in disconnected clouds, or
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Azure AD instance metadata
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Microsoft Entra instance metadata
|
||||
// from https://login.microsoft.com before authenticating. Setting this to true will skip this request, making
|
||||
// the application responsible for ensuring the configured authority is valid and trustworthy.
|
||||
DisableInstanceDiscovery bool
|
||||
// TenantID is the Azure Active Directory tenant the credential authenticates in. Defaults to the
|
||||
|
||||
// TenantID is the Microsoft Entra tenant the credential authenticates in. Defaults to the
|
||||
// "organizations" tenant, which can authenticate work and school accounts. Required for single-tenant
|
||||
// applications.
|
||||
TenantID string
|
||||
|
||||
// tokenCachePersistenceOptions enables persistent token caching when not nil.
|
||||
tokenCachePersistenceOptions *tokenCachePersistenceOptions
|
||||
|
||||
// UserPrompt controls how the credential presents authentication instructions. The credential calls
|
||||
// this function with authentication details when it receives a device code. By default, the credential
|
||||
// prints these details to stdout.
|
||||
|
@ -63,14 +79,14 @@ type DeviceCodeMessage struct {
|
|||
UserCode string `json:"user_code"`
|
||||
// VerificationURL is the URL at which the user must authenticate.
|
||||
VerificationURL string `json:"verification_uri"`
|
||||
// Message is user instruction from Azure Active Directory.
|
||||
// Message is user instruction from Microsoft Entra ID.
|
||||
Message string `json:"message"`
|
||||
}
|
||||
|
||||
// DeviceCodeCredential acquires tokens for a user via the device code flow, which has the
|
||||
// user browse to an Azure Active Directory URL, enter a code, and authenticate. It's useful
|
||||
// user browse to a Microsoft Entra URL, enter a code, and authenticate. It's useful
|
||||
// for authenticating a user in an environment without a web browser, such as an SSH session.
|
||||
// If a web browser is available, InteractiveBrowserCredential is more convenient because it
|
||||
// If a web browser is available, [InteractiveBrowserCredential] is more convenient because it
|
||||
// automatically opens a browser to the login page.
|
||||
type DeviceCodeCredential struct {
|
||||
client *publicClient
|
||||
|
@ -84,10 +100,13 @@ func NewDeviceCodeCredential(options *DeviceCodeCredentialOptions) (*DeviceCodeC
|
|||
}
|
||||
cp.init()
|
||||
msalOpts := publicClientOptions{
|
||||
AdditionallyAllowedTenants: cp.AdditionallyAllowedTenants,
|
||||
ClientOptions: cp.ClientOptions,
|
||||
DeviceCodePrompt: cp.UserPrompt,
|
||||
DisableInstanceDiscovery: cp.DisableInstanceDiscovery,
|
||||
AdditionallyAllowedTenants: cp.AdditionallyAllowedTenants,
|
||||
ClientOptions: cp.ClientOptions,
|
||||
DeviceCodePrompt: cp.UserPrompt,
|
||||
DisableAutomaticAuthentication: cp.disableAutomaticAuthentication,
|
||||
DisableInstanceDiscovery: cp.DisableInstanceDiscovery,
|
||||
Record: cp.authenticationRecord,
|
||||
TokenCachePersistenceOptions: cp.tokenCachePersistenceOptions,
|
||||
}
|
||||
c, err := newPublicClient(cp.TenantID, cp.ClientID, credNameDeviceCode, msalOpts)
|
||||
if err != nil {
|
||||
|
@ -97,10 +116,23 @@ func NewDeviceCodeCredential(options *DeviceCodeCredentialOptions) (*DeviceCodeC
|
|||
return &DeviceCodeCredential{client: c}, nil
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Azure Active Directory. It will begin the device code flow and poll until the user completes authentication.
|
||||
// Authenticate a user via the device code flow. Subsequent calls to GetToken will automatically use the returned AuthenticationRecord.
|
||||
func (c *DeviceCodeCredential) authenticate(ctx context.Context, opts *policy.TokenRequestOptions) (authenticationRecord, error) {
|
||||
var err error
|
||||
ctx, endSpan := runtime.StartSpan(ctx, credNameDeviceCode+"."+traceOpAuthenticate, c.client.azClient.Tracer(), nil)
|
||||
defer func() { endSpan(err) }()
|
||||
tk, err := c.client.Authenticate(ctx, opts)
|
||||
return tk, err
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Microsoft Entra ID. It will begin the device code flow and poll until the user completes authentication.
|
||||
// This method is called automatically by Azure SDK clients.
|
||||
func (c *DeviceCodeCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
return c.client.GetToken(ctx, opts)
|
||||
var err error
|
||||
ctx, endSpan := runtime.StartSpan(ctx, credNameDeviceCode+"."+traceOpGetToken, c.client.azClient.Tracer(), nil)
|
||||
defer func() { endSpan(err) }()
|
||||
tk, err := c.client.GetToken(ctx, opts)
|
||||
return tk, err
|
||||
}
|
||||
|
||||
var _ azcore.TokenCredential = (*DeviceCodeCredential)(nil)
|
||||
|
|
4
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/environment_credential.go
generated
vendored
4
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/environment_credential.go
generated
vendored
|
@ -25,7 +25,7 @@ type EnvironmentCredentialOptions struct {
|
|||
azcore.ClientOptions
|
||||
|
||||
// DisableInstanceDiscovery should be set true only by applications authenticating in disconnected clouds, or
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Azure AD instance metadata
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Microsoft Entra instance metadata
|
||||
// from https://login.microsoft.com before authenticating. Setting this to true will skip this request, making
|
||||
// the application responsible for ensuring the configured authority is valid and trustworthy.
|
||||
DisableInstanceDiscovery bool
|
||||
|
@ -156,7 +156,7 @@ func NewEnvironmentCredential(options *EnvironmentCredentialOptions) (*Environme
|
|||
return nil, errors.New("incomplete environment variable configuration. Only AZURE_TENANT_ID and AZURE_CLIENT_ID are set")
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Azure Active Directory. This method is called automatically by Azure SDK clients.
|
||||
// GetToken requests an access token from Microsoft Entra ID. This method is called automatically by Azure SDK clients.
|
||||
func (c *EnvironmentCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
return c.cred.GetToken(ctx, opts)
|
||||
}
|
||||
|
|
14
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/errors.go
generated
vendored
14
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/errors.go
generated
vendored
|
@ -18,6 +18,10 @@ import (
|
|||
msal "github.com/AzureAD/microsoft-authentication-library-for-go/apps/errors"
|
||||
)
|
||||
|
||||
// errAuthenticationRequired indicates a credential's Authenticate method must be called to acquire a token
|
||||
// because user interaction is required and the credential is configured not to automatically prompt the user.
|
||||
var errAuthenticationRequired error = &credentialUnavailableError{"can't acquire a token without user interaction. Call Authenticate to interactively authenticate a user"}
|
||||
|
||||
// getResponseFromError retrieves the response carried by
|
||||
// an AuthenticationFailedError or MSAL CallErr, if any
|
||||
func getResponseFromError(err error) *http.Response {
|
||||
|
@ -53,7 +57,13 @@ func (e *AuthenticationFailedError) Error() string {
|
|||
}
|
||||
msg := &bytes.Buffer{}
|
||||
fmt.Fprintf(msg, e.credType+" authentication failed\n")
|
||||
fmt.Fprintf(msg, "%s %s://%s%s\n", e.RawResponse.Request.Method, e.RawResponse.Request.URL.Scheme, e.RawResponse.Request.URL.Host, e.RawResponse.Request.URL.Path)
|
||||
if e.RawResponse.Request != nil {
|
||||
fmt.Fprintf(msg, "%s %s://%s%s\n", e.RawResponse.Request.Method, e.RawResponse.Request.URL.Scheme, e.RawResponse.Request.URL.Host, e.RawResponse.Request.URL.Path)
|
||||
} else {
|
||||
// this happens when the response is created from a custom HTTP transporter,
|
||||
// which doesn't guarantee to bind the original request to the response
|
||||
fmt.Fprintln(msg, "Request information not available")
|
||||
}
|
||||
fmt.Fprintln(msg, "--------------------------------------------------------------------------------")
|
||||
fmt.Fprintf(msg, "RESPONSE %s\n", e.RawResponse.Status)
|
||||
fmt.Fprintln(msg, "--------------------------------------------------------------------------------")
|
||||
|
@ -74,6 +84,8 @@ func (e *AuthenticationFailedError) Error() string {
|
|||
switch e.credType {
|
||||
case credNameAzureCLI:
|
||||
anchor = "azure-cli"
|
||||
case credNameAzureDeveloperCLI:
|
||||
anchor = "azd"
|
||||
case credNameCert:
|
||||
anchor = "client-cert"
|
||||
case credNameSecret:
|
||||
|
|
6
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/go.work
generated
vendored
Normal file
6
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/go.work
generated
vendored
Normal file
|
@ -0,0 +1,6 @@
|
|||
go 1.18
|
||||
|
||||
use (
|
||||
.
|
||||
./cache
|
||||
)
|
39
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/go.work.sum
generated
vendored
Normal file
39
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/go.work.sum
generated
vendored
Normal file
|
@ -0,0 +1,39 @@
|
|||
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.0-beta.1 h1:ODs3brnqQM99Tq1PffODpAViYv3Bf8zOg464MU7p5ew=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.0-beta.1/go.mod h1:3Ug6Qzto9anB6mGlEdgYMDF5zHQ+wwhEaYR4s17PHMw=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.0 h1:fb8kj/Dh4CSwgsOzHeZY4Xh68cFVbzXx+ONXGMY//4w=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.0/go.mod h1:uReU2sSxZExRPBAg3qKzmAucSi51+SP1OhohieR821Q=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0/go.mod h1:okt5dMMTOFjX/aovMlrjvvXoPMBVSPzk9185BT0+eZM=
|
||||
github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 h1:DzHpqpoJVaCgOUdVHxE8QB52S6NiVdDQvGlny1qvPqA=
|
||||
github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI=
|
||||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||
github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
|
||||
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
||||
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
||||
github.com/montanaflynn/stats v0.7.0/go.mod h1:etXPPgVO6n31NxCd9KQUMvCM+ve0ruNzt6R8Bnaayow=
|
||||
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
|
||||
github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
|
||||
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
||||
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
||||
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
|
||||
golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
|
||||
golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
|
||||
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
|
||||
golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
|
||||
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
|
||||
golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
|
||||
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY=
|
||||
golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
|
||||
golang.org/x/term v0.10.0/go.mod h1:lpqdcUyK/oCiQxvxVrppt5ggO2KCZ5QblwqPnfZ6d5o=
|
||||
golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU=
|
||||
golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
|
||||
golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U=
|
||||
golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0=
|
||||
golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
|
||||
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
|
||||
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
|
||||
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
|
@ -11,6 +11,7 @@ import (
|
|||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
)
|
||||
|
||||
const credNameBrowser = "InteractiveBrowserCredential"
|
||||
|
@ -22,26 +23,40 @@ type InteractiveBrowserCredentialOptions struct {
|
|||
// AdditionallyAllowedTenants specifies additional tenants for which the credential may acquire
|
||||
// tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant.
|
||||
AdditionallyAllowedTenants []string
|
||||
|
||||
// authenticationRecord returned by a call to a credential's Authenticate method. Set this option
|
||||
// to enable the credential to use data from a previous authentication.
|
||||
authenticationRecord authenticationRecord
|
||||
|
||||
// ClientID is the ID of the application users will authenticate to.
|
||||
// Defaults to the ID of an Azure development application.
|
||||
ClientID string
|
||||
|
||||
// disableAutomaticAuthentication prevents the credential from automatically prompting the user to authenticate.
|
||||
// When this option is true, [InteractiveBrowserCredential.GetToken] will return [ErrAuthenticationRequired] when
|
||||
// user interaction is necessary to acquire a token.
|
||||
disableAutomaticAuthentication bool
|
||||
|
||||
// DisableInstanceDiscovery should be set true only by applications authenticating in disconnected clouds, or
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Azure AD instance metadata
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Microsoft Entra instance metadata
|
||||
// from https://login.microsoft.com before authenticating. Setting this to true will skip this request, making
|
||||
// the application responsible for ensuring the configured authority is valid and trustworthy.
|
||||
DisableInstanceDiscovery bool
|
||||
|
||||
// LoginHint pre-populates the account prompt with a username. Users may choose to authenticate a different account.
|
||||
LoginHint string
|
||||
// RedirectURL is the URL Azure Active Directory will redirect to with the access token. This is required
|
||||
|
||||
// RedirectURL is the URL Microsoft Entra ID will redirect to with the access token. This is required
|
||||
// only when setting ClientID, and must match a redirect URI in the application's registration.
|
||||
// Applications which have registered "http://localhost" as a redirect URI need not set this option.
|
||||
RedirectURL string
|
||||
|
||||
// TenantID is the Azure Active Directory tenant the credential authenticates in. Defaults to the
|
||||
// TenantID is the Microsoft Entra tenant the credential authenticates in. Defaults to the
|
||||
// "organizations" tenant, which can authenticate work and school accounts.
|
||||
TenantID string
|
||||
|
||||
// tokenCachePersistenceOptions enables persistent token caching when not nil.
|
||||
tokenCachePersistenceOptions *tokenCachePersistenceOptions
|
||||
}
|
||||
|
||||
func (o *InteractiveBrowserCredentialOptions) init() {
|
||||
|
@ -66,10 +81,14 @@ func NewInteractiveBrowserCredential(options *InteractiveBrowserCredentialOption
|
|||
}
|
||||
cp.init()
|
||||
msalOpts := publicClientOptions{
|
||||
ClientOptions: cp.ClientOptions,
|
||||
DisableInstanceDiscovery: cp.DisableInstanceDiscovery,
|
||||
LoginHint: cp.LoginHint,
|
||||
RedirectURL: cp.RedirectURL,
|
||||
AdditionallyAllowedTenants: cp.AdditionallyAllowedTenants,
|
||||
ClientOptions: cp.ClientOptions,
|
||||
DisableAutomaticAuthentication: cp.disableAutomaticAuthentication,
|
||||
DisableInstanceDiscovery: cp.DisableInstanceDiscovery,
|
||||
LoginHint: cp.LoginHint,
|
||||
Record: cp.authenticationRecord,
|
||||
RedirectURL: cp.RedirectURL,
|
||||
TokenCachePersistenceOptions: cp.tokenCachePersistenceOptions,
|
||||
}
|
||||
c, err := newPublicClient(cp.TenantID, cp.ClientID, credNameBrowser, msalOpts)
|
||||
if err != nil {
|
||||
|
@ -78,9 +97,22 @@ func NewInteractiveBrowserCredential(options *InteractiveBrowserCredentialOption
|
|||
return &InteractiveBrowserCredential{client: c}, nil
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Azure Active Directory. This method is called automatically by Azure SDK clients.
|
||||
// Authenticate a user via the default browser. Subsequent calls to GetToken will automatically use the returned AuthenticationRecord.
|
||||
func (c *InteractiveBrowserCredential) authenticate(ctx context.Context, opts *policy.TokenRequestOptions) (authenticationRecord, error) {
|
||||
var err error
|
||||
ctx, endSpan := runtime.StartSpan(ctx, credNameBrowser+"."+traceOpAuthenticate, c.client.azClient.Tracer(), nil)
|
||||
defer func() { endSpan(err) }()
|
||||
tk, err := c.client.Authenticate(ctx, opts)
|
||||
return tk, err
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Microsoft Entra ID. This method is called automatically by Azure SDK clients.
|
||||
func (c *InteractiveBrowserCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
return c.client.GetToken(ctx, opts)
|
||||
var err error
|
||||
ctx, endSpan := runtime.StartSpan(ctx, credNameBrowser+"."+traceOpGetToken, c.client.azClient.Tracer(), nil)
|
||||
defer func() { endSpan(err) }()
|
||||
tk, err := c.client.GetToken(ctx, opts)
|
||||
return tk, err
|
||||
}
|
||||
|
||||
var _ azcore.TokenCredential = (*InteractiveBrowserCredential)(nil)
|
||||
|
|
18
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/internal/exported.go
generated
vendored
Normal file
18
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/internal/exported.go
generated
vendored
Normal file
|
@ -0,0 +1,18 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package internal
|
||||
|
||||
// TokenCachePersistenceOptions contains options for persistent token caching
|
||||
type TokenCachePersistenceOptions struct {
|
||||
// AllowUnencryptedStorage controls whether the cache should fall back to storing its data in plain text
|
||||
// when encryption isn't possible. Setting this true doesn't disable encryption. The cache always attempts
|
||||
// encryption before falling back to plaintext storage.
|
||||
AllowUnencryptedStorage bool
|
||||
|
||||
// Name identifies the cache. Set this to isolate data from other applications.
|
||||
Name string
|
||||
}
|
31
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/internal/internal.go
generated
vendored
Normal file
31
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/internal/internal.go
generated
vendored
Normal file
|
@ -0,0 +1,31 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package internal
|
||||
|
||||
import (
|
||||
"errors"
|
||||
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/cache"
|
||||
)
|
||||
|
||||
var errMissingImport = errors.New("import github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache to enable persistent caching")
|
||||
|
||||
// NewCache constructs a persistent token cache when "o" isn't nil. Applications that intend to
|
||||
// use a persistent cache must first import the cache module, which will replace this function
|
||||
// with a platform-specific implementation.
|
||||
var NewCache = func(o *TokenCachePersistenceOptions, enableCAE bool) (cache.ExportReplace, error) {
|
||||
if o == nil {
|
||||
return nil, nil
|
||||
}
|
||||
return nil, errMissingImport
|
||||
}
|
||||
|
||||
// CacheFilePath returns the path to the cache file for the given name.
|
||||
// Defining it in this package makes it available to azidentity tests.
|
||||
var CacheFilePath = func(name string) (string, error) {
|
||||
return "", errMissingImport
|
||||
}
|
54
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/managed_identity_client.go
generated
vendored
54
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/managed_identity_client.go
generated
vendored
|
@ -28,12 +28,14 @@ import (
|
|||
|
||||
const (
|
||||
arcIMDSEndpoint = "IMDS_ENDPOINT"
|
||||
defaultIdentityClientID = "DEFAULT_IDENTITY_CLIENT_ID"
|
||||
identityEndpoint = "IDENTITY_ENDPOINT"
|
||||
identityHeader = "IDENTITY_HEADER"
|
||||
identityServerThumbprint = "IDENTITY_SERVER_THUMBPRINT"
|
||||
headerMetadata = "Metadata"
|
||||
imdsEndpoint = "http://169.254.169.254/metadata/identity/oauth2/token"
|
||||
msiEndpoint = "MSI_ENDPOINT"
|
||||
msiSecret = "MSI_SECRET"
|
||||
imdsAPIVersion = "2018-02-01"
|
||||
azureArcAPIVersion = "2019-08-15"
|
||||
serviceFabricAPIVersion = "2019-07-01-preview"
|
||||
|
@ -47,6 +49,7 @@ type msiType int
|
|||
const (
|
||||
msiTypeAppService msiType = iota
|
||||
msiTypeAzureArc
|
||||
msiTypeAzureML
|
||||
msiTypeCloudShell
|
||||
msiTypeIMDS
|
||||
msiTypeServiceFabric
|
||||
|
@ -55,7 +58,7 @@ const (
|
|||
// managedIdentityClient provides the base for authenticating in managed identity environments
|
||||
// This type includes an runtime.Pipeline and TokenCredentialOptions.
|
||||
type managedIdentityClient struct {
|
||||
pipeline runtime.Pipeline
|
||||
azClient *azcore.Client
|
||||
msiType msiType
|
||||
endpoint string
|
||||
id ManagedIDKind
|
||||
|
@ -135,13 +138,27 @@ func newManagedIdentityClient(options *ManagedIdentityCredentialOptions) (*manag
|
|||
c.msiType = msiTypeAzureArc
|
||||
}
|
||||
} else if endpoint, ok := os.LookupEnv(msiEndpoint); ok {
|
||||
env = "Cloud Shell"
|
||||
c.endpoint = endpoint
|
||||
c.msiType = msiTypeCloudShell
|
||||
if _, ok := os.LookupEnv(msiSecret); ok {
|
||||
env = "Azure ML"
|
||||
c.msiType = msiTypeAzureML
|
||||
} else {
|
||||
env = "Cloud Shell"
|
||||
c.msiType = msiTypeCloudShell
|
||||
}
|
||||
} else {
|
||||
setIMDSRetryOptionDefaults(&cp.Retry)
|
||||
}
|
||||
c.pipeline = runtime.NewPipeline(component, version, runtime.PipelineOptions{}, &cp)
|
||||
|
||||
client, err := azcore.NewClient(module, version, runtime.PipelineOptions{
|
||||
Tracing: runtime.TracingOptions{
|
||||
Namespace: traceNamespace,
|
||||
},
|
||||
}, &cp)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
c.azClient = client
|
||||
|
||||
if log.Should(EventAuthentication) {
|
||||
log.Writef(EventAuthentication, "Managed Identity Credential will use %s managed identity", env)
|
||||
|
@ -168,7 +185,7 @@ func (c *managedIdentityClient) authenticate(ctx context.Context, id ManagedIDKi
|
|||
return azcore.AccessToken{}, err
|
||||
}
|
||||
|
||||
resp, err := c.pipeline.Do(msg)
|
||||
resp, err := c.azClient.Pipeline().Do(msg)
|
||||
if err != nil {
|
||||
return azcore.AccessToken{}, newAuthenticationFailedError(credNameManagedIdentity, err.Error(), nil, err)
|
||||
}
|
||||
|
@ -247,6 +264,8 @@ func (c *managedIdentityClient) createAuthRequest(ctx context.Context, id Manage
|
|||
return nil, newAuthenticationFailedError(credNameManagedIdentity, msg, nil, err)
|
||||
}
|
||||
return c.createAzureArcAuthRequest(ctx, id, scopes, key)
|
||||
case msiTypeAzureML:
|
||||
return c.createAzureMLAuthRequest(ctx, id, scopes)
|
||||
case msiTypeServiceFabric:
|
||||
return c.createServiceFabricAuthRequest(ctx, id, scopes)
|
||||
case msiTypeCloudShell:
|
||||
|
@ -296,6 +315,29 @@ func (c *managedIdentityClient) createAppServiceAuthRequest(ctx context.Context,
|
|||
return request, nil
|
||||
}
|
||||
|
||||
func (c *managedIdentityClient) createAzureMLAuthRequest(ctx context.Context, id ManagedIDKind, scopes []string) (*policy.Request, error) {
|
||||
request, err := runtime.NewRequest(ctx, http.MethodGet, c.endpoint)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
request.Raw().Header.Set("secret", os.Getenv(msiSecret))
|
||||
q := request.Raw().URL.Query()
|
||||
q.Add("api-version", "2017-09-01")
|
||||
q.Add("resource", strings.Join(scopes, " "))
|
||||
q.Add("clientid", os.Getenv(defaultIdentityClientID))
|
||||
if id != nil {
|
||||
if id.idKind() == miResourceID {
|
||||
log.Write(EventAuthentication, "WARNING: Azure ML doesn't support specifying a managed identity by resource ID")
|
||||
q.Set("clientid", "")
|
||||
q.Set(qpResID, id.String())
|
||||
} else {
|
||||
q.Set("clientid", id.String())
|
||||
}
|
||||
}
|
||||
request.Raw().URL.RawQuery = q.Encode()
|
||||
return request, nil
|
||||
}
|
||||
|
||||
func (c *managedIdentityClient) createServiceFabricAuthRequest(ctx context.Context, id ManagedIDKind, scopes []string) (*policy.Request, error) {
|
||||
request, err := runtime.NewRequest(ctx, http.MethodGet, c.endpoint)
|
||||
if err != nil {
|
||||
|
@ -330,7 +372,7 @@ func (c *managedIdentityClient) getAzureArcSecretKey(ctx context.Context, resour
|
|||
q.Add("resource", strings.Join(resources, " "))
|
||||
request.Raw().URL.RawQuery = q.Encode()
|
||||
// send the initial request to get the short-lived secret key
|
||||
response, err := c.pipeline.Do(request)
|
||||
response, err := c.azClient.Pipeline().Do(request)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
|
20
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/managed_identity_credential.go
generated
vendored
20
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/managed_identity_credential.go
generated
vendored
|
@ -13,6 +13,7 @@ import (
|
|||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
|
||||
)
|
||||
|
||||
|
@ -67,8 +68,8 @@ type ManagedIdentityCredentialOptions struct {
|
|||
|
||||
// ManagedIdentityCredential authenticates an Azure managed identity in any hosting environment supporting managed identities.
|
||||
// This credential authenticates a system-assigned identity by default. Use ManagedIdentityCredentialOptions.ID to specify a
|
||||
// user-assigned identity. See Azure Active Directory documentation for more information about managed identities:
|
||||
// https://docs.microsoft.com/azure/active-directory/managed-identities-azure-resources/overview
|
||||
// user-assigned identity. See Microsoft Entra ID documentation for more information about managed identities:
|
||||
// https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/overview
|
||||
type ManagedIdentityCredential struct {
|
||||
client *confidentialClient
|
||||
mic *managedIdentityClient
|
||||
|
@ -92,7 +93,9 @@ func NewManagedIdentityCredential(options *ManagedIdentityCredentialOptions) (*M
|
|||
clientID = options.ID.String()
|
||||
}
|
||||
// similarly, it's okay to give MSAL an incorrect tenant because MSAL won't use the value
|
||||
c, err := newConfidentialClient("common", clientID, credNameManagedIdentity, cred, confidentialClientOptions{})
|
||||
c, err := newConfidentialClient("common", clientID, credNameManagedIdentity, cred, confidentialClientOptions{
|
||||
ClientOptions: options.ClientOptions,
|
||||
})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
@ -101,13 +104,18 @@ func NewManagedIdentityCredential(options *ManagedIdentityCredentialOptions) (*M
|
|||
|
||||
// GetToken requests an access token from the hosting environment. This method is called automatically by Azure SDK clients.
|
||||
func (c *ManagedIdentityCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
var err error
|
||||
ctx, endSpan := runtime.StartSpan(ctx, credNameManagedIdentity+"."+traceOpGetToken, c.client.azClient.Tracer(), nil)
|
||||
defer func() { endSpan(err) }()
|
||||
|
||||
if len(opts.Scopes) != 1 {
|
||||
err := fmt.Errorf("%s.GetToken() requires exactly one scope", credNameManagedIdentity)
|
||||
err = fmt.Errorf("%s.GetToken() requires exactly one scope", credNameManagedIdentity)
|
||||
return azcore.AccessToken{}, err
|
||||
}
|
||||
// managed identity endpoints require an AADv1 resource (i.e. token audience), not a v2 scope, so we remove "/.default" here
|
||||
// managed identity endpoints require a Microsoft Entra ID v1 resource (i.e. token audience), not a v2 scope, so we remove "/.default" here
|
||||
opts.Scopes = []string{strings.TrimSuffix(opts.Scopes[0], defaultSuffix)}
|
||||
return c.client.GetToken(ctx, opts)
|
||||
tk, err := c.client.GetToken(ctx, opts)
|
||||
return tk, err
|
||||
}
|
||||
|
||||
var _ azcore.TokenCredential = (*ManagedIdentityCredential)(nil)
|
||||
|
|
17
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/on_behalf_of_credential.go
generated
vendored
17
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/on_behalf_of_credential.go
generated
vendored
|
@ -13,6 +13,7 @@ import (
|
|||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
|
||||
)
|
||||
|
||||
|
@ -21,9 +22,9 @@ const credNameOBO = "OnBehalfOfCredential"
|
|||
// OnBehalfOfCredential authenticates a service principal via the on-behalf-of flow. This is typically used by
|
||||
// middle-tier services that authorize requests to other services with a delegated user identity. Because this
|
||||
// is not an interactive authentication flow, an application using it must have admin consent for any delegated
|
||||
// permissions before requesting tokens for them. See [Azure Active Directory documentation] for more details.
|
||||
// permissions before requesting tokens for them. See [Microsoft Entra ID documentation] for more details.
|
||||
//
|
||||
// [Azure Active Directory documentation]: https://docs.microsoft.com/azure/active-directory/develop/v2-oauth2-on-behalf-of-flow
|
||||
// [Microsoft Entra ID documentation]: https://learn.microsoft.com/azure/active-directory/develop/v2-oauth2-on-behalf-of-flow
|
||||
type OnBehalfOfCredential struct {
|
||||
client *confidentialClient
|
||||
}
|
||||
|
@ -36,11 +37,13 @@ type OnBehalfOfCredentialOptions struct {
|
|||
// Add the wildcard value "*" to allow the credential to acquire tokens for any tenant in which the
|
||||
// application is registered.
|
||||
AdditionallyAllowedTenants []string
|
||||
|
||||
// DisableInstanceDiscovery should be set true only by applications authenticating in disconnected clouds, or
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Azure AD instance metadata
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Microsoft Entra instance metadata
|
||||
// from https://login.microsoft.com before authenticating. Setting this to true will skip this request, making
|
||||
// the application responsible for ensuring the configured authority is valid and trustworthy.
|
||||
DisableInstanceDiscovery bool
|
||||
|
||||
// SendCertificateChain applies only when the credential is configured to authenticate with a certificate.
|
||||
// This setting controls whether the credential sends the public certificate chain in the x5c header of each
|
||||
// token request's JWT. This is required for, and only used in, Subject Name/Issuer (SNI) authentication.
|
||||
|
@ -84,9 +87,13 @@ func newOnBehalfOfCredential(tenantID, clientID, userAssertion string, cred conf
|
|||
return &OnBehalfOfCredential{c}, nil
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Azure Active Directory. This method is called automatically by Azure SDK clients.
|
||||
// GetToken requests an access token from Microsoft Entra ID. This method is called automatically by Azure SDK clients.
|
||||
func (o *OnBehalfOfCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
return o.client.GetToken(ctx, opts)
|
||||
var err error
|
||||
ctx, endSpan := runtime.StartSpan(ctx, credNameOBO+"."+traceOpGetToken, o.client.azClient.Tracer(), nil)
|
||||
defer func() { endSpan(err) }()
|
||||
tk, err := o.client.GetToken(ctx, opts)
|
||||
return tk, err
|
||||
}
|
||||
|
||||
var _ azcore.TokenCredential = (*OnBehalfOfCredential)(nil)
|
||||
|
|
133
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/public_client.go
generated
vendored
133
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/public_client.go
generated
vendored
|
@ -8,38 +8,52 @@ package azidentity
|
|||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"strings"
|
||||
"sync"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/cloud"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azidentity/internal"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/internal/log"
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/public"
|
||||
|
||||
// this import ensures well-known configurations in azcore/cloud have ARM audiences for Authenticate()
|
||||
_ "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/runtime"
|
||||
)
|
||||
|
||||
type publicClientOptions struct {
|
||||
azcore.ClientOptions
|
||||
|
||||
AdditionallyAllowedTenants []string
|
||||
DeviceCodePrompt func(context.Context, DeviceCodeMessage) error
|
||||
DisableInstanceDiscovery bool
|
||||
LoginHint, RedirectURL string
|
||||
Username, Password string
|
||||
AdditionallyAllowedTenants []string
|
||||
DeviceCodePrompt func(context.Context, DeviceCodeMessage) error
|
||||
DisableAutomaticAuthentication bool
|
||||
DisableInstanceDiscovery bool
|
||||
LoginHint, RedirectURL string
|
||||
Record authenticationRecord
|
||||
TokenCachePersistenceOptions *tokenCachePersistenceOptions
|
||||
Username, Password string
|
||||
}
|
||||
|
||||
// publicClient wraps the MSAL public client
|
||||
type publicClient struct {
|
||||
account public.Account
|
||||
cae, noCAE msalPublicClient
|
||||
caeMu, noCAEMu, clientMu *sync.Mutex
|
||||
clientID, tenantID string
|
||||
defaultScope []string
|
||||
host string
|
||||
name string
|
||||
opts publicClientOptions
|
||||
record authenticationRecord
|
||||
azClient *azcore.Client
|
||||
}
|
||||
|
||||
var errScopeRequired = errors.New("authenticating in this environment requires specifying a scope in TokenRequestOptions")
|
||||
|
||||
func newPublicClient(tenantID, clientID, name string, o publicClientOptions) (*publicClient, error) {
|
||||
if !validTenantID(tenantID) {
|
||||
return nil, errInvalidTenantID
|
||||
|
@ -48,19 +62,76 @@ func newPublicClient(tenantID, clientID, name string, o publicClientOptions) (*p
|
|||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
// if the application specified a cloud configuration, use its ARM audience as the default scope for Authenticate()
|
||||
audience := o.Cloud.Services[cloud.ResourceManager].Audience
|
||||
if audience == "" {
|
||||
// no cloud configuration, or no ARM audience, specified; try to map the host to a well-known one (all of which have a trailing slash)
|
||||
if !strings.HasSuffix(host, "/") {
|
||||
host += "/"
|
||||
}
|
||||
switch host {
|
||||
case cloud.AzureChina.ActiveDirectoryAuthorityHost:
|
||||
audience = cloud.AzureChina.Services[cloud.ResourceManager].Audience
|
||||
case cloud.AzureGovernment.ActiveDirectoryAuthorityHost:
|
||||
audience = cloud.AzureGovernment.Services[cloud.ResourceManager].Audience
|
||||
case cloud.AzurePublic.ActiveDirectoryAuthorityHost:
|
||||
audience = cloud.AzurePublic.Services[cloud.ResourceManager].Audience
|
||||
}
|
||||
}
|
||||
// if we didn't come up with an audience, the application will have to specify a scope for Authenticate()
|
||||
var defaultScope []string
|
||||
if audience != "" {
|
||||
defaultScope = []string{audience + defaultSuffix}
|
||||
}
|
||||
client, err := azcore.NewClient(module, version, runtime.PipelineOptions{
|
||||
Tracing: runtime.TracingOptions{
|
||||
Namespace: traceNamespace,
|
||||
},
|
||||
}, &o.ClientOptions)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
o.AdditionallyAllowedTenants = resolveAdditionalTenants(o.AdditionallyAllowedTenants)
|
||||
return &publicClient{
|
||||
caeMu: &sync.Mutex{},
|
||||
clientID: clientID,
|
||||
clientMu: &sync.Mutex{},
|
||||
host: host,
|
||||
name: name,
|
||||
noCAEMu: &sync.Mutex{},
|
||||
opts: o,
|
||||
tenantID: tenantID,
|
||||
caeMu: &sync.Mutex{},
|
||||
clientID: clientID,
|
||||
clientMu: &sync.Mutex{},
|
||||
defaultScope: defaultScope,
|
||||
host: host,
|
||||
name: name,
|
||||
noCAEMu: &sync.Mutex{},
|
||||
opts: o,
|
||||
record: o.Record,
|
||||
tenantID: tenantID,
|
||||
azClient: client,
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (p *publicClient) Authenticate(ctx context.Context, tro *policy.TokenRequestOptions) (authenticationRecord, error) {
|
||||
if tro == nil {
|
||||
tro = &policy.TokenRequestOptions{}
|
||||
}
|
||||
if len(tro.Scopes) == 0 {
|
||||
if p.defaultScope == nil {
|
||||
return authenticationRecord{}, errScopeRequired
|
||||
}
|
||||
tro.Scopes = p.defaultScope
|
||||
}
|
||||
client, mu, err := p.client(*tro)
|
||||
if err != nil {
|
||||
return authenticationRecord{}, err
|
||||
}
|
||||
mu.Lock()
|
||||
defer mu.Unlock()
|
||||
_, err = p.reqToken(ctx, client, *tro)
|
||||
if err == nil {
|
||||
scope := strings.Join(tro.Scopes, ", ")
|
||||
msg := fmt.Sprintf("%s.Authenticate() acquired a token for scope %q", p.name, scope)
|
||||
log.Write(EventAuthentication, msg)
|
||||
}
|
||||
return p.record, err
|
||||
}
|
||||
|
||||
// GetToken requests an access token from MSAL, checking the cache first.
|
||||
func (p *publicClient) GetToken(ctx context.Context, tro policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
if len(tro.Scopes) < 1 {
|
||||
|
@ -76,10 +147,13 @@ func (p *publicClient) GetToken(ctx context.Context, tro policy.TokenRequestOpti
|
|||
}
|
||||
mu.Lock()
|
||||
defer mu.Unlock()
|
||||
ar, err := client.AcquireTokenSilent(ctx, tro.Scopes, public.WithSilentAccount(p.account), public.WithClaims(tro.Claims), public.WithTenantID(tenant))
|
||||
ar, err := client.AcquireTokenSilent(ctx, tro.Scopes, public.WithSilentAccount(p.record.account()), public.WithClaims(tro.Claims), public.WithTenantID(tenant))
|
||||
if err == nil {
|
||||
return p.token(ar, err)
|
||||
}
|
||||
if p.opts.DisableAutomaticAuthentication {
|
||||
return azcore.AccessToken{}, errAuthenticationRequired
|
||||
}
|
||||
at, err := p.reqToken(ctx, client, tro)
|
||||
if err == nil {
|
||||
msg := fmt.Sprintf("%s.GetToken() acquired a token for scope %q", p.name, strings.Join(ar.GrantedScopes, ", "))
|
||||
|
@ -148,9 +222,14 @@ func (p *publicClient) client(tro policy.TokenRequestOptions) (msalPublicClient,
|
|||
}
|
||||
|
||||
func (p *publicClient) newMSALClient(enableCAE bool) (msalPublicClient, error) {
|
||||
cache, err := internal.NewCache(p.opts.TokenCachePersistenceOptions, enableCAE)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
o := []public.Option{
|
||||
public.WithAuthority(runtime.JoinPaths(p.host, p.tenantID)),
|
||||
public.WithHTTPClient(newPipelineAdapter(&p.opts.ClientOptions)),
|
||||
public.WithCache(cache),
|
||||
public.WithHTTPClient(p),
|
||||
}
|
||||
if enableCAE {
|
||||
o = append(o, public.WithClientCapabilities(cp1))
|
||||
|
@ -163,7 +242,7 @@ func (p *publicClient) newMSALClient(enableCAE bool) (msalPublicClient, error) {
|
|||
|
||||
func (p *publicClient) token(ar public.AuthResult, err error) (azcore.AccessToken, error) {
|
||||
if err == nil {
|
||||
p.account = ar.Account
|
||||
p.record, err = newAuthenticationRecord(ar)
|
||||
} else {
|
||||
res := getResponseFromError(err)
|
||||
err = newAuthenticationFailedError(p.name, err.Error(), res, err)
|
||||
|
@ -171,8 +250,24 @@ func (p *publicClient) token(ar public.AuthResult, err error) (azcore.AccessToke
|
|||
return azcore.AccessToken{Token: ar.AccessToken, ExpiresOn: ar.ExpiresOn.UTC()}, err
|
||||
}
|
||||
|
||||
// resolveTenant returns the correct tenant for a token request given the client's
|
||||
// resolveTenant returns the correct WithTenantID() argument for a token request given the client's
|
||||
// configuration, or an error when that configuration doesn't allow the specified tenant
|
||||
func (p *publicClient) resolveTenant(specified string) (string, error) {
|
||||
return resolveTenant(p.tenantID, specified, p.name, p.opts.AdditionallyAllowedTenants)
|
||||
t, err := resolveTenant(p.tenantID, specified, p.name, p.opts.AdditionallyAllowedTenants)
|
||||
if t == p.tenantID {
|
||||
// callers pass this value to MSAL's WithTenantID(). There's no need to redundantly specify
|
||||
// the client's default tenant and doing so is an error when that tenant is "organizations"
|
||||
t = ""
|
||||
}
|
||||
return t, err
|
||||
}
|
||||
|
||||
// these methods satisfy the MSAL ops.HTTPClient interface
|
||||
|
||||
func (p *publicClient) CloseIdleConnections() {
|
||||
// do nothing
|
||||
}
|
||||
|
||||
func (p *publicClient) Do(r *http.Request) (*http.Response, error) {
|
||||
return doForClient(p.azClient, r)
|
||||
}
|
||||
|
|
40
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/username_password_credential.go
generated
vendored
40
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/username_password_credential.go
generated
vendored
|
@ -11,6 +11,7 @@ import (
|
|||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
)
|
||||
|
||||
const credNameUserPassword = "UsernamePasswordCredential"
|
||||
|
@ -23,11 +24,19 @@ type UsernamePasswordCredentialOptions struct {
|
|||
// Add the wildcard value "*" to allow the credential to acquire tokens for any tenant in which the
|
||||
// application is registered.
|
||||
AdditionallyAllowedTenants []string
|
||||
|
||||
// authenticationRecord returned by a call to a credential's Authenticate method. Set this option
|
||||
// to enable the credential to use data from a previous authentication.
|
||||
authenticationRecord authenticationRecord
|
||||
|
||||
// DisableInstanceDiscovery should be set true only by applications authenticating in disconnected clouds, or
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Azure AD instance metadata
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Microsoft Entra instance metadata
|
||||
// from https://login.microsoft.com before authenticating. Setting this to true will skip this request, making
|
||||
// the application responsible for ensuring the configured authority is valid and trustworthy.
|
||||
DisableInstanceDiscovery bool
|
||||
|
||||
// tokenCachePersistenceOptions enables persistent token caching when not nil.
|
||||
tokenCachePersistenceOptions *tokenCachePersistenceOptions
|
||||
}
|
||||
|
||||
// UsernamePasswordCredential authenticates a user with a password. Microsoft doesn't recommend this kind of authentication,
|
||||
|
@ -45,11 +54,13 @@ func NewUsernamePasswordCredential(tenantID string, clientID string, username st
|
|||
options = &UsernamePasswordCredentialOptions{}
|
||||
}
|
||||
opts := publicClientOptions{
|
||||
AdditionallyAllowedTenants: options.AdditionallyAllowedTenants,
|
||||
ClientOptions: options.ClientOptions,
|
||||
DisableInstanceDiscovery: options.DisableInstanceDiscovery,
|
||||
Password: password,
|
||||
Username: username,
|
||||
AdditionallyAllowedTenants: options.AdditionallyAllowedTenants,
|
||||
ClientOptions: options.ClientOptions,
|
||||
DisableInstanceDiscovery: options.DisableInstanceDiscovery,
|
||||
Password: password,
|
||||
Record: options.authenticationRecord,
|
||||
TokenCachePersistenceOptions: options.tokenCachePersistenceOptions,
|
||||
Username: username,
|
||||
}
|
||||
c, err := newPublicClient(tenantID, clientID, credNameUserPassword, opts)
|
||||
if err != nil {
|
||||
|
@ -58,9 +69,22 @@ func NewUsernamePasswordCredential(tenantID string, clientID string, username st
|
|||
return &UsernamePasswordCredential{client: c}, err
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Azure Active Directory. This method is called automatically by Azure SDK clients.
|
||||
// Authenticate the user. Subsequent calls to GetToken will automatically use the returned AuthenticationRecord.
|
||||
func (c *UsernamePasswordCredential) authenticate(ctx context.Context, opts *policy.TokenRequestOptions) (authenticationRecord, error) {
|
||||
var err error
|
||||
ctx, endSpan := runtime.StartSpan(ctx, credNameUserPassword+"."+traceOpAuthenticate, c.client.azClient.Tracer(), nil)
|
||||
defer func() { endSpan(err) }()
|
||||
tk, err := c.client.Authenticate(ctx, opts)
|
||||
return tk, err
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Microsoft Entra ID. This method is called automatically by Azure SDK clients.
|
||||
func (c *UsernamePasswordCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
return c.client.GetToken(ctx, opts)
|
||||
var err error
|
||||
ctx, endSpan := runtime.StartSpan(ctx, credNameUserPassword+"."+traceOpGetToken, c.client.azClient.Tracer(), nil)
|
||||
defer func() { endSpan(err) }()
|
||||
tk, err := c.client.GetToken(ctx, opts)
|
||||
return tk, err
|
||||
}
|
||||
|
||||
var _ azcore.TokenCredential = (*UsernamePasswordCredential)(nil)
|
||||
|
|
5
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/version.go
generated
vendored
5
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/version.go
generated
vendored
|
@ -10,6 +10,9 @@ const (
|
|||
// UserAgent is the string to be used in the user agent string when making requests.
|
||||
component = "azidentity"
|
||||
|
||||
// module is the fully qualified name of the module used in telemetry and distributed tracing.
|
||||
module = "github.com/Azure/azure-sdk-for-go/sdk/" + component
|
||||
|
||||
// Version is the semantic version (see http://semver.org) of this module.
|
||||
version = "v1.4.0"
|
||||
version = "v1.5.1"
|
||||
)
|
||||
|
|
11
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/workload_identity.go
generated
vendored
11
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/workload_identity.go
generated
vendored
|
@ -15,6 +15,7 @@ import (
|
|||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
)
|
||||
|
||||
const credNameWorkloadIdentity = "WorkloadIdentityCredential"
|
||||
|
@ -41,7 +42,7 @@ type WorkloadIdentityCredentialOptions struct {
|
|||
// ClientID of the service principal. Defaults to the value of the environment variable AZURE_CLIENT_ID.
|
||||
ClientID string
|
||||
// DisableInstanceDiscovery should be set true only by applications authenticating in disconnected clouds, or
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Azure AD instance metadata
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Microsoft Entra instance metadata
|
||||
// from https://login.microsoft.com before authenticating. Setting this to true will skip this request, making
|
||||
// the application responsible for ensuring the configured authority is valid and trustworthy.
|
||||
DisableInstanceDiscovery bool
|
||||
|
@ -93,9 +94,13 @@ func NewWorkloadIdentityCredential(options *WorkloadIdentityCredentialOptions) (
|
|||
return &w, nil
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Azure Active Directory. Azure SDK clients call this method automatically.
|
||||
// GetToken requests an access token from Microsoft Entra ID. Azure SDK clients call this method automatically.
|
||||
func (w *WorkloadIdentityCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
return w.cred.GetToken(ctx, opts)
|
||||
var err error
|
||||
ctx, endSpan := runtime.StartSpan(ctx, credNameWorkloadIdentity+"."+traceOpGetToken, w.cred.client.azClient.Tracer(), nil)
|
||||
defer func() { endSpan(err) }()
|
||||
tk, err := w.cred.GetToken(ctx, opts)
|
||||
return tk, err
|
||||
}
|
||||
|
||||
// getAssertion returns the specified file's content, which is expected to be a Kubernetes service account token.
|
||||
|
|
9
vendor/github.com/aws/aws-sdk-go-v2/config/CHANGELOG.md
generated
vendored
9
vendor/github.com/aws/aws-sdk-go-v2/config/CHANGELOG.md
generated
vendored
|
@ -1,3 +1,12 @@
|
|||
# v1.26.6 (2024-01-22)
|
||||
|
||||
* **Bug Fix**: Remove invalid escaping of shared config values. All values in the shared config file will now be interpreted literally, save for fully-quoted strings which are unwrapped for legacy reasons.
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.26.5 (2024-01-18)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.26.4 (2024-01-16)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
|
2
vendor/github.com/aws/aws-sdk-go-v2/config/go_module_metadata.go
generated
vendored
2
vendor/github.com/aws/aws-sdk-go-v2/config/go_module_metadata.go
generated
vendored
|
@ -3,4 +3,4 @@
|
|||
package config
|
||||
|
||||
// goModuleVersion is the tagged release for this module
|
||||
const goModuleVersion = "1.26.4"
|
||||
const goModuleVersion = "1.26.6"
|
||||
|
|
4
vendor/github.com/aws/aws-sdk-go-v2/credentials/CHANGELOG.md
generated
vendored
4
vendor/github.com/aws/aws-sdk-go-v2/credentials/CHANGELOG.md
generated
vendored
|
@ -1,3 +1,7 @@
|
|||
# v1.16.16 (2024-01-18)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.16.15 (2024-01-16)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
|
2
vendor/github.com/aws/aws-sdk-go-v2/credentials/go_module_metadata.go
generated
vendored
2
vendor/github.com/aws/aws-sdk-go-v2/credentials/go_module_metadata.go
generated
vendored
|
@ -3,4 +3,4 @@
|
|||
package credentials
|
||||
|
||||
// goModuleVersion is the tagged release for this module
|
||||
const goModuleVersion = "1.16.15"
|
||||
const goModuleVersion = "1.16.16"
|
||||
|
|
12
vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/CHANGELOG.md
generated
vendored
12
vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/CHANGELOG.md
generated
vendored
|
@ -1,3 +1,15 @@
|
|||
# v1.15.15 (2024-01-24)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.15.14 (2024-01-22)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.15.13 (2024-01-18)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
||||
# v1.15.12 (2024-01-16)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
|
2
vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/go_module_metadata.go
generated
vendored
2
vendor/github.com/aws/aws-sdk-go-v2/feature/s3/manager/go_module_metadata.go
generated
vendored
|
@ -3,4 +3,4 @@
|
|||
package manager
|
||||
|
||||
// goModuleVersion is the tagged release for this module
|
||||
const goModuleVersion = "1.15.12"
|
||||
const goModuleVersion = "1.15.15"
|
||||
|
|
4
vendor/github.com/aws/aws-sdk-go-v2/internal/ini/CHANGELOG.md
generated
vendored
4
vendor/github.com/aws/aws-sdk-go-v2/internal/ini/CHANGELOG.md
generated
vendored
|
@ -1,3 +1,7 @@
|
|||
# v1.7.3 (2024-01-22)
|
||||
|
||||
* **Bug Fix**: Remove invalid escaping of shared config values. All values in the shared config file will now be interpreted literally, save for fully-quoted strings which are unwrapped for legacy reasons.
|
||||
|
||||
# v1.7.2 (2023-12-08)
|
||||
|
||||
* **Bug Fix**: Correct loading of [services *] sections into shared config.
|
||||
|
|
2
vendor/github.com/aws/aws-sdk-go-v2/internal/ini/go_module_metadata.go
generated
vendored
2
vendor/github.com/aws/aws-sdk-go-v2/internal/ini/go_module_metadata.go
generated
vendored
|
@ -3,4 +3,4 @@
|
|||
package ini
|
||||
|
||||
// goModuleVersion is the tagged release for this module
|
||||
const goModuleVersion = "1.7.2"
|
||||
const goModuleVersion = "1.7.3"
|
||||
|
|
4
vendor/github.com/aws/aws-sdk-go-v2/internal/ini/strings.go
generated
vendored
4
vendor/github.com/aws/aws-sdk-go-v2/internal/ini/strings.go
generated
vendored
|
@ -67,12 +67,8 @@ func unquote(s string) string {
|
|||
|
||||
// applies various legacy conversions to property values:
|
||||
// - remote wrapping single/doublequotes
|
||||
// - expand escaped quote and newline sequences
|
||||
func legacyStrconv(s string) string {
|
||||
s = unquote(s)
|
||||
s = strings.ReplaceAll(s, `\"`, `"`)
|
||||
s = strings.ReplaceAll(s, `\'`, `'`)
|
||||
s = strings.ReplaceAll(s, `\n`, "\n")
|
||||
return s
|
||||
}
|
||||
|
||||
|
|
4
vendor/github.com/aws/aws-sdk-go-v2/service/s3/CHANGELOG.md
generated
vendored
4
vendor/github.com/aws/aws-sdk-go-v2/service/s3/CHANGELOG.md
generated
vendored
|
@ -1,3 +1,7 @@
|
|||
# v1.48.1 (2024-01-24)
|
||||
|
||||
* No change notes available for this release.
|
||||
|
||||
# v1.48.0 (2024-01-05)
|
||||
|
||||
* **Feature**: Support smithy sigv4a trait for codegen.
|
||||
|
|
36
vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_client.go
generated
vendored
36
vendor/github.com/aws/aws-sdk-go-v2/service/s3/api_client.go
generated
vendored
|
@ -56,10 +56,10 @@ func New(options Options, optFns ...func(*Options)) *Client {
|
|||
|
||||
resolveHTTPSignerV4(&options)
|
||||
|
||||
resolveHTTPSignerV4a(&options)
|
||||
|
||||
resolveEndpointResolverV2(&options)
|
||||
|
||||
resolveHTTPSignerV4a(&options)
|
||||
|
||||
resolveAuthSchemeResolver(&options)
|
||||
|
||||
for _, fn := range optFns {
|
||||
|
@ -68,8 +68,6 @@ func New(options Options, optFns ...func(*Options)) *Client {
|
|||
|
||||
finalizeRetryMaxAttempts(&options)
|
||||
|
||||
resolveCredentialProvider(&options)
|
||||
|
||||
ignoreAnonymousAuth(&options)
|
||||
|
||||
resolveExpressCredentials(&options)
|
||||
|
@ -111,8 +109,6 @@ func (c *Client) invokeOperation(ctx context.Context, opID string, params interf
|
|||
|
||||
finalizeClientEndpointResolverOptions(&options)
|
||||
|
||||
resolveCredentialProvider(&options)
|
||||
|
||||
finalizeOperationExpressCredentials(&options, *c)
|
||||
|
||||
finalizeOperationEndpointAuthResolver(&options)
|
||||
|
@ -496,33 +492,6 @@ func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func resolveCredentialProvider(o *Options) {
|
||||
if o.Credentials == nil {
|
||||
return
|
||||
}
|
||||
|
||||
if _, ok := o.Credentials.(v4a.CredentialsProvider); ok {
|
||||
return
|
||||
}
|
||||
|
||||
if aws.IsCredentialsProvider(o.Credentials, (*aws.AnonymousCredentials)(nil)) {
|
||||
return
|
||||
}
|
||||
|
||||
o.Credentials = &v4a.SymmetricCredentialAdaptor{SymmetricProvider: o.Credentials}
|
||||
}
|
||||
|
||||
func swapWithCustomHTTPSignerMiddleware(stack *middleware.Stack, o Options) error {
|
||||
mw := s3cust.NewSignHTTPRequestMiddleware(s3cust.SignHTTPRequestMiddlewareOptions{
|
||||
CredentialsProvider: o.Credentials,
|
||||
V4Signer: o.HTTPSignerV4,
|
||||
V4aSigner: o.httpSignerV4a,
|
||||
LogSigning: o.ClientLogMode.IsSigning(),
|
||||
})
|
||||
|
||||
return s3cust.RegisterSigningMiddleware(stack, mw)
|
||||
}
|
||||
|
||||
type httpSignerV4a interface {
|
||||
SignHTTP(ctx context.Context, credentials v4a.Credentials, r *http.Request, payloadHash,
|
||||
service string, regionSet []string, signingTime time.Time,
|
||||
|
@ -540,7 +509,6 @@ func newDefaultV4aSigner(o Options) *v4a.Signer {
|
|||
return v4a.NewSigner(func(so *v4a.SignerOptions) {
|
||||
so.Logger = o.Logger
|
||||
so.LogSigning = o.ClientLogMode.IsSigning()
|
||||
so.DisableURIPathEscaping = true
|
||||
})
|
||||
}
|
||||
|
||||
|
|
2
vendor/github.com/aws/aws-sdk-go-v2/service/s3/go_module_metadata.go
generated
vendored
2
vendor/github.com/aws/aws-sdk-go-v2/service/s3/go_module_metadata.go
generated
vendored
|
@ -3,4 +3,4 @@
|
|||
package s3
|
||||
|
||||
// goModuleVersion is the tagged release for this module
|
||||
const goModuleVersion = "1.48.0"
|
||||
const goModuleVersion = "1.48.1"
|
||||
|
|
13
vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/signer_wrapper.go
generated
vendored
13
vendor/github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations/signer_wrapper.go
generated
vendored
|
@ -182,15 +182,12 @@ func (p *PresignHTTPRequestMiddleware) HandleFinalize(
|
|||
|
||||
switch signerVersion {
|
||||
case "aws.auth#sigv4a":
|
||||
v4aCredentialProvider, ok := p.credentialsProvider.(v4a.CredentialsProvider)
|
||||
if !ok {
|
||||
return out, metadata, fmt.Errorf("invalid credential-provider provided for sigV4a Signer")
|
||||
}
|
||||
|
||||
mw := v4a.NewPresignHTTPRequestMiddleware(v4a.PresignHTTPRequestMiddlewareOptions{
|
||||
CredentialsProvider: v4aCredentialProvider,
|
||||
Presigner: p.v4aSigner,
|
||||
LogSigning: p.logSigning,
|
||||
CredentialsProvider: &v4a.SymmetricCredentialAdaptor{
|
||||
SymmetricProvider: p.credentialsProvider,
|
||||
},
|
||||
Presigner: p.v4aSigner,
|
||||
LogSigning: p.logSigning,
|
||||
})
|
||||
return mw.HandleFinalize(ctx, in, next)
|
||||
case "aws.auth#sigv4":
|
||||
|
|
4
vendor/github.com/aws/aws-sdk-go-v2/service/sso/CHANGELOG.md
generated
vendored
4
vendor/github.com/aws/aws-sdk-go-v2/service/sso/CHANGELOG.md
generated
vendored
|
@ -1,3 +1,7 @@
|
|||
# v1.18.7 (2024-01-18)
|
||||
|
||||
* No change notes available for this release.
|
||||
|
||||
# v1.18.6 (2024-01-04)
|
||||
|
||||
* **Dependency Update**: Updated to the latest SDK module versions
|
||||
|
|
2
vendor/github.com/aws/aws-sdk-go-v2/service/sso/go_module_metadata.go
generated
vendored
2
vendor/github.com/aws/aws-sdk-go-v2/service/sso/go_module_metadata.go
generated
vendored
|
@ -3,4 +3,4 @@
|
|||
package sso
|
||||
|
||||
// goModuleVersion is the tagged release for this module
|
||||
const goModuleVersion = "1.18.6"
|
||||
const goModuleVersion = "1.18.7"
|
||||
|
|
8
vendor/github.com/aws/aws-sdk-go-v2/service/sso/internal/endpoints/endpoints.go
generated
vendored
8
vendor/github.com/aws/aws-sdk-go-v2/service/sso/internal/endpoints/endpoints.go
generated
vendored
|
@ -283,6 +283,14 @@ var defaultPartitions = endpoints.Partitions{
|
|||
Region: "il-central-1",
|
||||
},
|
||||
},
|
||||
endpoints.EndpointKey{
|
||||
Region: "me-central-1",
|
||||
}: endpoints.Endpoint{
|
||||
Hostname: "portal.sso.me-central-1.amazonaws.com",
|
||||
CredentialScope: endpoints.CredentialScope{
|
||||
Region: "me-central-1",
|
||||
},
|
||||
},
|
||||
endpoints.EndpointKey{
|
||||
Region: "me-south-1",
|
||||
}: endpoints.Endpoint{
|
||||
|
|
63
vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go
generated
vendored
63
vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go
generated
vendored
|
@ -3450,6 +3450,9 @@ var awsPartition = partition{
|
|||
endpointKey{
|
||||
Region: "ap-southeast-3",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ap-southeast-4",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ca-central-1",
|
||||
}: endpoint{},
|
||||
|
@ -3477,6 +3480,9 @@ var awsPartition = partition{
|
|||
endpointKey{
|
||||
Region: "eu-west-3",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "il-central-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "me-central-1",
|
||||
}: endpoint{},
|
||||
|
@ -22901,6 +22907,14 @@ var awsPartition = partition{
|
|||
Region: "il-central-1",
|
||||
},
|
||||
},
|
||||
endpointKey{
|
||||
Region: "me-central-1",
|
||||
}: endpoint{
|
||||
Hostname: "portal.sso.me-central-1.amazonaws.com",
|
||||
CredentialScope: credentialScope{
|
||||
Region: "me-central-1",
|
||||
},
|
||||
},
|
||||
endpointKey{
|
||||
Region: "me-south-1",
|
||||
}: endpoint{
|
||||
|
@ -29084,6 +29098,9 @@ var awsPartition = partition{
|
|||
},
|
||||
Deprecated: boxedTrue,
|
||||
},
|
||||
endpointKey{
|
||||
Region: "il-central-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "us-east-1",
|
||||
}: endpoint{},
|
||||
|
@ -30366,6 +30383,9 @@ var awsPartition = partition{
|
|||
endpointKey{
|
||||
Region: "il-central-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "me-central-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "me-south-1",
|
||||
}: endpoint{},
|
||||
|
@ -33990,9 +34010,18 @@ var awsPartition = partition{
|
|||
endpointKey{
|
||||
Region: "ap-northeast-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ap-northeast-2",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ap-southeast-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ap-southeast-2",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ca-central-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "eu-central-1",
|
||||
}: endpoint{},
|
||||
|
@ -34014,9 +34043,18 @@ var awsPartition = partition{
|
|||
endpointKey{
|
||||
Region: "ui-ap-northeast-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ui-ap-northeast-2",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ui-ap-southeast-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ui-ap-southeast-2",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ui-ca-central-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ui-eu-central-1",
|
||||
}: endpoint{},
|
||||
|
@ -35850,6 +35888,13 @@ var awscnPartition = partition{
|
|||
},
|
||||
},
|
||||
},
|
||||
"quicksight": service{
|
||||
Endpoints: serviceEndpoints{
|
||||
endpointKey{
|
||||
Region: "cn-north-1",
|
||||
}: endpoint{},
|
||||
},
|
||||
},
|
||||
"ram": service{
|
||||
Endpoints: serviceEndpoints{
|
||||
endpointKey{
|
||||
|
@ -43393,6 +43438,15 @@ var awsisoPartition = partition{
|
|||
},
|
||||
"datasync": service{
|
||||
Endpoints: serviceEndpoints{
|
||||
endpointKey{
|
||||
Region: "fips-us-iso-east-1",
|
||||
}: endpoint{
|
||||
Hostname: "datasync-fips.us-iso-east-1.c2s.ic.gov",
|
||||
CredentialScope: credentialScope{
|
||||
Region: "us-iso-east-1",
|
||||
},
|
||||
Deprecated: boxedTrue,
|
||||
},
|
||||
endpointKey{
|
||||
Region: "fips-us-iso-west-1",
|
||||
}: endpoint{
|
||||
|
@ -43402,6 +43456,15 @@ var awsisoPartition = partition{
|
|||
},
|
||||
Deprecated: boxedTrue,
|
||||
},
|
||||
endpointKey{
|
||||
Region: "us-iso-east-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "us-iso-east-1",
|
||||
Variant: fipsVariant,
|
||||
}: endpoint{
|
||||
Hostname: "datasync-fips.us-iso-east-1.c2s.ic.gov",
|
||||
},
|
||||
endpointKey{
|
||||
Region: "us-iso-west-1",
|
||||
}: endpoint{},
|
||||
|
|
2
vendor/github.com/aws/aws-sdk-go/aws/version.go
generated
vendored
2
vendor/github.com/aws/aws-sdk-go/aws/version.go
generated
vendored
|
@ -5,4 +5,4 @@ package aws
|
|||
const SDKName = "aws-sdk-go"
|
||||
|
||||
// SDKVersion is the version of this SDK
|
||||
const SDKVersion = "1.49.22"
|
||||
const SDKVersion = "1.50.8"
|
||||
|
|
3
vendor/github.com/cheggaaa/pb/v3/termutil/term_win.go
generated
vendored
3
vendor/github.com/cheggaaa/pb/v3/termutil/term_win.go
generated
vendored
|
@ -138,9 +138,8 @@ func lockEcho() (err error) {
|
|||
}
|
||||
|
||||
newState := oldState
|
||||
const ENABLE_ECHO_INPUT = 0x0004
|
||||
const ENABLE_LINE_INPUT = 0x0002
|
||||
newState = newState & (^(ENABLE_LINE_INPUT | ENABLE_ECHO_INPUT))
|
||||
newState = newState & (^ENABLE_LINE_INPUT)
|
||||
if _, _, e := syscall.Syscall(setConsoleMode.Addr(), 2, uintptr(syscall.Stdout), uintptr(newState), 0); e != 0 {
|
||||
err = fmt.Errorf("Can't set terminal settings: %v", e)
|
||||
return
|
||||
|
|
13
vendor/github.com/google/uuid/CHANGELOG.md
generated
vendored
13
vendor/github.com/google/uuid/CHANGELOG.md
generated
vendored
|
@ -1,5 +1,18 @@
|
|||
# Changelog
|
||||
|
||||
## [1.6.0](https://github.com/google/uuid/compare/v1.5.0...v1.6.0) (2024-01-16)
|
||||
|
||||
|
||||
### Features
|
||||
|
||||
* add Max UUID constant ([#149](https://github.com/google/uuid/issues/149)) ([c58770e](https://github.com/google/uuid/commit/c58770eb495f55fe2ced6284f93c5158a62e53e3))
|
||||
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* fix typo in version 7 uuid documentation ([#153](https://github.com/google/uuid/issues/153)) ([016b199](https://github.com/google/uuid/commit/016b199544692f745ffc8867b914129ecb47ef06))
|
||||
* Monotonicity in UUIDv7 ([#150](https://github.com/google/uuid/issues/150)) ([a2b2b32](https://github.com/google/uuid/commit/a2b2b32373ff0b1a312b7fdf6d38a977099698a6))
|
||||
|
||||
## [1.5.0](https://github.com/google/uuid/compare/v1.4.0...v1.5.0) (2023-12-12)
|
||||
|
||||
|
||||
|
|
6
vendor/github.com/google/uuid/hash.go
generated
vendored
6
vendor/github.com/google/uuid/hash.go
generated
vendored
|
@ -17,6 +17,12 @@ var (
|
|||
NameSpaceOID = Must(Parse("6ba7b812-9dad-11d1-80b4-00c04fd430c8"))
|
||||
NameSpaceX500 = Must(Parse("6ba7b814-9dad-11d1-80b4-00c04fd430c8"))
|
||||
Nil UUID // empty UUID, all zeros
|
||||
|
||||
// The Max UUID is special form of UUID that is specified to have all 128 bits set to 1.
|
||||
Max = UUID{
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
|
||||
}
|
||||
)
|
||||
|
||||
// NewHash returns a new UUID derived from the hash of space concatenated with
|
||||
|
|
39
vendor/github.com/google/uuid/version7.go
generated
vendored
39
vendor/github.com/google/uuid/version7.go
generated
vendored
|
@ -44,7 +44,7 @@ func NewV7FromReader(r io.Reader) (UUID, error) {
|
|||
|
||||
// makeV7 fill 48 bits time (uuid[0] - uuid[5]), set version b0111 (uuid[6])
|
||||
// uuid[8] already has the right version number (Variant is 10)
|
||||
// see function NewV7 and NewV7FromReader
|
||||
// see function NewV7 and NewV7FromReader
|
||||
func makeV7(uuid []byte) {
|
||||
/*
|
||||
0 1 2 3
|
||||
|
@ -52,7 +52,7 @@ func makeV7(uuid []byte) {
|
|||
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||
| unix_ts_ms |
|
||||
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||
| unix_ts_ms | ver | rand_a |
|
||||
| unix_ts_ms | ver | rand_a (12 bit seq) |
|
||||
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||
|var| rand_b |
|
||||
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||
|
@ -61,7 +61,7 @@ func makeV7(uuid []byte) {
|
|||
*/
|
||||
_ = uuid[15] // bounds check
|
||||
|
||||
t := timeNow().UnixMilli()
|
||||
t, s := getV7Time()
|
||||
|
||||
uuid[0] = byte(t >> 40)
|
||||
uuid[1] = byte(t >> 32)
|
||||
|
@ -70,6 +70,35 @@ func makeV7(uuid []byte) {
|
|||
uuid[4] = byte(t >> 8)
|
||||
uuid[5] = byte(t)
|
||||
|
||||
uuid[6] = 0x70 | (uuid[6] & 0x0F)
|
||||
// uuid[8] has already has right version
|
||||
uuid[6] = 0x70 | (0x0F & byte(s>>8))
|
||||
uuid[7] = byte(s)
|
||||
}
|
||||
|
||||
// lastV7time is the last time we returned stored as:
|
||||
//
|
||||
// 52 bits of time in milliseconds since epoch
|
||||
// 12 bits of (fractional nanoseconds) >> 8
|
||||
var lastV7time int64
|
||||
|
||||
const nanoPerMilli = 1000000
|
||||
|
||||
// getV7Time returns the time in milliseconds and nanoseconds / 256.
|
||||
// The returned (milli << 12 + seq) is guarenteed to be greater than
|
||||
// (milli << 12 + seq) returned by any previous call to getV7Time.
|
||||
func getV7Time() (milli, seq int64) {
|
||||
timeMu.Lock()
|
||||
defer timeMu.Unlock()
|
||||
|
||||
nano := timeNow().UnixNano()
|
||||
milli = nano / nanoPerMilli
|
||||
// Sequence number is between 0 and 3906 (nanoPerMilli>>8)
|
||||
seq = (nano - milli*nanoPerMilli) >> 8
|
||||
now := milli<<12 + seq
|
||||
if now <= lastV7time {
|
||||
now = lastV7time + 1
|
||||
milli = now >> 12
|
||||
seq = now & 0xfff
|
||||
}
|
||||
lastV7time = now
|
||||
return milli, seq
|
||||
}
|
||||
|
|
45
vendor/github.com/hashicorp/go-version/CHANGELOG.md
generated
vendored
Normal file
45
vendor/github.com/hashicorp/go-version/CHANGELOG.md
generated
vendored
Normal file
|
@ -0,0 +1,45 @@
|
|||
# 1.6.0 (June 28, 2022)
|
||||
|
||||
FEATURES:
|
||||
|
||||
- Add `Prerelease` function to `Constraint` to return true if the version includes a prerelease field ([#100](https://github.com/hashicorp/go-version/pull/100))
|
||||
|
||||
# 1.5.0 (May 18, 2022)
|
||||
|
||||
FEATURES:
|
||||
|
||||
- Use `encoding` `TextMarshaler` & `TextUnmarshaler` instead of JSON equivalents ([#95](https://github.com/hashicorp/go-version/pull/95))
|
||||
- Add JSON handlers to allow parsing from/to JSON ([#93](https://github.com/hashicorp/go-version/pull/93))
|
||||
|
||||
# 1.4.0 (January 5, 2022)
|
||||
|
||||
FEATURES:
|
||||
|
||||
- Introduce `MustConstraints()` ([#87](https://github.com/hashicorp/go-version/pull/87))
|
||||
- `Constraints`: Introduce `Equals()` and `sort.Interface` methods ([#88](https://github.com/hashicorp/go-version/pull/88))
|
||||
|
||||
# 1.3.0 (March 31, 2021)
|
||||
|
||||
Please note that CHANGELOG.md does not exist in the source code prior to this release.
|
||||
|
||||
FEATURES:
|
||||
- Add `Core` function to return a version without prerelease or metadata ([#85](https://github.com/hashicorp/go-version/pull/85))
|
||||
|
||||
# 1.2.1 (June 17, 2020)
|
||||
|
||||
BUG FIXES:
|
||||
- Prevent `Version.Equal` method from panicking on `nil` encounter ([#73](https://github.com/hashicorp/go-version/pull/73))
|
||||
|
||||
# 1.2.0 (April 23, 2019)
|
||||
|
||||
FEATURES:
|
||||
- Add `GreaterThanOrEqual` and `LessThanOrEqual` helper methods ([#53](https://github.com/hashicorp/go-version/pull/53))
|
||||
|
||||
# 1.1.0 (Jan 07, 2019)
|
||||
|
||||
FEATURES:
|
||||
- Add `NewSemver` constructor ([#45](https://github.com/hashicorp/go-version/pull/45))
|
||||
|
||||
# 1.0.0 (August 24, 2018)
|
||||
|
||||
Initial release.
|
354
vendor/github.com/hashicorp/go-version/LICENSE
generated
vendored
Normal file
354
vendor/github.com/hashicorp/go-version/LICENSE
generated
vendored
Normal file
|
@ -0,0 +1,354 @@
|
|||
Mozilla Public License, version 2.0
|
||||
|
||||
1. Definitions
|
||||
|
||||
1.1. “Contributor”
|
||||
|
||||
means each individual or legal entity that creates, contributes to the
|
||||
creation of, or owns Covered Software.
|
||||
|
||||
1.2. “Contributor Version”
|
||||
|
||||
means the combination of the Contributions of others (if any) used by a
|
||||
Contributor and that particular Contributor’s Contribution.
|
||||
|
||||
1.3. “Contribution”
|
||||
|
||||
means Covered Software of a particular Contributor.
|
||||
|
||||
1.4. “Covered Software”
|
||||
|
||||
means Source Code Form to which the initial Contributor has attached the
|
||||
notice in Exhibit A, the Executable Form of such Source Code Form, and
|
||||
Modifications of such Source Code Form, in each case including portions
|
||||
thereof.
|
||||
|
||||
1.5. “Incompatible With Secondary Licenses”
|
||||
means
|
||||
|
||||
a. that the initial Contributor has attached the notice described in
|
||||
Exhibit B to the Covered Software; or
|
||||
|
||||
b. that the Covered Software was made available under the terms of version
|
||||
1.1 or earlier of the License, but not also under the terms of a
|
||||
Secondary License.
|
||||
|
||||
1.6. “Executable Form”
|
||||
|
||||
means any form of the work other than Source Code Form.
|
||||
|
||||
1.7. “Larger Work”
|
||||
|
||||
means a work that combines Covered Software with other material, in a separate
|
||||
file or files, that is not Covered Software.
|
||||
|
||||
1.8. “License”
|
||||
|
||||
means this document.
|
||||
|
||||
1.9. “Licensable”
|
||||
|
||||
means having the right to grant, to the maximum extent possible, whether at the
|
||||
time of the initial grant or subsequently, any and all of the rights conveyed by
|
||||
this License.
|
||||
|
||||
1.10. “Modifications”
|
||||
|
||||
means any of the following:
|
||||
|
||||
a. any file in Source Code Form that results from an addition to, deletion
|
||||
from, or modification of the contents of Covered Software; or
|
||||
|
||||
b. any new file in Source Code Form that contains any Covered Software.
|
||||
|
||||
1.11. “Patent Claims” of a Contributor
|
||||
|
||||
means any patent claim(s), including without limitation, method, process,
|
||||
and apparatus claims, in any patent Licensable by such Contributor that
|
||||
would be infringed, but for the grant of the License, by the making,
|
||||
using, selling, offering for sale, having made, import, or transfer of
|
||||
either its Contributions or its Contributor Version.
|
||||
|
||||
1.12. “Secondary License”
|
||||
|
||||
means either the GNU General Public License, Version 2.0, the GNU Lesser
|
||||
General Public License, Version 2.1, the GNU Affero General Public
|
||||
License, Version 3.0, or any later versions of those licenses.
|
||||
|
||||
1.13. “Source Code Form”
|
||||
|
||||
means the form of the work preferred for making modifications.
|
||||
|
||||
1.14. “You” (or “Your”)
|
||||
|
||||
means an individual or a legal entity exercising rights under this
|
||||
License. For legal entities, “You” includes any entity that controls, is
|
||||
controlled by, or is under common control with You. For purposes of this
|
||||
definition, “control” means (a) the power, direct or indirect, to cause
|
||||
the direction or management of such entity, whether by contract or
|
||||
otherwise, or (b) ownership of more than fifty percent (50%) of the
|
||||
outstanding shares or beneficial ownership of such entity.
|
||||
|
||||
|
||||
2. License Grants and Conditions
|
||||
|
||||
2.1. Grants
|
||||
|
||||
Each Contributor hereby grants You a world-wide, royalty-free,
|
||||
non-exclusive license:
|
||||
|
||||
a. under intellectual property rights (other than patent or trademark)
|
||||
Licensable by such Contributor to use, reproduce, make available,
|
||||
modify, display, perform, distribute, and otherwise exploit its
|
||||
Contributions, either on an unmodified basis, with Modifications, or as
|
||||
part of a Larger Work; and
|
||||
|
||||
b. under Patent Claims of such Contributor to make, use, sell, offer for
|
||||
sale, have made, import, and otherwise transfer either its Contributions
|
||||
or its Contributor Version.
|
||||
|
||||
2.2. Effective Date
|
||||
|
||||
The licenses granted in Section 2.1 with respect to any Contribution become
|
||||
effective for each Contribution on the date the Contributor first distributes
|
||||
such Contribution.
|
||||
|
||||
2.3. Limitations on Grant Scope
|
||||
|
||||
The licenses granted in this Section 2 are the only rights granted under this
|
||||
License. No additional rights or licenses will be implied from the distribution
|
||||
or licensing of Covered Software under this License. Notwithstanding Section
|
||||
2.1(b) above, no patent license is granted by a Contributor:
|
||||
|
||||
a. for any code that a Contributor has removed from Covered Software; or
|
||||
|
||||
b. for infringements caused by: (i) Your and any other third party’s
|
||||
modifications of Covered Software, or (ii) the combination of its
|
||||
Contributions with other software (except as part of its Contributor
|
||||
Version); or
|
||||
|
||||
c. under Patent Claims infringed by Covered Software in the absence of its
|
||||
Contributions.
|
||||
|
||||
This License does not grant any rights in the trademarks, service marks, or
|
||||
logos of any Contributor (except as may be necessary to comply with the
|
||||
notice requirements in Section 3.4).
|
||||
|
||||
2.4. Subsequent Licenses
|
||||
|
||||
No Contributor makes additional grants as a result of Your choice to
|
||||
distribute the Covered Software under a subsequent version of this License
|
||||
(see Section 10.2) or under the terms of a Secondary License (if permitted
|
||||
under the terms of Section 3.3).
|
||||
|
||||
2.5. Representation
|
||||
|
||||
Each Contributor represents that the Contributor believes its Contributions
|
||||
are its original creation(s) or it has sufficient rights to grant the
|
||||
rights to its Contributions conveyed by this License.
|
||||
|
||||
2.6. Fair Use
|
||||
|
||||
This License is not intended to limit any rights You have under applicable
|
||||
copyright doctrines of fair use, fair dealing, or other equivalents.
|
||||
|
||||
2.7. Conditions
|
||||
|
||||
Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in
|
||||
Section 2.1.
|
||||
|
||||
|
||||
3. Responsibilities
|
||||
|
||||
3.1. Distribution of Source Form
|
||||
|
||||
All distribution of Covered Software in Source Code Form, including any
|
||||
Modifications that You create or to which You contribute, must be under the
|
||||
terms of this License. You must inform recipients that the Source Code Form
|
||||
of the Covered Software is governed by the terms of this License, and how
|
||||
they can obtain a copy of this License. You may not attempt to alter or
|
||||
restrict the recipients’ rights in the Source Code Form.
|
||||
|
||||
3.2. Distribution of Executable Form
|
||||
|
||||
If You distribute Covered Software in Executable Form then:
|
||||
|
||||
a. such Covered Software must also be made available in Source Code Form,
|
||||
as described in Section 3.1, and You must inform recipients of the
|
||||
Executable Form how they can obtain a copy of such Source Code Form by
|
||||
reasonable means in a timely manner, at a charge no more than the cost
|
||||
of distribution to the recipient; and
|
||||
|
||||
b. You may distribute such Executable Form under the terms of this License,
|
||||
or sublicense it under different terms, provided that the license for
|
||||
the Executable Form does not attempt to limit or alter the recipients’
|
||||
rights in the Source Code Form under this License.
|
||||
|
||||
3.3. Distribution of a Larger Work
|
||||
|
||||
You may create and distribute a Larger Work under terms of Your choice,
|
||||
provided that You also comply with the requirements of this License for the
|
||||
Covered Software. If the Larger Work is a combination of Covered Software
|
||||
with a work governed by one or more Secondary Licenses, and the Covered
|
||||
Software is not Incompatible With Secondary Licenses, this License permits
|
||||
You to additionally distribute such Covered Software under the terms of
|
||||
such Secondary License(s), so that the recipient of the Larger Work may, at
|
||||
their option, further distribute the Covered Software under the terms of
|
||||
either this License or such Secondary License(s).
|
||||
|
||||
3.4. Notices
|
||||
|
||||
You may not remove or alter the substance of any license notices (including
|
||||
copyright notices, patent notices, disclaimers of warranty, or limitations
|
||||
of liability) contained within the Source Code Form of the Covered
|
||||
Software, except that You may alter any license notices to the extent
|
||||
required to remedy known factual inaccuracies.
|
||||
|
||||
3.5. Application of Additional Terms
|
||||
|
||||
You may choose to offer, and to charge a fee for, warranty, support,
|
||||
indemnity or liability obligations to one or more recipients of Covered
|
||||
Software. However, You may do so only on Your own behalf, and not on behalf
|
||||
of any Contributor. You must make it absolutely clear that any such
|
||||
warranty, support, indemnity, or liability obligation is offered by You
|
||||
alone, and You hereby agree to indemnify every Contributor for any
|
||||
liability incurred by such Contributor as a result of warranty, support,
|
||||
indemnity or liability terms You offer. You may include additional
|
||||
disclaimers of warranty and limitations of liability specific to any
|
||||
jurisdiction.
|
||||
|
||||
4. Inability to Comply Due to Statute or Regulation
|
||||
|
||||
If it is impossible for You to comply with any of the terms of this License
|
||||
with respect to some or all of the Covered Software due to statute, judicial
|
||||
order, or regulation then You must: (a) comply with the terms of this License
|
||||
to the maximum extent possible; and (b) describe the limitations and the code
|
||||
they affect. Such description must be placed in a text file included with all
|
||||
distributions of the Covered Software under this License. Except to the
|
||||
extent prohibited by statute or regulation, such description must be
|
||||
sufficiently detailed for a recipient of ordinary skill to be able to
|
||||
understand it.
|
||||
|
||||
5. Termination
|
||||
|
||||
5.1. The rights granted under this License will terminate automatically if You
|
||||
fail to comply with any of its terms. However, if You become compliant,
|
||||
then the rights granted under this License from a particular Contributor
|
||||
are reinstated (a) provisionally, unless and until such Contributor
|
||||
explicitly and finally terminates Your grants, and (b) on an ongoing basis,
|
||||
if such Contributor fails to notify You of the non-compliance by some
|
||||
reasonable means prior to 60 days after You have come back into compliance.
|
||||
Moreover, Your grants from a particular Contributor are reinstated on an
|
||||
ongoing basis if such Contributor notifies You of the non-compliance by
|
||||
some reasonable means, this is the first time You have received notice of
|
||||
non-compliance with this License from such Contributor, and You become
|
||||
compliant prior to 30 days after Your receipt of the notice.
|
||||
|
||||
5.2. If You initiate litigation against any entity by asserting a patent
|
||||
infringement claim (excluding declaratory judgment actions, counter-claims,
|
||||
and cross-claims) alleging that a Contributor Version directly or
|
||||
indirectly infringes any patent, then the rights granted to You by any and
|
||||
all Contributors for the Covered Software under Section 2.1 of this License
|
||||
shall terminate.
|
||||
|
||||
5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user
|
||||
license agreements (excluding distributors and resellers) which have been
|
||||
validly granted by You or Your distributors under this License prior to
|
||||
termination shall survive termination.
|
||||
|
||||
6. Disclaimer of Warranty
|
||||
|
||||
Covered Software is provided under this License on an “as is” basis, without
|
||||
warranty of any kind, either expressed, implied, or statutory, including,
|
||||
without limitation, warranties that the Covered Software is free of defects,
|
||||
merchantable, fit for a particular purpose or non-infringing. The entire
|
||||
risk as to the quality and performance of the Covered Software is with You.
|
||||
Should any Covered Software prove defective in any respect, You (not any
|
||||
Contributor) assume the cost of any necessary servicing, repair, or
|
||||
correction. This disclaimer of warranty constitutes an essential part of this
|
||||
License. No use of any Covered Software is authorized under this License
|
||||
except under this disclaimer.
|
||||
|
||||
7. Limitation of Liability
|
||||
|
||||
Under no circumstances and under no legal theory, whether tort (including
|
||||
negligence), contract, or otherwise, shall any Contributor, or anyone who
|
||||
distributes Covered Software as permitted above, be liable to You for any
|
||||
direct, indirect, special, incidental, or consequential damages of any
|
||||
character including, without limitation, damages for lost profits, loss of
|
||||
goodwill, work stoppage, computer failure or malfunction, or any and all
|
||||
other commercial damages or losses, even if such party shall have been
|
||||
informed of the possibility of such damages. This limitation of liability
|
||||
shall not apply to liability for death or personal injury resulting from such
|
||||
party’s negligence to the extent applicable law prohibits such limitation.
|
||||
Some jurisdictions do not allow the exclusion or limitation of incidental or
|
||||
consequential damages, so this exclusion and limitation may not apply to You.
|
||||
|
||||
8. Litigation
|
||||
|
||||
Any litigation relating to this License may be brought only in the courts of
|
||||
a jurisdiction where the defendant maintains its principal place of business
|
||||
and such litigation shall be governed by laws of that jurisdiction, without
|
||||
reference to its conflict-of-law provisions. Nothing in this Section shall
|
||||
prevent a party’s ability to bring cross-claims or counter-claims.
|
||||
|
||||
9. Miscellaneous
|
||||
|
||||
This License represents the complete agreement concerning the subject matter
|
||||
hereof. If any provision of this License is held to be unenforceable, such
|
||||
provision shall be reformed only to the extent necessary to make it
|
||||
enforceable. Any law or regulation which provides that the language of a
|
||||
contract shall be construed against the drafter shall not be used to construe
|
||||
this License against a Contributor.
|
||||
|
||||
|
||||
10. Versions of the License
|
||||
|
||||
10.1. New Versions
|
||||
|
||||
Mozilla Foundation is the license steward. Except as provided in Section
|
||||
10.3, no one other than the license steward has the right to modify or
|
||||
publish new versions of this License. Each version will be given a
|
||||
distinguishing version number.
|
||||
|
||||
10.2. Effect of New Versions
|
||||
|
||||
You may distribute the Covered Software under the terms of the version of
|
||||
the License under which You originally received the Covered Software, or
|
||||
under the terms of any subsequent version published by the license
|
||||
steward.
|
||||
|
||||
10.3. Modified Versions
|
||||
|
||||
If you create software not governed by this License, and you want to
|
||||
create a new license for such software, you may create and use a modified
|
||||
version of this License if you rename the license and remove any
|
||||
references to the name of the license steward (except to note that such
|
||||
modified license differs from this License).
|
||||
|
||||
10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses
|
||||
If You choose to distribute Source Code Form that is Incompatible With
|
||||
Secondary Licenses under the terms of this version of the License, the
|
||||
notice described in Exhibit B of this License must be attached.
|
||||
|
||||
Exhibit A - Source Code Form License Notice
|
||||
|
||||
This Source Code Form is subject to the
|
||||
terms of the Mozilla Public License, v.
|
||||
2.0. If a copy of the MPL was not
|
||||
distributed with this file, You can
|
||||
obtain one at
|
||||
http://mozilla.org/MPL/2.0/.
|
||||
|
||||
If it is not possible or desirable to put the notice in a particular file, then
|
||||
You may include the notice in a location (such as a LICENSE file in a relevant
|
||||
directory) where a recipient would be likely to look for such a notice.
|
||||
|
||||
You may add additional accurate notices of copyright ownership.
|
||||
|
||||
Exhibit B - “Incompatible With Secondary Licenses” Notice
|
||||
|
||||
This Source Code Form is “Incompatible
|
||||
With Secondary Licenses”, as defined by
|
||||
the Mozilla Public License, v. 2.0.
|
||||
|
66
vendor/github.com/hashicorp/go-version/README.md
generated
vendored
Normal file
66
vendor/github.com/hashicorp/go-version/README.md
generated
vendored
Normal file
|
@ -0,0 +1,66 @@
|
|||
# Versioning Library for Go
|
||||
[![Build Status](https://circleci.com/gh/hashicorp/go-version/tree/main.svg?style=svg)](https://circleci.com/gh/hashicorp/go-version/tree/main)
|
||||
[![GoDoc](https://godoc.org/github.com/hashicorp/go-version?status.svg)](https://godoc.org/github.com/hashicorp/go-version)
|
||||
|
||||
go-version is a library for parsing versions and version constraints,
|
||||
and verifying versions against a set of constraints. go-version
|
||||
can sort a collection of versions properly, handles prerelease/beta
|
||||
versions, can increment versions, etc.
|
||||
|
||||
Versions used with go-version must follow [SemVer](http://semver.org/).
|
||||
|
||||
## Installation and Usage
|
||||
|
||||
Package documentation can be found on
|
||||
[GoDoc](http://godoc.org/github.com/hashicorp/go-version).
|
||||
|
||||
Installation can be done with a normal `go get`:
|
||||
|
||||
```
|
||||
$ go get github.com/hashicorp/go-version
|
||||
```
|
||||
|
||||
#### Version Parsing and Comparison
|
||||
|
||||
```go
|
||||
v1, err := version.NewVersion("1.2")
|
||||
v2, err := version.NewVersion("1.5+metadata")
|
||||
|
||||
// Comparison example. There is also GreaterThan, Equal, and just
|
||||
// a simple Compare that returns an int allowing easy >=, <=, etc.
|
||||
if v1.LessThan(v2) {
|
||||
fmt.Printf("%s is less than %s", v1, v2)
|
||||
}
|
||||
```
|
||||
|
||||
#### Version Constraints
|
||||
|
||||
```go
|
||||
v1, err := version.NewVersion("1.2")
|
||||
|
||||
// Constraints example.
|
||||
constraints, err := version.NewConstraint(">= 1.0, < 1.4")
|
||||
if constraints.Check(v1) {
|
||||
fmt.Printf("%s satisfies constraints %s", v1, constraints)
|
||||
}
|
||||
```
|
||||
|
||||
#### Version Sorting
|
||||
|
||||
```go
|
||||
versionsRaw := []string{"1.1", "0.7.1", "1.4-beta", "1.4", "2"}
|
||||
versions := make([]*version.Version, len(versionsRaw))
|
||||
for i, raw := range versionsRaw {
|
||||
v, _ := version.NewVersion(raw)
|
||||
versions[i] = v
|
||||
}
|
||||
|
||||
// After this, the versions are properly sorted
|
||||
sort.Sort(version.Collection(versions))
|
||||
```
|
||||
|
||||
## Issues and Contributing
|
||||
|
||||
If you find an issue with this library, please report an issue. If you'd
|
||||
like, we welcome any contributions. Fork this library and submit a pull
|
||||
request.
|
296
vendor/github.com/hashicorp/go-version/constraint.go
generated
vendored
Normal file
296
vendor/github.com/hashicorp/go-version/constraint.go
generated
vendored
Normal file
|
@ -0,0 +1,296 @@
|
|||
package version
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"reflect"
|
||||
"regexp"
|
||||
"sort"
|
||||
"strings"
|
||||
)
|
||||
|
||||
// Constraint represents a single constraint for a version, such as
|
||||
// ">= 1.0".
|
||||
type Constraint struct {
|
||||
f constraintFunc
|
||||
op operator
|
||||
check *Version
|
||||
original string
|
||||
}
|
||||
|
||||
func (c *Constraint) Equals(con *Constraint) bool {
|
||||
return c.op == con.op && c.check.Equal(con.check)
|
||||
}
|
||||
|
||||
// Constraints is a slice of constraints. We make a custom type so that
|
||||
// we can add methods to it.
|
||||
type Constraints []*Constraint
|
||||
|
||||
type constraintFunc func(v, c *Version) bool
|
||||
|
||||
var constraintOperators map[string]constraintOperation
|
||||
|
||||
type constraintOperation struct {
|
||||
op operator
|
||||
f constraintFunc
|
||||
}
|
||||
|
||||
var constraintRegexp *regexp.Regexp
|
||||
|
||||
func init() {
|
||||
constraintOperators = map[string]constraintOperation{
|
||||
"": {op: equal, f: constraintEqual},
|
||||
"=": {op: equal, f: constraintEqual},
|
||||
"!=": {op: notEqual, f: constraintNotEqual},
|
||||
">": {op: greaterThan, f: constraintGreaterThan},
|
||||
"<": {op: lessThan, f: constraintLessThan},
|
||||
">=": {op: greaterThanEqual, f: constraintGreaterThanEqual},
|
||||
"<=": {op: lessThanEqual, f: constraintLessThanEqual},
|
||||
"~>": {op: pessimistic, f: constraintPessimistic},
|
||||
}
|
||||
|
||||
ops := make([]string, 0, len(constraintOperators))
|
||||
for k := range constraintOperators {
|
||||
ops = append(ops, regexp.QuoteMeta(k))
|
||||
}
|
||||
|
||||
constraintRegexp = regexp.MustCompile(fmt.Sprintf(
|
||||
`^\s*(%s)\s*(%s)\s*$`,
|
||||
strings.Join(ops, "|"),
|
||||
VersionRegexpRaw))
|
||||
}
|
||||
|
||||
// NewConstraint will parse one or more constraints from the given
|
||||
// constraint string. The string must be a comma-separated list of
|
||||
// constraints.
|
||||
func NewConstraint(v string) (Constraints, error) {
|
||||
vs := strings.Split(v, ",")
|
||||
result := make([]*Constraint, len(vs))
|
||||
for i, single := range vs {
|
||||
c, err := parseSingle(single)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
result[i] = c
|
||||
}
|
||||
|
||||
return Constraints(result), nil
|
||||
}
|
||||
|
||||
// MustConstraints is a helper that wraps a call to a function
|
||||
// returning (Constraints, error) and panics if error is non-nil.
|
||||
func MustConstraints(c Constraints, err error) Constraints {
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
return c
|
||||
}
|
||||
|
||||
// Check tests if a version satisfies all the constraints.
|
||||
func (cs Constraints) Check(v *Version) bool {
|
||||
for _, c := range cs {
|
||||
if !c.Check(v) {
|
||||
return false
|
||||
}
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
|
||||
// Equals compares Constraints with other Constraints
|
||||
// for equality. This may not represent logical equivalence
|
||||
// of compared constraints.
|
||||
// e.g. even though '>0.1,>0.2' is logically equivalent
|
||||
// to '>0.2' it is *NOT* treated as equal.
|
||||
//
|
||||
// Missing operator is treated as equal to '=', whitespaces
|
||||
// are ignored and constraints are sorted before comaparison.
|
||||
func (cs Constraints) Equals(c Constraints) bool {
|
||||
if len(cs) != len(c) {
|
||||
return false
|
||||
}
|
||||
|
||||
// make copies to retain order of the original slices
|
||||
left := make(Constraints, len(cs))
|
||||
copy(left, cs)
|
||||
sort.Stable(left)
|
||||
right := make(Constraints, len(c))
|
||||
copy(right, c)
|
||||
sort.Stable(right)
|
||||
|
||||
// compare sorted slices
|
||||
for i, con := range left {
|
||||
if !con.Equals(right[i]) {
|
||||
return false
|
||||
}
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
|
||||
func (cs Constraints) Len() int {
|
||||
return len(cs)
|
||||
}
|
||||
|
||||
func (cs Constraints) Less(i, j int) bool {
|
||||
if cs[i].op < cs[j].op {
|
||||
return true
|
||||
}
|
||||
if cs[i].op > cs[j].op {
|
||||
return false
|
||||
}
|
||||
|
||||
return cs[i].check.LessThan(cs[j].check)
|
||||
}
|
||||
|
||||
func (cs Constraints) Swap(i, j int) {
|
||||
cs[i], cs[j] = cs[j], cs[i]
|
||||
}
|
||||
|
||||
// Returns the string format of the constraints
|
||||
func (cs Constraints) String() string {
|
||||
csStr := make([]string, len(cs))
|
||||
for i, c := range cs {
|
||||
csStr[i] = c.String()
|
||||
}
|
||||
|
||||
return strings.Join(csStr, ",")
|
||||
}
|
||||
|
||||
// Check tests if a constraint is validated by the given version.
|
||||
func (c *Constraint) Check(v *Version) bool {
|
||||
return c.f(v, c.check)
|
||||
}
|
||||
|
||||
// Prerelease returns true if the version underlying this constraint
|
||||
// contains a prerelease field.
|
||||
func (c *Constraint) Prerelease() bool {
|
||||
return len(c.check.Prerelease()) > 0
|
||||
}
|
||||
|
||||
func (c *Constraint) String() string {
|
||||
return c.original
|
||||
}
|
||||
|
||||
func parseSingle(v string) (*Constraint, error) {
|
||||
matches := constraintRegexp.FindStringSubmatch(v)
|
||||
if matches == nil {
|
||||
return nil, fmt.Errorf("Malformed constraint: %s", v)
|
||||
}
|
||||
|
||||
check, err := NewVersion(matches[2])
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
cop := constraintOperators[matches[1]]
|
||||
|
||||
return &Constraint{
|
||||
f: cop.f,
|
||||
op: cop.op,
|
||||
check: check,
|
||||
original: v,
|
||||
}, nil
|
||||
}
|
||||
|
||||
func prereleaseCheck(v, c *Version) bool {
|
||||
switch vPre, cPre := v.Prerelease() != "", c.Prerelease() != ""; {
|
||||
case cPre && vPre:
|
||||
// A constraint with a pre-release can only match a pre-release version
|
||||
// with the same base segments.
|
||||
return reflect.DeepEqual(c.Segments64(), v.Segments64())
|
||||
|
||||
case !cPre && vPre:
|
||||
// A constraint without a pre-release can only match a version without a
|
||||
// pre-release.
|
||||
return false
|
||||
|
||||
case cPre && !vPre:
|
||||
// OK, except with the pessimistic operator
|
||||
case !cPre && !vPre:
|
||||
// OK
|
||||
}
|
||||
return true
|
||||
}
|
||||
|
||||
//-------------------------------------------------------------------
|
||||
// Constraint functions
|
||||
//-------------------------------------------------------------------
|
||||
|
||||
type operator rune
|
||||
|
||||
const (
|
||||
equal operator = '='
|
||||
notEqual operator = '≠'
|
||||
greaterThan operator = '>'
|
||||
lessThan operator = '<'
|
||||
greaterThanEqual operator = '≥'
|
||||
lessThanEqual operator = '≤'
|
||||
pessimistic operator = '~'
|
||||
)
|
||||
|
||||
func constraintEqual(v, c *Version) bool {
|
||||
return v.Equal(c)
|
||||
}
|
||||
|
||||
func constraintNotEqual(v, c *Version) bool {
|
||||
return !v.Equal(c)
|
||||
}
|
||||
|
||||
func constraintGreaterThan(v, c *Version) bool {
|
||||
return prereleaseCheck(v, c) && v.Compare(c) == 1
|
||||
}
|
||||
|
||||
func constraintLessThan(v, c *Version) bool {
|
||||
return prereleaseCheck(v, c) && v.Compare(c) == -1
|
||||
}
|
||||
|
||||
func constraintGreaterThanEqual(v, c *Version) bool {
|
||||
return prereleaseCheck(v, c) && v.Compare(c) >= 0
|
||||
}
|
||||
|
||||
func constraintLessThanEqual(v, c *Version) bool {
|
||||
return prereleaseCheck(v, c) && v.Compare(c) <= 0
|
||||
}
|
||||
|
||||
func constraintPessimistic(v, c *Version) bool {
|
||||
// Using a pessimistic constraint with a pre-release, restricts versions to pre-releases
|
||||
if !prereleaseCheck(v, c) || (c.Prerelease() != "" && v.Prerelease() == "") {
|
||||
return false
|
||||
}
|
||||
|
||||
// If the version being checked is naturally less than the constraint, then there
|
||||
// is no way for the version to be valid against the constraint
|
||||
if v.LessThan(c) {
|
||||
return false
|
||||
}
|
||||
// We'll use this more than once, so grab the length now so it's a little cleaner
|
||||
// to write the later checks
|
||||
cs := len(c.segments)
|
||||
|
||||
// If the version being checked has less specificity than the constraint, then there
|
||||
// is no way for the version to be valid against the constraint
|
||||
if cs > len(v.segments) {
|
||||
return false
|
||||
}
|
||||
|
||||
// Check the segments in the constraint against those in the version. If the version
|
||||
// being checked, at any point, does not have the same values in each index of the
|
||||
// constraints segments, then it cannot be valid against the constraint.
|
||||
for i := 0; i < c.si-1; i++ {
|
||||
if v.segments[i] != c.segments[i] {
|
||||
return false
|
||||
}
|
||||
}
|
||||
|
||||
// Check the last part of the segment in the constraint. If the version segment at
|
||||
// this index is less than the constraints segment at this index, then it cannot
|
||||
// be valid against the constraint
|
||||
if c.segments[cs-1] > v.segments[cs-1] {
|
||||
return false
|
||||
}
|
||||
|
||||
// If nothing has rejected the version by now, it's valid
|
||||
return true
|
||||
}
|
407
vendor/github.com/hashicorp/go-version/version.go
generated
vendored
Normal file
407
vendor/github.com/hashicorp/go-version/version.go
generated
vendored
Normal file
|
@ -0,0 +1,407 @@
|
|||
package version
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"fmt"
|
||||
"reflect"
|
||||
"regexp"
|
||||
"strconv"
|
||||
"strings"
|
||||
)
|
||||
|
||||
// The compiled regular expression used to test the validity of a version.
|
||||
var (
|
||||
versionRegexp *regexp.Regexp
|
||||
semverRegexp *regexp.Regexp
|
||||
)
|
||||
|
||||
// The raw regular expression string used for testing the validity
|
||||
// of a version.
|
||||
const (
|
||||
VersionRegexpRaw string = `v?([0-9]+(\.[0-9]+)*?)` +
|
||||
`(-([0-9]+[0-9A-Za-z\-~]*(\.[0-9A-Za-z\-~]+)*)|(-?([A-Za-z\-~]+[0-9A-Za-z\-~]*(\.[0-9A-Za-z\-~]+)*)))?` +
|
||||
`(\+([0-9A-Za-z\-~]+(\.[0-9A-Za-z\-~]+)*))?` +
|
||||
`?`
|
||||
|
||||
// SemverRegexpRaw requires a separator between version and prerelease
|
||||
SemverRegexpRaw string = `v?([0-9]+(\.[0-9]+)*?)` +
|
||||
`(-([0-9]+[0-9A-Za-z\-~]*(\.[0-9A-Za-z\-~]+)*)|(-([A-Za-z\-~]+[0-9A-Za-z\-~]*(\.[0-9A-Za-z\-~]+)*)))?` +
|
||||
`(\+([0-9A-Za-z\-~]+(\.[0-9A-Za-z\-~]+)*))?` +
|
||||
`?`
|
||||
)
|
||||
|
||||
// Version represents a single version.
|
||||
type Version struct {
|
||||
metadata string
|
||||
pre string
|
||||
segments []int64
|
||||
si int
|
||||
original string
|
||||
}
|
||||
|
||||
func init() {
|
||||
versionRegexp = regexp.MustCompile("^" + VersionRegexpRaw + "$")
|
||||
semverRegexp = regexp.MustCompile("^" + SemverRegexpRaw + "$")
|
||||
}
|
||||
|
||||
// NewVersion parses the given version and returns a new
|
||||
// Version.
|
||||
func NewVersion(v string) (*Version, error) {
|
||||
return newVersion(v, versionRegexp)
|
||||
}
|
||||
|
||||
// NewSemver parses the given version and returns a new
|
||||
// Version that adheres strictly to SemVer specs
|
||||
// https://semver.org/
|
||||
func NewSemver(v string) (*Version, error) {
|
||||
return newVersion(v, semverRegexp)
|
||||
}
|
||||
|
||||
func newVersion(v string, pattern *regexp.Regexp) (*Version, error) {
|
||||
matches := pattern.FindStringSubmatch(v)
|
||||
if matches == nil {
|
||||
return nil, fmt.Errorf("Malformed version: %s", v)
|
||||
}
|
||||
segmentsStr := strings.Split(matches[1], ".")
|
||||
segments := make([]int64, len(segmentsStr))
|
||||
for i, str := range segmentsStr {
|
||||
val, err := strconv.ParseInt(str, 10, 64)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf(
|
||||
"Error parsing version: %s", err)
|
||||
}
|
||||
|
||||
segments[i] = val
|
||||
}
|
||||
|
||||
// Even though we could support more than three segments, if we
|
||||
// got less than three, pad it with 0s. This is to cover the basic
|
||||
// default usecase of semver, which is MAJOR.MINOR.PATCH at the minimum
|
||||
for i := len(segments); i < 3; i++ {
|
||||
segments = append(segments, 0)
|
||||
}
|
||||
|
||||
pre := matches[7]
|
||||
if pre == "" {
|
||||
pre = matches[4]
|
||||
}
|
||||
|
||||
return &Version{
|
||||
metadata: matches[10],
|
||||
pre: pre,
|
||||
segments: segments,
|
||||
si: len(segmentsStr),
|
||||
original: v,
|
||||
}, nil
|
||||
}
|
||||
|
||||
// Must is a helper that wraps a call to a function returning (*Version, error)
|
||||
// and panics if error is non-nil.
|
||||
func Must(v *Version, err error) *Version {
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
return v
|
||||
}
|
||||
|
||||
// Compare compares this version to another version. This
|
||||
// returns -1, 0, or 1 if this version is smaller, equal,
|
||||
// or larger than the other version, respectively.
|
||||
//
|
||||
// If you want boolean results, use the LessThan, Equal,
|
||||
// GreaterThan, GreaterThanOrEqual or LessThanOrEqual methods.
|
||||
func (v *Version) Compare(other *Version) int {
|
||||
// A quick, efficient equality check
|
||||
if v.String() == other.String() {
|
||||
return 0
|
||||
}
|
||||
|
||||
segmentsSelf := v.Segments64()
|
||||
segmentsOther := other.Segments64()
|
||||
|
||||
// If the segments are the same, we must compare on prerelease info
|
||||
if reflect.DeepEqual(segmentsSelf, segmentsOther) {
|
||||
preSelf := v.Prerelease()
|
||||
preOther := other.Prerelease()
|
||||
if preSelf == "" && preOther == "" {
|
||||
return 0
|
||||
}
|
||||
if preSelf == "" {
|
||||
return 1
|
||||
}
|
||||
if preOther == "" {
|
||||
return -1
|
||||
}
|
||||
|
||||
return comparePrereleases(preSelf, preOther)
|
||||
}
|
||||
|
||||
// Get the highest specificity (hS), or if they're equal, just use segmentSelf length
|
||||
lenSelf := len(segmentsSelf)
|
||||
lenOther := len(segmentsOther)
|
||||
hS := lenSelf
|
||||
if lenSelf < lenOther {
|
||||
hS = lenOther
|
||||
}
|
||||
// Compare the segments
|
||||
// Because a constraint could have more/less specificity than the version it's
|
||||
// checking, we need to account for a lopsided or jagged comparison
|
||||
for i := 0; i < hS; i++ {
|
||||
if i > lenSelf-1 {
|
||||
// This means Self had the lower specificity
|
||||
// Check to see if the remaining segments in Other are all zeros
|
||||
if !allZero(segmentsOther[i:]) {
|
||||
// if not, it means that Other has to be greater than Self
|
||||
return -1
|
||||
}
|
||||
break
|
||||
} else if i > lenOther-1 {
|
||||
// this means Other had the lower specificity
|
||||
// Check to see if the remaining segments in Self are all zeros -
|
||||
if !allZero(segmentsSelf[i:]) {
|
||||
//if not, it means that Self has to be greater than Other
|
||||
return 1
|
||||
}
|
||||
break
|
||||
}
|
||||
lhs := segmentsSelf[i]
|
||||
rhs := segmentsOther[i]
|
||||
if lhs == rhs {
|
||||
continue
|
||||
} else if lhs < rhs {
|
||||
return -1
|
||||
}
|
||||
// Otherwis, rhs was > lhs, they're not equal
|
||||
return 1
|
||||
}
|
||||
|
||||
// if we got this far, they're equal
|
||||
return 0
|
||||
}
|
||||
|
||||
func allZero(segs []int64) bool {
|
||||
for _, s := range segs {
|
||||
if s != 0 {
|
||||
return false
|
||||
}
|
||||
}
|
||||
return true
|
||||
}
|
||||
|
||||
func comparePart(preSelf string, preOther string) int {
|
||||
if preSelf == preOther {
|
||||
return 0
|
||||
}
|
||||
|
||||
var selfInt int64
|
||||
selfNumeric := true
|
||||
selfInt, err := strconv.ParseInt(preSelf, 10, 64)
|
||||
if err != nil {
|
||||
selfNumeric = false
|
||||
}
|
||||
|
||||
var otherInt int64
|
||||
otherNumeric := true
|
||||
otherInt, err = strconv.ParseInt(preOther, 10, 64)
|
||||
if err != nil {
|
||||
otherNumeric = false
|
||||
}
|
||||
|
||||
// if a part is empty, we use the other to decide
|
||||
if preSelf == "" {
|
||||
if otherNumeric {
|
||||
return -1
|
||||
}
|
||||
return 1
|
||||
}
|
||||
|
||||
if preOther == "" {
|
||||
if selfNumeric {
|
||||
return 1
|
||||
}
|
||||
return -1
|
||||
}
|
||||
|
||||
if selfNumeric && !otherNumeric {
|
||||
return -1
|
||||
} else if !selfNumeric && otherNumeric {
|
||||
return 1
|
||||
} else if !selfNumeric && !otherNumeric && preSelf > preOther {
|
||||
return 1
|
||||
} else if selfInt > otherInt {
|
||||
return 1
|
||||
}
|
||||
|
||||
return -1
|
||||
}
|
||||
|
||||
func comparePrereleases(v string, other string) int {
|
||||
// the same pre release!
|
||||
if v == other {
|
||||
return 0
|
||||
}
|
||||
|
||||
// split both pre releases for analyse their parts
|
||||
selfPreReleaseMeta := strings.Split(v, ".")
|
||||
otherPreReleaseMeta := strings.Split(other, ".")
|
||||
|
||||
selfPreReleaseLen := len(selfPreReleaseMeta)
|
||||
otherPreReleaseLen := len(otherPreReleaseMeta)
|
||||
|
||||
biggestLen := otherPreReleaseLen
|
||||
if selfPreReleaseLen > otherPreReleaseLen {
|
||||
biggestLen = selfPreReleaseLen
|
||||
}
|
||||
|
||||
// loop for parts to find the first difference
|
||||
for i := 0; i < biggestLen; i = i + 1 {
|
||||
partSelfPre := ""
|
||||
if i < selfPreReleaseLen {
|
||||
partSelfPre = selfPreReleaseMeta[i]
|
||||
}
|
||||
|
||||
partOtherPre := ""
|
||||
if i < otherPreReleaseLen {
|
||||
partOtherPre = otherPreReleaseMeta[i]
|
||||
}
|
||||
|
||||
compare := comparePart(partSelfPre, partOtherPre)
|
||||
// if parts are equals, continue the loop
|
||||
if compare != 0 {
|
||||
return compare
|
||||
}
|
||||
}
|
||||
|
||||
return 0
|
||||
}
|
||||
|
||||
// Core returns a new version constructed from only the MAJOR.MINOR.PATCH
|
||||
// segments of the version, without prerelease or metadata.
|
||||
func (v *Version) Core() *Version {
|
||||
segments := v.Segments64()
|
||||
segmentsOnly := fmt.Sprintf("%d.%d.%d", segments[0], segments[1], segments[2])
|
||||
return Must(NewVersion(segmentsOnly))
|
||||
}
|
||||
|
||||
// Equal tests if two versions are equal.
|
||||
func (v *Version) Equal(o *Version) bool {
|
||||
if v == nil || o == nil {
|
||||
return v == o
|
||||
}
|
||||
|
||||
return v.Compare(o) == 0
|
||||
}
|
||||
|
||||
// GreaterThan tests if this version is greater than another version.
|
||||
func (v *Version) GreaterThan(o *Version) bool {
|
||||
return v.Compare(o) > 0
|
||||
}
|
||||
|
||||
// GreaterThanOrEqual tests if this version is greater than or equal to another version.
|
||||
func (v *Version) GreaterThanOrEqual(o *Version) bool {
|
||||
return v.Compare(o) >= 0
|
||||
}
|
||||
|
||||
// LessThan tests if this version is less than another version.
|
||||
func (v *Version) LessThan(o *Version) bool {
|
||||
return v.Compare(o) < 0
|
||||
}
|
||||
|
||||
// LessThanOrEqual tests if this version is less than or equal to another version.
|
||||
func (v *Version) LessThanOrEqual(o *Version) bool {
|
||||
return v.Compare(o) <= 0
|
||||
}
|
||||
|
||||
// Metadata returns any metadata that was part of the version
|
||||
// string.
|
||||
//
|
||||
// Metadata is anything that comes after the "+" in the version.
|
||||
// For example, with "1.2.3+beta", the metadata is "beta".
|
||||
func (v *Version) Metadata() string {
|
||||
return v.metadata
|
||||
}
|
||||
|
||||
// Prerelease returns any prerelease data that is part of the version,
|
||||
// or blank if there is no prerelease data.
|
||||
//
|
||||
// Prerelease information is anything that comes after the "-" in the
|
||||
// version (but before any metadata). For example, with "1.2.3-beta",
|
||||
// the prerelease information is "beta".
|
||||
func (v *Version) Prerelease() string {
|
||||
return v.pre
|
||||
}
|
||||
|
||||
// Segments returns the numeric segments of the version as a slice of ints.
|
||||
//
|
||||
// This excludes any metadata or pre-release information. For example,
|
||||
// for a version "1.2.3-beta", segments will return a slice of
|
||||
// 1, 2, 3.
|
||||
func (v *Version) Segments() []int {
|
||||
segmentSlice := make([]int, len(v.segments))
|
||||
for i, v := range v.segments {
|
||||
segmentSlice[i] = int(v)
|
||||
}
|
||||
return segmentSlice
|
||||
}
|
||||
|
||||
// Segments64 returns the numeric segments of the version as a slice of int64s.
|
||||
//
|
||||
// This excludes any metadata or pre-release information. For example,
|
||||
// for a version "1.2.3-beta", segments will return a slice of
|
||||
// 1, 2, 3.
|
||||
func (v *Version) Segments64() []int64 {
|
||||
result := make([]int64, len(v.segments))
|
||||
copy(result, v.segments)
|
||||
return result
|
||||
}
|
||||
|
||||
// String returns the full version string included pre-release
|
||||
// and metadata information.
|
||||
//
|
||||
// This value is rebuilt according to the parsed segments and other
|
||||
// information. Therefore, ambiguities in the version string such as
|
||||
// prefixed zeroes (1.04.0 => 1.4.0), `v` prefix (v1.0.0 => 1.0.0), and
|
||||
// missing parts (1.0 => 1.0.0) will be made into a canonicalized form
|
||||
// as shown in the parenthesized examples.
|
||||
func (v *Version) String() string {
|
||||
var buf bytes.Buffer
|
||||
fmtParts := make([]string, len(v.segments))
|
||||
for i, s := range v.segments {
|
||||
// We can ignore err here since we've pre-parsed the values in segments
|
||||
str := strconv.FormatInt(s, 10)
|
||||
fmtParts[i] = str
|
||||
}
|
||||
fmt.Fprintf(&buf, strings.Join(fmtParts, "."))
|
||||
if v.pre != "" {
|
||||
fmt.Fprintf(&buf, "-%s", v.pre)
|
||||
}
|
||||
if v.metadata != "" {
|
||||
fmt.Fprintf(&buf, "+%s", v.metadata)
|
||||
}
|
||||
|
||||
return buf.String()
|
||||
}
|
||||
|
||||
// Original returns the original parsed version as-is, including any
|
||||
// potential whitespace, `v` prefix, etc.
|
||||
func (v *Version) Original() string {
|
||||
return v.original
|
||||
}
|
||||
|
||||
// UnmarshalText implements encoding.TextUnmarshaler interface.
|
||||
func (v *Version) UnmarshalText(b []byte) error {
|
||||
temp, err := NewVersion(string(b))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
*v = *temp
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// MarshalText implements encoding.TextMarshaler interface.
|
||||
func (v *Version) MarshalText() ([]byte, error) {
|
||||
return []byte(v.String()), nil
|
||||
}
|
17
vendor/github.com/hashicorp/go-version/version_collection.go
generated
vendored
Normal file
17
vendor/github.com/hashicorp/go-version/version_collection.go
generated
vendored
Normal file
|
@ -0,0 +1,17 @@
|
|||
package version
|
||||
|
||||
// Collection is a type that implements the sort.Interface interface
|
||||
// so that versions can be sorted.
|
||||
type Collection []*Version
|
||||
|
||||
func (v Collection) Len() int {
|
||||
return len(v)
|
||||
}
|
||||
|
||||
func (v Collection) Less(i, j int) bool {
|
||||
return v[i].LessThan(v[j])
|
||||
}
|
||||
|
||||
func (v Collection) Swap(i, j int) {
|
||||
v[i], v[j] = v[j], v[i]
|
||||
}
|
14
vendor/github.com/klauspost/compress/README.md
generated
vendored
14
vendor/github.com/klauspost/compress/README.md
generated
vendored
|
@ -16,6 +16,18 @@ This package provides various compression algorithms.
|
|||
|
||||
# changelog
|
||||
|
||||
* Dec 1st, 2023 - [v1.17.4](https://github.com/klauspost/compress/releases/tag/v1.17.4)
|
||||
* huff0: Speed up symbol counting by @greatroar in https://github.com/klauspost/compress/pull/887
|
||||
* huff0: Remove byteReader by @greatroar in https://github.com/klauspost/compress/pull/886
|
||||
* gzhttp: Allow overriding decompression on transport https://github.com/klauspost/compress/pull/892
|
||||
* gzhttp: Clamp compression level https://github.com/klauspost/compress/pull/890
|
||||
* gzip: Error out if reserved bits are set https://github.com/klauspost/compress/pull/891
|
||||
|
||||
* Nov 15th, 2023 - [v1.17.3](https://github.com/klauspost/compress/releases/tag/v1.17.3)
|
||||
* fse: Fix max header size https://github.com/klauspost/compress/pull/881
|
||||
* zstd: Improve better/best compression https://github.com/klauspost/compress/pull/877
|
||||
* gzhttp: Fix missing content type on Close https://github.com/klauspost/compress/pull/883
|
||||
|
||||
* Oct 22nd, 2023 - [v1.17.2](https://github.com/klauspost/compress/releases/tag/v1.17.2)
|
||||
* zstd: Fix rare *CORRUPTION* output in "best" mode. See https://github.com/klauspost/compress/pull/876
|
||||
|
||||
|
@ -554,7 +566,7 @@ For direct deflate use, NewStatelessWriter and StatelessDeflate are available. S
|
|||
|
||||
A `bufio.Writer` can of course be used to control write sizes. For example, to use a 4KB buffer:
|
||||
|
||||
```
|
||||
```go
|
||||
// replace 'ioutil.Discard' with your output.
|
||||
gzw, err := gzip.NewWriterLevel(ioutil.Discard, gzip.StatelessCompression)
|
||||
if err != nil {
|
||||
|
|
2
vendor/github.com/klauspost/compress/flate/deflate.go
generated
vendored
2
vendor/github.com/klauspost/compress/flate/deflate.go
generated
vendored
|
@ -212,7 +212,7 @@ func (d *compressor) writeBlockSkip(tok *tokens, index int, eof bool) error {
|
|||
// Should only be used after a start/reset.
|
||||
func (d *compressor) fillWindow(b []byte) {
|
||||
// Do not fill window if we are in store-only or huffman mode.
|
||||
if d.level <= 0 {
|
||||
if d.level <= 0 && d.level > -MinCustomWindowSize {
|
||||
return
|
||||
}
|
||||
if d.fast != nil {
|
||||
|
|
13
vendor/github.com/klauspost/compress/internal/race/norace.go
generated
vendored
Normal file
13
vendor/github.com/klauspost/compress/internal/race/norace.go
generated
vendored
Normal file
|
@ -0,0 +1,13 @@
|
|||
// Copyright 2015 The Go Authors. All rights reserved.
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
//go:build !race
|
||||
|
||||
package race
|
||||
|
||||
func ReadSlice[T any](s []T) {
|
||||
}
|
||||
|
||||
func WriteSlice[T any](s []T) {
|
||||
}
|
26
vendor/github.com/klauspost/compress/internal/race/race.go
generated
vendored
Normal file
26
vendor/github.com/klauspost/compress/internal/race/race.go
generated
vendored
Normal file
|
@ -0,0 +1,26 @@
|
|||
// Copyright 2015 The Go Authors. All rights reserved.
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
//go:build race
|
||||
|
||||
package race
|
||||
|
||||
import (
|
||||
"runtime"
|
||||
"unsafe"
|
||||
)
|
||||
|
||||
func ReadSlice[T any](s []T) {
|
||||
if len(s) == 0 {
|
||||
return
|
||||
}
|
||||
runtime.RaceReadRange(unsafe.Pointer(&s[0]), len(s)*int(unsafe.Sizeof(s[0])))
|
||||
}
|
||||
|
||||
func WriteSlice[T any](s []T) {
|
||||
if len(s) == 0 {
|
||||
return
|
||||
}
|
||||
runtime.RaceWriteRange(unsafe.Pointer(&s[0]), len(s)*int(unsafe.Sizeof(s[0])))
|
||||
}
|
6
vendor/github.com/klauspost/compress/s2/decode.go
generated
vendored
6
vendor/github.com/klauspost/compress/s2/decode.go
generated
vendored
|
@ -10,6 +10,8 @@ import (
|
|||
"errors"
|
||||
"fmt"
|
||||
"strconv"
|
||||
|
||||
"github.com/klauspost/compress/internal/race"
|
||||
)
|
||||
|
||||
var (
|
||||
|
@ -63,6 +65,10 @@ func Decode(dst, src []byte) ([]byte, error) {
|
|||
} else {
|
||||
dst = make([]byte, dLen)
|
||||
}
|
||||
|
||||
race.WriteSlice(dst)
|
||||
race.ReadSlice(src[s:])
|
||||
|
||||
if s2Decode(dst, src[s:]) != 0 {
|
||||
return nil, ErrCorrupt
|
||||
}
|
||||
|
|
14
vendor/github.com/klauspost/compress/s2/encode_amd64.go
generated
vendored
14
vendor/github.com/klauspost/compress/s2/encode_amd64.go
generated
vendored
|
@ -3,6 +3,8 @@
|
|||
|
||||
package s2
|
||||
|
||||
import "github.com/klauspost/compress/internal/race"
|
||||
|
||||
const hasAmd64Asm = true
|
||||
|
||||
// encodeBlock encodes a non-empty src to a guaranteed-large-enough dst. It
|
||||
|
@ -14,6 +16,9 @@ const hasAmd64Asm = true
|
|||
// len(dst) >= MaxEncodedLen(len(src)) &&
|
||||
// minNonLiteralBlockSize <= len(src) && len(src) <= maxBlockSize
|
||||
func encodeBlock(dst, src []byte) (d int) {
|
||||
race.ReadSlice(src)
|
||||
race.WriteSlice(dst)
|
||||
|
||||
const (
|
||||
// Use 12 bit table when less than...
|
||||
limit12B = 16 << 10
|
||||
|
@ -50,6 +55,9 @@ func encodeBlock(dst, src []byte) (d int) {
|
|||
// len(dst) >= MaxEncodedLen(len(src)) &&
|
||||
// minNonLiteralBlockSize <= len(src) && len(src) <= maxBlockSize
|
||||
func encodeBlockBetter(dst, src []byte) (d int) {
|
||||
race.ReadSlice(src)
|
||||
race.WriteSlice(dst)
|
||||
|
||||
const (
|
||||
// Use 12 bit table when less than...
|
||||
limit12B = 16 << 10
|
||||
|
@ -86,6 +94,9 @@ func encodeBlockBetter(dst, src []byte) (d int) {
|
|||
// len(dst) >= MaxEncodedLen(len(src)) &&
|
||||
// minNonLiteralBlockSize <= len(src) && len(src) <= maxBlockSize
|
||||
func encodeBlockSnappy(dst, src []byte) (d int) {
|
||||
race.ReadSlice(src)
|
||||
race.WriteSlice(dst)
|
||||
|
||||
const (
|
||||
// Use 12 bit table when less than...
|
||||
limit12B = 16 << 10
|
||||
|
@ -121,6 +132,9 @@ func encodeBlockSnappy(dst, src []byte) (d int) {
|
|||
// len(dst) >= MaxEncodedLen(len(src)) &&
|
||||
// minNonLiteralBlockSize <= len(src) && len(src) <= maxBlockSize
|
||||
func encodeBlockBetterSnappy(dst, src []byte) (d int) {
|
||||
race.ReadSlice(src)
|
||||
race.WriteSlice(dst)
|
||||
|
||||
const (
|
||||
// Use 12 bit table when less than...
|
||||
limit12B = 16 << 10
|
||||
|
|
16
vendor/github.com/klauspost/compress/s2/reader.go
generated
vendored
16
vendor/github.com/klauspost/compress/s2/reader.go
generated
vendored
|
@ -104,12 +104,14 @@ func ReaderIgnoreStreamIdentifier() ReaderOption {
|
|||
// For each chunk with the ID, the callback is called with the content.
|
||||
// Any returned non-nil error will abort decompression.
|
||||
// Only one callback per ID is supported, latest sent will be used.
|
||||
// You can peek the stream, triggering the callback, by doing a Read with a 0
|
||||
// byte buffer.
|
||||
func ReaderSkippableCB(id uint8, fn func(r io.Reader) error) ReaderOption {
|
||||
return func(r *Reader) error {
|
||||
if id < 0x80 || id > 0xfd {
|
||||
return fmt.Errorf("ReaderSkippableCB: Invalid id provided, must be 0x80-0xfd (inclusive)")
|
||||
}
|
||||
r.skippableCB[id] = fn
|
||||
r.skippableCB[id-0x80] = fn
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
@ -128,7 +130,7 @@ type Reader struct {
|
|||
err error
|
||||
decoded []byte
|
||||
buf []byte
|
||||
skippableCB [0x80]func(r io.Reader) error
|
||||
skippableCB [0xff - 0x80]func(r io.Reader) error
|
||||
blockStart int64 // Uncompressed offset at start of current.
|
||||
index *Index
|
||||
|
||||
|
@ -201,7 +203,7 @@ func (r *Reader) readFull(p []byte, allowEOF bool) (ok bool) {
|
|||
// The supplied slice does not need to be the size of the read.
|
||||
func (r *Reader) skippable(tmp []byte, n int, allowEOF bool, id uint8) (ok bool) {
|
||||
if id < 0x80 {
|
||||
r.err = fmt.Errorf("interbal error: skippable id < 0x80")
|
||||
r.err = fmt.Errorf("internal error: skippable id < 0x80")
|
||||
return false
|
||||
}
|
||||
if fn := r.skippableCB[id-0x80]; fn != nil {
|
||||
|
@ -1048,15 +1050,17 @@ func (r *Reader) ReadByte() (byte, error) {
|
|||
}
|
||||
|
||||
// SkippableCB will register a callback for chunks with the specified ID.
|
||||
// ID must be a Reserved skippable chunks ID, 0x80-0xfe (inclusive).
|
||||
// ID must be a Reserved skippable chunks ID, 0x80-0xfd (inclusive).
|
||||
// For each chunk with the ID, the callback is called with the content.
|
||||
// Any returned non-nil error will abort decompression.
|
||||
// Only one callback per ID is supported, latest sent will be used.
|
||||
// Sending a nil function will disable previous callbacks.
|
||||
// You can peek the stream, triggering the callback, by doing a Read with a 0
|
||||
// byte buffer.
|
||||
func (r *Reader) SkippableCB(id uint8, fn func(r io.Reader) error) error {
|
||||
if id < 0x80 || id > chunkTypePadding {
|
||||
if id < 0x80 || id >= chunkTypePadding {
|
||||
return fmt.Errorf("ReaderSkippableCB: Invalid id provided, must be 0x80-0xfe (inclusive)")
|
||||
}
|
||||
r.skippableCB[id] = fn
|
||||
r.skippableCB[id-0x80] = fn
|
||||
return nil
|
||||
}
|
||||
|
|
4
vendor/github.com/klauspost/compress/s2/s2.go
generated
vendored
4
vendor/github.com/klauspost/compress/s2/s2.go
generated
vendored
|
@ -37,6 +37,8 @@ package s2
|
|||
import (
|
||||
"bytes"
|
||||
"hash/crc32"
|
||||
|
||||
"github.com/klauspost/compress/internal/race"
|
||||
)
|
||||
|
||||
/*
|
||||
|
@ -112,6 +114,8 @@ var crcTable = crc32.MakeTable(crc32.Castagnoli)
|
|||
// crc implements the checksum specified in section 3 of
|
||||
// https://github.com/google/snappy/blob/master/framing_format.txt
|
||||
func crc(b []byte) uint32 {
|
||||
race.ReadSlice(b)
|
||||
|
||||
c := crc32.Update(0, crcTable, b)
|
||||
return c>>15 | c<<17 + 0xa282ead8
|
||||
}
|
||||
|
|
14
vendor/github.com/klauspost/compress/s2/writer.go
generated
vendored
14
vendor/github.com/klauspost/compress/s2/writer.go
generated
vendored
|
@ -13,6 +13,8 @@ import (
|
|||
"io"
|
||||
"runtime"
|
||||
"sync"
|
||||
|
||||
"github.com/klauspost/compress/internal/race"
|
||||
)
|
||||
|
||||
const (
|
||||
|
@ -271,7 +273,7 @@ func (w *Writer) AddSkippableBlock(id uint8, data []byte) (err error) {
|
|||
return fmt.Errorf("skippable block excessed maximum size")
|
||||
}
|
||||
var header [4]byte
|
||||
chunkLen := 4 + len(data)
|
||||
chunkLen := len(data)
|
||||
header[0] = id
|
||||
header[1] = uint8(chunkLen >> 0)
|
||||
header[2] = uint8(chunkLen >> 8)
|
||||
|
@ -282,7 +284,7 @@ func (w *Writer) AddSkippableBlock(id uint8, data []byte) (err error) {
|
|||
if err = w.err(err); err != nil {
|
||||
return err
|
||||
}
|
||||
if n != len(data) {
|
||||
if n != len(b) {
|
||||
return w.err(io.ErrShortWrite)
|
||||
}
|
||||
w.written += int64(n)
|
||||
|
@ -303,9 +305,7 @@ func (w *Writer) AddSkippableBlock(id uint8, data []byte) (err error) {
|
|||
if err := write(header[:]); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := write(data); err != nil {
|
||||
return err
|
||||
}
|
||||
return write(data)
|
||||
}
|
||||
|
||||
// Create output...
|
||||
|
@ -385,6 +385,8 @@ func (w *Writer) EncodeBuffer(buf []byte) (err error) {
|
|||
buf = buf[len(uncompressed):]
|
||||
// Get an output buffer.
|
||||
obuf := w.buffers.Get().([]byte)[:len(uncompressed)+obufHeaderLen]
|
||||
race.WriteSlice(obuf)
|
||||
|
||||
output := make(chan result)
|
||||
// Queue output now, so we keep order.
|
||||
w.output <- output
|
||||
|
@ -393,6 +395,8 @@ func (w *Writer) EncodeBuffer(buf []byte) (err error) {
|
|||
}
|
||||
w.uncompWritten += int64(len(uncompressed))
|
||||
go func() {
|
||||
race.ReadSlice(uncompressed)
|
||||
|
||||
checksum := crc(uncompressed)
|
||||
|
||||
// Set to uncompressed.
|
||||
|
|
2
vendor/github.com/klauspost/compress/s2sx.mod
generated
vendored
2
vendor/github.com/klauspost/compress/s2sx.mod
generated
vendored
|
@ -1,4 +1,4 @@
|
|||
module github.com/klauspost/compress
|
||||
|
||||
go 1.16
|
||||
go 1.19
|
||||
|
||||
|
|
56
vendor/github.com/klauspost/compress/zstd/decodeheader.go
generated
vendored
56
vendor/github.com/klauspost/compress/zstd/decodeheader.go
generated
vendored
|
@ -95,42 +95,54 @@ type Header struct {
|
|||
// If there isn't enough input, io.ErrUnexpectedEOF is returned.
|
||||
// The FirstBlock.OK will indicate if enough information was available to decode the first block header.
|
||||
func (h *Header) Decode(in []byte) error {
|
||||
_, err := h.DecodeAndStrip(in)
|
||||
return err
|
||||
}
|
||||
|
||||
// DecodeAndStrip will decode the header from the beginning of the stream
|
||||
// and on success return the remaining bytes.
|
||||
// This will decode the frame header and the first block header if enough bytes are provided.
|
||||
// It is recommended to provide at least HeaderMaxSize bytes.
|
||||
// If the frame header cannot be read an error will be returned.
|
||||
// If there isn't enough input, io.ErrUnexpectedEOF is returned.
|
||||
// The FirstBlock.OK will indicate if enough information was available to decode the first block header.
|
||||
func (h *Header) DecodeAndStrip(in []byte) (remain []byte, err error) {
|
||||
*h = Header{}
|
||||
if len(in) < 4 {
|
||||
return io.ErrUnexpectedEOF
|
||||
return nil, io.ErrUnexpectedEOF
|
||||
}
|
||||
h.HeaderSize += 4
|
||||
b, in := in[:4], in[4:]
|
||||
if string(b) != frameMagic {
|
||||
if string(b[1:4]) != skippableFrameMagic || b[0]&0xf0 != 0x50 {
|
||||
return ErrMagicMismatch
|
||||
return nil, ErrMagicMismatch
|
||||
}
|
||||
if len(in) < 4 {
|
||||
return io.ErrUnexpectedEOF
|
||||
return nil, io.ErrUnexpectedEOF
|
||||
}
|
||||
h.HeaderSize += 4
|
||||
h.Skippable = true
|
||||
h.SkippableID = int(b[0] & 0xf)
|
||||
h.SkippableSize = binary.LittleEndian.Uint32(in)
|
||||
return nil
|
||||
return in[4:], nil
|
||||
}
|
||||
|
||||
// Read Window_Descriptor
|
||||
// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#window_descriptor
|
||||
if len(in) < 1 {
|
||||
return io.ErrUnexpectedEOF
|
||||
return nil, io.ErrUnexpectedEOF
|
||||
}
|
||||
fhd, in := in[0], in[1:]
|
||||
h.HeaderSize++
|
||||
h.SingleSegment = fhd&(1<<5) != 0
|
||||
h.HasCheckSum = fhd&(1<<2) != 0
|
||||
if fhd&(1<<3) != 0 {
|
||||
return errors.New("reserved bit set on frame header")
|
||||
return nil, errors.New("reserved bit set on frame header")
|
||||
}
|
||||
|
||||
if !h.SingleSegment {
|
||||
if len(in) < 1 {
|
||||
return io.ErrUnexpectedEOF
|
||||
return nil, io.ErrUnexpectedEOF
|
||||
}
|
||||
var wd byte
|
||||
wd, in = in[0], in[1:]
|
||||
|
@ -148,7 +160,7 @@ func (h *Header) Decode(in []byte) error {
|
|||
size = 4
|
||||
}
|
||||
if len(in) < int(size) {
|
||||
return io.ErrUnexpectedEOF
|
||||
return nil, io.ErrUnexpectedEOF
|
||||
}
|
||||
b, in = in[:size], in[size:]
|
||||
h.HeaderSize += int(size)
|
||||
|
@ -178,7 +190,7 @@ func (h *Header) Decode(in []byte) error {
|
|||
if fcsSize > 0 {
|
||||
h.HasFCS = true
|
||||
if len(in) < fcsSize {
|
||||
return io.ErrUnexpectedEOF
|
||||
return nil, io.ErrUnexpectedEOF
|
||||
}
|
||||
b, in = in[:fcsSize], in[fcsSize:]
|
||||
h.HeaderSize += int(fcsSize)
|
||||
|
@ -199,7 +211,7 @@ func (h *Header) Decode(in []byte) error {
|
|||
|
||||
// Frame Header done, we will not fail from now on.
|
||||
if len(in) < 3 {
|
||||
return nil
|
||||
return in, nil
|
||||
}
|
||||
tmp := in[:3]
|
||||
bh := uint32(tmp[0]) | (uint32(tmp[1]) << 8) | (uint32(tmp[2]) << 16)
|
||||
|
@ -209,7 +221,7 @@ func (h *Header) Decode(in []byte) error {
|
|||
cSize := int(bh >> 3)
|
||||
switch blockType {
|
||||
case blockTypeReserved:
|
||||
return nil
|
||||
return in, nil
|
||||
case blockTypeRLE:
|
||||
h.FirstBlock.Compressed = true
|
||||
h.FirstBlock.DecompressedSize = cSize
|
||||
|
@ -225,5 +237,25 @@ func (h *Header) Decode(in []byte) error {
|
|||
}
|
||||
|
||||
h.FirstBlock.OK = true
|
||||
return nil
|
||||
return in, nil
|
||||
}
|
||||
|
||||
// AppendTo will append the encoded header to the dst slice.
|
||||
// There is no error checking performed on the header values.
|
||||
func (h *Header) AppendTo(dst []byte) ([]byte, error) {
|
||||
if h.Skippable {
|
||||
magic := [4]byte{0x50, 0x2a, 0x4d, 0x18}
|
||||
magic[0] |= byte(h.SkippableID & 0xf)
|
||||
dst = append(dst, magic[:]...)
|
||||
f := h.SkippableSize
|
||||
return append(dst, uint8(f), uint8(f>>8), uint8(f>>16), uint8(f>>24)), nil
|
||||
}
|
||||
f := frameHeader{
|
||||
ContentSize: h.FrameContentSize,
|
||||
WindowSize: uint32(h.WindowSize),
|
||||
SingleSegment: h.SingleSegment,
|
||||
Checksum: h.HasCheckSum,
|
||||
DictID: h.DictionaryID,
|
||||
}
|
||||
return f.appendTo(dst), nil
|
||||
}
|
||||
|
|
6
vendor/github.com/klauspost/compress/zstd/encoder_options.go
generated
vendored
6
vendor/github.com/klauspost/compress/zstd/encoder_options.go
generated
vendored
|
@ -94,7 +94,7 @@ func WithEncoderConcurrency(n int) EOption {
|
|||
// The value must be a power of two between MinWindowSize and MaxWindowSize.
|
||||
// A larger value will enable better compression but allocate more memory and,
|
||||
// for above-default values, take considerably longer.
|
||||
// The default value is determined by the compression level.
|
||||
// The default value is determined by the compression level and max 8MB.
|
||||
func WithWindowSize(n int) EOption {
|
||||
return func(o *encoderOptions) error {
|
||||
switch {
|
||||
|
@ -232,9 +232,9 @@ func WithEncoderLevel(l EncoderLevel) EOption {
|
|||
case SpeedDefault:
|
||||
o.windowSize = 8 << 20
|
||||
case SpeedBetterCompression:
|
||||
o.windowSize = 16 << 20
|
||||
o.windowSize = 8 << 20
|
||||
case SpeedBestCompression:
|
||||
o.windowSize = 32 << 20
|
||||
o.windowSize = 8 << 20
|
||||
}
|
||||
}
|
||||
if !o.customALEntropy {
|
||||
|
|
2
vendor/github.com/klauspost/compress/zstd/frameenc.go
generated
vendored
2
vendor/github.com/klauspost/compress/zstd/frameenc.go
generated
vendored
|
@ -76,7 +76,7 @@ func (f frameHeader) appendTo(dst []byte) []byte {
|
|||
if f.SingleSegment {
|
||||
dst = append(dst, uint8(f.ContentSize))
|
||||
}
|
||||
// Unless SingleSegment is set, framessizes < 256 are nto stored.
|
||||
// Unless SingleSegment is set, framessizes < 256 are not stored.
|
||||
case 1:
|
||||
f.ContentSize -= 256
|
||||
dst = append(dst, uint8(f.ContentSize), uint8(f.ContentSize>>8))
|
||||
|
|
11
vendor/github.com/klauspost/compress/zstd/fse_decoder_generic.go
generated
vendored
11
vendor/github.com/klauspost/compress/zstd/fse_decoder_generic.go
generated
vendored
|
@ -20,10 +20,9 @@ func (s *fseDecoder) buildDtable() error {
|
|||
if v == -1 {
|
||||
s.dt[highThreshold].setAddBits(uint8(i))
|
||||
highThreshold--
|
||||
symbolNext[i] = 1
|
||||
} else {
|
||||
symbolNext[i] = uint16(v)
|
||||
v = 1
|
||||
}
|
||||
symbolNext[i] = uint16(v)
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -35,10 +34,12 @@ func (s *fseDecoder) buildDtable() error {
|
|||
for ss, v := range s.norm[:s.symbolLen] {
|
||||
for i := 0; i < int(v); i++ {
|
||||
s.dt[position].setAddBits(uint8(ss))
|
||||
position = (position + step) & tableMask
|
||||
for position > highThreshold {
|
||||
for {
|
||||
// lowprob area
|
||||
position = (position + step) & tableMask
|
||||
if position <= highThreshold {
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
136
vendor/github.com/klauspost/compress/zstd/seqdec_amd64.s
generated
vendored
136
vendor/github.com/klauspost/compress/zstd/seqdec_amd64.s
generated
vendored
|
@ -157,8 +157,7 @@ sequenceDecs_decode_amd64_ll_update_zero:
|
|||
|
||||
// Update Literal Length State
|
||||
MOVBQZX DI, R14
|
||||
SHRQ $0x10, DI
|
||||
MOVWQZX DI, DI
|
||||
SHRL $0x10, DI
|
||||
LEAQ (BX)(R14*1), CX
|
||||
MOVQ DX, R15
|
||||
MOVQ CX, BX
|
||||
|
@ -177,8 +176,7 @@ sequenceDecs_decode_amd64_ll_update_zero:
|
|||
|
||||
// Update Match Length State
|
||||
MOVBQZX R8, R14
|
||||
SHRQ $0x10, R8
|
||||
MOVWQZX R8, R8
|
||||
SHRL $0x10, R8
|
||||
LEAQ (BX)(R14*1), CX
|
||||
MOVQ DX, R15
|
||||
MOVQ CX, BX
|
||||
|
@ -197,8 +195,7 @@ sequenceDecs_decode_amd64_ll_update_zero:
|
|||
|
||||
// Update Offset State
|
||||
MOVBQZX R9, R14
|
||||
SHRQ $0x10, R9
|
||||
MOVWQZX R9, R9
|
||||
SHRL $0x10, R9
|
||||
LEAQ (BX)(R14*1), CX
|
||||
MOVQ DX, R15
|
||||
MOVQ CX, BX
|
||||
|
@ -459,8 +456,7 @@ sequenceDecs_decode_56_amd64_ll_update_zero:
|
|||
|
||||
// Update Literal Length State
|
||||
MOVBQZX DI, R14
|
||||
SHRQ $0x10, DI
|
||||
MOVWQZX DI, DI
|
||||
SHRL $0x10, DI
|
||||
LEAQ (BX)(R14*1), CX
|
||||
MOVQ DX, R15
|
||||
MOVQ CX, BX
|
||||
|
@ -479,8 +475,7 @@ sequenceDecs_decode_56_amd64_ll_update_zero:
|
|||
|
||||
// Update Match Length State
|
||||
MOVBQZX R8, R14
|
||||
SHRQ $0x10, R8
|
||||
MOVWQZX R8, R8
|
||||
SHRL $0x10, R8
|
||||
LEAQ (BX)(R14*1), CX
|
||||
MOVQ DX, R15
|
||||
MOVQ CX, BX
|
||||
|
@ -499,8 +494,7 @@ sequenceDecs_decode_56_amd64_ll_update_zero:
|
|||
|
||||
// Update Offset State
|
||||
MOVBQZX R9, R14
|
||||
SHRQ $0x10, R9
|
||||
MOVWQZX R9, R9
|
||||
SHRL $0x10, R9
|
||||
LEAQ (BX)(R14*1), CX
|
||||
MOVQ DX, R15
|
||||
MOVQ CX, BX
|
||||
|
@ -772,11 +766,10 @@ sequenceDecs_decode_bmi2_fill_2_end:
|
|||
BZHIQ R14, R15, R15
|
||||
|
||||
// Update Offset State
|
||||
BZHIQ R8, R15, CX
|
||||
SHRXQ R8, R15, R15
|
||||
MOVQ $0x00001010, R14
|
||||
BEXTRQ R14, R8, R8
|
||||
ADDQ CX, R8
|
||||
BZHIQ R8, R15, CX
|
||||
SHRXQ R8, R15, R15
|
||||
SHRL $0x10, R8
|
||||
ADDQ CX, R8
|
||||
|
||||
// Load ctx.ofTable
|
||||
MOVQ ctx+16(FP), CX
|
||||
|
@ -784,11 +777,10 @@ sequenceDecs_decode_bmi2_fill_2_end:
|
|||
MOVQ (CX)(R8*8), R8
|
||||
|
||||
// Update Match Length State
|
||||
BZHIQ DI, R15, CX
|
||||
SHRXQ DI, R15, R15
|
||||
MOVQ $0x00001010, R14
|
||||
BEXTRQ R14, DI, DI
|
||||
ADDQ CX, DI
|
||||
BZHIQ DI, R15, CX
|
||||
SHRXQ DI, R15, R15
|
||||
SHRL $0x10, DI
|
||||
ADDQ CX, DI
|
||||
|
||||
// Load ctx.mlTable
|
||||
MOVQ ctx+16(FP), CX
|
||||
|
@ -796,10 +788,9 @@ sequenceDecs_decode_bmi2_fill_2_end:
|
|||
MOVQ (CX)(DI*8), DI
|
||||
|
||||
// Update Literal Length State
|
||||
BZHIQ SI, R15, CX
|
||||
MOVQ $0x00001010, R14
|
||||
BEXTRQ R14, SI, SI
|
||||
ADDQ CX, SI
|
||||
BZHIQ SI, R15, CX
|
||||
SHRL $0x10, SI
|
||||
ADDQ CX, SI
|
||||
|
||||
// Load ctx.llTable
|
||||
MOVQ ctx+16(FP), CX
|
||||
|
@ -1032,11 +1023,10 @@ sequenceDecs_decode_56_bmi2_fill_end:
|
|||
BZHIQ R14, R15, R15
|
||||
|
||||
// Update Offset State
|
||||
BZHIQ R8, R15, CX
|
||||
SHRXQ R8, R15, R15
|
||||
MOVQ $0x00001010, R14
|
||||
BEXTRQ R14, R8, R8
|
||||
ADDQ CX, R8
|
||||
BZHIQ R8, R15, CX
|
||||
SHRXQ R8, R15, R15
|
||||
SHRL $0x10, R8
|
||||
ADDQ CX, R8
|
||||
|
||||
// Load ctx.ofTable
|
||||
MOVQ ctx+16(FP), CX
|
||||
|
@ -1044,11 +1034,10 @@ sequenceDecs_decode_56_bmi2_fill_end:
|
|||
MOVQ (CX)(R8*8), R8
|
||||
|
||||
// Update Match Length State
|
||||
BZHIQ DI, R15, CX
|
||||
SHRXQ DI, R15, R15
|
||||
MOVQ $0x00001010, R14
|
||||
BEXTRQ R14, DI, DI
|
||||
ADDQ CX, DI
|
||||
BZHIQ DI, R15, CX
|
||||
SHRXQ DI, R15, R15
|
||||
SHRL $0x10, DI
|
||||
ADDQ CX, DI
|
||||
|
||||
// Load ctx.mlTable
|
||||
MOVQ ctx+16(FP), CX
|
||||
|
@ -1056,10 +1045,9 @@ sequenceDecs_decode_56_bmi2_fill_end:
|
|||
MOVQ (CX)(DI*8), DI
|
||||
|
||||
// Update Literal Length State
|
||||
BZHIQ SI, R15, CX
|
||||
MOVQ $0x00001010, R14
|
||||
BEXTRQ R14, SI, SI
|
||||
ADDQ CX, SI
|
||||
BZHIQ SI, R15, CX
|
||||
SHRL $0x10, SI
|
||||
ADDQ CX, SI
|
||||
|
||||
// Load ctx.llTable
|
||||
MOVQ ctx+16(FP), CX
|
||||
|
@ -1967,8 +1955,7 @@ sequenceDecs_decodeSync_amd64_ll_update_zero:
|
|||
|
||||
// Update Literal Length State
|
||||
MOVBQZX DI, R13
|
||||
SHRQ $0x10, DI
|
||||
MOVWQZX DI, DI
|
||||
SHRL $0x10, DI
|
||||
LEAQ (BX)(R13*1), CX
|
||||
MOVQ DX, R14
|
||||
MOVQ CX, BX
|
||||
|
@ -1987,8 +1974,7 @@ sequenceDecs_decodeSync_amd64_ll_update_zero:
|
|||
|
||||
// Update Match Length State
|
||||
MOVBQZX R8, R13
|
||||
SHRQ $0x10, R8
|
||||
MOVWQZX R8, R8
|
||||
SHRL $0x10, R8
|
||||
LEAQ (BX)(R13*1), CX
|
||||
MOVQ DX, R14
|
||||
MOVQ CX, BX
|
||||
|
@ -2007,8 +1993,7 @@ sequenceDecs_decodeSync_amd64_ll_update_zero:
|
|||
|
||||
// Update Offset State
|
||||
MOVBQZX R9, R13
|
||||
SHRQ $0x10, R9
|
||||
MOVWQZX R9, R9
|
||||
SHRL $0x10, R9
|
||||
LEAQ (BX)(R13*1), CX
|
||||
MOVQ DX, R14
|
||||
MOVQ CX, BX
|
||||
|
@ -2514,11 +2499,10 @@ sequenceDecs_decodeSync_bmi2_fill_2_end:
|
|||
BZHIQ R13, R14, R14
|
||||
|
||||
// Update Offset State
|
||||
BZHIQ R8, R14, CX
|
||||
SHRXQ R8, R14, R14
|
||||
MOVQ $0x00001010, R13
|
||||
BEXTRQ R13, R8, R8
|
||||
ADDQ CX, R8
|
||||
BZHIQ R8, R14, CX
|
||||
SHRXQ R8, R14, R14
|
||||
SHRL $0x10, R8
|
||||
ADDQ CX, R8
|
||||
|
||||
// Load ctx.ofTable
|
||||
MOVQ ctx+16(FP), CX
|
||||
|
@ -2526,11 +2510,10 @@ sequenceDecs_decodeSync_bmi2_fill_2_end:
|
|||
MOVQ (CX)(R8*8), R8
|
||||
|
||||
// Update Match Length State
|
||||
BZHIQ DI, R14, CX
|
||||
SHRXQ DI, R14, R14
|
||||
MOVQ $0x00001010, R13
|
||||
BEXTRQ R13, DI, DI
|
||||
ADDQ CX, DI
|
||||
BZHIQ DI, R14, CX
|
||||
SHRXQ DI, R14, R14
|
||||
SHRL $0x10, DI
|
||||
ADDQ CX, DI
|
||||
|
||||
// Load ctx.mlTable
|
||||
MOVQ ctx+16(FP), CX
|
||||
|
@ -2538,10 +2521,9 @@ sequenceDecs_decodeSync_bmi2_fill_2_end:
|
|||
MOVQ (CX)(DI*8), DI
|
||||
|
||||
// Update Literal Length State
|
||||
BZHIQ SI, R14, CX
|
||||
MOVQ $0x00001010, R13
|
||||
BEXTRQ R13, SI, SI
|
||||
ADDQ CX, SI
|
||||
BZHIQ SI, R14, CX
|
||||
SHRL $0x10, SI
|
||||
ADDQ CX, SI
|
||||
|
||||
// Load ctx.llTable
|
||||
MOVQ ctx+16(FP), CX
|
||||
|
@ -3055,8 +3037,7 @@ sequenceDecs_decodeSync_safe_amd64_ll_update_zero:
|
|||
|
||||
// Update Literal Length State
|
||||
MOVBQZX DI, R13
|
||||
SHRQ $0x10, DI
|
||||
MOVWQZX DI, DI
|
||||
SHRL $0x10, DI
|
||||
LEAQ (BX)(R13*1), CX
|
||||
MOVQ DX, R14
|
||||
MOVQ CX, BX
|
||||
|
@ -3075,8 +3056,7 @@ sequenceDecs_decodeSync_safe_amd64_ll_update_zero:
|
|||
|
||||
// Update Match Length State
|
||||
MOVBQZX R8, R13
|
||||
SHRQ $0x10, R8
|
||||
MOVWQZX R8, R8
|
||||
SHRL $0x10, R8
|
||||
LEAQ (BX)(R13*1), CX
|
||||
MOVQ DX, R14
|
||||
MOVQ CX, BX
|
||||
|
@ -3095,8 +3075,7 @@ sequenceDecs_decodeSync_safe_amd64_ll_update_zero:
|
|||
|
||||
// Update Offset State
|
||||
MOVBQZX R9, R13
|
||||
SHRQ $0x10, R9
|
||||
MOVWQZX R9, R9
|
||||
SHRL $0x10, R9
|
||||
LEAQ (BX)(R13*1), CX
|
||||
MOVQ DX, R14
|
||||
MOVQ CX, BX
|
||||
|
@ -3704,11 +3683,10 @@ sequenceDecs_decodeSync_safe_bmi2_fill_2_end:
|
|||
BZHIQ R13, R14, R14
|
||||
|
||||
// Update Offset State
|
||||
BZHIQ R8, R14, CX
|
||||
SHRXQ R8, R14, R14
|
||||
MOVQ $0x00001010, R13
|
||||
BEXTRQ R13, R8, R8
|
||||
ADDQ CX, R8
|
||||
BZHIQ R8, R14, CX
|
||||
SHRXQ R8, R14, R14
|
||||
SHRL $0x10, R8
|
||||
ADDQ CX, R8
|
||||
|
||||
// Load ctx.ofTable
|
||||
MOVQ ctx+16(FP), CX
|
||||
|
@ -3716,11 +3694,10 @@ sequenceDecs_decodeSync_safe_bmi2_fill_2_end:
|
|||
MOVQ (CX)(R8*8), R8
|
||||
|
||||
// Update Match Length State
|
||||
BZHIQ DI, R14, CX
|
||||
SHRXQ DI, R14, R14
|
||||
MOVQ $0x00001010, R13
|
||||
BEXTRQ R13, DI, DI
|
||||
ADDQ CX, DI
|
||||
BZHIQ DI, R14, CX
|
||||
SHRXQ DI, R14, R14
|
||||
SHRL $0x10, DI
|
||||
ADDQ CX, DI
|
||||
|
||||
// Load ctx.mlTable
|
||||
MOVQ ctx+16(FP), CX
|
||||
|
@ -3728,10 +3705,9 @@ sequenceDecs_decodeSync_safe_bmi2_fill_2_end:
|
|||
MOVQ (CX)(DI*8), DI
|
||||
|
||||
// Update Literal Length State
|
||||
BZHIQ SI, R14, CX
|
||||
MOVQ $0x00001010, R13
|
||||
BEXTRQ R13, SI, SI
|
||||
ADDQ CX, SI
|
||||
BZHIQ SI, R14, CX
|
||||
SHRL $0x10, SI
|
||||
ADDQ CX, SI
|
||||
|
||||
// Load ctx.llTable
|
||||
MOVQ ctx+16(FP), CX
|
||||
|
|
103
vendor/github.com/prometheus/prometheus/config/config.go
generated
vendored
103
vendor/github.com/prometheus/prometheus/config/config.go
generated
vendored
|
@ -19,6 +19,7 @@ import (
|
|||
"net/url"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"sort"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
|
@ -143,18 +144,21 @@ var (
|
|||
ScrapeInterval: model.Duration(1 * time.Minute),
|
||||
ScrapeTimeout: model.Duration(10 * time.Second),
|
||||
EvaluationInterval: model.Duration(1 * time.Minute),
|
||||
// When native histogram feature flag is enabled, ScrapeProtocols default
|
||||
// changes to DefaultNativeHistogramScrapeProtocols.
|
||||
ScrapeProtocols: DefaultScrapeProtocols,
|
||||
}
|
||||
|
||||
// DefaultScrapeConfig is the default scrape configuration.
|
||||
DefaultScrapeConfig = ScrapeConfig{
|
||||
// ScrapeTimeout and ScrapeInterval default to the configured
|
||||
// globals.
|
||||
// ScrapeTimeout, ScrapeInterval and ScrapeProtocols default to the configured globals.
|
||||
ScrapeClassicHistograms: false,
|
||||
MetricsPath: "/metrics",
|
||||
Scheme: "http",
|
||||
HonorLabels: false,
|
||||
HonorTimestamps: true,
|
||||
HTTPClientConfig: config.DefaultHTTPClientConfig,
|
||||
EnableCompression: true,
|
||||
}
|
||||
|
||||
// DefaultAlertmanagerConfig is the default alertmanager configuration.
|
||||
|
@ -260,7 +264,7 @@ func (c Config) String() string {
|
|||
return string(b)
|
||||
}
|
||||
|
||||
// ScrapeConfigs returns the scrape configurations.
|
||||
// GetScrapeConfigs returns the scrape configurations.
|
||||
func (c *Config) GetScrapeConfigs() ([]*ScrapeConfig, error) {
|
||||
scfgs := make([]*ScrapeConfig, len(c.ScrapeConfigs))
|
||||
|
||||
|
@ -385,6 +389,11 @@ type GlobalConfig struct {
|
|||
ScrapeInterval model.Duration `yaml:"scrape_interval,omitempty"`
|
||||
// The default timeout when scraping targets.
|
||||
ScrapeTimeout model.Duration `yaml:"scrape_timeout,omitempty"`
|
||||
// The protocols to negotiate during a scrape. It tells clients what
|
||||
// protocol are accepted by Prometheus and with what weight (most wanted is first).
|
||||
// Supported values (case sensitive): PrometheusProto, OpenMetricsText0.0.1,
|
||||
// OpenMetricsText1.0.0, PrometheusText0.0.4.
|
||||
ScrapeProtocols []ScrapeProtocol `yaml:"scrape_protocols,omitempty"`
|
||||
// How frequently to evaluate rules by default.
|
||||
EvaluationInterval model.Duration `yaml:"evaluation_interval,omitempty"`
|
||||
// File to which PromQL queries are logged.
|
||||
|
@ -414,6 +423,68 @@ type GlobalConfig struct {
|
|||
KeepDroppedTargets uint `yaml:"keep_dropped_targets,omitempty"`
|
||||
}
|
||||
|
||||
// ScrapeProtocol represents supported protocol for scraping metrics.
|
||||
type ScrapeProtocol string
|
||||
|
||||
// Validate returns error if given scrape protocol is not supported.
|
||||
func (s ScrapeProtocol) Validate() error {
|
||||
if _, ok := ScrapeProtocolsHeaders[s]; !ok {
|
||||
return fmt.Errorf("unknown scrape protocol %v, supported: %v",
|
||||
s, func() (ret []string) {
|
||||
for k := range ScrapeProtocolsHeaders {
|
||||
ret = append(ret, string(k))
|
||||
}
|
||||
sort.Strings(ret)
|
||||
return ret
|
||||
}())
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
var (
|
||||
PrometheusProto ScrapeProtocol = "PrometheusProto"
|
||||
PrometheusText0_0_4 ScrapeProtocol = "PrometheusText0.0.4"
|
||||
OpenMetricsText0_0_1 ScrapeProtocol = "OpenMetricsText0.0.1"
|
||||
OpenMetricsText1_0_0 ScrapeProtocol = "OpenMetricsText1.0.0"
|
||||
|
||||
ScrapeProtocolsHeaders = map[ScrapeProtocol]string{
|
||||
PrometheusProto: "application/vnd.google.protobuf;proto=io.prometheus.client.MetricFamily;encoding=delimited",
|
||||
PrometheusText0_0_4: "text/plain;version=0.0.4",
|
||||
OpenMetricsText0_0_1: "application/openmetrics-text;version=0.0.1",
|
||||
OpenMetricsText1_0_0: "application/openmetrics-text;version=1.0.0",
|
||||
}
|
||||
|
||||
DefaultScrapeProtocols = []ScrapeProtocol{
|
||||
OpenMetricsText1_0_0,
|
||||
OpenMetricsText0_0_1,
|
||||
PrometheusText0_0_4,
|
||||
}
|
||||
DefaultNativeHistogramScrapeProtocols = []ScrapeProtocol{
|
||||
PrometheusProto,
|
||||
OpenMetricsText1_0_0,
|
||||
OpenMetricsText0_0_1,
|
||||
PrometheusText0_0_4,
|
||||
}
|
||||
)
|
||||
|
||||
// validateAcceptScrapeProtocols return errors if we see problems with accept scrape protocols option.
|
||||
func validateAcceptScrapeProtocols(sps []ScrapeProtocol) error {
|
||||
if len(sps) == 0 {
|
||||
return errors.New("scrape_protocols cannot be empty")
|
||||
}
|
||||
dups := map[string]struct{}{}
|
||||
for _, sp := range sps {
|
||||
if _, ok := dups[strings.ToLower(string(sp))]; ok {
|
||||
return fmt.Errorf("duplicated protocol in scrape_protocols, got %v", sps)
|
||||
}
|
||||
if err := sp.Validate(); err != nil {
|
||||
return fmt.Errorf("scrape_protocols: %w", err)
|
||||
}
|
||||
dups[strings.ToLower(string(sp))] = struct{}{}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// SetDirectory joins any relative file paths with dir.
|
||||
func (c *GlobalConfig) SetDirectory(dir string) {
|
||||
c.QueryLogFile = config.JoinDir(dir, c.QueryLogFile)
|
||||
|
@ -459,6 +530,14 @@ func (c *GlobalConfig) UnmarshalYAML(unmarshal func(interface{}) error) error {
|
|||
if gc.EvaluationInterval == 0 {
|
||||
gc.EvaluationInterval = DefaultGlobalConfig.EvaluationInterval
|
||||
}
|
||||
|
||||
if gc.ScrapeProtocols == nil {
|
||||
gc.ScrapeProtocols = DefaultGlobalConfig.ScrapeProtocols
|
||||
}
|
||||
if err := validateAcceptScrapeProtocols(gc.ScrapeProtocols); err != nil {
|
||||
return fmt.Errorf("%w for global config", err)
|
||||
}
|
||||
|
||||
*c = *gc
|
||||
return nil
|
||||
}
|
||||
|
@ -469,7 +548,8 @@ func (c *GlobalConfig) isZero() bool {
|
|||
c.ScrapeInterval == 0 &&
|
||||
c.ScrapeTimeout == 0 &&
|
||||
c.EvaluationInterval == 0 &&
|
||||
c.QueryLogFile == ""
|
||||
c.QueryLogFile == "" &&
|
||||
c.ScrapeProtocols == nil
|
||||
}
|
||||
|
||||
type ScrapeConfigs struct {
|
||||
|
@ -492,12 +572,19 @@ type ScrapeConfig struct {
|
|||
ScrapeInterval model.Duration `yaml:"scrape_interval,omitempty"`
|
||||
// The timeout for scraping targets of this config.
|
||||
ScrapeTimeout model.Duration `yaml:"scrape_timeout,omitempty"`
|
||||
// The protocols to negotiate during a scrape. It tells clients what
|
||||
// protocol are accepted by Prometheus and with what preference (most wanted is first).
|
||||
// Supported values (case sensitive): PrometheusProto, OpenMetricsText0.0.1,
|
||||
// OpenMetricsText1.0.0, PrometheusText0.0.4.
|
||||
ScrapeProtocols []ScrapeProtocol `yaml:"scrape_protocols,omitempty"`
|
||||
// Whether to scrape a classic histogram that is also exposed as a native histogram.
|
||||
ScrapeClassicHistograms bool `yaml:"scrape_classic_histograms,omitempty"`
|
||||
// The HTTP resource path on which to fetch metrics from targets.
|
||||
MetricsPath string `yaml:"metrics_path,omitempty"`
|
||||
// The URL scheme with which to fetch metrics from targets.
|
||||
Scheme string `yaml:"scheme,omitempty"`
|
||||
// Indicator whether to request compressed response from the target.
|
||||
EnableCompression bool `yaml:"enable_compression"`
|
||||
// An uncompressed response body larger than this many bytes will cause the
|
||||
// scrape to fail. 0 means no limit.
|
||||
BodySizeLimit units.Base2Bytes `yaml:"body_size_limit,omitempty"`
|
||||
|
@ -579,6 +666,7 @@ func (c *ScrapeConfig) UnmarshalYAML(unmarshal func(interface{}) error) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
// Validate validates scrape config, but also fills relevant default values from global config if needed.
|
||||
func (c *ScrapeConfig) Validate(globalConfig GlobalConfig) error {
|
||||
if c == nil {
|
||||
return errors.New("empty or null scrape config section")
|
||||
|
@ -620,6 +708,13 @@ func (c *ScrapeConfig) Validate(globalConfig GlobalConfig) error {
|
|||
c.KeepDroppedTargets = globalConfig.KeepDroppedTargets
|
||||
}
|
||||
|
||||
if c.ScrapeProtocols == nil {
|
||||
c.ScrapeProtocols = globalConfig.ScrapeProtocols
|
||||
}
|
||||
if err := validateAcceptScrapeProtocols(c.ScrapeProtocols); err != nil {
|
||||
return fmt.Errorf("%w for scrape config with job name %q", err, c.JobName)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue