mirror of
https://github.com/VictoriaMetrics/VictoriaMetrics.git
synced 2024-12-01 14:47:38 +00:00
vendor: run make vendor-update
This commit is contained in:
parent
041a6369e7
commit
2711770b10
776 changed files with 82225 additions and 10320 deletions
121
go.mod
121
go.mod
|
@ -3,9 +3,9 @@ module github.com/VictoriaMetrics/VictoriaMetrics
|
|||
go 1.19
|
||||
|
||||
require (
|
||||
cloud.google.com/go/storage v1.30.1
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.6.0
|
||||
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.0.0
|
||||
cloud.google.com/go/storage v1.31.0
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.7.0
|
||||
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.1.0
|
||||
github.com/VictoriaMetrics/fastcache v1.12.1
|
||||
|
||||
// Do not use the original github.com/valyala/fasthttp because of issues
|
||||
|
@ -13,59 +13,61 @@ require (
|
|||
github.com/VictoriaMetrics/fasthttp v1.2.0
|
||||
github.com/VictoriaMetrics/metrics v1.24.0
|
||||
github.com/VictoriaMetrics/metricsql v0.56.2
|
||||
github.com/aws/aws-sdk-go-v2 v1.18.0
|
||||
github.com/aws/aws-sdk-go-v2/config v1.18.25
|
||||
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.67
|
||||
github.com/aws/aws-sdk-go-v2/service/s3 v1.33.1
|
||||
github.com/aws/aws-sdk-go-v2 v1.20.1
|
||||
github.com/aws/aws-sdk-go-v2/config v1.18.33
|
||||
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.77
|
||||
github.com/aws/aws-sdk-go-v2/service/s3 v1.38.2
|
||||
github.com/cespare/xxhash/v2 v2.2.0
|
||||
github.com/cheggaaa/pb/v3 v3.1.2
|
||||
github.com/cheggaaa/pb/v3 v3.1.4
|
||||
github.com/gogo/protobuf v1.3.2
|
||||
github.com/golang/snappy v0.0.4
|
||||
github.com/googleapis/gax-go/v2 v2.8.0
|
||||
github.com/influxdata/influxdb v1.11.1
|
||||
github.com/klauspost/compress v1.16.5
|
||||
github.com/prometheus/prometheus v0.44.0
|
||||
github.com/urfave/cli/v2 v2.25.3
|
||||
github.com/googleapis/gax-go/v2 v2.12.0
|
||||
github.com/influxdata/influxdb v1.11.2
|
||||
github.com/klauspost/compress v1.16.7
|
||||
github.com/prometheus/prometheus v0.46.0
|
||||
github.com/urfave/cli/v2 v2.25.7
|
||||
github.com/valyala/fastjson v1.6.4
|
||||
github.com/valyala/fastrand v1.1.0
|
||||
github.com/valyala/fasttemplate v1.2.2
|
||||
github.com/valyala/gozstd v1.20.1
|
||||
github.com/valyala/histogram v1.2.0
|
||||
github.com/valyala/quicktemplate v1.7.0
|
||||
golang.org/x/net v0.10.0
|
||||
golang.org/x/oauth2 v0.8.0
|
||||
golang.org/x/sys v0.8.0
|
||||
google.golang.org/api v0.123.0
|
||||
golang.org/x/net v0.14.0
|
||||
golang.org/x/oauth2 v0.11.0
|
||||
golang.org/x/sys v0.11.0
|
||||
google.golang.org/api v0.136.0
|
||||
gopkg.in/yaml.v2 v2.4.0
|
||||
)
|
||||
|
||||
require (
|
||||
cloud.google.com/go v0.110.2 // indirect
|
||||
cloud.google.com/go/compute v1.19.3 // indirect
|
||||
cloud.google.com/go v0.110.7 // indirect
|
||||
cloud.google.com/go/compute v1.23.0 // indirect
|
||||
cloud.google.com/go/compute/metadata v0.2.3 // indirect
|
||||
cloud.google.com/go/iam v1.0.1 // indirect
|
||||
cloud.google.com/go/iam v1.1.2 // indirect
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0 // indirect
|
||||
github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0 // indirect
|
||||
github.com/AzureAD/microsoft-authentication-library-for-go v1.1.0 // indirect
|
||||
github.com/VividCortex/ewma v1.2.0 // indirect
|
||||
github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137 // indirect
|
||||
github.com/aws/aws-sdk-go v1.44.265 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.10 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/credentials v1.13.24 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.3 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.33 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.27 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.34 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.25 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.11 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.28 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.27 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.14.2 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/sso v1.12.10 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.10 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.19.0 // indirect
|
||||
github.com/aws/smithy-go v1.13.5 // indirect
|
||||
github.com/aws/aws-sdk-go v1.44.322 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.12 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/credentials v1.13.32 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.8 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.38 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.32 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.39 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/v4a v1.1.1 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.13 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.33 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.32 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.15.1 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/sso v1.13.2 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.15.2 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.21.2 // indirect
|
||||
github.com/aws/smithy-go v1.14.1 // indirect
|
||||
github.com/beorn7/perks v1.0.1 // indirect
|
||||
github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect
|
||||
github.com/davecgh/go-spew v1.1.1 // indirect
|
||||
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
|
||||
github.com/dennwc/varint v1.0.0 // indirect
|
||||
github.com/fatih/color v1.15.0 // indirect
|
||||
github.com/felixge/httpsnoop v1.0.3 // indirect
|
||||
|
@ -73,49 +75,54 @@ require (
|
|||
github.com/go-logfmt/logfmt v0.6.0 // indirect
|
||||
github.com/go-logr/logr v1.2.4 // indirect
|
||||
github.com/go-logr/stdr v1.2.2 // indirect
|
||||
github.com/golang-jwt/jwt/v5 v5.0.0 // indirect
|
||||
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
|
||||
github.com/golang/protobuf v1.5.3 // indirect
|
||||
github.com/google/go-cmp v0.5.9 // indirect
|
||||
github.com/google/s2a-go v0.1.3 // indirect
|
||||
github.com/google/s2a-go v0.1.5 // indirect
|
||||
github.com/google/uuid v1.3.0 // indirect
|
||||
github.com/googleapis/enterprise-certificate-proxy v0.2.3 // indirect
|
||||
github.com/googleapis/enterprise-certificate-proxy v0.2.5 // indirect
|
||||
github.com/grafana/regexp v0.0.0-20221122212121-6b5c0a4cb7fd // indirect
|
||||
github.com/jmespath/go-jmespath v0.4.0 // indirect
|
||||
github.com/jpillora/backoff v1.0.0 // indirect
|
||||
github.com/kylelemons/godebug v1.1.0 // indirect
|
||||
github.com/mattn/go-colorable v0.1.13 // indirect
|
||||
github.com/mattn/go-isatty v0.0.18 // indirect
|
||||
github.com/mattn/go-runewidth v0.0.14 // indirect
|
||||
github.com/mattn/go-isatty v0.0.19 // indirect
|
||||
github.com/mattn/go-runewidth v0.0.15 // indirect
|
||||
github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
|
||||
github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f // indirect
|
||||
github.com/oklog/ulid v1.3.1 // indirect
|
||||
github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 // indirect
|
||||
github.com/pkg/errors v0.9.1 // indirect
|
||||
github.com/pmezard/go-difflib v1.0.0 // indirect
|
||||
github.com/prometheus/client_golang v1.15.1 // indirect
|
||||
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
|
||||
github.com/prometheus/client_golang v1.16.0 // indirect
|
||||
github.com/prometheus/client_model v0.4.0 // indirect
|
||||
github.com/prometheus/common v0.43.0 // indirect
|
||||
github.com/prometheus/common v0.44.0 // indirect
|
||||
github.com/prometheus/common/sigv4 v0.1.0 // indirect
|
||||
github.com/prometheus/procfs v0.9.0 // indirect
|
||||
github.com/prometheus/procfs v0.11.1 // indirect
|
||||
github.com/rivo/uniseg v0.4.4 // indirect
|
||||
github.com/russross/blackfriday/v2 v2.1.0 // indirect
|
||||
github.com/stretchr/testify v1.8.2 // indirect
|
||||
github.com/stretchr/testify v1.8.4 // indirect
|
||||
github.com/valyala/bytebufferpool v1.0.0 // indirect
|
||||
github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect
|
||||
go.opencensus.io v0.24.0 // indirect
|
||||
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.41.1 // indirect
|
||||
go.opentelemetry.io/otel v1.15.1 // indirect
|
||||
go.opentelemetry.io/otel/metric v0.38.1 // indirect
|
||||
go.opentelemetry.io/otel/trace v1.15.1 // indirect
|
||||
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.42.0 // indirect
|
||||
go.opentelemetry.io/otel v1.16.0 // indirect
|
||||
go.opentelemetry.io/otel/metric v1.16.0 // indirect
|
||||
go.opentelemetry.io/otel/trace v1.16.0 // indirect
|
||||
go.uber.org/atomic v1.11.0 // indirect
|
||||
go.uber.org/goleak v1.2.1 // indirect
|
||||
golang.org/x/crypto v0.9.0 // indirect
|
||||
golang.org/x/exp v0.0.0-20230515195305-f3d0a9c9a5cc // indirect
|
||||
golang.org/x/sync v0.2.0 // indirect
|
||||
golang.org/x/text v0.9.0 // indirect
|
||||
golang.org/x/crypto v0.12.0 // indirect
|
||||
golang.org/x/exp v0.0.0-20230713183714-613f0c0eb8a1 // indirect
|
||||
golang.org/x/sync v0.3.0 // indirect
|
||||
golang.org/x/text v0.12.0 // indirect
|
||||
golang.org/x/time v0.3.0 // indirect
|
||||
golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
|
||||
google.golang.org/appengine v1.6.7 // indirect
|
||||
google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 // indirect
|
||||
google.golang.org/grpc v1.55.0 // indirect
|
||||
google.golang.org/protobuf v1.30.0 // indirect
|
||||
google.golang.org/genproto v0.0.0-20230807174057-1744710a1577 // indirect
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20230807174057-1744710a1577 // indirect
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20230807174057-1744710a1577 // indirect
|
||||
google.golang.org/grpc v1.57.0 // indirect
|
||||
google.golang.org/protobuf v1.31.0 // indirect
|
||||
gopkg.in/yaml.v3 v3.0.1 // indirect
|
||||
)
|
||||
|
|
312
go.sum
312
go.sum
|
@ -13,23 +13,22 @@ cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKV
|
|||
cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs=
|
||||
cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc=
|
||||
cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY=
|
||||
cloud.google.com/go v0.110.2 h1:sdFPBr6xG9/wkBbfhmUz/JmZC7X6LavQgcrVINrKiVA=
|
||||
cloud.google.com/go v0.110.2/go.mod h1:k04UEeEtb6ZBRTv3dZz4CeJC3jKGxyhl0sAiVVquxiw=
|
||||
cloud.google.com/go v0.110.7 h1:rJyC7nWRg2jWGZ4wSJ5nY65GTdYJkg0cd/uXb+ACI6o=
|
||||
cloud.google.com/go v0.110.7/go.mod h1:+EYjdK8e5RME/VY/qLCAtuyALQ9q67dvuum8i+H5xsI=
|
||||
cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o=
|
||||
cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE=
|
||||
cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc=
|
||||
cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg=
|
||||
cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc=
|
||||
cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ=
|
||||
cloud.google.com/go/compute v1.19.3 h1:DcTwsFgGev/wV5+q8o2fzgcHOaac+DKGC91ZlvpsQds=
|
||||
cloud.google.com/go/compute v1.19.3/go.mod h1:qxvISKp/gYnXkSAD1ppcSOveRAmzxicEv/JlizULFrI=
|
||||
cloud.google.com/go/compute v1.23.0 h1:tP41Zoavr8ptEqaW6j+LQOnyBBhO7OkOMAGrgLopTwY=
|
||||
cloud.google.com/go/compute v1.23.0/go.mod h1:4tCnrn48xsqlwSAiLf1HXMQk8CONslYbdiEZc9FEIbM=
|
||||
cloud.google.com/go/compute/metadata v0.2.3 h1:mg4jlk7mCAj6xXp9UJ4fjI9VUI5rubuGBW5aJ7UnBMY=
|
||||
cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2AawlZn8kiOGuCv6gTkwuA=
|
||||
cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE=
|
||||
cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk=
|
||||
cloud.google.com/go/iam v1.0.1 h1:lyeCAU6jpnVNrE9zGQkTl3WgNgK/X+uWwaw0kynZJMU=
|
||||
cloud.google.com/go/iam v1.0.1/go.mod h1:yR3tmSL8BcZB4bxByRv2jkSIahVmCtfKZwLYGBalRE8=
|
||||
cloud.google.com/go/longrunning v0.4.1 h1:v+yFJOfKC3yZdY6ZUI933pIYdhyhV8S3NpWrXWmg7jM=
|
||||
cloud.google.com/go/iam v1.1.2 h1:gacbrBdWcoVmGLozRuStX45YKvJtzIjJdAolzUs1sm4=
|
||||
cloud.google.com/go/iam v1.1.2/go.mod h1:A5avdyVL2tCppe4unb0951eI9jreack+RJ0/d+KUZOU=
|
||||
cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I=
|
||||
cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw=
|
||||
cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA=
|
||||
|
@ -39,29 +38,32 @@ cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0Zeo
|
|||
cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk=
|
||||
cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
|
||||
cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
|
||||
cloud.google.com/go/storage v1.30.1 h1:uOdMxAs8HExqBlnLtnQyP0YkvbiDpdGShGKtx6U/oNM=
|
||||
cloud.google.com/go/storage v1.30.1/go.mod h1:NfxhC0UJE1aXSx7CIIbCf7y9HKT7BiccwkR7+P7gN8E=
|
||||
cloud.google.com/go/storage v1.31.0 h1:+S3LjjEN2zZ+L5hOwj4+1OkGCsLVe0NzpXKQ1pSdTCI=
|
||||
cloud.google.com/go/storage v1.31.0/go.mod h1:81ams1PrhW16L4kF7qg+4mTq7SRs5HsbDTM0bWvrwJ0=
|
||||
dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
|
||||
github.com/Azure/azure-sdk-for-go v65.0.0+incompatible h1:HzKLt3kIwMm4KeJYTdx9EbjRYTySD/t8i1Ee/W5EGXw=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.6.0 h1:8kDqDngH+DmVBiCtIjCFTGa7MBnsIOkF9IccInFEbjk=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.6.0/go.mod h1:bjGvMhVMb+EEm3VRNQawDMUyMMjo+S5ewNjflkep/0Q=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.1.0 h1:QkAcEIAKbNL4KoFr4SathZPhDhF4mVwpBMFlYjyAqy8=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.7.0 h1:8q4SaHjFsClSvuVne0ID/5Ka8u3fcIHyqkLjcFpNRHQ=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.7.0/go.mod h1:bjGvMhVMb+EEm3VRNQawDMUyMMjo+S5ewNjflkep/0Q=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0 h1:vcYCAze6p19qBW7MhZybIsqD8sMV8js0NyQM8JDnVtg=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0/go.mod h1:OQeznEEkTZ9OrhHJoDD8ZDq51FHgXjqtP9z6bEwBq9U=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0 h1:sXr+ck84g/ZlZUOZiNELInmMgOsuGwdjjVkEIde0OtY=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0/go.mod h1:okt5dMMTOFjX/aovMlrjvvXoPMBVSPzk9185BT0+eZM=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.0.0 h1:u/LLAOFgsMv7HmNL4Qufg58y+qElGOt5qv0z1mURkRY=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.0.0/go.mod h1:2e8rMJtl2+2j+HXbTBwnyGpm5Nou7KhvSfxOq8JpTag=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage v1.2.0 h1:Ma67P/GGprNwsslzEH6+Kb8nybI8jpDTm4Wmzu2ReK8=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.1.0 h1:nVocQV40OQne5613EeLayJiRAJuKlBGy+m22qWG+WRg=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.1.0/go.mod h1:7QJP7dr2wznCMeqIrhMgWGf7XpAQnVrJqDm9nvV3Cu4=
|
||||
github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs=
|
||||
github.com/Azure/go-autorest/autorest v0.11.28 h1:ndAExarwr5Y+GaHE6VCaY1kyS/HwwGGyuimVhWsHOEM=
|
||||
github.com/Azure/go-autorest/autorest v0.11.29 h1:I4+HL/JDvErx2LjyzaVxllw2lRDB5/BT2Bm4g20iqYw=
|
||||
github.com/Azure/go-autorest/autorest/adal v0.9.23 h1:Yepx8CvFxwNKpH6ja7RZ+sKX+DWYNldbLiALMC3BTz8=
|
||||
github.com/Azure/go-autorest/autorest/date v0.3.0 h1:7gUk1U5M/CQbp9WoqinNzJar+8KY+LPI6wiWrP/myHw=
|
||||
github.com/Azure/go-autorest/autorest/to v0.4.0 h1:oXVqrxakqqV1UZdSazDOPOLvOIz+XA683u8EctwboHk=
|
||||
github.com/Azure/go-autorest/autorest/validation v0.3.1 h1:AgyqjAd94fwNAoTjl/WQXg4VvFeRFpO+UhNyRXqF1ac=
|
||||
github.com/Azure/go-autorest/logger v0.2.1 h1:IG7i4p/mDa2Ce4TRyAO8IHnVhAVF3RFU+ZtXWSmf4Tg=
|
||||
github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo=
|
||||
github.com/AzureAD/microsoft-authentication-library-for-go v0.5.1 h1:BWe8a+f/t+7KY7zH2mqygeUD0t8hNFXe08p1Pb3/jKE=
|
||||
github.com/AzureAD/microsoft-authentication-library-for-go v1.1.0 h1:HCc0+LpPfpCKs6LGGLAhwBARt9632unrVcI6i8s/8os=
|
||||
github.com/AzureAD/microsoft-authentication-library-for-go v1.1.0/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI=
|
||||
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
|
||||
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
|
||||
github.com/Microsoft/go-winio v0.6.0 h1:slsWYD/zyx7lCXoZVlvQrj0hPTM1HI4+v1sIda2yDvg=
|
||||
github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow=
|
||||
github.com/VictoriaMetrics/fastcache v1.12.1 h1:i0mICQuojGDL3KblA7wUNlY5lOK6a4bwt3uRKnkZU40=
|
||||
github.com/VictoriaMetrics/fastcache v1.12.1/go.mod h1:tX04vaqcNoQeGLD+ra5pU5sWkuxnzWhEzLwhP9w653o=
|
||||
github.com/VictoriaMetrics/fasthttp v1.2.0 h1:nd9Wng4DlNtaI27WlYh5mGXCJOmee/2c2blTJwfyU9I=
|
||||
|
@ -87,46 +89,46 @@ github.com/andybalholm/brotli v1.0.3/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHG
|
|||
github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
|
||||
github.com/armon/go-metrics v0.4.1 h1:hR91U9KYmb6bLBYLQjyM+3j+rcd/UhE+G78SFnF8gJA=
|
||||
github.com/aws/aws-sdk-go v1.38.35/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
|
||||
github.com/aws/aws-sdk-go v1.44.265 h1:rlBuD8OYjM5Vfcf7jDa264oVHqlPqY7y7o+JmrjNFUc=
|
||||
github.com/aws/aws-sdk-go v1.44.265/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
|
||||
github.com/aws/aws-sdk-go-v2 v1.18.0 h1:882kkTpSFhdgYRKVZ/VCgf7sd0ru57p2JCxz4/oN5RY=
|
||||
github.com/aws/aws-sdk-go-v2 v1.18.0/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw=
|
||||
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.10 h1:dK82zF6kkPeCo8J1e+tGx4JdvDIQzj7ygIoLg8WMuGs=
|
||||
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.10/go.mod h1:VeTZetY5KRJLuD/7fkQXMU6Mw7H5m/KP2J5Iy9osMno=
|
||||
github.com/aws/aws-sdk-go-v2/config v1.18.25 h1:JuYyZcnMPBiFqn87L2cRppo+rNwgah6YwD3VuyvaW6Q=
|
||||
github.com/aws/aws-sdk-go-v2/config v1.18.25/go.mod h1:dZnYpD5wTW/dQF0rRNLVypB396zWCcPiBIvdvSWHEg4=
|
||||
github.com/aws/aws-sdk-go-v2/credentials v1.13.24 h1:PjiYyls3QdCrzqUN35jMWtUK1vqVZ+zLfdOa/UPFDp0=
|
||||
github.com/aws/aws-sdk-go-v2/credentials v1.13.24/go.mod h1:jYPYi99wUOPIFi0rhiOvXeSEReVOzBqFNOX5bXYoG2o=
|
||||
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.3 h1:jJPgroehGvjrde3XufFIJUZVK5A2L9a3KwSFgKy9n8w=
|
||||
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.3/go.mod h1:4Q0UFP0YJf0NrsEuEYHpM9fTSEVnD16Z3uyEF7J9JGM=
|
||||
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.67 h1:fI9/5BDEaAv/pv1VO1X1n3jfP9it+IGqWsCuuBQI8wM=
|
||||
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.67/go.mod h1:zQClPRIwQZfJlZq6WZve+s4Tb4JW+3V6eS+4+KrYeP8=
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.33 h1:kG5eQilShqmJbv11XL1VpyDbaEJzWxd4zRiCG30GSn4=
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.33/go.mod h1:7i0PF1ME/2eUPFcjkVIwq+DOygHEoK92t5cDqNgYbIw=
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.27 h1:vFQlirhuM8lLlpI7imKOMsjdQLuN9CPi+k44F/OFVsk=
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.27/go.mod h1:UrHnn3QV/d0pBZ6QBAEQcqFLf8FAzLmoUfPVIueOvoM=
|
||||
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.34 h1:gGLG7yKaXG02/jBlg210R7VgQIotiQntNhsCFejawx8=
|
||||
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.34/go.mod h1:Etz2dj6UHYuw+Xw830KfzCfWGMzqvUTCjUj5b76GVDc=
|
||||
github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.25 h1:AzwRi5OKKwo4QNqPf7TjeO+tK8AyOK3GVSwmRPo7/Cs=
|
||||
github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.25/go.mod h1:SUbB4wcbSEyCvqBxv/O/IBf93RbEze7U7OnoTlpPB+g=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.11 h1:y2+VQzC6Zh2ojtV2LoC0MNwHWc6qXv/j2vrQtlftkdA=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.11/go.mod h1:iV4q2hsqtNECrfmlXyord9u4zyuFEJX9eLgLpSPzWA8=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.28 h1:vGWm5vTpMr39tEZfQeDiDAMgk+5qsnvRny3FjLpnH5w=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.28/go.mod h1:spfrICMD6wCAhjhzHuy6DOZZ+LAIY10UxhUmLzpJTTs=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.27 h1:0iKliEXAcCa2qVtRs7Ot5hItA2MsufrphbRFlz1Owxo=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.27/go.mod h1:EOwBD4J4S5qYszS5/3DpkejfuK+Z5/1uzICfPaZLtqw=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.14.2 h1:NbWkRxEEIRSCqxhsHQuMiTH7yo+JZW1gp8v3elSVMTQ=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.14.2/go.mod h1:4tfW5l4IAB32VWCDEBxCRtR9T4BWy4I4kr1spr8NgZM=
|
||||
github.com/aws/aws-sdk-go-v2/service/s3 v1.33.1 h1:O+9nAy9Bb6bJFTpeNFtd9UfHbgxO1o4ZDAM9rQp5NsY=
|
||||
github.com/aws/aws-sdk-go-v2/service/s3 v1.33.1/go.mod h1:J9kLNzEiHSeGMyN7238EjJmBpCniVzFda75Gxl/NqB8=
|
||||
github.com/aws/aws-sdk-go-v2/service/sso v1.12.10 h1:UBQjaMTCKwyUYwiVnUt6toEJwGXsLBI6al083tpjJzY=
|
||||
github.com/aws/aws-sdk-go-v2/service/sso v1.12.10/go.mod h1:ouy2P4z6sJN70fR3ka3wD3Ro3KezSxU6eKGQI2+2fjI=
|
||||
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.10 h1:PkHIIJs8qvq0e5QybnZoG1K/9QTrLr9OsqCIo59jOBA=
|
||||
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.10/go.mod h1:AFvkxc8xfBe8XA+5St5XIHHrQQtkxqrRincx4hmMHOk=
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.19.0 h1:2DQLAKDteoEDI8zpCzqBMaZlJuoE9iTYD0gFmXVax9E=
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.19.0/go.mod h1:BgQOMsg8av8jset59jelyPW7NoZcZXLVpDsXunGDrk8=
|
||||
github.com/aws/smithy-go v1.13.5 h1:hgz0X/DX0dGqTYpGALqXJoRKRj5oQ7150i5FdTePzO8=
|
||||
github.com/aws/smithy-go v1.13.5/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA=
|
||||
github.com/aws/aws-sdk-go v1.44.322 h1:7JfwifGRGQMHd99PvfXqxBaZsjuRaOF6e3X9zRx2uYo=
|
||||
github.com/aws/aws-sdk-go v1.44.322/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
|
||||
github.com/aws/aws-sdk-go-v2 v1.20.1 h1:rZBf5DWr7YGrnlTK4kgDQGn1ltqOg5orCYb/UhOFZkg=
|
||||
github.com/aws/aws-sdk-go-v2 v1.20.1/go.mod h1:NU06lETsFm8fUC6ZjhgDpVBcGZTFQ6XM+LZWZxMI4ac=
|
||||
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.12 h1:lN6L3LrYHeZ6xCxaIYtoWCx4GMLk4nRknsh29OMSqHY=
|
||||
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.12/go.mod h1:TDCkEAkMTXxTs0oLBGBKpBZbk3NLh8EvAfF0Q3x8/0c=
|
||||
github.com/aws/aws-sdk-go-v2/config v1.18.33 h1:JKcw5SFxFW/rpM4mOPjv0VQ11E2kxW13F3exWOy7VZU=
|
||||
github.com/aws/aws-sdk-go-v2/config v1.18.33/go.mod h1:hXO/l9pgY3K5oZJldamP0pbZHdPqqk+4/maa7DSD3cA=
|
||||
github.com/aws/aws-sdk-go-v2/credentials v1.13.32 h1:lIH1eKPcCY1ylR4B6PkBGRWMHO3aVenOKJHWiS4/G2w=
|
||||
github.com/aws/aws-sdk-go-v2/credentials v1.13.32/go.mod h1:lL8U3v/Y79YRG69WlAho0OHIKUXCyFvSXaIvfo81sls=
|
||||
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.8 h1:DK/9C+UN/X+1+Wm8pqaDksQr2tSLzq+8X1/rI/ZxKEQ=
|
||||
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.8/go.mod h1:ce7BgLQfYr5hQFdy67oX2svto3ufGtm6oBvmsHScI1Q=
|
||||
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.77 h1:oWSNL9oQy+do911sXpJyIc2J7RiUrbm9BecyaGy1wHo=
|
||||
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.77/go.mod h1:xvOdc97VpScJqB10YAI8r/cKuU7d9Ls/as03KROO2qY=
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.38 h1:c8ed/T9T2K5I+h/JzmF5tpI46+OODQ74dzmdo+QnaMg=
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.38/go.mod h1:qggunOChCMu9ZF/UkAfhTz25+U2rLVb3ya0Ua6TTfCA=
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.32 h1:hNeAAymUY5gu11WrrmFb3CVIp9Dar9hbo44yzzcQpzA=
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.32/go.mod h1:0ZXSqrty4FtQ7p8TEuRde/SZm9X05KT18LAUlR40Ln0=
|
||||
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.39 h1:fc0ukRAiP1syoSGZYu+DaE+FulSYhTiJ8WpVu5jElU4=
|
||||
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.39/go.mod h1:WLAW8PT7+JhjZfLSWe7WEJaJu0GNo0cKc2Zyo003RBs=
|
||||
github.com/aws/aws-sdk-go-v2/internal/v4a v1.1.1 h1:vUh7dBFNS3oFCtVv6CiYKh5hP9ls8+kIpKLeFruIBLk=
|
||||
github.com/aws/aws-sdk-go-v2/internal/v4a v1.1.1/go.mod h1:sFMeinkhj/SZKQM8BxtvNtSPjJEo0Xrz+w3g2e4FSKI=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.13 h1:iV/W5OMBys+66OeXJi/7xIRrKZNsu0ylsLGu+6nbmQE=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.13/go.mod h1:ReJb6xYmtGyu9KoFtRreWegbN9dZqvZIIv4vWnhcsyI=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.33 h1:QviNkc+vGSuEHx8P+pVNKOdWLXBPIwMFv7p0fphgE4U=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.33/go.mod h1:fABTUmOrAgAalG2i9WJpjBvlnk7UK8YmnYaxN+Q2CwE=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.32 h1:dGAseBFEYxth10V23b5e2mAS+tX7oVbfYHD6dnDdAsg=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.32/go.mod h1:4jwAWKEkCR0anWk5+1RbfSg1R5Gzld7NLiuaq5bTR/Y=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.15.1 h1:PT6PBCycRwhpEW5hJnRiceCeoWJ+r3bdgXtV+VKG7Pk=
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.15.1/go.mod h1:TqoxCLwT2nrxrBGA+z7t6OWM7LBkgRckK3gOjYE+7JA=
|
||||
github.com/aws/aws-sdk-go-v2/service/s3 v1.38.2 h1:v346f1h8sUBKXnEbrv43L37MTBlFHyKXQPIZHNAaghA=
|
||||
github.com/aws/aws-sdk-go-v2/service/s3 v1.38.2/go.mod h1:cwCATiyNrXK9P2FsWdZ89g9mpsYv2rhk0UA/KByl5fY=
|
||||
github.com/aws/aws-sdk-go-v2/service/sso v1.13.2 h1:A2RlEMo4SJSwbNoUUgkxTAEMduAy/8wG3eB2b2lP4gY=
|
||||
github.com/aws/aws-sdk-go-v2/service/sso v1.13.2/go.mod h1:ju+nNXUunfIFamXUIZQiICjnO/TPlOmWcYhZcSy7xaE=
|
||||
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.15.2 h1:OJELEgyaT2kmaBGZ+myyZbTTLobfe3ox3FSh5eYK9Qs=
|
||||
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.15.2/go.mod h1:ubDBBaDFs1GHijSOTi8ljppML15GLG0HxhILtbjNNYQ=
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.21.2 h1:ympg1+Lnq33XLhcK/xTG4yZHPs1Oyxu+6DEWbl7qOzA=
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.21.2/go.mod h1:FQ/DQcOfESELfJi5ED+IPPAjI5xC6nxtSolVVB773jM=
|
||||
github.com/aws/smithy-go v1.14.1 h1:EFKMUmH/iHMqLiwoEDx2rRjRQpI1YCn5jTysoaDujFs=
|
||||
github.com/aws/smithy-go v1.14.1/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA=
|
||||
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
|
||||
github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
|
||||
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
|
||||
|
@ -135,8 +137,8 @@ github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA
|
|||
github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
|
||||
github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
|
||||
github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
|
||||
github.com/cheggaaa/pb/v3 v3.1.2 h1:FIxT3ZjOj9XJl0U4o2XbEhjFfZl7jCVCDOGq1ZAB7wQ=
|
||||
github.com/cheggaaa/pb/v3 v3.1.2/go.mod h1:SNjnd0yKcW+kw0brSusraeDd5Bf1zBfxAzTL2ss3yQ4=
|
||||
github.com/cheggaaa/pb/v3 v3.1.4 h1:DN8j4TVVdKu3WxVwcRKu0sG00IIU6FewoABZzXbRQeo=
|
||||
github.com/cheggaaa/pb/v3 v3.1.4/go.mod h1:6wVjILNBaXMs8c21qRiaUM8BR82erfgau1DQ4iUXmSA=
|
||||
github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
|
||||
github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
|
||||
github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
|
||||
|
@ -147,30 +149,31 @@ github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XP
|
|||
github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
|
||||
github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
|
||||
github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
|
||||
github.com/cncf/xds/go v0.0.0-20230310173818-32f1caf87195 h1:58f1tJ1ra+zFINPlwLWvQsR9CzAKt2e+EWV2yX9oXQ4=
|
||||
github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4 h1:/inchEIKaYC1Akx+H+gqO04wryn5h75LSazbRlnya1k=
|
||||
github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w=
|
||||
github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
|
||||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
|
||||
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/dennwc/varint v1.0.0 h1:kGNFFSSw8ToIy3obO/kKr8U9GZYUAxQEVuix4zfDWzE=
|
||||
github.com/dennwc/varint v1.0.0/go.mod h1:hnItb35rvZvJrbTALZtY/iQfDs48JKRG1RPpgziApxA=
|
||||
github.com/digitalocean/godo v1.98.0 h1:potyC1eD0N9n5/P4/WmJuKgg+OGYZOBWEW+/aKTX6QQ=
|
||||
github.com/dnaeon/go-vcr v1.1.0 h1:ReYa/UBrRyQdant9B4fNHGoCNKw6qh6P0fsdGmZpR7c=
|
||||
github.com/docker/distribution v2.8.1+incompatible h1:Q50tZOPR6T/hjNsyc9g8/syEs6bk8XXApsHjKukMl68=
|
||||
github.com/docker/docker v23.0.4+incompatible h1:Kd3Bh9V/rO+XpTP/BLqM+gx8z7+Yb0AA2Ibj+nNo4ek=
|
||||
github.com/digitalocean/godo v1.99.0 h1:gUHO7n9bDaZFWvbzOum4bXE0/09ZuYA9yA8idQHX57E=
|
||||
github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI=
|
||||
github.com/docker/distribution v2.8.2+incompatible h1:T3de5rq0dB1j30rp0sA2rER+m322EBzniBPB6ZIzuh8=
|
||||
github.com/docker/docker v24.0.4+incompatible h1:s/LVDftw9hjblvqIeTiGYXBCD95nOEEl7qRsRrIOuQI=
|
||||
github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ=
|
||||
github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4=
|
||||
github.com/edsrzf/mmap-go v1.1.0 h1:6EUwBLQ/Mcr1EYLE4Tn1VdW1A4ckqCQWZBw8Hr0kjpQ=
|
||||
github.com/emicklei/go-restful/v3 v3.10.1 h1:rc42Y5YTp7Am7CS630D7JmhRjq4UlEUuEKfrDac4bSQ=
|
||||
github.com/emicklei/go-restful/v3 v3.10.2 h1:hIovbnmBTLjHXkqEBUz3HGpXZdM7ZrE9fJIZIqlJLqE=
|
||||
github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
|
||||
github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
|
||||
github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
|
||||
github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
|
||||
github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0=
|
||||
github.com/envoyproxy/go-control-plane v0.11.0 h1:jtLewhRR2vMRNnq2ZZUoCjUlgut+Y0+sDDWPOfwOi1o=
|
||||
github.com/envoyproxy/go-control-plane v0.11.1 h1:wSUXTlLfiAQRWs2F+p+EKOY9rUyis1MyGqJ2DIk5HpM=
|
||||
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
|
||||
github.com/envoyproxy/protoc-gen-validate v0.10.1 h1:c0g45+xCJhdgFGw7a5QAfdS4byAbud7miNWJ1WwEVf8=
|
||||
github.com/envoyproxy/protoc-gen-validate v1.0.2 h1:QkIBuU5k+x7/QXPvPPnWXWlCdaBFApVqftFV6k087DA=
|
||||
github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs=
|
||||
github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw=
|
||||
github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk=
|
||||
|
@ -195,9 +198,9 @@ github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ=
|
|||
github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
|
||||
github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
|
||||
github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
|
||||
github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE=
|
||||
github.com/go-openapi/jsonpointer v0.20.0 h1:ESKJdU9ASRfaPNOPRx12IUyA1vn3R9GiE3KYD14BXdQ=
|
||||
github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE=
|
||||
github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g=
|
||||
github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU=
|
||||
github.com/go-resty/resty/v2 v2.7.0 h1:me+K9p3uhSmXtrBZ4k9jcEAfJmuC8IivWHwaLZwPrFY=
|
||||
github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
|
||||
github.com/go-zookeeper/zk v1.0.3 h1:7M2kwOsc//9VeeFiPtf+uSJlVpU66x9Ba5+8XK7/TDg=
|
||||
|
@ -206,6 +209,8 @@ github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
|
|||
github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
|
||||
github.com/golang-jwt/jwt v3.2.1+incompatible h1:73Z+4BJcrTC+KczS6WvTPvRGOp1WmfEP4Q1lOd9Z/+c=
|
||||
github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
|
||||
github.com/golang-jwt/jwt/v5 v5.0.0 h1:1n1XNM9hk7O9mnQoNBGolZvzebBQ7p93ULHRc28XJUE=
|
||||
github.com/golang-jwt/jwt/v5 v5.0.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
|
||||
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
|
||||
github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
|
||||
github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
|
||||
|
@ -271,42 +276,42 @@ github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hf
|
|||
github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
|
||||
github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
|
||||
github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
|
||||
github.com/google/s2a-go v0.1.3 h1:FAgZmpLl/SXurPEZyCMPBIiiYeTbqfjlbdnCNTAkbGE=
|
||||
github.com/google/s2a-go v0.1.3/go.mod h1:Ej+mSEMGRnqRzjc7VtF+jdBwYG5fuJfiZ8ELkjEwM0A=
|
||||
github.com/google/s2a-go v0.1.5 h1:8IYp3w9nysqv3JH+NJgXJzGbDHzLOTj43BmSkp+O7qg=
|
||||
github.com/google/s2a-go v0.1.5/go.mod h1:Ej+mSEMGRnqRzjc7VtF+jdBwYG5fuJfiZ8ELkjEwM0A=
|
||||
github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||
github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
|
||||
github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||
github.com/googleapis/enterprise-certificate-proxy v0.2.3 h1:yk9/cqRKtT9wXZSsRH9aurXEpJX+U6FLtpYTdC3R06k=
|
||||
github.com/googleapis/enterprise-certificate-proxy v0.2.3/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k=
|
||||
github.com/googleapis/enterprise-certificate-proxy v0.2.5 h1:UR4rDjcgpgEnqpIEvkiqTYKBCKLNmlge2eVjoZfySzM=
|
||||
github.com/googleapis/enterprise-certificate-proxy v0.2.5/go.mod h1:RxW0N9901Cko1VOCW3SXCpWP+mlIEkk2tP7jnHy9a3w=
|
||||
github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
|
||||
github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
|
||||
github.com/googleapis/gax-go/v2 v2.8.0 h1:UBtEZqx1bjXtOQ5BVTkuYghXrr3N4V123VKJK67vJZc=
|
||||
github.com/googleapis/gax-go/v2 v2.8.0/go.mod h1:4orTrqY6hXxxaUL4LHIPl6lGo8vAE38/qKbhSAKP6QI=
|
||||
github.com/gophercloud/gophercloud v1.3.0 h1:RUKyCMiZoQR3VlVR5E3K7PK1AC3/qppsWYo6dtBiqs8=
|
||||
github.com/googleapis/gax-go/v2 v2.12.0 h1:A+gCJKdRfqXkr+BIRGtZLibNXf0m1f9E4HG56etFpas=
|
||||
github.com/googleapis/gax-go/v2 v2.12.0/go.mod h1:y+aIqrI5eb1YGMVJfuV3185Ts/D7qKpsEkdD5+I6QGU=
|
||||
github.com/gophercloud/gophercloud v1.5.0 h1:cDN6XFCLKiiqvYpjQLq9AiM7RDRbIC9450WpPH+yvXo=
|
||||
github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc=
|
||||
github.com/grafana/regexp v0.0.0-20221122212121-6b5c0a4cb7fd h1:PpuIBO5P3e9hpqBD0O/HjhShYuM6XE0i/lbE6J94kww=
|
||||
github.com/grafana/regexp v0.0.0-20221122212121-6b5c0a4cb7fd/go.mod h1:M5qHK+eWfAv8VR/265dIuEpL3fNfeC21tXXp9itM24A=
|
||||
github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw=
|
||||
github.com/hashicorp/consul/api v1.20.0 h1:9IHTjNVSZ7MIwjlW3N3a7iGiykCMDpxZu8jsxFJh0yc=
|
||||
github.com/hashicorp/cronexpr v1.1.1 h1:NJZDd87hGXjoZBdvyCF9mX4DCq5Wy7+A/w+A7q0wn6c=
|
||||
github.com/hashicorp/consul/api v1.22.0 h1:ydEvDooB/A0c/xpsBd8GSt7P2/zYPBui4KrNip0xGjE=
|
||||
github.com/hashicorp/cronexpr v1.1.2 h1:wG/ZYIKT+RT3QkOdgYc+xsKWVRgnxJ1OJtjjy84fJ9A=
|
||||
github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
|
||||
github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ=
|
||||
github.com/hashicorp/go-hclog v1.4.0 h1:ctuWFGrhFha8BnnzxqeRGidlEcQkDyL5u8J8t5eA11I=
|
||||
github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c=
|
||||
github.com/hashicorp/go-immutable-radix v1.3.1 h1:DKHmCUm2hRBK510BaiZlwvpD40f8bJFeZnpfm2KLowc=
|
||||
github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
|
||||
github.com/hashicorp/go-retryablehttp v0.7.2 h1:AcYqCvkpalPnPF2pn0KamgwamS42TqUDDYFRKq/RAd0=
|
||||
github.com/hashicorp/go-retryablehttp v0.7.4 h1:ZQgVdpTdAL7WpMIwLzCfbalOcSUdkDZnpUv3/+BxzFA=
|
||||
github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc=
|
||||
github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
|
||||
github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
|
||||
github.com/hashicorp/golang-lru v0.6.0 h1:uL2shRDx7RTrOrTCUZEGP/wJUFiUI8QT6E7z5o8jga4=
|
||||
github.com/hashicorp/nomad/api v0.0.0-20230418003350-3067191c5197 h1:I5xhKLePXpXgM6pZ4xZNTiurLLS3sGuZrZFFzAbM67A=
|
||||
github.com/hashicorp/nomad/api v0.0.0-20230718173136-3a687930bd3e h1:sr4lujmn9heD030xx/Pd4B/JSmvRhFzuotNXaaV0WLs=
|
||||
github.com/hashicorp/serf v0.10.1 h1:Z1H2J60yRKvfDYAOZLd2MU0ND4AH/WDz7xYHDWQsIPY=
|
||||
github.com/hetznercloud/hcloud-go v1.42.0 h1:Es/CDOForQN3nOOP5Vxh1N/YHjpCg386iYEX5zCgi+A=
|
||||
github.com/hetznercloud/hcloud-go/v2 v2.0.0 h1:Sg1DJ+MAKvbYAqaBaq9tPbwXBS2ckPIaMtVdUjKu+4g=
|
||||
github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
|
||||
github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk=
|
||||
github.com/influxdata/influxdb v1.11.1 h1:VEkQVMJ83gjpyS2FJuQaSbt4Mu+btGBoZbVq0XwTHGQ=
|
||||
github.com/influxdata/influxdb v1.11.1/go.mod h1:WSTwm8ZvJARODSZJfcxdghcjCQVstHwClgO6MrbnGt0=
|
||||
github.com/ionos-cloud/sdk-go/v6 v6.1.6 h1:0n4irdqNska+1s3YMCRhrAqKbibEgQ7SwwhAlHzYT5A=
|
||||
github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4=
|
||||
github.com/influxdata/influxdb v1.11.2 h1:qOF3uQN1mDfJNEKwbAgJsqehf8IXgKok2vlGm736oGo=
|
||||
github.com/influxdata/influxdb v1.11.2/go.mod h1:eUMkLTE2vQwvSk6KGMrTBLKPaqSuczuelGbggigMPFw=
|
||||
github.com/ionos-cloud/sdk-go/v6 v6.1.8 h1:493wE/BkZxJf7x79UCE0cYGPZoqQcPiEBALvt7uVGY0=
|
||||
github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=
|
||||
github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
|
||||
github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8=
|
||||
|
@ -326,8 +331,8 @@ github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI
|
|||
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
|
||||
github.com/klauspost/compress v1.13.4/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
|
||||
github.com/klauspost/compress v1.13.5/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
|
||||
github.com/klauspost/compress v1.16.5 h1:IFV2oUNUzZaz+XyusxpLzpzS8Pt5rh0Z16For/djlyI=
|
||||
github.com/klauspost/compress v1.16.5/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE=
|
||||
github.com/klauspost/compress v1.16.7 h1:2mk3MPGNzKyxErAw8YaohYh69+pa4sIQSC0fPGCFR9I=
|
||||
github.com/klauspost/compress v1.16.7/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE=
|
||||
github.com/kolo/xmlrpc v0.0.0-20220921171641-a4b6fa1dd06b h1:udzkj9S/zlT5X367kqJis0QP7YMxobob6zhzq6Yre00=
|
||||
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
|
||||
github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
|
||||
|
@ -338,19 +343,20 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
|||
github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
|
||||
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
||||
github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
|
||||
github.com/linode/linodego v1.16.1 h1:5otq57M4PdHycPERRfSFZ0s1yz1ETVWGjCp3hh7+F9w=
|
||||
github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
|
||||
github.com/linode/linodego v1.19.0 h1:n4WJrcr9+30e9JGZ6DI0nZbm5SdAj1kSwvvt/998YUw=
|
||||
github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0=
|
||||
github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
|
||||
github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
|
||||
github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
|
||||
github.com/mattn/go-isatty v0.0.18 h1:DOKFKCQ7FNG2L1rbrmstDN4QVRdS89Nkh85u68Uwp98=
|
||||
github.com/mattn/go-isatty v0.0.18/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
|
||||
github.com/mattn/go-runewidth v0.0.14 h1:+xnbZSEeDbOIg5/mE6JF0w6n9duR1l3/WmbinWVwUuU=
|
||||
github.com/mattn/go-runewidth v0.0.14/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
|
||||
github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA=
|
||||
github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
|
||||
github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U=
|
||||
github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
|
||||
github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
|
||||
github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo=
|
||||
github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4=
|
||||
github.com/miekg/dns v1.1.53 h1:ZBkuHr5dxHtB1caEOlZTLPo7D3L3TWckgUUs/RHfDxw=
|
||||
github.com/miekg/dns v1.1.55 h1:GoQ4hpsj0nFLYe+bWiCToyrBEJXkQfOOIvFGFy0lEgo=
|
||||
github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
|
||||
github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
|
||||
github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
|
||||
|
@ -369,18 +375,20 @@ github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8
|
|||
github.com/opencontainers/image-spec v1.0.2 h1:9yCKha/T5XdGtO0q9Q9a6T5NUCsTn/DrBg0D7ufOcFM=
|
||||
github.com/ovh/go-ovh v1.4.1 h1:VBGa5wMyQtTP7Zb+w97zRCh9sLtM/2YKRyy+MEJmWaM=
|
||||
github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 h1:KoWmjvw+nsYOo29YJK9vDA65RGE3NrOnUtO7a+RF9HU=
|
||||
github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8/go.mod h1:HKlIX3XHQyzLZPlr7++PzdhaXEj94dEiJgZDTsxEqUI=
|
||||
github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
|
||||
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
||||
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
|
||||
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||
github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
|
||||
github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
|
||||
github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M=
|
||||
github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0=
|
||||
github.com/prometheus/client_golang v1.15.1 h1:8tXpTmJbyH5lydzFPoxSIJ0J46jdh3tylbvM1xCv0LI=
|
||||
github.com/prometheus/client_golang v1.15.1/go.mod h1:e9yaBhRPU2pPNsZwE+JdQl0KEt1N9XgF6zxWmaC0xOk=
|
||||
github.com/prometheus/client_golang v1.16.0 h1:yk/hx9hDbrGHovbci4BY+pRMfSuuat626eFsHb7tmT8=
|
||||
github.com/prometheus/client_golang v1.16.0/go.mod h1:Zsulrv/L9oM40tJ7T815tM89lFEugiJ9HzIqaAx4LKc=
|
||||
github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
|
||||
github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
|
||||
github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
|
||||
|
@ -391,18 +399,18 @@ github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y8
|
|||
github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo=
|
||||
github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc=
|
||||
github.com/prometheus/common v0.29.0/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
|
||||
github.com/prometheus/common v0.43.0 h1:iq+BVjvYLei5f27wiuNiB1DN6DYQkp1c8Bx0Vykh5us=
|
||||
github.com/prometheus/common v0.43.0/go.mod h1:NCvr5cQIh3Y/gy73/RdVtC9r8xxrxwJnB+2lB3BxrFc=
|
||||
github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY=
|
||||
github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY=
|
||||
github.com/prometheus/common/sigv4 v0.1.0 h1:qoVebwtwwEhS85Czm2dSROY5fTo2PAPEVdDeppTwGX4=
|
||||
github.com/prometheus/common/sigv4 v0.1.0/go.mod h1:2Jkxxk9yYvCkE5G1sQT7GuEXm57JrvHu9k5YwTjsNtI=
|
||||
github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
|
||||
github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
|
||||
github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU=
|
||||
github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
|
||||
github.com/prometheus/procfs v0.9.0 h1:wzCHvIvM5SxWqYvwgVL7yJY8Lz3PKn49KQtpgMYJfhI=
|
||||
github.com/prometheus/procfs v0.9.0/go.mod h1:+pB4zwohETzFnmlpe6yd2lSc+0/46IYZRB/chUwxUZY=
|
||||
github.com/prometheus/prometheus v0.44.0 h1:sgn8Fdx+uE5tHQn0/622swlk2XnIj6udoZCnbVjHIgc=
|
||||
github.com/prometheus/prometheus v0.44.0/go.mod h1:aPsmIK3py5XammeTguyqTmuqzX/jeCdyOWWobLHNKQg=
|
||||
github.com/prometheus/procfs v0.11.1 h1:xRC8Iq1yyca5ypa9n1EZnWZkt7dwcoRPQwX/5gwaUuI=
|
||||
github.com/prometheus/procfs v0.11.1/go.mod h1:eesXgaPo1q7lBpVMoMy0ZOFTth9hBn4W/y0/p/ScXhY=
|
||||
github.com/prometheus/prometheus v0.46.0 h1:9JSdXnsuT6YsbODEhSQMwxNkGwPExfmzqG73vCMk/Kw=
|
||||
github.com/prometheus/prometheus v0.46.0/go.mod h1:10L5IJE5CEsjee1FnOcVswYXlPIscDWWt3IJ2UDYrz4=
|
||||
github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
|
||||
github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis=
|
||||
github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
|
||||
|
@ -411,7 +419,7 @@ github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFR
|
|||
github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
|
||||
github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
|
||||
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
|
||||
github.com/scaleway/scaleway-sdk-go v1.0.0-beta.15 h1:Y7xOFbD+3jaPw+VN7lkakNJ/pa+ZSQVFp1ONtJaBxns=
|
||||
github.com/scaleway/scaleway-sdk-go v1.0.0-beta.19 h1:+1H+N9QFl2Sfvia0FBYfMrHYHYhmpZxhSE0wpPL2lYs=
|
||||
github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
|
||||
github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
|
||||
github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88=
|
||||
|
@ -419,6 +427,7 @@ github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
|
|||
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
|
||||
github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c=
|
||||
github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
|
||||
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
|
||||
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
|
||||
|
@ -428,10 +437,10 @@ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
|
|||
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
||||
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
|
||||
github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
|
||||
github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8=
|
||||
github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
|
||||
github.com/urfave/cli/v2 v2.25.3 h1:VJkt6wvEBOoSjPFQvOkv6iWIrsJyCrKGtCtxXWwmGeY=
|
||||
github.com/urfave/cli/v2 v2.25.3/go.mod h1:GHupkWPMM0M/sj1a2b4wUrWBPzazNrIjouW6fmdJLxc=
|
||||
github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
|
||||
github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
|
||||
github.com/urfave/cli/v2 v2.25.7 h1:VAzn5oq403l5pHjc4OhD54+XGO9cdKVL/7lDjF+iKUs=
|
||||
github.com/urfave/cli/v2 v2.25.7/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ=
|
||||
github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
|
||||
github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
|
||||
github.com/valyala/fasthttp v1.30.0/go.mod h1:2rsYD01CKFrjjsvFxx75KlEUNpWNBY9JWD3K/7o2Cus=
|
||||
|
@ -463,14 +472,14 @@ go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
|
|||
go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
|
||||
go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
|
||||
go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
|
||||
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.41.1 h1:pX+lppB8PArapyhS6nBStyQmkaDUPWdQf0UmEGRCQ54=
|
||||
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.41.1/go.mod h1:2FmkXne0k9nkp27LD/m+uoh8dNlstsiCJ7PLc/S72aI=
|
||||
go.opentelemetry.io/otel v1.15.1 h1:3Iwq3lfRByPaws0f6bU3naAqOR1n5IeDWd9390kWHa8=
|
||||
go.opentelemetry.io/otel v1.15.1/go.mod h1:mHHGEHVDLal6YrKMmk9LqC4a3sF5g+fHfrttQIB1NTc=
|
||||
go.opentelemetry.io/otel/metric v0.38.1 h1:2MM7m6wPw9B8Qv8iHygoAgkbejed59uUR6ezR5T3X2s=
|
||||
go.opentelemetry.io/otel/metric v0.38.1/go.mod h1:FwqNHD3I/5iX9pfrRGZIlYICrJv0rHEUl2Ln5vdIVnQ=
|
||||
go.opentelemetry.io/otel/trace v1.15.1 h1:uXLo6iHJEzDfrNC0L0mNjItIp06SyaBQxu5t3xMlngY=
|
||||
go.opentelemetry.io/otel/trace v1.15.1/go.mod h1:IWdQG/5N1x7f6YUlmdLeJvH9yxtuJAfc4VW5Agv9r/8=
|
||||
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.42.0 h1:pginetY7+onl4qN1vl0xW/V/v6OBZ0vVdH+esuJgvmM=
|
||||
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.42.0/go.mod h1:XiYsayHc36K3EByOO6nbAXnAWbrUxdjUROCEeeROOH8=
|
||||
go.opentelemetry.io/otel v1.16.0 h1:Z7GVAX/UkAXPKsy94IU+i6thsQS4nb7LviLpnaNeW8s=
|
||||
go.opentelemetry.io/otel v1.16.0/go.mod h1:vl0h9NUa1D5s1nv3A5vZOYWn8av4K8Ml6JDeHrT/bx4=
|
||||
go.opentelemetry.io/otel/metric v1.16.0 h1:RbrpwVG1Hfv85LgnZ7+txXioPDoh6EdbZHo26Q3hqOo=
|
||||
go.opentelemetry.io/otel/metric v1.16.0/go.mod h1:QE47cpOmkwipPiefDwo2wDzwJrlfxxNYodqc4xnGCo4=
|
||||
go.opentelemetry.io/otel/trace v1.16.0 h1:8JRpaObFoW0pxuVPapkgH8UhHQj+bJW8jJsCZEu5MQs=
|
||||
go.opentelemetry.io/otel/trace v1.16.0/go.mod h1:Yt9vYq1SdNz3xdjZZK7wcXv1qv2pwLkqr2QVwea0ef0=
|
||||
go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI=
|
||||
go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE=
|
||||
go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
|
||||
|
@ -485,8 +494,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh
|
|||
golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8=
|
||||
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
||||
golang.org/x/crypto v0.0.0-20220314234659-1baeb1ce4c0b/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
|
||||
golang.org/x/crypto v0.9.0 h1:LF6fAI+IutBocDJ2OT0Q1g8plpYljMZ4+lty+dsqw3g=
|
||||
golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0=
|
||||
golang.org/x/crypto v0.12.0 h1:tFM/ta59kqch6LlvYnPa0yx5a83cL2nHflFhYKvv9Yk=
|
||||
golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw=
|
||||
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
|
||||
|
@ -497,8 +506,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0
|
|||
golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
|
||||
golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
|
||||
golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
|
||||
golang.org/x/exp v0.0.0-20230515195305-f3d0a9c9a5cc h1:mCRnTeVUjcrhlRmO0VK8a6k6Rrf6TF9htwo2pJVSjIU=
|
||||
golang.org/x/exp v0.0.0-20230515195305-f3d0a9c9a5cc/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w=
|
||||
golang.org/x/exp v0.0.0-20230713183714-613f0c0eb8a1 h1:MGwJjxBy0HJshjDNfLsYO8xppfqWlA5ZT9OhtUUhTNw=
|
||||
golang.org/x/exp v0.0.0-20230713183714-613f0c0eb8a1/go.mod h1:FXUEEKJgO7OQYeo8N01OfiKP8RXMtf6e8aTskBGqWdc=
|
||||
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
|
||||
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
|
||||
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
|
||||
|
@ -520,7 +529,7 @@ golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzB
|
|||
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
|
||||
golang.org/x/mod v0.10.0 h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk=
|
||||
golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc=
|
||||
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||
golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||
|
@ -557,16 +566,16 @@ golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qx
|
|||
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
|
||||
golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco=
|
||||
golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M=
|
||||
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
|
||||
golang.org/x/net v0.14.0 h1:BONx9s002vGdD9umnlX1Po8vOZmrgH34qlHcD1MfK14=
|
||||
golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI=
|
||||
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
||||
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||
golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||
golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
|
||||
golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8=
|
||||
golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE=
|
||||
golang.org/x/oauth2 v0.11.0 h1:vPL4xzxBM4niKCW6g9whtaWVXTJf1U5e4aZxxFx/gbU=
|
||||
golang.org/x/oauth2 v0.11.0/go.mod h1:LdF7O/8bLR/qWK9DrpXmbHLTouvRHK0SgJl0GmDBchk=
|
||||
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
|
@ -578,8 +587,8 @@ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJ
|
|||
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.2.0 h1:PUR+T4wwASmuSTYdKjYHI5TD22Wy5ogLU5qZCOLxBrI=
|
||||
golang.org/x/sync v0.2.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E=
|
||||
golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
|
||||
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
|
@ -618,18 +627,19 @@ golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7w
|
|||
golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.0.0-20210616045830-e2b7044e8c71/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU=
|
||||
golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM=
|
||||
golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
||||
golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
||||
golang.org/x/term v0.8.0 h1:n5xxQn2i3PC0yLAbjTpNT85q/Kgzcr2gIoX9OrJUols=
|
||||
golang.org/x/term v0.11.0 h1:F9tnn/DA/Im8nCwm+fX+1/eBwi4qFjRT++MhtVC4ZX0=
|
||||
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
|
@ -639,8 +649,8 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
|||
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
|
||||
golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
|
||||
golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
|
||||
golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE=
|
||||
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
|
||||
golang.org/x/text v0.12.0 h1:k+n5B8goJNdU7hSvEtMUz3d1Q6D/XW4COJSJR6fN0mc=
|
||||
golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
|
||||
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||
|
@ -689,7 +699,7 @@ golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc
|
|||
golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
|
||||
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
|
||||
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
|
||||
golang.org/x/tools v0.8.0 h1:vSDcovVPld282ceKgDimkRSC8kpaH1dgyc9UMzlt84Y=
|
||||
golang.org/x/tools v0.11.0 h1:EMCa6U9S2LtZXLAMoWiR/R8dAQFRqbAitmbJ2UKhoi8=
|
||||
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
|
@ -712,8 +722,8 @@ google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0M
|
|||
google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
|
||||
google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM=
|
||||
google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc=
|
||||
google.golang.org/api v0.123.0 h1:yHVU//vA+qkOhm4reEC9LtzHVUCN/IqqNRl1iQ9xE20=
|
||||
google.golang.org/api v0.123.0/go.mod h1:gcitW0lvnyWjSp9nKxAbdHKIZ6vF4aajGueeslZOyms=
|
||||
google.golang.org/api v0.136.0 h1:e/6enzUE1s4tGPa6Q3ZYShKTtvRc+1Jq0rrafhppmOs=
|
||||
google.golang.org/api v0.136.0/go.mod h1:XtJfF+V2zgUxelOn5Zs3kECtluMxneJG8ZxUTlLNTPA=
|
||||
google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
|
||||
google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
|
||||
google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
|
||||
|
@ -752,8 +762,12 @@ google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7Fc
|
|||
google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
|
||||
google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
|
||||
google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
|
||||
google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 h1:KpwkzHKEF7B9Zxg18WzOa7djJ+Ha5DzthMyZYQfEn2A=
|
||||
google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1/go.mod h1:nKE/iIaLqn2bQwXBg8f1g2Ylh6r5MN5CmZvuzZCgsCU=
|
||||
google.golang.org/genproto v0.0.0-20230807174057-1744710a1577 h1:Tyk/35yqszRCvaragTn5NnkY6IiKk/XvHzEWepo71N0=
|
||||
google.golang.org/genproto v0.0.0-20230807174057-1744710a1577/go.mod h1:yZTlhN0tQnXo3h00fuXNCxJdLdIdnVFVBaRJ5LWBbw4=
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20230807174057-1744710a1577 h1:xv8KoglAClYGkprUSmDTKaILtzfD8XzG9NYVXMprjKo=
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20230807174057-1744710a1577/go.mod h1:KjSP20unUpOx5kyQUFa7k4OJg0qeJ7DEZflGDu2p6Bk=
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20230807174057-1744710a1577 h1:wukfNtZmZUurLN/atp2hiIeTKn7QJWIQdHzqmsOnAOk=
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20230807174057-1744710a1577/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M=
|
||||
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
|
||||
google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
|
||||
google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
|
||||
|
@ -770,8 +784,8 @@ google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTp
|
|||
google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
|
||||
google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
|
||||
google.golang.org/grpc v1.45.0/go.mod h1:lN7owxKUQEqMfSyQikvvk5tf/6zMPsrK+ONuO11+0rQ=
|
||||
google.golang.org/grpc v1.55.0 h1:3Oj82/tFSCeUrRTg/5E/7d/W5A1tj6Ky1ABAuZuv5ag=
|
||||
google.golang.org/grpc v1.55.0/go.mod h1:iYEXKGkEBhg1PjZQvoYEVPTDkHo1/bjTnfwTeGONTY8=
|
||||
google.golang.org/grpc v1.57.0 h1:kfzNeI/klCGD2YPMUlaGNT3pxvYfga7smW3Vth8Zsiw=
|
||||
google.golang.org/grpc v1.57.0/go.mod h1:Sd+9RMTACXwmub0zcNY2c4arhtrbBYD1AUHI/dt16Mo=
|
||||
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
|
||||
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
|
||||
google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
|
||||
|
@ -784,8 +798,8 @@ google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGj
|
|||
google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
|
||||
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
|
||||
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
|
||||
google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng=
|
||||
google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
|
||||
google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
|
||||
google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
|
||||
gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
|
@ -813,16 +827,16 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh
|
|||
honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
|
||||
honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
||||
honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
||||
k8s.io/api v0.26.2 h1:dM3cinp3PGB6asOySalOZxEG4CZ0IAdJsrYZXE/ovGQ=
|
||||
k8s.io/apimachinery v0.26.2 h1:da1u3D5wfR5u2RpLhE/ZtZS2P7QvDgLZTi9wrNZl/tQ=
|
||||
k8s.io/client-go v0.26.2 h1:s1WkVujHX3kTp4Zn4yGNFK+dlDXy1bAAkIl+cFAiuYI=
|
||||
k8s.io/api v0.27.3 h1:yR6oQXXnUEBWEWcvPWS0jQL575KoAboQPfJAuKNrw5Y=
|
||||
k8s.io/apimachinery v0.27.3 h1:Ubye8oBufD04l9QnNtW05idcOe9Z3GQN8+7PqmuVcUM=
|
||||
k8s.io/client-go v0.27.3 h1:7dnEGHZEJld3lYwxvLl7WoehK6lAq7GvgjxpA3nv1E8=
|
||||
k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8=
|
||||
k8s.io/klog/v2 v2.90.1 h1:m4bYOKall2MmOiRaR1J+We67Do7vm9KiQVlT96lnHUw=
|
||||
k8s.io/kube-openapi v0.0.0-20230303024457-afdc3dddf62d h1:VcFq5n7wCJB2FQMCIHfC+f+jNcGgNMar1uKd6rVlifU=
|
||||
k8s.io/utils v0.0.0-20230308161112-d77c459e9343 h1:m7tbIjXGcGIAtpmQr7/NAi7RsWoW3E7Zcm4jI1HicTc=
|
||||
k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg=
|
||||
k8s.io/kube-openapi v0.0.0-20230525220651-2546d827e515 h1:OmK1d0WrkD3IPfkskvroRykOulHVHf0s0ZIFRjyt+UI=
|
||||
k8s.io/utils v0.0.0-20230711102312-30195339c3c7 h1:ZgnF1KZsYxWIifwSNZFZgNtWE89WI5yiP5WwlfDoIyc=
|
||||
rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
|
||||
rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
|
||||
rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
|
||||
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo=
|
||||
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE=
|
||||
sigs.k8s.io/structured-merge-diff/v4 v4.3.0 h1:UZbZAZfX0wV2zr7YZorDz6GXROfDFj6LvqCRm4VUVKk=
|
||||
sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo=
|
||||
|
|
2
vendor/cloud.google.com/go/compute/internal/version.go
generated
vendored
2
vendor/cloud.google.com/go/compute/internal/version.go
generated
vendored
|
@ -15,4 +15,4 @@
|
|||
package internal
|
||||
|
||||
// Version is the current tagged release of the library.
|
||||
const Version = "1.19.3"
|
||||
const Version = "1.23.0"
|
||||
|
|
21
vendor/cloud.google.com/go/iam/CHANGES.md
generated
vendored
21
vendor/cloud.google.com/go/iam/CHANGES.md
generated
vendored
|
@ -1,6 +1,27 @@
|
|||
# Changes
|
||||
|
||||
|
||||
## [1.1.2](https://github.com/googleapis/google-cloud-go/compare/iam/v1.1.1...iam/v1.1.2) (2023-08-08)
|
||||
|
||||
|
||||
### Documentation
|
||||
|
||||
* **iam:** Minor formatting ([b4349cc](https://github.com/googleapis/google-cloud-go/commit/b4349cc507870ff8629bbc07de578b63bb889626))
|
||||
|
||||
## [1.1.1](https://github.com/googleapis/google-cloud-go/compare/iam/v1.1.0...iam/v1.1.1) (2023-06-20)
|
||||
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* **iam:** REST query UpdateMask bug ([df52820](https://github.com/googleapis/google-cloud-go/commit/df52820b0e7721954809a8aa8700b93c5662dc9b))
|
||||
|
||||
## [1.1.0](https://github.com/googleapis/google-cloud-go/compare/iam/v1.0.1...iam/v1.1.0) (2023-05-30)
|
||||
|
||||
|
||||
### Features
|
||||
|
||||
* **iam:** Update all direct dependencies ([b340d03](https://github.com/googleapis/google-cloud-go/commit/b340d030f2b52a4ce48846ce63984b28583abde6))
|
||||
|
||||
## [1.0.1](https://github.com/googleapis/google-cloud-go/compare/iam/v1.0.0...iam/v1.0.1) (2023-05-08)
|
||||
|
||||
|
||||
|
|
2
vendor/cloud.google.com/go/iam/apiv1/iampb/iam_policy.pb.go
generated
vendored
2
vendor/cloud.google.com/go/iam/apiv1/iampb/iam_policy.pb.go
generated
vendored
|
@ -15,7 +15,7 @@
|
|||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||
// versions:
|
||||
// protoc-gen-go v1.30.0
|
||||
// protoc v3.21.12
|
||||
// protoc v4.23.2
|
||||
// source: google/iam/v1/iam_policy.proto
|
||||
|
||||
package iampb
|
||||
|
|
2
vendor/cloud.google.com/go/iam/apiv1/iampb/options.pb.go
generated
vendored
2
vendor/cloud.google.com/go/iam/apiv1/iampb/options.pb.go
generated
vendored
|
@ -15,7 +15,7 @@
|
|||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||
// versions:
|
||||
// protoc-gen-go v1.30.0
|
||||
// protoc v3.21.12
|
||||
// protoc v4.23.2
|
||||
// source: google/iam/v1/options.proto
|
||||
|
||||
package iampb
|
||||
|
|
20
vendor/cloud.google.com/go/iam/apiv1/iampb/policy.pb.go
generated
vendored
20
vendor/cloud.google.com/go/iam/apiv1/iampb/policy.pb.go
generated
vendored
|
@ -1,4 +1,4 @@
|
|||
// Copyright 2022 Google LLC
|
||||
// Copyright 2023 Google LLC
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
|
@ -15,7 +15,7 @@
|
|||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||
// versions:
|
||||
// protoc-gen-go v1.30.0
|
||||
// protoc v3.21.12
|
||||
// protoc v4.23.2
|
||||
// source: google/iam/v1/policy.proto
|
||||
|
||||
package iampb
|
||||
|
@ -219,6 +219,8 @@ func (AuditConfigDelta_Action) EnumDescriptor() ([]byte, []int) {
|
|||
//
|
||||
// **JSON example:**
|
||||
//
|
||||
// ```
|
||||
//
|
||||
// {
|
||||
// "bindings": [
|
||||
// {
|
||||
|
@ -247,8 +249,12 @@ func (AuditConfigDelta_Action) EnumDescriptor() ([]byte, []int) {
|
|||
// "version": 3
|
||||
// }
|
||||
//
|
||||
// ```
|
||||
//
|
||||
// **YAML example:**
|
||||
//
|
||||
// ```
|
||||
//
|
||||
// bindings:
|
||||
// - members:
|
||||
// - user:mike@example.com
|
||||
|
@ -266,6 +272,8 @@ func (AuditConfigDelta_Action) EnumDescriptor() ([]byte, []int) {
|
|||
// etag: BwWWja0YfJA=
|
||||
// version: 3
|
||||
//
|
||||
// ```
|
||||
//
|
||||
// For a description of IAM and its features, see the
|
||||
// [IAM documentation](https://cloud.google.com/iam/docs/).
|
||||
type Policy struct {
|
||||
|
@ -396,7 +404,7 @@ type Binding struct {
|
|||
// Role that is assigned to the list of `members`, or principals.
|
||||
// For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
|
||||
Role string `protobuf:"bytes,1,opt,name=role,proto3" json:"role,omitempty"`
|
||||
// Specifies the principals requesting access for a Cloud Platform resource.
|
||||
// Specifies the principals requesting access for a Google Cloud resource.
|
||||
// `members` can have the following values:
|
||||
//
|
||||
// * `allUsers`: A special identifier that represents anyone who is
|
||||
|
@ -558,8 +566,8 @@ func (x *Binding) GetCondition() *expr.Expr {
|
|||
// }
|
||||
//
|
||||
// For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
|
||||
// logging. It also exempts jose@example.com from DATA_READ logging, and
|
||||
// aliya@example.com from DATA_WRITE logging.
|
||||
// logging. It also exempts `jose@example.com` from DATA_READ logging, and
|
||||
// `aliya@example.com` from DATA_WRITE logging.
|
||||
type AuditConfig struct {
|
||||
state protoimpl.MessageState
|
||||
sizeCache protoimpl.SizeCache
|
||||
|
@ -770,7 +778,7 @@ type BindingDelta struct {
|
|||
// For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
|
||||
// Required
|
||||
Role string `protobuf:"bytes,2,opt,name=role,proto3" json:"role,omitempty"`
|
||||
// A single identity requesting access for a Cloud Platform resource.
|
||||
// A single identity requesting access for a Google Cloud resource.
|
||||
// Follows the same format of Binding.members.
|
||||
// Required
|
||||
Member string `protobuf:"bytes,3,opt,name=member,proto3" json:"member,omitempty"`
|
||||
|
|
1727
vendor/cloud.google.com/go/internal/.repo-metadata-full.json
generated
vendored
1727
vendor/cloud.google.com/go/internal/.repo-metadata-full.json
generated
vendored
File diff suppressed because it is too large
Load diff
15
vendor/cloud.google.com/go/internal/README.md
generated
vendored
15
vendor/cloud.google.com/go/internal/README.md
generated
vendored
|
@ -17,21 +17,6 @@ tools would then talk to pkg.go.dev or some other service to get the overall
|
|||
list of packages and use the `.repo-metadata.json` files to get the additional
|
||||
metadata required. For now, `.repo-metadata-full.json` includes everything.
|
||||
|
||||
## cloudbuild.yaml
|
||||
|
||||
The `cloudbuild.yaml` Cloud Build configuration currently supports:
|
||||
|
||||
* Building a docker container from the `internal/postprocessor/Dockerfile`.
|
||||
|
||||
The build can be run locally in the `google-cloud-go` root directory:
|
||||
|
||||
```bash
|
||||
gcloud builds submit --project=cloud-devrel-kokoro-resources --config=internal/cloudbuild.yaml
|
||||
```
|
||||
|
||||
See the [postprocessor/README](postprocessor/README.md) for instructions
|
||||
regarding updating the post-processor docker container.
|
||||
|
||||
### Updating OwlBot SHA
|
||||
|
||||
You may want to manually update the which version of the post-processor will be
|
||||
|
|
25
vendor/cloud.google.com/go/internal/cloudbuild.yaml
generated
vendored
25
vendor/cloud.google.com/go/internal/cloudbuild.yaml
generated
vendored
|
@ -1,25 +0,0 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
# note: /workspace is a special directory in the docker image where all the files in this folder
|
||||
# get placed on your behalf
|
||||
|
||||
timeout: 7200s # 2 hours
|
||||
steps:
|
||||
- name: gcr.io/cloud-builders/docker
|
||||
args: ['build', '-t', 'gcr.io/cloud-devrel-public-resources/owlbot-go', '-f', 'postprocessor/Dockerfile', '.']
|
||||
dir: internal
|
||||
|
||||
images:
|
||||
- gcr.io/cloud-devrel-public-resources/owlbot-go:latest
|
9
vendor/cloud.google.com/go/internal/retry.go
generated
vendored
9
vendor/cloud.google.com/go/internal/retry.go
generated
vendored
|
@ -20,7 +20,6 @@ import (
|
|||
"time"
|
||||
|
||||
gax "github.com/googleapis/gax-go/v2"
|
||||
"google.golang.org/grpc/status"
|
||||
)
|
||||
|
||||
// Retry calls the supplied function f repeatedly according to the provided
|
||||
|
@ -75,11 +74,3 @@ func (e wrappedCallErr) Unwrap() error {
|
|||
func (e wrappedCallErr) Is(err error) bool {
|
||||
return e.ctxErr == err || e.wrappedErr == err
|
||||
}
|
||||
|
||||
// GRPCStatus allows the wrapped error to be used with status.FromError.
|
||||
func (e wrappedCallErr) GRPCStatus() *status.Status {
|
||||
if s, ok := status.FromError(e.wrappedErr); ok {
|
||||
return s
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
|
29
vendor/cloud.google.com/go/storage/CHANGES.md
generated
vendored
29
vendor/cloud.google.com/go/storage/CHANGES.md
generated
vendored
|
@ -1,6 +1,35 @@
|
|||
# Changes
|
||||
|
||||
|
||||
## [1.31.0](https://github.com/googleapis/google-cloud-go/compare/storage/v1.30.1...storage/v1.31.0) (2023-06-27)
|
||||
|
||||
|
||||
### Features
|
||||
|
||||
* **storage/internal:** Add ctype=CORD for ChecksummedData.content ([ca94e27](https://github.com/googleapis/google-cloud-go/commit/ca94e2724f9e2610b46aefd0a3b5ddc06102e91b))
|
||||
* **storage:** Add support for MatchGlob ([#8097](https://github.com/googleapis/google-cloud-go/issues/8097)) ([9426a5a](https://github.com/googleapis/google-cloud-go/commit/9426a5a45d4c2fd07f84261f6d602680e79cdc48)), refs [#7727](https://github.com/googleapis/google-cloud-go/issues/7727) [#7728](https://github.com/googleapis/google-cloud-go/issues/7728)
|
||||
* **storage:** Respect WithEndpoint for SignedURLs and PostPolicy ([#8113](https://github.com/googleapis/google-cloud-go/issues/8113)) ([f918f23](https://github.com/googleapis/google-cloud-go/commit/f918f23a3cda4fbc8d709e32b914ead8b735d664))
|
||||
* **storage:** Update all direct dependencies ([b340d03](https://github.com/googleapis/google-cloud-go/commit/b340d030f2b52a4ce48846ce63984b28583abde6))
|
||||
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* **storage:** Fix CreateBucket logic for gRPC ([#8165](https://github.com/googleapis/google-cloud-go/issues/8165)) ([8424e7e](https://github.com/googleapis/google-cloud-go/commit/8424e7e145a117c91006318fa924a8b2643c1c7e)), refs [#8162](https://github.com/googleapis/google-cloud-go/issues/8162)
|
||||
* **storage:** Fix reads with "./" in object names [XML] ([#8017](https://github.com/googleapis/google-cloud-go/issues/8017)) ([6b7b21f](https://github.com/googleapis/google-cloud-go/commit/6b7b21f8a334b6ad3a25e1f66ae1265b4d1f0995))
|
||||
* **storage:** Fix routing header for writes ([#8159](https://github.com/googleapis/google-cloud-go/issues/8159)) ([42a59f5](https://github.com/googleapis/google-cloud-go/commit/42a59f5a23ab9b4743ab032ad92304922c801d93)), refs [#8142](https://github.com/googleapis/google-cloud-go/issues/8142) [#8143](https://github.com/googleapis/google-cloud-go/issues/8143) [#8144](https://github.com/googleapis/google-cloud-go/issues/8144) [#8145](https://github.com/googleapis/google-cloud-go/issues/8145) [#8149](https://github.com/googleapis/google-cloud-go/issues/8149)
|
||||
* **storage:** REST query UpdateMask bug ([df52820](https://github.com/googleapis/google-cloud-go/commit/df52820b0e7721954809a8aa8700b93c5662dc9b))
|
||||
* **storage:** Update grpc to v1.55.0 ([1147ce0](https://github.com/googleapis/google-cloud-go/commit/1147ce02a990276ca4f8ab7a1ab65c14da4450ef))
|
||||
|
||||
|
||||
### Documentation
|
||||
|
||||
* **storage/internal:** Clarifications about behavior of DeleteObject RPC ([3f1ed9c](https://github.com/googleapis/google-cloud-go/commit/3f1ed9c63fb115f47607a3ab478842fe5ba0df11))
|
||||
* **storage/internal:** Clarified the behavior of supplying bucket.name field in CreateBucket to reflect actual implementation ([ebae64d](https://github.com/googleapis/google-cloud-go/commit/ebae64d53397ec5dfe851f098754eaa1f5df7cb1))
|
||||
* **storage/internal:** Revert ChecksummedData message definition not to specify ctype=CORD, because it would be a breaking change. ([ef61e47](https://github.com/googleapis/google-cloud-go/commit/ef61e4799280a355b960da8ae240ceb2efbe71ac))
|
||||
* **storage/internal:** Update routing annotations for CancelResumableWriteRequest and QueryWriteStatusRequest ([4900851](https://github.com/googleapis/google-cloud-go/commit/49008518e168fe6f7891b907d6fc14eecdef758c))
|
||||
* **storage/internal:** Updated ChecksummedData message definition to specify ctype=CORD, and removed incorrect earlier attempt that set that annotation in the ReadObjectResponse message definition ([ef61e47](https://github.com/googleapis/google-cloud-go/commit/ef61e4799280a355b960da8ae240ceb2efbe71ac))
|
||||
* **storage:** WithXMLReads should mention XML instead of JSON API ([#7881](https://github.com/googleapis/google-cloud-go/issues/7881)) ([36f56c8](https://github.com/googleapis/google-cloud-go/commit/36f56c80c456ca74ffc03df76844ce15980ced82))
|
||||
|
||||
## [1.30.1](https://github.com/googleapis/google-cloud-go/compare/storage/v1.30.0...storage/v1.30.1) (2023-03-21)
|
||||
|
||||
|
||||
|
|
2
vendor/cloud.google.com/go/storage/acl.go
generated
vendored
2
vendor/cloud.google.com/go/storage/acl.go
generated
vendored
|
@ -20,7 +20,7 @@ import (
|
|||
"reflect"
|
||||
|
||||
"cloud.google.com/go/internal/trace"
|
||||
storagepb "cloud.google.com/go/storage/internal/apiv2/stubs"
|
||||
"cloud.google.com/go/storage/internal/apiv2/storagepb"
|
||||
raw "google.golang.org/api/storage/v1"
|
||||
)
|
||||
|
||||
|
|
33
vendor/cloud.google.com/go/storage/bucket.go
generated
vendored
33
vendor/cloud.google.com/go/storage/bucket.go
generated
vendored
|
@ -27,7 +27,7 @@ import (
|
|||
"cloud.google.com/go/compute/metadata"
|
||||
"cloud.google.com/go/internal/optional"
|
||||
"cloud.google.com/go/internal/trace"
|
||||
storagepb "cloud.google.com/go/storage/internal/apiv2/stubs"
|
||||
"cloud.google.com/go/storage/internal/apiv2/storagepb"
|
||||
"google.golang.org/api/googleapi"
|
||||
"google.golang.org/api/iamcredentials/v1"
|
||||
"google.golang.org/api/iterator"
|
||||
|
@ -173,12 +173,18 @@ func (b *BucketHandle) Update(ctx context.Context, uattrs BucketAttrsToUpdate) (
|
|||
// [Overview of access control]: https://cloud.google.com/storage/docs/accesscontrol#signed_urls_query_string_authentication
|
||||
// [automatic detection of credentials]: https://pkg.go.dev/cloud.google.com/go/storage#hdr-Credential_requirements_for_signing
|
||||
func (b *BucketHandle) SignedURL(object string, opts *SignedURLOptions) (string, error) {
|
||||
if opts.GoogleAccessID != "" && (opts.SignBytes != nil || len(opts.PrivateKey) > 0) {
|
||||
return SignedURL(b.name, object, opts)
|
||||
}
|
||||
// Make a copy of opts so we don't modify the pointer parameter.
|
||||
newopts := opts.clone()
|
||||
|
||||
if newopts.Hostname == "" {
|
||||
// Extract the correct host from the readhost set on the client
|
||||
newopts.Hostname = b.c.xmlHost
|
||||
}
|
||||
|
||||
if opts.GoogleAccessID != "" && (opts.SignBytes != nil || len(opts.PrivateKey) > 0) {
|
||||
return SignedURL(b.name, object, newopts)
|
||||
}
|
||||
|
||||
if newopts.GoogleAccessID == "" {
|
||||
id, err := b.detectDefaultGoogleAccessID()
|
||||
if err != nil {
|
||||
|
@ -215,12 +221,18 @@ func (b *BucketHandle) SignedURL(object string, opts *SignedURLOptions) (string,
|
|||
//
|
||||
// [automatic detection of credentials]: https://pkg.go.dev/cloud.google.com/go/storage#hdr-Credential_requirements_for_signing
|
||||
func (b *BucketHandle) GenerateSignedPostPolicyV4(object string, opts *PostPolicyV4Options) (*PostPolicyV4, error) {
|
||||
if opts.GoogleAccessID != "" && (opts.SignRawBytes != nil || opts.SignBytes != nil || len(opts.PrivateKey) > 0) {
|
||||
return GenerateSignedPostPolicyV4(b.name, object, opts)
|
||||
}
|
||||
// Make a copy of opts so we don't modify the pointer parameter.
|
||||
newopts := opts.clone()
|
||||
|
||||
if newopts.Hostname == "" {
|
||||
// Extract the correct host from the readhost set on the client
|
||||
newopts.Hostname = b.c.xmlHost
|
||||
}
|
||||
|
||||
if opts.GoogleAccessID != "" && (opts.SignRawBytes != nil || opts.SignBytes != nil || len(opts.PrivateKey) > 0) {
|
||||
return GenerateSignedPostPolicyV4(b.name, object, newopts)
|
||||
}
|
||||
|
||||
if newopts.GoogleAccessID == "" {
|
||||
id, err := b.detectDefaultGoogleAccessID()
|
||||
if err != nil {
|
||||
|
@ -921,8 +933,6 @@ func (ua *BucketAttrsToUpdate) toProtoBucket() *storagepb.Bucket {
|
|||
return &storagepb.Bucket{}
|
||||
}
|
||||
|
||||
// TODO(cathyo): Handle labels. Pending b/230510191.
|
||||
|
||||
var v *storagepb.Bucket_Versioning
|
||||
if ua.VersioningEnabled != nil {
|
||||
v = &storagepb.Bucket_Versioning{Enabled: optional.ToBool(ua.VersioningEnabled)}
|
||||
|
@ -996,6 +1006,7 @@ func (ua *BucketAttrsToUpdate) toProtoBucket() *storagepb.Bucket {
|
|||
IamConfig: bktIAM,
|
||||
Rpo: ua.RPO.String(),
|
||||
Autoclass: ua.Autoclass.toProtoAutoclass(),
|
||||
Labels: ua.setLabels,
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1264,7 +1275,9 @@ func (ua *BucketAttrsToUpdate) toRawBucket() *raw.Bucket {
|
|||
}
|
||||
|
||||
// If returns a new BucketHandle that applies a set of preconditions.
|
||||
// Preconditions already set on the BucketHandle are ignored.
|
||||
// Preconditions already set on the BucketHandle are ignored. The supplied
|
||||
// BucketConditions must have exactly one field set to a non-zero value;
|
||||
// otherwise an error will be returned from any operation on the BucketHandle.
|
||||
// Operations on the new handle will return an error if the preconditions are not
|
||||
// satisfied. The only valid preconditions for buckets are MetagenerationMatch
|
||||
// and MetagenerationNotMatch.
|
||||
|
|
89
vendor/cloud.google.com/go/storage/grpc_client.go
generated
vendored
89
vendor/cloud.google.com/go/storage/grpc_client.go
generated
vendored
|
@ -26,8 +26,9 @@ import (
|
|||
"cloud.google.com/go/iam/apiv1/iampb"
|
||||
"cloud.google.com/go/internal/trace"
|
||||
gapic "cloud.google.com/go/storage/internal/apiv2"
|
||||
storagepb "cloud.google.com/go/storage/internal/apiv2/stubs"
|
||||
"cloud.google.com/go/storage/internal/apiv2/storagepb"
|
||||
"github.com/googleapis/gax-go/v2"
|
||||
"google.golang.org/api/googleapi"
|
||||
"google.golang.org/api/iterator"
|
||||
"google.golang.org/api/option"
|
||||
"google.golang.org/api/option/internaloption"
|
||||
|
@ -153,7 +154,7 @@ func (c *grpcStorageClient) GetServiceAccount(ctx context.Context, project strin
|
|||
func (c *grpcStorageClient) CreateBucket(ctx context.Context, project, bucket string, attrs *BucketAttrs, opts ...storageOption) (*BucketAttrs, error) {
|
||||
s := callSettings(c.settings, opts...)
|
||||
b := attrs.toProtoBucket()
|
||||
b.Name = bucket
|
||||
b.Project = toProjectResource(project)
|
||||
// If there is lifecycle information but no location, explicitly set
|
||||
// the location. This is a GCS quirk/bug.
|
||||
if b.GetLocation() == "" && b.GetLifecycle() != nil {
|
||||
|
@ -161,9 +162,9 @@ func (c *grpcStorageClient) CreateBucket(ctx context.Context, project, bucket st
|
|||
}
|
||||
|
||||
req := &storagepb.CreateBucketRequest{
|
||||
Parent: toProjectResource(project),
|
||||
Parent: fmt.Sprintf("projects/%s", globalProjectAlias),
|
||||
Bucket: b,
|
||||
BucketId: b.GetName(),
|
||||
BucketId: bucket,
|
||||
}
|
||||
if attrs != nil {
|
||||
req.PredefinedAcl = attrs.PredefinedACL
|
||||
|
@ -354,7 +355,16 @@ func (c *grpcStorageClient) UpdateBucket(ctx context.Context, bucket string, uat
|
|||
if uattrs.Autoclass != nil {
|
||||
fieldMask.Paths = append(fieldMask.Paths, "autoclass")
|
||||
}
|
||||
// TODO(cathyo): Handle labels. Pending b/230510191.
|
||||
|
||||
for label := range uattrs.setLabels {
|
||||
fieldMask.Paths = append(fieldMask.Paths, fmt.Sprintf("labels.%s", label))
|
||||
}
|
||||
|
||||
// Delete a label by not including it in Bucket.Labels but adding the key to the update mask.
|
||||
for label := range uattrs.deleteLabels {
|
||||
fieldMask.Paths = append(fieldMask.Paths, fmt.Sprintf("labels.%s", label))
|
||||
}
|
||||
|
||||
req.UpdateMask = fieldMask
|
||||
|
||||
var battrs *BucketAttrs
|
||||
|
@ -404,6 +414,11 @@ func (c *grpcStorageClient) ListObjects(ctx context.Context, bucket string, q *Q
|
|||
}
|
||||
gitr := c.raw.ListObjects(it.ctx, req, s.gax...)
|
||||
fetch := func(pageSize int, pageToken string) (token string, err error) {
|
||||
// MatchGlob not yet supported for gRPC.
|
||||
// TODO: add support when b/287306063 resolved.
|
||||
if q != nil && q.MatchGlob != "" {
|
||||
return "", status.Errorf(codes.Unimplemented, "MatchGlob is not supported for gRPC")
|
||||
}
|
||||
var objects []*storagepb.Object
|
||||
err = run(it.ctx, func() error {
|
||||
objects, token, err = gitr.InternalFetch(pageSize, pageToken)
|
||||
|
@ -540,7 +555,19 @@ func (c *grpcStorageClient) UpdateObject(ctx context.Context, bucket, object str
|
|||
if uattrs.ACL != nil || len(uattrs.PredefinedACL) > 0 {
|
||||
fieldMask.Paths = append(fieldMask.Paths, "acl")
|
||||
}
|
||||
// TODO(cathyo): Handle metadata. Pending b/230510191.
|
||||
|
||||
if uattrs.Metadata != nil {
|
||||
// We don't support deleting a specific metadata key; metadata is deleted
|
||||
// as a whole if provided an empty map, so we do not use dot notation here
|
||||
if len(uattrs.Metadata) == 0 {
|
||||
fieldMask.Paths = append(fieldMask.Paths, "metadata")
|
||||
} else {
|
||||
// We can, however, use dot notation for adding keys
|
||||
for key := range uattrs.Metadata {
|
||||
fieldMask.Paths = append(fieldMask.Paths, fmt.Sprintf("metadata.%s", key))
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
req.UpdateMask = fieldMask
|
||||
|
||||
|
@ -885,15 +912,8 @@ func (c *grpcStorageClient) NewRangeReader(ctx context.Context, params *newRange
|
|||
|
||||
req.ReadOffset = params.offset + seen
|
||||
|
||||
// A negative length means "read to the end of the object", but the
|
||||
// read_limit field it corresponds to uses zero to mean the same thing. Thus
|
||||
// we coerce the length to 0 to read to the end of the object.
|
||||
if params.length < 0 {
|
||||
params.length = 0
|
||||
}
|
||||
|
||||
// Only set a ReadLimit if length is greater than zero, because zero
|
||||
// means read it all.
|
||||
// Only set a ReadLimit if length is greater than zero, because <= 0 means
|
||||
// to read it all.
|
||||
if params.length > 0 {
|
||||
req.ReadLimit = params.length - seen
|
||||
}
|
||||
|
@ -963,6 +983,7 @@ func (c *grpcStorageClient) NewRangeReader(ctx context.Context, params *newRange
|
|||
// client buffer for reading later.
|
||||
leftovers: msg.GetChecksummedData().GetContent(),
|
||||
settings: s,
|
||||
zeroRange: params.length == 0,
|
||||
},
|
||||
}
|
||||
|
||||
|
@ -974,8 +995,15 @@ func (c *grpcStorageClient) NewRangeReader(ctx context.Context, params *newRange
|
|||
r.remain = size
|
||||
}
|
||||
|
||||
// For a zero-length request, explicitly close the stream and set remaining
|
||||
// bytes to zero.
|
||||
if params.length == 0 {
|
||||
r.remain = 0
|
||||
r.reader.Close()
|
||||
}
|
||||
|
||||
// Only support checksums when reading an entire object, not a range.
|
||||
if checksums := msg.GetObjectChecksums(); checksums != nil && checksums.Crc32C != nil && params.offset == 0 && params.length == 0 {
|
||||
if checksums := msg.GetObjectChecksums(); checksums != nil && checksums.Crc32C != nil && params.offset == 0 && params.length < 0 {
|
||||
r.wantCRC = checksums.GetCrc32C()
|
||||
r.checkCRC = true
|
||||
}
|
||||
|
@ -1036,11 +1064,13 @@ func (c *grpcStorageClient) OpenWriter(params *openWriterParams, opts ...storage
|
|||
pr.CloseWithError(err)
|
||||
return
|
||||
}
|
||||
// At this point, the current buffer has been uploaded. Capture the
|
||||
// committed offset here in case the upload was not finalized and
|
||||
// another chunk is to be uploaded.
|
||||
// At this point, the current buffer has been uploaded. For resumable
|
||||
// uploads, capture the committed offset here in case the upload was not
|
||||
// finalized and another chunk is to be uploaded.
|
||||
if gw.upid != "" {
|
||||
offset = off
|
||||
progress(offset)
|
||||
}
|
||||
|
||||
// When we are done reading data and the chunk has been finalized,
|
||||
// we are done.
|
||||
|
@ -1335,6 +1365,7 @@ type readStreamResponse struct {
|
|||
|
||||
type gRPCReader struct {
|
||||
seen, size int64
|
||||
zeroRange bool
|
||||
stream storagepb.Storage_ReadObjectClient
|
||||
reopen func(seen int64) (*readStreamResponse, context.CancelFunc, error)
|
||||
leftovers []byte
|
||||
|
@ -1344,7 +1375,12 @@ type gRPCReader struct {
|
|||
|
||||
// Read reads bytes into the user's buffer from an open gRPC stream.
|
||||
func (r *gRPCReader) Read(p []byte) (int, error) {
|
||||
// No stream to read from, either never initiliazed or Close was called.
|
||||
// The entire object has been read by this reader, return EOF.
|
||||
if r.size == r.seen || r.zeroRange {
|
||||
return 0, io.EOF
|
||||
}
|
||||
|
||||
// No stream to read from, either never initialized or Close was called.
|
||||
// Note: There is a potential concurrency issue if multiple routines are
|
||||
// using the same reader. One encounters an error and the stream is closed
|
||||
// and then reopened while the other routine attempts to read from it.
|
||||
|
@ -1352,11 +1388,6 @@ func (r *gRPCReader) Read(p []byte) (int, error) {
|
|||
return 0, fmt.Errorf("reader has been closed")
|
||||
}
|
||||
|
||||
// The entire object has been read by this reader, return EOF.
|
||||
if r.size != 0 && r.size == r.seen {
|
||||
return 0, io.EOF
|
||||
}
|
||||
|
||||
var n int
|
||||
// Read leftovers and return what was available to conform to the Reader
|
||||
// interface: https://pkg.go.dev/io#Reader.
|
||||
|
@ -1447,6 +1478,12 @@ func (r *gRPCReader) reopenStream() (*storagepb.ReadObjectResponse, error) {
|
|||
|
||||
func newGRPCWriter(c *grpcStorageClient, params *openWriterParams, r io.Reader) *gRPCWriter {
|
||||
size := params.chunkSize
|
||||
|
||||
// Round up chunksize to nearest 256KiB
|
||||
if size%googleapi.MinUploadChunkSize != 0 {
|
||||
size += googleapi.MinUploadChunkSize - (size % googleapi.MinUploadChunkSize)
|
||||
}
|
||||
|
||||
if params.chunkSize == 0 {
|
||||
// TODO: Should we actually use the minimum of 256 KB here when the user
|
||||
// indicates they want minimal memory usage? We cannot do a zero-copy,
|
||||
|
@ -1578,7 +1615,7 @@ func (w *gRPCWriter) uploadBuffer(recvd int, start int64, doneReading bool) (*st
|
|||
// The first message on the WriteObject stream must either be the
|
||||
// Object or the Resumable Upload ID.
|
||||
if first {
|
||||
ctx := gapic.InsertMetadata(w.ctx, metadata.Pairs("x-goog-request-params", "bucket="+url.QueryEscape(w.bucket)))
|
||||
ctx := gapic.InsertMetadata(w.ctx, metadata.Pairs("x-goog-request-params", fmt.Sprintf("bucket=projects/_/buckets/%s", url.QueryEscape(w.bucket))))
|
||||
w.stream, err = w.c.raw.WriteObject(ctx)
|
||||
if err != nil {
|
||||
return nil, 0, false, err
|
||||
|
|
2
vendor/cloud.google.com/go/storage/hmac.go
generated
vendored
2
vendor/cloud.google.com/go/storage/hmac.go
generated
vendored
|
@ -20,7 +20,7 @@ import (
|
|||
"fmt"
|
||||
"time"
|
||||
|
||||
storagepb "cloud.google.com/go/storage/internal/apiv2/stubs"
|
||||
"cloud.google.com/go/storage/internal/apiv2/storagepb"
|
||||
"google.golang.org/api/iterator"
|
||||
raw "google.golang.org/api/storage/v1"
|
||||
)
|
||||
|
|
12
vendor/cloud.google.com/go/storage/http_client.go
generated
vendored
12
vendor/cloud.google.com/go/storage/http_client.go
generated
vendored
|
@ -49,7 +49,7 @@ import (
|
|||
type httpStorageClient struct {
|
||||
creds *google.Credentials
|
||||
hc *http.Client
|
||||
readHost string
|
||||
xmlHost string
|
||||
raw *raw.Service
|
||||
scheme string
|
||||
settings *settings
|
||||
|
@ -123,7 +123,7 @@ func newHTTPStorageClient(ctx context.Context, opts ...storageOption) (storageCl
|
|||
if err != nil {
|
||||
return nil, fmt.Errorf("storage client: %w", err)
|
||||
}
|
||||
// Update readHost and scheme with the chosen endpoint.
|
||||
// Update xmlHost and scheme with the chosen endpoint.
|
||||
u, err := url.Parse(ep)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("supplied endpoint %q is not valid: %w", ep, err)
|
||||
|
@ -132,7 +132,7 @@ func newHTTPStorageClient(ctx context.Context, opts ...storageOption) (storageCl
|
|||
return &httpStorageClient{
|
||||
creds: creds,
|
||||
hc: hc,
|
||||
readHost: u.Host,
|
||||
xmlHost: u.Host,
|
||||
raw: rawService,
|
||||
scheme: u.Scheme,
|
||||
settings: s,
|
||||
|
@ -347,6 +347,7 @@ func (c *httpStorageClient) ListObjects(ctx context.Context, bucket string, q *Q
|
|||
req.EndOffset(it.query.EndOffset)
|
||||
req.Versions(it.query.Versions)
|
||||
req.IncludeTrailingDelimiter(it.query.IncludeTrailingDelimiter)
|
||||
req.MatchGlob(it.query.MatchGlob)
|
||||
if selection := it.query.toFieldSelection(); selection != "" {
|
||||
req.Fields("nextPageToken", googleapi.Field(selection))
|
||||
}
|
||||
|
@ -791,8 +792,9 @@ func (c *httpStorageClient) NewRangeReader(ctx context.Context, params *newRange
|
|||
func (c *httpStorageClient) newRangeReaderXML(ctx context.Context, params *newRangeReaderParams, s *settings) (r *Reader, err error) {
|
||||
u := &url.URL{
|
||||
Scheme: c.scheme,
|
||||
Host: c.readHost,
|
||||
Host: c.xmlHost,
|
||||
Path: fmt.Sprintf("/%s/%s", params.bucket, params.object),
|
||||
RawPath: fmt.Sprintf("/%s/%s", params.bucket, url.PathEscape(params.object)),
|
||||
}
|
||||
verb := "GET"
|
||||
if params.length == 0 {
|
||||
|
@ -1373,6 +1375,8 @@ func parseReadResponse(res *http.Response, params *newRangeReaderParams, reopen
|
|||
|
||||
remain := res.ContentLength
|
||||
body := res.Body
|
||||
// If the user requested zero bytes, explicitly close and remove the request
|
||||
// body.
|
||||
if params.length == 0 {
|
||||
remain = 0
|
||||
body.Close()
|
||||
|
|
61
vendor/cloud.google.com/go/storage/internal/apiv2/doc.go
generated
vendored
61
vendor/cloud.google.com/go/storage/internal/apiv2/doc.go
generated
vendored
|
@ -19,8 +19,6 @@
|
|||
//
|
||||
// Lets you store and retrieve potentially-large, immutable data objects.
|
||||
//
|
||||
// NOTE: This package is in alpha. It is not stable, and is likely to change.
|
||||
//
|
||||
// # General documentation
|
||||
//
|
||||
// For information about setting deadlines, reusing contexts, and more
|
||||
|
@ -64,13 +62,18 @@
|
|||
//
|
||||
// req := &storagepb.DeleteBucketRequest{
|
||||
// // TODO: Fill request struct fields.
|
||||
// // See https://pkg.go.dev/cloud.google.com/go/storage/internal/apiv2/stubs#DeleteBucketRequest.
|
||||
// // See https://pkg.go.dev/cloud.google.com/go/storage/internal/apiv2/storagepb#DeleteBucketRequest.
|
||||
// }
|
||||
// err = c.DeleteBucket(ctx, req)
|
||||
// if err != nil {
|
||||
// // TODO: Handle error.
|
||||
// }
|
||||
//
|
||||
// # Inspecting errors
|
||||
//
|
||||
// To see examples of how to inspect errors returned by this package please reference
|
||||
// [Inspecting errors](https://pkg.go.dev/cloud.google.com/go#hdr-Inspecting_errors).
|
||||
//
|
||||
// # Use of Context
|
||||
//
|
||||
// The ctx passed to NewClient is used for authentication requests and
|
||||
|
@ -82,11 +85,6 @@ package storage // import "cloud.google.com/go/storage/internal/apiv2"
|
|||
|
||||
import (
|
||||
"context"
|
||||
"os"
|
||||
"runtime"
|
||||
"strconv"
|
||||
"strings"
|
||||
"unicode"
|
||||
|
||||
"google.golang.org/api/option"
|
||||
"google.golang.org/grpc/metadata"
|
||||
|
@ -117,16 +115,6 @@ func insertMetadata(ctx context.Context, mds ...metadata.MD) context.Context {
|
|||
return metadata.NewOutgoingContext(ctx, out)
|
||||
}
|
||||
|
||||
func checkDisableDeadlines() (bool, error) {
|
||||
raw, ok := os.LookupEnv("GOOGLE_API_GO_EXPERIMENTAL_DISABLE_DEFAULT_DEADLINE")
|
||||
if !ok {
|
||||
return false, nil
|
||||
}
|
||||
|
||||
b, err := strconv.ParseBool(raw)
|
||||
return b, err
|
||||
}
|
||||
|
||||
// DefaultAuthScopes reports the default set of authentication scopes to use with this package.
|
||||
func DefaultAuthScopes() []string {
|
||||
return []string{
|
||||
|
@ -137,40 +125,3 @@ func DefaultAuthScopes() []string {
|
|||
"https://www.googleapis.com/auth/devstorage.read_write",
|
||||
}
|
||||
}
|
||||
|
||||
// versionGo returns the Go runtime version. The returned string
|
||||
// has no whitespace, suitable for reporting in header.
|
||||
func versionGo() string {
|
||||
const develPrefix = "devel +"
|
||||
|
||||
s := runtime.Version()
|
||||
if strings.HasPrefix(s, develPrefix) {
|
||||
s = s[len(develPrefix):]
|
||||
if p := strings.IndexFunc(s, unicode.IsSpace); p >= 0 {
|
||||
s = s[:p]
|
||||
}
|
||||
return s
|
||||
}
|
||||
|
||||
notSemverRune := func(r rune) bool {
|
||||
return !strings.ContainsRune("0123456789.", r)
|
||||
}
|
||||
|
||||
if strings.HasPrefix(s, "go1") {
|
||||
s = s[2:]
|
||||
var prerelease string
|
||||
if p := strings.IndexFunc(s, notSemverRune); p >= 0 {
|
||||
s, prerelease = s[:p], s[p:]
|
||||
}
|
||||
if strings.HasSuffix(s, ".") {
|
||||
s += "0"
|
||||
} else if strings.Count(s, ".") < 2 {
|
||||
s += ".0"
|
||||
}
|
||||
if prerelease != "" {
|
||||
s += "-" + prerelease
|
||||
}
|
||||
return s
|
||||
}
|
||||
return "UNKNOWN"
|
||||
}
|
||||
|
|
451
vendor/cloud.google.com/go/storage/internal/apiv2/storage_client.go
generated
vendored
451
vendor/cloud.google.com/go/storage/internal/apiv2/storage_client.go
generated
vendored
|
@ -23,15 +23,17 @@ import (
|
|||
"net/url"
|
||||
"regexp"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
iampb "cloud.google.com/go/iam/apiv1/iampb"
|
||||
storagepb "cloud.google.com/go/storage/internal/apiv2/stubs"
|
||||
storagepb "cloud.google.com/go/storage/internal/apiv2/storagepb"
|
||||
gax "github.com/googleapis/gax-go/v2"
|
||||
"google.golang.org/api/iterator"
|
||||
"google.golang.org/api/option"
|
||||
"google.golang.org/api/option/internaloption"
|
||||
gtransport "google.golang.org/api/transport/grpc"
|
||||
"google.golang.org/grpc"
|
||||
"google.golang.org/grpc/codes"
|
||||
"google.golang.org/grpc/metadata"
|
||||
"google.golang.org/protobuf/proto"
|
||||
)
|
||||
|
@ -86,36 +88,394 @@ func defaultGRPCClientOptions() []option.ClientOption {
|
|||
|
||||
func defaultCallOptions() *CallOptions {
|
||||
return &CallOptions{
|
||||
DeleteBucket: []gax.CallOption{},
|
||||
GetBucket: []gax.CallOption{},
|
||||
CreateBucket: []gax.CallOption{},
|
||||
ListBuckets: []gax.CallOption{},
|
||||
LockBucketRetentionPolicy: []gax.CallOption{},
|
||||
GetIamPolicy: []gax.CallOption{},
|
||||
SetIamPolicy: []gax.CallOption{},
|
||||
TestIamPermissions: []gax.CallOption{},
|
||||
UpdateBucket: []gax.CallOption{},
|
||||
DeleteNotificationConfig: []gax.CallOption{},
|
||||
GetNotificationConfig: []gax.CallOption{},
|
||||
CreateNotificationConfig: []gax.CallOption{},
|
||||
ListNotificationConfigs: []gax.CallOption{},
|
||||
ComposeObject: []gax.CallOption{},
|
||||
DeleteObject: []gax.CallOption{},
|
||||
CancelResumableWrite: []gax.CallOption{},
|
||||
GetObject: []gax.CallOption{},
|
||||
ReadObject: []gax.CallOption{},
|
||||
UpdateObject: []gax.CallOption{},
|
||||
WriteObject: []gax.CallOption{},
|
||||
ListObjects: []gax.CallOption{},
|
||||
RewriteObject: []gax.CallOption{},
|
||||
StartResumableWrite: []gax.CallOption{},
|
||||
QueryWriteStatus: []gax.CallOption{},
|
||||
GetServiceAccount: []gax.CallOption{},
|
||||
CreateHmacKey: []gax.CallOption{},
|
||||
DeleteHmacKey: []gax.CallOption{},
|
||||
GetHmacKey: []gax.CallOption{},
|
||||
ListHmacKeys: []gax.CallOption{},
|
||||
UpdateHmacKey: []gax.CallOption{},
|
||||
DeleteBucket: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
GetBucket: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
CreateBucket: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
ListBuckets: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
LockBucketRetentionPolicy: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
GetIamPolicy: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
SetIamPolicy: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
TestIamPermissions: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
UpdateBucket: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
DeleteNotificationConfig: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
GetNotificationConfig: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
CreateNotificationConfig: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
ListNotificationConfigs: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
ComposeObject: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
DeleteObject: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
CancelResumableWrite: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
GetObject: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
ReadObject: []gax.CallOption{
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
UpdateObject: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
WriteObject: []gax.CallOption{
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
ListObjects: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
RewriteObject: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
StartResumableWrite: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
QueryWriteStatus: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
GetServiceAccount: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
CreateHmacKey: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
DeleteHmacKey: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
GetHmacKey: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
ListHmacKeys: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
UpdateHmacKey: []gax.CallOption{
|
||||
gax.WithTimeout(60000 * time.Millisecond),
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.DeadlineExceeded,
|
||||
codes.Unavailable,
|
||||
}, gax.Backoff{
|
||||
Initial: 1000 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 2.00,
|
||||
})
|
||||
}),
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -296,13 +656,24 @@ func (c *Client) ComposeObject(ctx context.Context, req *storagepb.ComposeObject
|
|||
return c.internalClient.ComposeObject(ctx, req, opts...)
|
||||
}
|
||||
|
||||
// DeleteObject deletes an object and its metadata. Deletions are permanent if versioning
|
||||
// is not enabled for the bucket, or if the generation parameter is used.
|
||||
// DeleteObject deletes an object and its metadata.
|
||||
//
|
||||
// Deletions are normally permanent when versioning is disabled or whenever
|
||||
// the generation parameter is used. However, if soft delete is enabled for
|
||||
// the bucket, deleted objects can be restored using RestoreObject until the
|
||||
// soft delete retention period has passed.
|
||||
func (c *Client) DeleteObject(ctx context.Context, req *storagepb.DeleteObjectRequest, opts ...gax.CallOption) error {
|
||||
return c.internalClient.DeleteObject(ctx, req, opts...)
|
||||
}
|
||||
|
||||
// CancelResumableWrite cancels an in-progress resumable upload.
|
||||
//
|
||||
// Any attempts to write to the resumable upload after cancelling the upload
|
||||
// will fail.
|
||||
//
|
||||
// The behavior for currently in progress write operations is not guaranteed -
|
||||
// they could either complete before the cancellation or fail if the
|
||||
// cancellation completes first.
|
||||
func (c *Client) CancelResumableWrite(ctx context.Context, req *storagepb.CancelResumableWriteRequest, opts ...gax.CallOption) (*storagepb.CancelResumableWriteResponse, error) {
|
||||
return c.internalClient.CancelResumableWrite(ctx, req, opts...)
|
||||
}
|
||||
|
@ -369,6 +740,9 @@ func (c *Client) UpdateObject(ctx context.Context, req *storagepb.UpdateObjectRe
|
|||
// incur a performance cost over resuming at the correct write offset.
|
||||
// This behavior can make client-side handling simpler in some cases.
|
||||
//
|
||||
// Clients must only send data that is a multiple of 256 KiB per message,
|
||||
// unless the object is being finished with finish_write set to true.
|
||||
//
|
||||
// The service will not view the object as complete until the client has
|
||||
// sent a WriteObjectRequest with finish_write set to true. Sending any
|
||||
// requests on a stream after sending a request with finish_write set to
|
||||
|
@ -455,9 +829,6 @@ type gRPCClient struct {
|
|||
// Connection pool of gRPC connections to the service.
|
||||
connPool gtransport.ConnPool
|
||||
|
||||
// flag to opt out of default deadlines via GOOGLE_API_GO_EXPERIMENTAL_DISABLE_DEFAULT_DEADLINE
|
||||
disableDeadlines bool
|
||||
|
||||
// Points back to the CallOptions field of the containing Client
|
||||
CallOptions **CallOptions
|
||||
|
||||
|
@ -503,11 +874,6 @@ func NewClient(ctx context.Context, opts ...option.ClientOption) (*Client, error
|
|||
clientOpts = append(clientOpts, hookOpts...)
|
||||
}
|
||||
|
||||
disableDeadlines, err := checkDisableDeadlines()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
connPool, err := gtransport.DialPool(ctx, append(clientOpts, opts...)...)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
@ -516,7 +882,6 @@ func NewClient(ctx context.Context, opts ...option.ClientOption) (*Client, error
|
|||
|
||||
c := &gRPCClient{
|
||||
connPool: connPool,
|
||||
disableDeadlines: disableDeadlines,
|
||||
client: storagepb.NewStorageClient(connPool),
|
||||
CallOptions: &client.CallOptions,
|
||||
}
|
||||
|
@ -539,7 +904,7 @@ func (c *gRPCClient) Connection() *grpc.ClientConn {
|
|||
// the `x-goog-api-client` header passed on each request. Intended for
|
||||
// use by Google-written clients.
|
||||
func (c *gRPCClient) setGoogleClientInfo(keyval ...string) {
|
||||
kv := append([]string{"gl-go", versionGo()}, keyval...)
|
||||
kv := append([]string{"gl-go", gax.GoVersion}, keyval...)
|
||||
kv = append(kv, "gapic", getVersionClient(), "gax", gax.Version, "grpc", grpc.Version)
|
||||
c.xGoogMetadata = metadata.Pairs("x-goog-api-client", gax.XGoogHeader(kv...))
|
||||
}
|
||||
|
|
File diff suppressed because it is too large
Load diff
2
vendor/cloud.google.com/go/storage/internal/version.go
generated
vendored
2
vendor/cloud.google.com/go/storage/internal/version.go
generated
vendored
|
@ -15,4 +15,4 @@
|
|||
package internal
|
||||
|
||||
// Version is the current tagged release of the library.
|
||||
const Version = "1.30.1"
|
||||
const Version = "1.31.0"
|
||||
|
|
5
vendor/cloud.google.com/go/storage/invoke.go
generated
vendored
5
vendor/cloud.google.com/go/storage/invoke.go
generated
vendored
|
@ -76,9 +76,14 @@ func setRetryHeaderHTTP(req interface{ Header() http.Header }) func(string, int)
|
|||
return
|
||||
}
|
||||
header := req.Header()
|
||||
// TODO(b/274504690): Consider dropping gccl-invocation-id key since it
|
||||
// duplicates the X-Goog-Gcs-Idempotency-Token header (added in v1.31.0).
|
||||
invocationHeader := fmt.Sprintf("gccl-invocation-id/%v gccl-attempt-count/%v", invocationID, attempts)
|
||||
xGoogHeader := strings.Join([]string{invocationHeader, xGoogDefaultHeader}, " ")
|
||||
header.Set("x-goog-api-client", xGoogHeader)
|
||||
// Also use the invocationID for the idempotency token header, which will
|
||||
// enable idempotent retries for more operations.
|
||||
header.Set("x-goog-gcs-idempotency-token", invocationID)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
2
vendor/cloud.google.com/go/storage/notifications.go
generated
vendored
2
vendor/cloud.google.com/go/storage/notifications.go
generated
vendored
|
@ -21,7 +21,7 @@ import (
|
|||
"regexp"
|
||||
|
||||
"cloud.google.com/go/internal/trace"
|
||||
storagepb "cloud.google.com/go/storage/internal/apiv2/stubs"
|
||||
"cloud.google.com/go/storage/internal/apiv2/storagepb"
|
||||
raw "google.golang.org/api/storage/v1"
|
||||
)
|
||||
|
||||
|
|
2
vendor/cloud.google.com/go/storage/option.go
generated
vendored
2
vendor/cloud.google.com/go/storage/option.go
generated
vendored
|
@ -57,7 +57,7 @@ func WithJSONReads() option.ClientOption {
|
|||
}
|
||||
|
||||
// WithXMLReads is an option that may be passed to a Storage Client on creation.
|
||||
// It sets the client to use the JSON API for object reads.
|
||||
// It sets the client to use the XML API for object reads.
|
||||
//
|
||||
// This is the current default.
|
||||
func WithXMLReads() option.ClientOption {
|
||||
|
|
9
vendor/cloud.google.com/go/storage/post_policy_v4.go
generated
vendored
9
vendor/cloud.google.com/go/storage/post_policy_v4.go
generated
vendored
|
@ -113,6 +113,12 @@ type PostPolicyV4Options struct {
|
|||
// Optional.
|
||||
Conditions []PostPolicyV4Condition
|
||||
|
||||
// Hostname sets the host of the signed post policy. This field overrides
|
||||
// any endpoint set on a storage Client or through STORAGE_EMULATOR_HOST.
|
||||
// Only compatible with PathStyle URLStyle.
|
||||
// Optional.
|
||||
Hostname string
|
||||
|
||||
shouldHashSignBytes bool
|
||||
}
|
||||
|
||||
|
@ -128,6 +134,7 @@ func (opts *PostPolicyV4Options) clone() *PostPolicyV4Options {
|
|||
Fields: opts.Fields,
|
||||
Conditions: opts.Conditions,
|
||||
shouldHashSignBytes: opts.shouldHashSignBytes,
|
||||
Hostname: opts.Hostname,
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -370,7 +377,7 @@ func GenerateSignedPostPolicyV4(bucket, object string, opts *PostPolicyV4Options
|
|||
u := &url.URL{
|
||||
Path: path,
|
||||
RawPath: pathEncodeV4(path),
|
||||
Host: opts.Style.host(bucket),
|
||||
Host: opts.Style.host(opts.Hostname, bucket),
|
||||
Scheme: scheme,
|
||||
}
|
||||
|
||||
|
|
58
vendor/cloud.google.com/go/storage/storage.go
generated
vendored
58
vendor/cloud.google.com/go/storage/storage.go
generated
vendored
|
@ -41,7 +41,7 @@ import (
|
|||
"cloud.google.com/go/internal/optional"
|
||||
"cloud.google.com/go/internal/trace"
|
||||
"cloud.google.com/go/storage/internal"
|
||||
storagepb "cloud.google.com/go/storage/internal/apiv2/stubs"
|
||||
"cloud.google.com/go/storage/internal/apiv2/storagepb"
|
||||
"github.com/googleapis/gax-go/v2"
|
||||
"golang.org/x/oauth2/google"
|
||||
"google.golang.org/api/googleapi"
|
||||
|
@ -109,8 +109,8 @@ type Client struct {
|
|||
raw *raw.Service
|
||||
// Scheme describes the scheme under the current host.
|
||||
scheme string
|
||||
// ReadHost is the default host used on the reader.
|
||||
readHost string
|
||||
// xmlHost is the default host used for XML requests.
|
||||
xmlHost string
|
||||
// May be nil.
|
||||
creds *google.Credentials
|
||||
retry *retryConfig
|
||||
|
@ -199,7 +199,7 @@ func NewClient(ctx context.Context, opts ...option.ClientOption) (*Client, error
|
|||
if err != nil {
|
||||
return nil, fmt.Errorf("storage client: %w", err)
|
||||
}
|
||||
// Update readHost and scheme with the chosen endpoint.
|
||||
// Update xmlHost and scheme with the chosen endpoint.
|
||||
u, err := url.Parse(ep)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("supplied endpoint %q is not valid: %w", ep, err)
|
||||
|
@ -214,7 +214,7 @@ func NewClient(ctx context.Context, opts ...option.ClientOption) (*Client, error
|
|||
hc: hc,
|
||||
raw: rawService,
|
||||
scheme: u.Scheme,
|
||||
readHost: u.Host,
|
||||
xmlHost: u.Host,
|
||||
creds: creds,
|
||||
tc: tc,
|
||||
}, nil
|
||||
|
@ -262,13 +262,13 @@ const (
|
|||
SigningSchemeV4
|
||||
)
|
||||
|
||||
// URLStyle determines the style to use for the signed URL. pathStyle is the
|
||||
// URLStyle determines the style to use for the signed URL. PathStyle is the
|
||||
// default. All non-default options work with V4 scheme only. See
|
||||
// https://cloud.google.com/storage/docs/request-endpoints for details.
|
||||
type URLStyle interface {
|
||||
// host should return the host portion of the signed URL, not including
|
||||
// the scheme (e.g. storage.googleapis.com).
|
||||
host(bucket string) string
|
||||
host(hostname, bucket string) string
|
||||
|
||||
// path should return the path portion of the signed URL, which may include
|
||||
// both the bucket and object name or only the object name depending on the
|
||||
|
@ -284,7 +284,11 @@ type bucketBoundHostname struct {
|
|||
hostname string
|
||||
}
|
||||
|
||||
func (s pathStyle) host(bucket string) string {
|
||||
func (s pathStyle) host(hostname, bucket string) string {
|
||||
if hostname != "" {
|
||||
return stripScheme(hostname)
|
||||
}
|
||||
|
||||
if host := os.Getenv("STORAGE_EMULATOR_HOST"); host != "" {
|
||||
return stripScheme(host)
|
||||
}
|
||||
|
@ -292,7 +296,7 @@ func (s pathStyle) host(bucket string) string {
|
|||
return "storage.googleapis.com"
|
||||
}
|
||||
|
||||
func (s virtualHostedStyle) host(bucket string) string {
|
||||
func (s virtualHostedStyle) host(_, bucket string) string {
|
||||
if host := os.Getenv("STORAGE_EMULATOR_HOST"); host != "" {
|
||||
return bucket + "." + stripScheme(host)
|
||||
}
|
||||
|
@ -300,7 +304,7 @@ func (s virtualHostedStyle) host(bucket string) string {
|
|||
return bucket + ".storage.googleapis.com"
|
||||
}
|
||||
|
||||
func (s bucketBoundHostname) host(bucket string) string {
|
||||
func (s bucketBoundHostname) host(_, bucket string) string {
|
||||
return s.hostname
|
||||
}
|
||||
|
||||
|
@ -321,7 +325,10 @@ func (s bucketBoundHostname) path(bucket, object string) string {
|
|||
}
|
||||
|
||||
// PathStyle is the default style, and will generate a URL of the form
|
||||
// "storage.googleapis.com/<bucket-name>/<object-name>".
|
||||
// "<host-name>/<bucket-name>/<object-name>". By default, <host-name> is
|
||||
// storage.googleapis.com, but setting an endpoint on the storage Client or
|
||||
// through STORAGE_EMULATOR_HOST overrides this. Setting Hostname on
|
||||
// SignedURLOptions or PostPolicyV4Options overrides everything else.
|
||||
func PathStyle() URLStyle {
|
||||
return pathStyle{}
|
||||
}
|
||||
|
@ -442,6 +449,12 @@ type SignedURLOptions struct {
|
|||
// Scheme determines the version of URL signing to use. Default is
|
||||
// SigningSchemeV2.
|
||||
Scheme SigningScheme
|
||||
|
||||
// Hostname sets the host of the signed URL. This field overrides any
|
||||
// endpoint set on a storage Client or through STORAGE_EMULATOR_HOST.
|
||||
// Only compatible with PathStyle URLStyle.
|
||||
// Optional.
|
||||
Hostname string
|
||||
}
|
||||
|
||||
func (opts *SignedURLOptions) clone() *SignedURLOptions {
|
||||
|
@ -458,6 +471,7 @@ func (opts *SignedURLOptions) clone() *SignedURLOptions {
|
|||
Style: opts.Style,
|
||||
Insecure: opts.Insecure,
|
||||
Scheme: opts.Scheme,
|
||||
Hostname: opts.Hostname,
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -716,7 +730,7 @@ func signedURLV4(bucket, name string, opts *SignedURLOptions, now time.Time) (st
|
|||
fmt.Fprintf(buf, "%s\n", escapedQuery)
|
||||
|
||||
// Fill in the hostname based on the desired URL style.
|
||||
u.Host = opts.Style.host(bucket)
|
||||
u.Host = opts.Style.host(opts.Hostname, bucket)
|
||||
|
||||
// Fill in the URL scheme.
|
||||
if opts.Insecure {
|
||||
|
@ -850,7 +864,7 @@ func signedURLV2(bucket, name string, opts *SignedURLOptions) (string, error) {
|
|||
}
|
||||
encoded := base64.StdEncoding.EncodeToString(b)
|
||||
u.Scheme = "https"
|
||||
u.Host = PathStyle().host(bucket)
|
||||
u.Host = PathStyle().host(opts.Hostname, bucket)
|
||||
q := u.Query()
|
||||
q.Set("GoogleAccessId", opts.GoogleAccessID)
|
||||
q.Set("Expires", fmt.Sprintf("%d", opts.Expires.Unix()))
|
||||
|
@ -893,7 +907,9 @@ func (o *ObjectHandle) Generation(gen int64) *ObjectHandle {
|
|||
}
|
||||
|
||||
// If returns a new ObjectHandle that applies a set of preconditions.
|
||||
// Preconditions already set on the ObjectHandle are ignored.
|
||||
// Preconditions already set on the ObjectHandle are ignored. The supplied
|
||||
// Conditions must have at least one field set to a non-default value;
|
||||
// otherwise an error will be returned from any operation on the ObjectHandle.
|
||||
// Operations on the new handle will return an error if the preconditions are not
|
||||
// satisfied. See https://cloud.google.com/storage/docs/generations-preconditions
|
||||
// for more details.
|
||||
|
@ -1163,7 +1179,7 @@ func (uattrs *ObjectAttrsToUpdate) toProtoObject(bucket, object string) *storage
|
|||
o.Acl = toProtoObjectACL(uattrs.ACL)
|
||||
}
|
||||
|
||||
// TODO(cathyo): Handle metadata. Pending b/230510191.
|
||||
o.Metadata = uattrs.Metadata
|
||||
|
||||
return o
|
||||
}
|
||||
|
@ -1484,6 +1500,8 @@ type Query struct {
|
|||
// aside from the prefix, contain delimiter will have their name,
|
||||
// truncated after the delimiter, returned in prefixes.
|
||||
// Duplicate prefixes are omitted.
|
||||
// Must be set to / when used with the MatchGlob parameter to filter results
|
||||
// in a directory-like mode.
|
||||
// Optional.
|
||||
Delimiter string
|
||||
|
||||
|
@ -1497,9 +1515,9 @@ type Query struct {
|
|||
Versions bool
|
||||
|
||||
// attrSelection is used to select only specific fields to be returned by
|
||||
// the query. It is set by the user calling calling SetAttrSelection. These
|
||||
// the query. It is set by the user calling SetAttrSelection. These
|
||||
// are used by toFieldMask and toFieldSelection for gRPC and HTTP/JSON
|
||||
// clients repsectively.
|
||||
// clients respectively.
|
||||
attrSelection []string
|
||||
|
||||
// StartOffset is used to filter results to objects whose names are
|
||||
|
@ -1525,6 +1543,12 @@ type Query struct {
|
|||
// true, they will also be included as objects and their metadata will be
|
||||
// populated in the returned ObjectAttrs.
|
||||
IncludeTrailingDelimiter bool
|
||||
|
||||
// MatchGlob is a glob pattern used to filter results (for example, foo*bar). See
|
||||
// https://cloud.google.com/storage/docs/json_api/v1/objects/list#list-object-glob
|
||||
// for syntax details. When Delimiter is set in conjunction with MatchGlob,
|
||||
// it must be set to /.
|
||||
MatchGlob string
|
||||
}
|
||||
|
||||
// attrToFieldMap maps the field names of ObjectAttrs to the underlying field
|
||||
|
|
2
vendor/cloud.google.com/go/storage/writer.go
generated
vendored
2
vendor/cloud.google.com/go/storage/writer.go
generated
vendored
|
@ -86,7 +86,7 @@ type Writer struct {
|
|||
// cancellation.
|
||||
ChunkRetryDeadline time.Duration
|
||||
|
||||
// ProgressFunc can be used to monitor the progress of a large write.
|
||||
// ProgressFunc can be used to monitor the progress of a large write
|
||||
// operation. If ProgressFunc is not nil and writing requires multiple
|
||||
// calls to the underlying service (see
|
||||
// https://cloud.google.com/storage/docs/json_api/v1/how-tos/resumable-upload),
|
||||
|
|
46
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/CHANGELOG.md
generated
vendored
46
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/CHANGELOG.md
generated
vendored
|
@ -1,5 +1,51 @@
|
|||
# Release History
|
||||
|
||||
## 1.7.0 (2023-07-12)
|
||||
|
||||
### Features Added
|
||||
* Added method `WithClientName()` to type `azcore.Client` to support shallow cloning of a client with a new name used for tracing.
|
||||
|
||||
### Breaking Changes
|
||||
> These changes affect only code written against beta versions v1.7.0-beta.1 or v1.7.0-beta.2
|
||||
* The beta features for CAE, tracing, and fakes have been omitted for this release.
|
||||
|
||||
## 1.7.0-beta.2 (2023-06-06)
|
||||
|
||||
### Breaking Changes
|
||||
> These changes affect only code written against beta version v1.7.0-beta.1
|
||||
* Method `SpanFromContext()` on type `tracing.Tracer` had the `bool` return value removed.
|
||||
* This includes the field `SpanFromContext` in supporting type `tracing.TracerOptions`.
|
||||
* Method `AddError()` has been removed from type `tracing.Span`.
|
||||
* Method `Span.End()` now requires an argument of type `*tracing.SpanEndOptions`.
|
||||
|
||||
## 1.6.1 (2023-06-06)
|
||||
|
||||
### Bugs Fixed
|
||||
* Fixed an issue in `azcore.NewClient()` and `arm.NewClient()` that could cause an incorrect module name to be used in telemetry.
|
||||
|
||||
### Other Changes
|
||||
* This version contains all bug fixes from `v1.7.0-beta.1`
|
||||
|
||||
## 1.7.0-beta.1 (2023-05-24)
|
||||
|
||||
### Features Added
|
||||
* Restored CAE support for ARM clients.
|
||||
* Added supporting features to enable distributed tracing.
|
||||
* Added func `runtime.StartSpan()` for use by SDKs to start spans.
|
||||
* Added method `WithContext()` to `runtime.Request` to support shallow cloning with a new context.
|
||||
* Added field `TracingNamespace` to `runtime.PipelineOptions`.
|
||||
* Added field `Tracer` to `runtime.NewPollerOptions` and `runtime.NewPollerFromResumeTokenOptions` types.
|
||||
* Added field `SpanFromContext` to `tracing.TracerOptions`.
|
||||
* Added methods `Enabled()`, `SetAttributes()`, and `SpanFromContext()` to `tracing.Tracer`.
|
||||
* Added supporting pipeline policies to include HTTP spans when creating clients.
|
||||
* Added package `fake` to support generated fakes packages in SDKs.
|
||||
* The package contains public surface area exposed by fake servers and supporting APIs intended only for use by the fake server implementations.
|
||||
* Added an internal fake poller implementation.
|
||||
|
||||
### Bugs Fixed
|
||||
* Retry policy always clones the underlying `*http.Request` before invoking the next policy.
|
||||
* Added some non-standard error codes to the list of error codes for unregistered resource providers.
|
||||
|
||||
## 1.6.0 (2023-05-04)
|
||||
|
||||
### Features Added
|
||||
|
|
29
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/core.go
generated
vendored
29
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/core.go
generated
vendored
|
@ -73,15 +73,20 @@ type ClientOptions = policy.ClientOptions
|
|||
type Client struct {
|
||||
pl runtime.Pipeline
|
||||
tr tracing.Tracer
|
||||
|
||||
// cached on the client to support shallow copying with new values
|
||||
tp tracing.Provider
|
||||
modVer string
|
||||
}
|
||||
|
||||
// NewClient creates a new Client instance with the provided values.
|
||||
// - clientName - the fully qualified name of the client ("package.Client"); this is used by the tracing provider when creating spans
|
||||
// - clientName - the fully qualified name of the client ("module/package.Client"); this is used by the telemetry policy and tracing provider.
|
||||
// if module and package are the same value, the "module/" prefix can be omitted.
|
||||
// - moduleVersion - the semantic version of the containing module; used by the telemetry policy
|
||||
// - plOpts - pipeline configuration options; can be the zero-value
|
||||
// - options - optional client configurations; pass nil to accept the default values
|
||||
func NewClient(clientName, moduleVersion string, plOpts runtime.PipelineOptions, options *ClientOptions) (*Client, error) {
|
||||
pkg, err := shared.ExtractPackageName(clientName)
|
||||
mod, client, err := shared.ExtractModuleName(clientName)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
@ -96,10 +101,16 @@ func NewClient(clientName, moduleVersion string, plOpts runtime.PipelineOptions,
|
|||
}
|
||||
}
|
||||
|
||||
pl := runtime.NewPipeline(pkg, moduleVersion, plOpts, options)
|
||||
pl := runtime.NewPipeline(mod, moduleVersion, plOpts, options)
|
||||
|
||||
tr := options.TracingProvider.NewTracer(clientName, moduleVersion)
|
||||
return &Client{pl: pl, tr: tr}, nil
|
||||
tr := options.TracingProvider.NewTracer(client, moduleVersion)
|
||||
|
||||
return &Client{
|
||||
pl: pl,
|
||||
tr: tr,
|
||||
tp: options.TracingProvider,
|
||||
modVer: moduleVersion,
|
||||
}, nil
|
||||
}
|
||||
|
||||
// Pipeline returns the pipeline for this client.
|
||||
|
@ -111,3 +122,11 @@ func (c *Client) Pipeline() runtime.Pipeline {
|
|||
func (c *Client) Tracer() tracing.Tracer {
|
||||
return c.tr
|
||||
}
|
||||
|
||||
// WithClientName returns a shallow copy of the Client with its tracing client name changed to clientName.
|
||||
// Note that the values for module name and version will be preserved from the source Client.
|
||||
// - clientName - the fully qualified name of the client ("package.Client"); this is used by the tracing provider when creating spans
|
||||
func (c *Client) WithClientName(clientName string) *Client {
|
||||
tr := c.tp.NewTracer(clientName, c.modVer)
|
||||
return &Client{pl: c.pl, tr: tr, tp: c.tp, modVer: c.modVer}
|
||||
}
|
||||
|
|
2
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/internal/shared/constants.go
generated
vendored
2
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/internal/shared/constants.go
generated
vendored
|
@ -32,5 +32,5 @@ const (
|
|||
Module = "azcore"
|
||||
|
||||
// Version is the semantic version (see http://semver.org) of this module.
|
||||
Version = "v1.6.0"
|
||||
Version = "v1.7.0"
|
||||
)
|
||||
|
|
29
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/internal/shared/shared.go
generated
vendored
29
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/internal/shared/shared.go
generated
vendored
|
@ -13,7 +13,6 @@ import (
|
|||
"reflect"
|
||||
"regexp"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
)
|
||||
|
||||
|
@ -79,14 +78,26 @@ func ValidateModVer(moduleVersion string) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
// ExtractPackageName returns "package" from "package.Client".
|
||||
// ExtractModuleName returns "module", "package.Client" from "module/package.Client" or
|
||||
// "package", "package.Client" from "package.Client" when there's no "module/" prefix.
|
||||
// If clientName is malformed, an error is returned.
|
||||
func ExtractPackageName(clientName string) (string, error) {
|
||||
pkg, client, ok := strings.Cut(clientName, ".")
|
||||
if !ok {
|
||||
return "", fmt.Errorf("missing . in clientName %s", clientName)
|
||||
} else if pkg == "" || client == "" {
|
||||
return "", fmt.Errorf("malformed clientName %s", clientName)
|
||||
func ExtractModuleName(clientName string) (string, string, error) {
|
||||
// uses unnamed capturing for "module", "package.Client", and "package"
|
||||
regex, err := regexp.Compile(`^(?:([a-z0-9]+)/)?(([a-z0-9]+)\.(?:[A-Za-z0-9]+))$`)
|
||||
if err != nil {
|
||||
return "", "", err
|
||||
}
|
||||
return pkg, nil
|
||||
|
||||
matches := regex.FindStringSubmatch(clientName)
|
||||
if len(matches) < 4 {
|
||||
return "", "", fmt.Errorf("malformed clientName %s", clientName)
|
||||
}
|
||||
|
||||
// the first match is the entire string, the second is "module", the third is
|
||||
// "package.Client" and the fourth is "package".
|
||||
// if there was no "module/" prefix, the second match will be the empty string
|
||||
if matches[1] != "" {
|
||||
return matches[1], matches[2], nil
|
||||
}
|
||||
return matches[3], matches[2], nil
|
||||
}
|
||||
|
|
3
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime/policy_retry.go
generated
vendored
3
vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime/policy_retry.go
generated
vendored
|
@ -125,7 +125,8 @@ func (p *retryPolicy) Do(req *policy.Request) (resp *http.Response, err error) {
|
|||
}
|
||||
|
||||
if options.TryTimeout == 0 {
|
||||
resp, err = req.Next()
|
||||
clone := req.Clone(req.Raw().Context())
|
||||
resp, err = clone.Next()
|
||||
} else {
|
||||
// Set the per-try time for this particular retry operation and then Do the operation.
|
||||
tryCtx, tryCancel := context.WithTimeout(req.Raw().Context(), options.TryTimeout)
|
||||
|
|
409
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/CHANGELOG.md
generated
vendored
Normal file
409
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/CHANGELOG.md
generated
vendored
Normal file
|
@ -0,0 +1,409 @@
|
|||
# Release History
|
||||
|
||||
## 1.3.0 (2023-05-09)
|
||||
|
||||
### Breaking Changes
|
||||
> These changes affect only code written against a beta version such as v1.3.0-beta.5
|
||||
* Renamed `NewOnBehalfOfCredentialFromCertificate` to `NewOnBehalfOfCredentialWithCertificate`
|
||||
* Renamed `NewOnBehalfOfCredentialFromSecret` to `NewOnBehalfOfCredentialWithSecret`
|
||||
|
||||
### Other Changes
|
||||
* Upgraded to MSAL v1.0.0
|
||||
|
||||
## 1.3.0-beta.5 (2023-04-11)
|
||||
|
||||
### Breaking Changes
|
||||
> These changes affect only code written against a beta version such as v1.3.0-beta.4
|
||||
* Moved `NewWorkloadIdentityCredential()` parameters into `WorkloadIdentityCredentialOptions`.
|
||||
The constructor now reads default configuration from environment variables set by the Azure
|
||||
workload identity webhook by default.
|
||||
([#20478](https://github.com/Azure/azure-sdk-for-go/pull/20478))
|
||||
* Removed CAE support. It will return in v1.4.0-beta.1
|
||||
([#20479](https://github.com/Azure/azure-sdk-for-go/pull/20479))
|
||||
|
||||
### Bugs Fixed
|
||||
* Fixed an issue in `DefaultAzureCredential` that could cause the managed identity endpoint check to fail in rare circumstances.
|
||||
|
||||
## 1.3.0-beta.4 (2023-03-08)
|
||||
|
||||
### Features Added
|
||||
* Added `WorkloadIdentityCredentialOptions.AdditionallyAllowedTenants` and `.DisableInstanceDiscovery`
|
||||
|
||||
### Bugs Fixed
|
||||
* Credentials now synchronize within `GetToken()` so a single instance can be shared among goroutines
|
||||
([#20044](https://github.com/Azure/azure-sdk-for-go/issues/20044))
|
||||
|
||||
### Other Changes
|
||||
* Upgraded dependencies
|
||||
|
||||
## 1.2.2 (2023-03-07)
|
||||
|
||||
### Other Changes
|
||||
* Upgraded dependencies
|
||||
|
||||
## 1.3.0-beta.3 (2023-02-07)
|
||||
|
||||
### Features Added
|
||||
* By default, credentials set client capability "CP1" to enable support for
|
||||
[Continuous Access Evaluation (CAE)](https://docs.microsoft.com/azure/active-directory/develop/app-resilience-continuous-access-evaluation).
|
||||
This indicates to Azure Active Directory that your application can handle CAE claims challenges.
|
||||
You can disable this behavior by setting the environment variable "AZURE_IDENTITY_DISABLE_CP1" to "true".
|
||||
* `InteractiveBrowserCredentialOptions.LoginHint` enables pre-populating the login
|
||||
prompt with a username ([#15599](https://github.com/Azure/azure-sdk-for-go/pull/15599))
|
||||
* Service principal and user credentials support ADFS authentication on Azure Stack.
|
||||
Specify "adfs" as the credential's tenant.
|
||||
* Applications running in private or disconnected clouds can prevent credentials from
|
||||
requesting Azure AD instance metadata by setting the `DisableInstanceDiscovery`
|
||||
field on credential options.
|
||||
* Many credentials can now be configured to authenticate in multiple tenants. The
|
||||
options types for these credentials have an `AdditionallyAllowedTenants` field
|
||||
that specifies additional tenants in which the credential may authenticate.
|
||||
|
||||
## 1.3.0-beta.2 (2023-01-10)
|
||||
|
||||
### Features Added
|
||||
* Added `OnBehalfOfCredential` to support the on-behalf-of flow
|
||||
([#16642](https://github.com/Azure/azure-sdk-for-go/issues/16642))
|
||||
|
||||
### Bugs Fixed
|
||||
* `AzureCLICredential` reports token expiration in local time (should be UTC)
|
||||
|
||||
### Other Changes
|
||||
* `AzureCLICredential` imposes its default timeout only when the `Context`
|
||||
passed to `GetToken()` has no deadline
|
||||
* Added `NewCredentialUnavailableError()`. This function constructs an error indicating
|
||||
a credential can't authenticate and an encompassing `ChainedTokenCredential` should
|
||||
try its next credential, if any.
|
||||
|
||||
## 1.3.0-beta.1 (2022-12-13)
|
||||
|
||||
### Features Added
|
||||
* `WorkloadIdentityCredential` and `DefaultAzureCredential` support
|
||||
Workload Identity Federation on Kubernetes. `DefaultAzureCredential`
|
||||
support requires environment variable configuration as set by the
|
||||
Workload Identity webhook.
|
||||
([#15615](https://github.com/Azure/azure-sdk-for-go/issues/15615))
|
||||
|
||||
## 1.2.0 (2022-11-08)
|
||||
|
||||
### Other Changes
|
||||
* This version includes all fixes and features from 1.2.0-beta.*
|
||||
|
||||
## 1.2.0-beta.3 (2022-10-11)
|
||||
|
||||
### Features Added
|
||||
* `ManagedIdentityCredential` caches tokens in memory
|
||||
|
||||
### Bugs Fixed
|
||||
* `ClientCertificateCredential` sends only the leaf cert for SNI authentication
|
||||
|
||||
## 1.2.0-beta.2 (2022-08-10)
|
||||
|
||||
### Features Added
|
||||
* Added `ClientAssertionCredential` to enable applications to authenticate
|
||||
with custom client assertions
|
||||
|
||||
### Other Changes
|
||||
* Updated AuthenticationFailedError with links to TROUBLESHOOTING.md for relevant errors
|
||||
* Upgraded `microsoft-authentication-library-for-go` requirement to v0.6.0
|
||||
|
||||
## 1.2.0-beta.1 (2022-06-07)
|
||||
|
||||
### Features Added
|
||||
* `EnvironmentCredential` reads certificate passwords from `AZURE_CLIENT_CERTIFICATE_PASSWORD`
|
||||
([#17099](https://github.com/Azure/azure-sdk-for-go/pull/17099))
|
||||
|
||||
## 1.1.0 (2022-06-07)
|
||||
|
||||
### Features Added
|
||||
* `ClientCertificateCredential` and `ClientSecretCredential` support ESTS-R. First-party
|
||||
applications can set environment variable `AZURE_REGIONAL_AUTHORITY_NAME` with a
|
||||
region name.
|
||||
([#15605](https://github.com/Azure/azure-sdk-for-go/issues/15605))
|
||||
|
||||
## 1.0.1 (2022-06-07)
|
||||
|
||||
### Other Changes
|
||||
* Upgrade `microsoft-authentication-library-for-go` requirement to v0.5.1
|
||||
([#18176](https://github.com/Azure/azure-sdk-for-go/issues/18176))
|
||||
|
||||
## 1.0.0 (2022-05-12)
|
||||
|
||||
### Features Added
|
||||
* `DefaultAzureCredential` reads environment variable `AZURE_CLIENT_ID` for the
|
||||
client ID of a user-assigned managed identity
|
||||
([#17293](https://github.com/Azure/azure-sdk-for-go/pull/17293))
|
||||
|
||||
### Breaking Changes
|
||||
* Removed `AuthorizationCodeCredential`. Use `InteractiveBrowserCredential` instead
|
||||
to authenticate a user with the authorization code flow.
|
||||
* Instances of `AuthenticationFailedError` are now returned by pointer.
|
||||
* `GetToken()` returns `azcore.AccessToken` by value
|
||||
|
||||
### Bugs Fixed
|
||||
* `AzureCLICredential` panics after receiving an unexpected error type
|
||||
([#17490](https://github.com/Azure/azure-sdk-for-go/issues/17490))
|
||||
|
||||
### Other Changes
|
||||
* `GetToken()` returns an error when the caller specifies no scope
|
||||
* Updated to the latest versions of `golang.org/x/crypto`, `azcore` and `internal`
|
||||
|
||||
## 0.14.0 (2022-04-05)
|
||||
|
||||
### Breaking Changes
|
||||
* This module now requires Go 1.18
|
||||
* Removed `AuthorityHost`. Credentials are now configured for sovereign or private
|
||||
clouds with the API in `azcore/cloud`, for example:
|
||||
```go
|
||||
// before
|
||||
opts := azidentity.ClientSecretCredentialOptions{AuthorityHost: azidentity.AzureGovernment}
|
||||
cred, err := azidentity.NewClientSecretCredential(tenantID, clientID, secret, &opts)
|
||||
|
||||
// after
|
||||
import "github.com/Azure/azure-sdk-for-go/sdk/azcore/cloud"
|
||||
|
||||
opts := azidentity.ClientSecretCredentialOptions{}
|
||||
opts.Cloud = cloud.AzureGovernment
|
||||
cred, err := azidentity.NewClientSecretCredential(tenantID, clientID, secret, &opts)
|
||||
```
|
||||
|
||||
## 0.13.2 (2022-03-08)
|
||||
|
||||
### Bugs Fixed
|
||||
* Prevented a data race in `DefaultAzureCredential` and `ChainedTokenCredential`
|
||||
([#17144](https://github.com/Azure/azure-sdk-for-go/issues/17144))
|
||||
|
||||
### Other Changes
|
||||
* Upgraded App Service managed identity version from 2017-09-01 to 2019-08-01
|
||||
([#17086](https://github.com/Azure/azure-sdk-for-go/pull/17086))
|
||||
|
||||
## 0.13.1 (2022-02-08)
|
||||
|
||||
### Features Added
|
||||
* `EnvironmentCredential` supports certificate SNI authentication when
|
||||
`AZURE_CLIENT_SEND_CERTIFICATE_CHAIN` is "true".
|
||||
([#16851](https://github.com/Azure/azure-sdk-for-go/pull/16851))
|
||||
|
||||
### Bugs Fixed
|
||||
* `ManagedIdentityCredential.GetToken()` now returns an error when configured for
|
||||
a user assigned identity in Azure Cloud Shell (which doesn't support such identities)
|
||||
([#16946](https://github.com/Azure/azure-sdk-for-go/pull/16946))
|
||||
|
||||
### Other Changes
|
||||
* `NewDefaultAzureCredential()` logs non-fatal errors. These errors are also included in the
|
||||
error returned by `DefaultAzureCredential.GetToken()` when it's unable to acquire a token
|
||||
from any source. ([#15923](https://github.com/Azure/azure-sdk-for-go/issues/15923))
|
||||
|
||||
## 0.13.0 (2022-01-11)
|
||||
|
||||
### Breaking Changes
|
||||
* Replaced `AuthenticationFailedError.RawResponse()` with a field having the same name
|
||||
* Unexported `CredentialUnavailableError`
|
||||
* Instances of `ChainedTokenCredential` will now skip looping through the list of source credentials and re-use the first successful credential on subsequent calls to `GetToken`.
|
||||
* If `ChainedTokenCredentialOptions.RetrySources` is true, `ChainedTokenCredential` will continue to try all of the originally provided credentials each time the `GetToken` method is called.
|
||||
* `ChainedTokenCredential.successfulCredential` will contain a reference to the last successful credential.
|
||||
* `DefaultAzureCredenial` will also re-use the first successful credential on subsequent calls to `GetToken`.
|
||||
* `DefaultAzureCredential.chain.successfulCredential` will also contain a reference to the last successful credential.
|
||||
|
||||
### Other Changes
|
||||
* `ManagedIdentityCredential` no longer probes IMDS before requesting a token
|
||||
from it. Also, an error response from IMDS no longer disables a credential
|
||||
instance. Following an error, a credential instance will continue to send
|
||||
requests to IMDS as necessary.
|
||||
* Adopted MSAL for user and service principal authentication
|
||||
* Updated `azcore` requirement to 0.21.0
|
||||
|
||||
## 0.12.0 (2021-11-02)
|
||||
### Breaking Changes
|
||||
* Raised minimum go version to 1.16
|
||||
* Removed `NewAuthenticationPolicy()` from credentials. Clients should instead use azcore's
|
||||
`runtime.NewBearerTokenPolicy()` to construct a bearer token authorization policy.
|
||||
* The `AuthorityHost` field in credential options structs is now a custom type,
|
||||
`AuthorityHost`, with underlying type `string`
|
||||
* `NewChainedTokenCredential` has a new signature to accommodate a placeholder
|
||||
options struct:
|
||||
```go
|
||||
// before
|
||||
cred, err := NewChainedTokenCredential(credA, credB)
|
||||
|
||||
// after
|
||||
cred, err := NewChainedTokenCredential([]azcore.TokenCredential{credA, credB}, nil)
|
||||
```
|
||||
* Removed `ExcludeAzureCLICredential`, `ExcludeEnvironmentCredential`, and `ExcludeMSICredential`
|
||||
from `DefaultAzureCredentialOptions`
|
||||
* `NewClientCertificateCredential` requires a `[]*x509.Certificate` and `crypto.PrivateKey` instead of
|
||||
a path to a certificate file. Added `ParseCertificates` to simplify getting these in common cases:
|
||||
```go
|
||||
// before
|
||||
cred, err := NewClientCertificateCredential("tenant", "client-id", "/cert.pem", nil)
|
||||
|
||||
// after
|
||||
certData, err := os.ReadFile("/cert.pem")
|
||||
certs, key, err := ParseCertificates(certData, password)
|
||||
cred, err := NewClientCertificateCredential(tenantID, clientID, certs, key, nil)
|
||||
```
|
||||
* Removed `InteractiveBrowserCredentialOptions.ClientSecret` and `.Port`
|
||||
* Removed `AADAuthenticationFailedError`
|
||||
* Removed `id` parameter of `NewManagedIdentityCredential()`. User assigned identities are now
|
||||
specified by `ManagedIdentityCredentialOptions.ID`:
|
||||
```go
|
||||
// before
|
||||
cred, err := NewManagedIdentityCredential("client-id", nil)
|
||||
// or, for a resource ID
|
||||
opts := &ManagedIdentityCredentialOptions{ID: ResourceID}
|
||||
cred, err := NewManagedIdentityCredential("/subscriptions/...", opts)
|
||||
|
||||
// after
|
||||
clientID := ClientID("7cf7db0d-...")
|
||||
opts := &ManagedIdentityCredentialOptions{ID: clientID}
|
||||
// or, for a resource ID
|
||||
resID: ResourceID("/subscriptions/...")
|
||||
opts := &ManagedIdentityCredentialOptions{ID: resID}
|
||||
cred, err := NewManagedIdentityCredential(opts)
|
||||
```
|
||||
* `DeviceCodeCredentialOptions.UserPrompt` has a new type: `func(context.Context, DeviceCodeMessage) error`
|
||||
* Credential options structs now embed `azcore.ClientOptions`. In addition to changing literal initialization
|
||||
syntax, this change renames `HTTPClient` fields to `Transport`.
|
||||
* Renamed `LogCredential` to `EventCredential`
|
||||
* `AzureCLICredential` no longer reads the environment variable `AZURE_CLI_PATH`
|
||||
* `NewManagedIdentityCredential` no longer reads environment variables `AZURE_CLIENT_ID` and
|
||||
`AZURE_RESOURCE_ID`. Use `ManagedIdentityCredentialOptions.ID` instead.
|
||||
* Unexported `AuthenticationFailedError` and `CredentialUnavailableError` structs. In their place are two
|
||||
interfaces having the same names.
|
||||
|
||||
### Bugs Fixed
|
||||
* `AzureCLICredential.GetToken` no longer mutates its `opts.Scopes`
|
||||
|
||||
### Features Added
|
||||
* Added connection configuration options to `DefaultAzureCredentialOptions`
|
||||
* `AuthenticationFailedError.RawResponse()` returns the HTTP response motivating the error,
|
||||
if available
|
||||
|
||||
### Other Changes
|
||||
* `NewDefaultAzureCredential()` returns `*DefaultAzureCredential` instead of `*ChainedTokenCredential`
|
||||
* Added `TenantID` field to `DefaultAzureCredentialOptions` and `AzureCLICredentialOptions`
|
||||
|
||||
## 0.11.0 (2021-09-08)
|
||||
### Breaking Changes
|
||||
* Unexported `AzureCLICredentialOptions.TokenProvider` and its type,
|
||||
`AzureCLITokenProvider`
|
||||
|
||||
### Bug Fixes
|
||||
* `ManagedIdentityCredential.GetToken` returns `CredentialUnavailableError`
|
||||
when IMDS has no assigned identity, signaling `DefaultAzureCredential` to
|
||||
try other credentials
|
||||
|
||||
|
||||
## 0.10.0 (2021-08-30)
|
||||
### Breaking Changes
|
||||
* Update based on `azcore` refactor [#15383](https://github.com/Azure/azure-sdk-for-go/pull/15383)
|
||||
|
||||
## 0.9.3 (2021-08-20)
|
||||
|
||||
### Bugs Fixed
|
||||
* `ManagedIdentityCredential.GetToken` no longer mutates its `opts.Scopes`
|
||||
|
||||
### Other Changes
|
||||
* Bumps version of `azcore` to `v0.18.1`
|
||||
|
||||
|
||||
## 0.9.2 (2021-07-23)
|
||||
### Features Added
|
||||
* Adding support for Service Fabric environment in `ManagedIdentityCredential`
|
||||
* Adding an option for using a resource ID instead of client ID in `ManagedIdentityCredential`
|
||||
|
||||
|
||||
## 0.9.1 (2021-05-24)
|
||||
### Features Added
|
||||
* Add LICENSE.txt and bump version information
|
||||
|
||||
|
||||
## 0.9.0 (2021-05-21)
|
||||
### Features Added
|
||||
* Add support for authenticating in Azure Stack environments
|
||||
* Enable user assigned identities for the IMDS scenario in `ManagedIdentityCredential`
|
||||
* Add scope to resource conversion in `GetToken()` on `ManagedIdentityCredential`
|
||||
|
||||
|
||||
## 0.8.0 (2021-01-20)
|
||||
### Features Added
|
||||
* Updating documentation
|
||||
|
||||
|
||||
## 0.7.1 (2021-01-04)
|
||||
### Features Added
|
||||
* Adding port option to `InteractiveBrowserCredential`
|
||||
|
||||
|
||||
## 0.7.0 (2020-12-11)
|
||||
### Features Added
|
||||
* Add `redirectURI` parameter back to authentication code flow
|
||||
|
||||
|
||||
## 0.6.1 (2020-12-09)
|
||||
### Features Added
|
||||
* Updating query parameter in `ManagedIdentityCredential` and updating datetime string for parsing managed identity access tokens.
|
||||
|
||||
|
||||
## 0.6.0 (2020-11-16)
|
||||
### Features Added
|
||||
* Remove `RedirectURL` parameter from auth code flow to align with the MSAL implementation which relies on the native client redirect URL.
|
||||
|
||||
|
||||
## 0.5.0 (2020-10-30)
|
||||
### Features Added
|
||||
* Flattening credential options
|
||||
|
||||
|
||||
## 0.4.3 (2020-10-21)
|
||||
### Features Added
|
||||
* Adding Azure Arc support in `ManagedIdentityCredential`
|
||||
|
||||
|
||||
## 0.4.2 (2020-10-16)
|
||||
### Features Added
|
||||
* Typo fixes
|
||||
|
||||
|
||||
## 0.4.1 (2020-10-16)
|
||||
### Features Added
|
||||
* Ensure authority hosts are only HTTPs
|
||||
|
||||
|
||||
## 0.4.0 (2020-10-16)
|
||||
### Features Added
|
||||
* Adding options structs for credentials
|
||||
|
||||
|
||||
## 0.3.0 (2020-10-09)
|
||||
### Features Added
|
||||
* Update `DeviceCodeCredential` callback
|
||||
|
||||
|
||||
## 0.2.2 (2020-10-09)
|
||||
### Features Added
|
||||
* Add `AuthorizationCodeCredential`
|
||||
|
||||
|
||||
## 0.2.1 (2020-10-06)
|
||||
### Features Added
|
||||
* Add `InteractiveBrowserCredential`
|
||||
|
||||
|
||||
## 0.2.0 (2020-09-11)
|
||||
### Features Added
|
||||
* Refactor `azidentity` on top of `azcore` refactor
|
||||
* Updated policies to conform to `policy.Policy` interface changes.
|
||||
* Updated non-retriable errors to conform to `azcore.NonRetriableError`.
|
||||
* Fixed calls to `Request.SetBody()` to include content type.
|
||||
* Switched endpoints to string types and removed extra parsing code.
|
||||
|
||||
|
||||
## 0.1.1 (2020-09-02)
|
||||
### Features Added
|
||||
* Add `AzureCLICredential` to `DefaultAzureCredential` chain
|
||||
|
||||
|
||||
## 0.1.0 (2020-07-23)
|
||||
### Features Added
|
||||
* Initial Release. Azure Identity library that provides Azure Active Directory token authentication support for the SDK.
|
21
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/LICENSE.txt
generated
vendored
Normal file
21
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/LICENSE.txt
generated
vendored
Normal file
|
@ -0,0 +1,21 @@
|
|||
MIT License
|
||||
|
||||
Copyright (c) Microsoft Corporation.
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE
|
307
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/MIGRATION.md
generated
vendored
Normal file
307
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/MIGRATION.md
generated
vendored
Normal file
|
@ -0,0 +1,307 @@
|
|||
# Migrating from autorest/adal to azidentity
|
||||
|
||||
`azidentity` provides Azure Active Directory (Azure AD) authentication for the newest Azure SDK modules (`github.com/azure-sdk-for-go/sdk/...`). Older Azure SDK packages (`github.com/azure-sdk-for-go/services/...`) use types from `github.com/go-autorest/autorest/adal` instead.
|
||||
|
||||
This guide shows common authentication code using `autorest/adal` and its equivalent using `azidentity`.
|
||||
|
||||
## Table of contents
|
||||
|
||||
- [Acquire a token](#acquire-a-token)
|
||||
- [Client certificate authentication](#client-certificate-authentication)
|
||||
- [Client secret authentication](#client-secret-authentication)
|
||||
- [Configuration](#configuration)
|
||||
- [Device code authentication](#device-code-authentication)
|
||||
- [Managed identity](#managed-identity)
|
||||
- [Use azidentity credentials with older packages](#use-azidentity-credentials-with-older-packages)
|
||||
|
||||
## Configuration
|
||||
|
||||
### `autorest/adal`
|
||||
|
||||
Token providers require a token audience (resource identifier) and an instance of `adal.OAuthConfig`, which requires an Azure AD endpoint and tenant:
|
||||
|
||||
```go
|
||||
import "github.com/Azure/go-autorest/autorest/adal"
|
||||
|
||||
oauthCfg, err := adal.NewOAuthConfig("https://login.chinacloudapi.cn", tenantID)
|
||||
handle(err)
|
||||
|
||||
spt, err := adal.NewServicePrincipalTokenWithSecret(
|
||||
*oauthCfg, clientID, "https://management.chinacloudapi.cn/", &adal.ServicePrincipalTokenSecret{ClientSecret: secret},
|
||||
)
|
||||
```
|
||||
|
||||
### `azidentity`
|
||||
|
||||
A credential instance can acquire tokens for any audience. The audience for each token is determined by the client requesting it. Credentials require endpoint configuration only for sovereign or private clouds. The `azcore/cloud` package has predefined configuration for sovereign clouds such as Azure China:
|
||||
|
||||
```go
|
||||
import (
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/cloud"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
|
||||
)
|
||||
|
||||
clientOpts := azcore.ClientOptions{Cloud: cloud.AzureChina}
|
||||
|
||||
cred, err := azidentity.NewClientSecretCredential(
|
||||
tenantID, clientID, secret, &azidentity.ClientSecretCredentialOptions{ClientOptions: clientOpts},
|
||||
)
|
||||
handle(err)
|
||||
```
|
||||
|
||||
## Client secret authentication
|
||||
|
||||
### `autorest/adal`
|
||||
|
||||
```go
|
||||
import (
|
||||
"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-06-01/subscriptions"
|
||||
"github.com/Azure/go-autorest/autorest"
|
||||
"github.com/Azure/go-autorest/autorest/adal"
|
||||
)
|
||||
|
||||
oauthCfg, err := adal.NewOAuthConfig("https://login.microsoftonline.com", tenantID)
|
||||
handle(err)
|
||||
spt, err := adal.NewServicePrincipalTokenWithSecret(
|
||||
*oauthCfg, clientID, "https://management.azure.com/", &adal.ServicePrincipalTokenSecret{ClientSecret: secret},
|
||||
)
|
||||
handle(err)
|
||||
|
||||
client := subscriptions.NewClient()
|
||||
client.Authorizer = autorest.NewBearerAuthorizer(spt)
|
||||
```
|
||||
|
||||
### `azidentity`
|
||||
|
||||
```go
|
||||
import (
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armsubscriptions"
|
||||
)
|
||||
|
||||
cred, err := azidentity.NewClientSecretCredential(tenantID, clientID, secret, nil)
|
||||
handle(err)
|
||||
|
||||
client, err := armsubscriptions.NewClient(cred, nil)
|
||||
handle(err)
|
||||
```
|
||||
|
||||
## Client certificate authentication
|
||||
|
||||
### `autorest/adal`
|
||||
|
||||
```go
|
||||
import (
|
||||
"os"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-06-01/subscriptions"
|
||||
"github.com/Azure/go-autorest/autorest"
|
||||
"github.com/Azure/go-autorest/autorest/adal"
|
||||
)
|
||||
certData, err := os.ReadFile("./example.pfx")
|
||||
handle(err)
|
||||
|
||||
certificate, rsaPrivateKey, err := decodePkcs12(certData, "")
|
||||
handle(err)
|
||||
|
||||
oauthCfg, err := adal.NewOAuthConfig("https://login.microsoftonline.com", tenantID)
|
||||
handle(err)
|
||||
|
||||
spt, err := adal.NewServicePrincipalTokenFromCertificate(
|
||||
*oauthConfig, clientID, certificate, rsaPrivateKey, "https://management.azure.com/",
|
||||
)
|
||||
|
||||
client := subscriptions.NewClient()
|
||||
client.Authorizer = autorest.NewBearerAuthorizer(spt)
|
||||
```
|
||||
|
||||
### `azidentity`
|
||||
|
||||
```go
|
||||
import (
|
||||
"os"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armsubscriptions"
|
||||
)
|
||||
|
||||
certData, err := os.ReadFile("./example.pfx")
|
||||
handle(err)
|
||||
|
||||
certs, key, err := azidentity.ParseCertificates(certData, nil)
|
||||
handle(err)
|
||||
|
||||
cred, err = azidentity.NewClientCertificateCredential(tenantID, clientID, certs, key, nil)
|
||||
handle(err)
|
||||
|
||||
client, err := armsubscriptions.NewClient(cred, nil)
|
||||
handle(err)
|
||||
```
|
||||
|
||||
## Managed identity
|
||||
|
||||
### `autorest/adal`
|
||||
|
||||
```go
|
||||
import (
|
||||
"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-06-01/subscriptions"
|
||||
"github.com/Azure/go-autorest/autorest"
|
||||
"github.com/Azure/go-autorest/autorest/adal"
|
||||
)
|
||||
|
||||
spt, err := adal.NewServicePrincipalTokenFromManagedIdentity("https://management.azure.com/", nil)
|
||||
handle(err)
|
||||
|
||||
client := subscriptions.NewClient()
|
||||
client.Authorizer = autorest.NewBearerAuthorizer(spt)
|
||||
```
|
||||
|
||||
### `azidentity`
|
||||
|
||||
```go
|
||||
import (
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armsubscriptions"
|
||||
)
|
||||
|
||||
cred, err := azidentity.NewManagedIdentityCredential(nil)
|
||||
handle(err)
|
||||
|
||||
client, err := armsubscriptions.NewClient(cred, nil)
|
||||
handle(err)
|
||||
```
|
||||
|
||||
### User-assigned identities
|
||||
|
||||
`autorest/adal`:
|
||||
|
||||
```go
|
||||
import "github.com/Azure/go-autorest/autorest/adal"
|
||||
|
||||
opts := &adal.ManagedIdentityOptions{ClientID: "..."}
|
||||
spt, err := adal.NewServicePrincipalTokenFromManagedIdentity("https://management.azure.com/")
|
||||
handle(err)
|
||||
```
|
||||
|
||||
`azidentity`:
|
||||
|
||||
```go
|
||||
import "github.com/Azure/azure-sdk-for-go/sdk/azidentity"
|
||||
|
||||
opts := azidentity.ManagedIdentityCredentialOptions{ID: azidentity.ClientID("...")}
|
||||
cred, err := azidentity.NewManagedIdentityCredential(&opts)
|
||||
handle(err)
|
||||
```
|
||||
|
||||
## Device code authentication
|
||||
|
||||
### `autorest/adal`
|
||||
|
||||
```go
|
||||
import (
|
||||
"fmt"
|
||||
"net/http"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-06-01/subscriptions"
|
||||
"github.com/Azure/go-autorest/autorest"
|
||||
"github.com/Azure/go-autorest/autorest/adal"
|
||||
)
|
||||
|
||||
oauthClient := &http.Client{}
|
||||
oauthCfg, err := adal.NewOAuthConfig("https://login.microsoftonline.com", tenantID)
|
||||
handle(err)
|
||||
resource := "https://management.azure.com/"
|
||||
deviceCode, err := adal.InitiateDeviceAuth(oauthClient, *oauthCfg, clientID, resource)
|
||||
handle(err)
|
||||
|
||||
// display instructions, wait for the user to authenticate
|
||||
fmt.Println(*deviceCode.Message)
|
||||
token, err := adal.WaitForUserCompletion(oauthClient, deviceCode)
|
||||
handle(err)
|
||||
|
||||
spt, err := adal.NewServicePrincipalTokenFromManualToken(*oauthCfg, clientID, resource, *token)
|
||||
handle(err)
|
||||
|
||||
client := subscriptions.NewClient()
|
||||
client.Authorizer = autorest.NewBearerAuthorizer(spt)
|
||||
```
|
||||
|
||||
### `azidentity`
|
||||
|
||||
```go
|
||||
import (
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armsubscriptions"
|
||||
)
|
||||
|
||||
cred, err := azidentity.NewDeviceCodeCredential(nil)
|
||||
handle(err)
|
||||
|
||||
client, err := armsubscriptions.NewSubscriptionsClient(cred, nil)
|
||||
handle(err)
|
||||
```
|
||||
|
||||
`azidentity.DeviceCodeCredential` will guide a user through authentication, printing instructions to the console by default. The user prompt is customizable. For more information, see the [package documentation](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity#DeviceCodeCredential).
|
||||
|
||||
## Acquire a token
|
||||
|
||||
### `autorest/adal`
|
||||
|
||||
```go
|
||||
import "github.com/Azure/go-autorest/autorest/adal"
|
||||
|
||||
oauthCfg, err := adal.NewOAuthConfig("https://login.microsoftonline.com", tenantID)
|
||||
handle(err)
|
||||
|
||||
spt, err := adal.NewServicePrincipalTokenWithSecret(
|
||||
*oauthCfg, clientID, "https://vault.azure.net", &adal.ServicePrincipalTokenSecret{ClientSecret: secret},
|
||||
)
|
||||
|
||||
err = spt.Refresh()
|
||||
if err == nil {
|
||||
token := spt.Token
|
||||
}
|
||||
```
|
||||
|
||||
### `azidentity`
|
||||
|
||||
In ordinary usage, application code doesn't need to request tokens from credentials directly. Azure SDK clients handle token acquisition and refreshing internally. However, applications may call `GetToken()` to do so. All credential types have this method.
|
||||
|
||||
```go
|
||||
import (
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
|
||||
)
|
||||
|
||||
cred, err := azidentity.NewClientSecretCredential(tenantID, clientID, secret, nil)
|
||||
handle(err)
|
||||
|
||||
tk, err := cred.GetToken(
|
||||
context.TODO(), policy.TokenRequestOptions{Scopes: []string{"https://vault.azure.net/.default"}},
|
||||
)
|
||||
if err == nil {
|
||||
token := tk.Token
|
||||
}
|
||||
```
|
||||
|
||||
Note that `azidentity` credentials use the Azure AD v2.0 endpoint, which requires OAuth 2 scopes instead of the resource identifiers `autorest/adal` expects. For more information, see [Azure AD documentation](https://docs.microsoft.com/azure/active-directory/develop/v2-permissions-and-consent).
|
||||
|
||||
## Use azidentity credentials with older packages
|
||||
|
||||
The [azidext module](https://pkg.go.dev/github.com/jongio/azidext/go/azidext) provides an adapter for `azidentity` credential types. The adapter enables using the credential types with older Azure SDK clients. For example:
|
||||
|
||||
```go
|
||||
import (
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
|
||||
"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-06-01/subscriptions"
|
||||
"github.com/jongio/azidext/go/azidext"
|
||||
)
|
||||
|
||||
cred, err := azidentity.NewClientSecretCredential(tenantID, clientID, secret, nil)
|
||||
handle(err)
|
||||
|
||||
client := subscriptions.NewClient()
|
||||
client.Authorizer = azidext.NewTokenCredentialAdapter(cred, []string{"https://management.azure.com//.default"})
|
||||
```
|
||||
|
||||
![Impressions](https://azure-sdk-impressions.azurewebsites.net/api/impressions/azure-sdk-for-go%2Fsdk%2Fazidentity%2FMIGRATION.png)
|
243
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/README.md
generated
vendored
Normal file
243
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/README.md
generated
vendored
Normal file
|
@ -0,0 +1,243 @@
|
|||
# Azure Identity Client Module for Go
|
||||
|
||||
The Azure Identity module provides Azure Active Directory (Azure AD) token authentication support across the Azure SDK. It includes a set of `TokenCredential` implementations, which can be used with Azure SDK clients supporting token authentication.
|
||||
|
||||
[![PkgGoDev](https://pkg.go.dev/badge/github.com/Azure/azure-sdk-for-go/sdk/azidentity)](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity)
|
||||
| [Azure Active Directory documentation](https://docs.microsoft.com/azure/active-directory/)
|
||||
| [Source code](https://github.com/Azure/azure-sdk-for-go/tree/main/sdk/azidentity)
|
||||
|
||||
# Getting started
|
||||
|
||||
## Install the module
|
||||
|
||||
This project uses [Go modules](https://github.com/golang/go/wiki/Modules) for versioning and dependency management.
|
||||
|
||||
Install the Azure Identity module:
|
||||
|
||||
```sh
|
||||
go get -u github.com/Azure/azure-sdk-for-go/sdk/azidentity
|
||||
```
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- an [Azure subscription](https://azure.microsoft.com/free/)
|
||||
- Go 1.18
|
||||
|
||||
### Authenticating during local development
|
||||
|
||||
When debugging and executing code locally, developers typically use their own accounts to authenticate calls to Azure services. The `azidentity` module supports authenticating through developer tools to simplify local development.
|
||||
|
||||
#### Authenticating via the Azure CLI
|
||||
|
||||
`DefaultAzureCredential` and `AzureCLICredential` can authenticate as the user
|
||||
signed in to the [Azure CLI](https://docs.microsoft.com/cli/azure). To sign in to the Azure CLI, run `az login`. On a system with a default web browser, the Azure CLI will launch the browser to authenticate a user.
|
||||
|
||||
When no default browser is available, `az login` will use the device code
|
||||
authentication flow. This can also be selected manually by running `az login --use-device-code`.
|
||||
|
||||
## Key concepts
|
||||
|
||||
### Credentials
|
||||
|
||||
A credential is a type which contains or can obtain the data needed for a
|
||||
service client to authenticate requests. Service clients across the Azure SDK
|
||||
accept a credential instance when they are constructed, and use that credential
|
||||
to authenticate requests.
|
||||
|
||||
The `azidentity` module focuses on OAuth authentication with Azure Active
|
||||
Directory (AAD). It offers a variety of credential types capable of acquiring
|
||||
an Azure AD access token. See [Credential Types](#credential-types "Credential Types") for a list of this module's credential types.
|
||||
|
||||
### DefaultAzureCredential
|
||||
|
||||
`DefaultAzureCredential` is appropriate for most apps that will be deployed to Azure. It combines common production credentials with development credentials. It attempts to authenticate via the following mechanisms in this order, stopping when one succeeds:
|
||||
|
||||
![DefaultAzureCredential authentication flow](img/mermaidjs/DefaultAzureCredentialAuthFlow.svg)
|
||||
|
||||
1. **Environment** - `DefaultAzureCredential` will read account information specified via [environment variables](#environment-variables) and use it to authenticate.
|
||||
1. **Workload Identity** - If the app is deployed on Kubernetes with environment variables set by the workload identity webhook, `DefaultAzureCredential` will authenticate the configured identity.
|
||||
1. **Managed Identity** - If the app is deployed to an Azure host with managed identity enabled, `DefaultAzureCredential` will authenticate with it.
|
||||
1. **Azure CLI** - If a user or service principal has authenticated via the Azure CLI `az login` command, `DefaultAzureCredential` will authenticate that identity.
|
||||
|
||||
> Note: `DefaultAzureCredential` is intended to simplify getting started with the SDK by handling common scenarios with reasonable default behaviors. Developers who want more control or whose scenario isn't served by the default settings should use other credential types.
|
||||
|
||||
## Managed Identity
|
||||
|
||||
`DefaultAzureCredential` and `ManagedIdentityCredential` support
|
||||
[managed identity authentication](https://docs.microsoft.com/azure/active-directory/managed-identities-azure-resources/overview)
|
||||
in any hosting environment which supports managed identities, such as (this list is not exhaustive):
|
||||
* [Azure App Service](https://docs.microsoft.com/azure/app-service/overview-managed-identity)
|
||||
* [Azure Arc](https://docs.microsoft.com/azure/azure-arc/servers/managed-identity-authentication)
|
||||
* [Azure Cloud Shell](https://docs.microsoft.com/azure/cloud-shell/msi-authorization)
|
||||
* [Azure Kubernetes Service](https://docs.microsoft.com/azure/aks/use-managed-identity)
|
||||
* [Azure Service Fabric](https://docs.microsoft.com/azure/service-fabric/concepts-managed-identity)
|
||||
* [Azure Virtual Machines](https://docs.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-to-use-vm-token)
|
||||
|
||||
## Examples
|
||||
|
||||
- [Authenticate with DefaultAzureCredential](#authenticate-with-defaultazurecredential "Authenticate with DefaultAzureCredential")
|
||||
- [Define a custom authentication flow with ChainedTokenCredential](#define-a-custom-authentication-flow-with-chainedtokencredential "Define a custom authentication flow with ChainedTokenCredential")
|
||||
- [Specify a user-assigned managed identity for DefaultAzureCredential](#specify-a-user-assigned-managed-identity-for-defaultazurecredential)
|
||||
|
||||
### Authenticate with DefaultAzureCredential
|
||||
|
||||
This example demonstrates authenticating a client from the `armresources` module with `DefaultAzureCredential`.
|
||||
|
||||
```go
|
||||
cred, err := azidentity.NewDefaultAzureCredential(nil)
|
||||
if err != nil {
|
||||
// handle error
|
||||
}
|
||||
|
||||
client := armresources.NewResourceGroupsClient("subscription ID", cred, nil)
|
||||
```
|
||||
|
||||
### Specify a user-assigned managed identity for DefaultAzureCredential
|
||||
|
||||
To configure `DefaultAzureCredential` to authenticate a user-assigned managed identity, set the environment variable `AZURE_CLIENT_ID` to the identity's client ID.
|
||||
|
||||
### Define a custom authentication flow with `ChainedTokenCredential`
|
||||
|
||||
`DefaultAzureCredential` is generally the quickest way to get started developing apps for Azure. For more advanced scenarios, `ChainedTokenCredential` links multiple credential instances to be tried sequentially when authenticating. It will try each chained credential in turn until one provides a token or fails to authenticate due to an error.
|
||||
|
||||
The following example demonstrates creating a credential, which will attempt to authenticate using managed identity. It will fall back to authenticating via the Azure CLI when a managed identity is unavailable.
|
||||
|
||||
```go
|
||||
managed, err := azidentity.NewManagedIdentityCredential(nil)
|
||||
if err != nil {
|
||||
// handle error
|
||||
}
|
||||
azCLI, err := azidentity.NewAzureCLICredential(nil)
|
||||
if err != nil {
|
||||
// handle error
|
||||
}
|
||||
chain, err := azidentity.NewChainedTokenCredential([]azcore.TokenCredential{managed, azCLI}, nil)
|
||||
if err != nil {
|
||||
// handle error
|
||||
}
|
||||
|
||||
client := armresources.NewResourceGroupsClient("subscription ID", chain, nil)
|
||||
```
|
||||
|
||||
## Credential Types
|
||||
|
||||
### Authenticating Azure Hosted Applications
|
||||
|
||||
|Credential|Usage
|
||||
|-|-
|
||||
|[DefaultAzureCredential](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity#DefaultAzureCredential)|Simplified authentication experience for getting started developing Azure apps
|
||||
|[ChainedTokenCredential](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity#ChainedTokenCredential)|Define custom authentication flows, composing multiple credentials
|
||||
|[EnvironmentCredential](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity#EnvironmentCredential)|Authenticate a service principal or user configured by environment variables
|
||||
|[ManagedIdentityCredential](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity#ManagedIdentityCredential)|Authenticate the managed identity of an Azure resource
|
||||
|[WorkloadIdentityCredential](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity#WorkloadIdentityCredential)|Authenticate a workload identity on Kubernetes
|
||||
|
||||
### Authenticating Service Principals
|
||||
|
||||
|Credential|Usage
|
||||
|-|-
|
||||
|[ClientAssertionCredential](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity#ClientAssertionCredential)|Authenticate a service principal with a signed client assertion
|
||||
|[ClientCertificateCredential](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity#ClientCertificateCredential)|Authenticate a service principal with a certificate
|
||||
|[ClientSecretCredential](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity#ClientSecretCredential)|Authenticate a service principal with a secret
|
||||
|
||||
### Authenticating Users
|
||||
|
||||
|Credential|Usage
|
||||
|-|-
|
||||
|[InteractiveBrowserCredential](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity#InteractiveBrowserCredential)|Interactively authenticate a user with the default web browser
|
||||
|[DeviceCodeCredential](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity#DeviceCodeCredential)|Interactively authenticate a user on a device with limited UI
|
||||
|[UsernamePasswordCredential](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity#UsernamePasswordCredential)|Authenticate a user with a username and password
|
||||
|
||||
### Authenticating via Development Tools
|
||||
|
||||
|Credential|Usage
|
||||
|-|-
|
||||
|[AzureCLICredential](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity#AzureCLICredential)|Authenticate as the user signed in to the Azure CLI
|
||||
|
||||
## Environment Variables
|
||||
|
||||
`DefaultAzureCredential` and `EnvironmentCredential` can be configured with environment variables. Each type of authentication requires values for specific variables:
|
||||
|
||||
#### Service principal with secret
|
||||
|
||||
|variable name|value
|
||||
|-|-
|
||||
|`AZURE_CLIENT_ID`|ID of an Azure Active Directory application
|
||||
|`AZURE_TENANT_ID`|ID of the application's Azure Active Directory tenant
|
||||
|`AZURE_CLIENT_SECRET`|one of the application's client secrets
|
||||
|
||||
#### Service principal with certificate
|
||||
|
||||
|variable name|value
|
||||
|-|-
|
||||
|`AZURE_CLIENT_ID`|ID of an Azure Active Directory application
|
||||
|`AZURE_TENANT_ID`|ID of the application's Azure Active Directory tenant
|
||||
|`AZURE_CLIENT_CERTIFICATE_PATH`|path to a certificate file including private key
|
||||
|`AZURE_CLIENT_CERTIFICATE_PASSWORD`|password of the certificate file, if any
|
||||
|
||||
#### Username and password
|
||||
|
||||
|variable name|value
|
||||
|-|-
|
||||
|`AZURE_CLIENT_ID`|ID of an Azure Active Directory application
|
||||
|`AZURE_USERNAME`|a username (usually an email address)
|
||||
|`AZURE_PASSWORD`|that user's password
|
||||
|
||||
Configuration is attempted in the above order. For example, if values for a
|
||||
client secret and certificate are both present, the client secret will be used.
|
||||
|
||||
## Troubleshooting
|
||||
|
||||
### Error Handling
|
||||
|
||||
Credentials return an `error` when they fail to authenticate or lack data they require to authenticate. For guidance on resolving errors from specific credential types, see the [troubleshooting guide](https://aka.ms/azsdk/go/identity/troubleshoot).
|
||||
|
||||
For more details on handling specific Azure Active Directory errors please refer to the
|
||||
Azure Active Directory
|
||||
[error code documentation](https://docs.microsoft.com/azure/active-directory/develop/reference-aadsts-error-codes).
|
||||
|
||||
### Logging
|
||||
|
||||
This module uses the classification-based logging implementation in `azcore`. To enable console logging for all SDK modules, set `AZURE_SDK_GO_LOGGING` to `all`. Use the `azcore/log` package to control log event output or to enable logs for `azidentity` only. For example:
|
||||
```go
|
||||
import azlog "github.com/Azure/azure-sdk-for-go/sdk/azcore/log"
|
||||
|
||||
// print log output to stdout
|
||||
azlog.SetListener(func(event azlog.Event, s string) {
|
||||
fmt.Println(s)
|
||||
})
|
||||
|
||||
// include only azidentity credential logs
|
||||
azlog.SetEvents(azidentity.EventAuthentication)
|
||||
```
|
||||
|
||||
Credentials log basic information only, such as `GetToken` success or failure and errors. These log entries don't contain authentication secrets but may contain sensitive information.
|
||||
|
||||
## Next steps
|
||||
|
||||
Client and management modules listed on the [Azure SDK releases page](https://azure.github.io/azure-sdk/releases/latest/go.html) support authenticating with `azidentity` credential types. You can learn more about using these libraries in their documentation, which is linked from the release page.
|
||||
|
||||
## Provide Feedback
|
||||
|
||||
If you encounter bugs or have suggestions, please
|
||||
[open an issue](https://github.com/Azure/azure-sdk-for-go/issues).
|
||||
|
||||
## Contributing
|
||||
|
||||
This project welcomes contributions and suggestions. Most contributions require
|
||||
you to agree to a Contributor License Agreement (CLA) declaring that you have
|
||||
the right to, and actually do, grant us the rights to use your contribution.
|
||||
For details, visit [https://cla.microsoft.com](https://cla.microsoft.com).
|
||||
|
||||
When you submit a pull request, a CLA-bot will automatically determine whether
|
||||
you need to provide a CLA and decorate the PR appropriately (e.g., label,
|
||||
comment). Simply follow the instructions provided by the bot. You will only
|
||||
need to do this once across all repos using our CLA.
|
||||
|
||||
This project has adopted the
|
||||
[Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
|
||||
For more information, see the
|
||||
[Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
|
||||
or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any
|
||||
additional questions or comments.
|
||||
|
||||
![Impressions](https://azure-sdk-impressions.azurewebsites.net/api/impressions/azure-sdk-for-go%2Fsdk%2Fazidentity%2FREADME.png)
|
205
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/TROUBLESHOOTING.md
generated
vendored
Normal file
205
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/TROUBLESHOOTING.md
generated
vendored
Normal file
|
@ -0,0 +1,205 @@
|
|||
# Troubleshoot Azure Identity authentication issues
|
||||
|
||||
This troubleshooting guide covers failure investigation techniques, common errors for the credential types in the `azidentity` module, and mitigation steps to resolve these errors.
|
||||
|
||||
## Table of contents
|
||||
|
||||
- [Handle azidentity errors](#handle-azidentity-errors)
|
||||
- [Permission issues](#permission-issues)
|
||||
- [Find relevant information in errors](#find-relevant-information-in-errors)
|
||||
- [Enable and configure logging](#enable-and-configure-logging)
|
||||
- [Troubleshoot AzureCliCredential authentication issues](#troubleshoot-azureclicredential-authentication-issues)
|
||||
- [Troubleshoot ClientCertificateCredential authentication issues](#troubleshoot-clientcertificatecredential-authentication-issues)
|
||||
- [Troubleshoot ClientSecretCredential authentication issues](#troubleshoot-clientsecretcredential-authentication-issues)
|
||||
- [Troubleshoot DefaultAzureCredential authentication issues](#troubleshoot-defaultazurecredential-authentication-issues)
|
||||
- [Troubleshoot EnvironmentCredential authentication issues](#troubleshoot-environmentcredential-authentication-issues)
|
||||
- [Troubleshoot ManagedIdentityCredential authentication issues](#troubleshoot-managedidentitycredential-authentication-issues)
|
||||
- [Azure App Service and Azure Functions managed identity](#azure-app-service-and-azure-functions-managed-identity)
|
||||
- [Azure Kubernetes Service managed identity](#azure-kubernetes-service-managed-identity)
|
||||
- [Azure Virtual Machine managed identity](#azure-virtual-machine-managed-identity)
|
||||
- [Troubleshoot UsernamePasswordCredential authentication issues](#troubleshoot-usernamepasswordcredential-authentication-issues)
|
||||
- [Troubleshoot WorkloadIdentityCredential authentication issues](#troubleshoot-workloadidentitycredential-authentication-issues)
|
||||
- [Get additional help](#get-additional-help)
|
||||
|
||||
## Handle azidentity errors
|
||||
|
||||
Any service client method that makes a request to the service may return an error due to authentication failure. This is because the credential authenticates on the first call to the service and on any subsequent call that needs to refresh an access token. Authentication errors include a description of the failure and possibly an error message from Azure Active Directory (Azure AD). Depending on the application, these errors may or may not be recoverable.
|
||||
|
||||
### Permission issues
|
||||
|
||||
Service client errors with a status code of 401 or 403 often indicate that authentication succeeded but the caller doesn't have permission to access the specified API. Check the service documentation to determine which RBAC roles are needed for the request, and ensure the authenticated user or service principal has the appropriate role assignments.
|
||||
|
||||
## Find relevant information in errors
|
||||
|
||||
Authentication errors can include responses from Azure AD and often contain information helpful in diagnosis. Consider the following error message:
|
||||
|
||||
```
|
||||
ClientSecretCredential authentication failed
|
||||
POST https://login.microsoftonline.com/3c631bb7-a9f7-4343-a5ba-a615913/oauth2/v2.0/token
|
||||
--------------------------------------------------------------------------------
|
||||
RESPONSE 401 Unauthorized
|
||||
--------------------------------------------------------------------------------
|
||||
{
|
||||
"error": "invalid_client",
|
||||
"error_description": "AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app '86be4c01-505b-45e9-bfc0-9b825fd84'.\r\nTrace ID: 03da4b8e-5ffe-48ca-9754-aff4276f0100\r\nCorrelation ID: 7b12f9bb-2eef-42e3-ad75-eee69ec9088d\r\nTimestamp: 2022-03-02 18:25:26Z",
|
||||
"error_codes": [
|
||||
7000215
|
||||
],
|
||||
"timestamp": "2022-03-02 18:25:26Z",
|
||||
"trace_id": "03da4b8e-5ffe-48ca-9754-aff4276f0100",
|
||||
"correlation_id": "7b12f9bb-2eef-42e3-ad75-eee69ec9088d",
|
||||
"error_uri": "https://login.microsoftonline.com/error?code=7000215"
|
||||
}
|
||||
--------------------------------------------------------------------------------
|
||||
```
|
||||
|
||||
This error contains several pieces of information:
|
||||
|
||||
- __Failing Credential Type__: The type of credential that failed to authenticate. This can be helpful when diagnosing issues with chained credential types such as `DefaultAzureCredential` or `ChainedTokenCredential`.
|
||||
|
||||
- __Azure AD Error Code and Message__: The error code and message returned by Azure AD. This can give insight into the specific reason the request failed. For instance, in this case authentication failed because the provided client secret is incorrect. [Azure AD documentation](https://docs.microsoft.com/azure/active-directory/develop/reference-aadsts-error-codes#aadsts-error-codes) has more information on AADSTS error codes.
|
||||
|
||||
- __Correlation ID and Timestamp__: The correlation ID and timestamp identify the request in server-side logs. This information can be useful to support engineers diagnosing unexpected Azure AD failures.
|
||||
|
||||
### Enable and configure logging
|
||||
|
||||
`azidentity` provides the same logging capabilities as the rest of the Azure SDK. The simplest way to see the logs to help debug authentication issues is to print credential logs to the console.
|
||||
```go
|
||||
import azlog "github.com/Azure/azure-sdk-for-go/sdk/azcore/log"
|
||||
|
||||
// print log output to stdout
|
||||
azlog.SetListener(func(event azlog.Event, s string) {
|
||||
fmt.Println(s)
|
||||
})
|
||||
|
||||
// include only azidentity credential logs
|
||||
azlog.SetEvents(azidentity.EventAuthentication)
|
||||
```
|
||||
|
||||
## Troubleshoot DefaultAzureCredential authentication issues
|
||||
|
||||
| Error |Description| Mitigation |
|
||||
|---|---|---|
|
||||
|"DefaultAzureCredential failed to acquire a token"|No credential in the `DefaultAzureCredential` chain provided a token|<ul><li>[Enable logging](#enable-and-configure-logging) to get further diagnostic information.</li><li>Consult the troubleshooting guide for underlying credential types for more information.</li><ul><li>[EnvironmentCredential](#troubleshoot-environmentcredential-authentication-issues)</li><li>[ManagedIdentityCredential](#troubleshoot-managedidentitycredential-authentication-issues)</li><li>[AzureCLICredential](#troubleshoot-azureclicredential-authentication-issues)</li></ul>|
|
||||
|Error from the client with a status code of 401 or 403|Authentication succeeded but the authorizing Azure service responded with a 401 (Unauthorized), or 403 (Forbidden) status code|<ul><li>[Enable logging](#enable-and-configure-logging) to determine which credential in the chain returned the authenticating token.</li><li>If an unexpected credential is returning a token, check application configuration such as environment variables.</li><li>Ensure the correct role is assigned to the authenticated identity. For example, a service specific role rather than the subscription Owner role.</li></ul>|
|
||||
|
||||
## Troubleshoot EnvironmentCredential authentication issues
|
||||
|
||||
| Error Message |Description| Mitigation |
|
||||
|---|---|---|
|
||||
|Missing or incomplete environment variable configuration|A valid combination of environment variables wasn't set|Ensure the appropriate environment variables are set for the intended authentication method as described in the [module documentation](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity#EnvironmentCredential)|
|
||||
|
||||
<a id="client-secret"></a>
|
||||
## Troubleshoot ClientSecretCredential authentication issues
|
||||
|
||||
| Error Code | Issue | Mitigation |
|
||||
|---|---|---|
|
||||
|AADSTS7000215|An invalid client secret was provided.|Ensure the secret provided to the credential constructor is valid. If unsure, create a new client secret using the Azure portal. Details on creating a new client secret are in [Azure AD documentation](https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal#option-2-create-a-new-application-secret).|
|
||||
|AADSTS7000222|An expired client secret was provided.|Create a new client secret using the Azure portal. Details on creating a new client secret are in [Azure AD documentation](https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal#option-2-create-a-new-application-secret).|
|
||||
|AADSTS700016|The specified application wasn't found in the specified tenant.|Ensure the client and tenant IDs provided to the credential constructor are correct for your application registration. For multi-tenant apps, ensure the application has been added to the desired tenant by a tenant admin. To add a new application in the desired tenant, follow the [Azure AD instructions](https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal).|
|
||||
|
||||
<a id="client-cert"></a>
|
||||
## Troubleshoot ClientCertificateCredential authentication issues
|
||||
|
||||
| Error Code | Description | Mitigation |
|
||||
|---|---|---|
|
||||
|AADSTS700027|Client assertion contains an invalid signature.|Ensure the specified certificate has been uploaded to the application registration as described in [Azure AD documentation](https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal#option-1-upload-a-certificate).|
|
||||
|AADSTS700016|The specified application wasn't found in the specified tenant.|Ensure the client and tenant IDs provided to the credential constructor are correct for your application registration. For multi-tenant apps, ensure the application has been added to the desired tenant by a tenant admin. To add a new application in the desired tenant, follow the [Azure AD instructions](https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal).|
|
||||
|
||||
<a id="username-password"></a>
|
||||
## Troubleshoot UsernamePasswordCredential authentication issues
|
||||
|
||||
| Error Code | Issue | Mitigation |
|
||||
|---|---|---|
|
||||
|AADSTS50126|The provided username or password is invalid.|Ensure the username and password provided to the credential constructor are valid.|
|
||||
|
||||
<a id="managed-id"></a>
|
||||
## Troubleshoot ManagedIdentityCredential authentication issues
|
||||
|
||||
`ManagedIdentityCredential` is designed to work on a variety of Azure hosts support managed identity. Configuration and troubleshooting vary from host to host. The below table lists the Azure hosts that can be assigned a managed identity and are supported by `ManagedIdentityCredential`.
|
||||
|
||||
|Host Environment| | |
|
||||
|---|---|---|
|
||||
|Azure Virtual Machines and Scale Sets|[Configuration](https://docs.microsoft.com/azure/active-directory/managed-identities-azure-resources/qs-configure-portal-windows-vm)|[Troubleshooting](#azure-virtual-machine-managed-identity)|
|
||||
|Azure App Service and Azure Functions|[Configuration](https://docs.microsoft.com/azure/app-service/overview-managed-identity)|[Troubleshooting](#azure-app-service-and-azure-functions-managed-identity)|
|
||||
|Azure Kubernetes Service|[Configuration](https://azure.github.io/aad-pod-identity/docs/)|[Troubleshooting](#azure-kubernetes-service-managed-identity)|
|
||||
|Azure Arc|[Configuration](https://docs.microsoft.com/azure/azure-arc/servers/managed-identity-authentication)||
|
||||
|Azure Service Fabric|[Configuration](https://docs.microsoft.com/azure/service-fabric/concepts-managed-identity)||
|
||||
|
||||
### Azure Virtual Machine managed identity
|
||||
|
||||
| Error Message |Description| Mitigation |
|
||||
|---|---|---|
|
||||
|The requested identity hasn’t been assigned to this resource.|The IMDS endpoint responded with a status code of 400, indicating the requested identity isn’t assigned to the VM.|If using a user assigned identity, ensure the specified ID is correct.<p/><p/>If using a system assigned identity, make sure it has been enabled as described in [managed identity documentation](https://docs.microsoft.com/azure/active-directory/managed-identities-azure-resources/qs-configure-portal-windows-vm#enable-system-assigned-managed-identity-on-an-existing-vm).|
|
||||
|The request failed due to a gateway error.|The request to the IMDS endpoint failed due to a gateway error, 502 or 504 status code.|IMDS doesn't support requests via proxy or gateway. Disable proxies or gateways running on the VM for requests to the IMDS endpoint `http://169.254.169.254`|
|
||||
|No response received from the managed identity endpoint.|No response was received for the request to IMDS or the request timed out.|<ul><li>Ensure the VM is configured for managed identity as described in [managed identity documentation](https://docs.microsoft.com/azure/active-directory/managed-identities-azure-resources/qs-configure-portal-windows-vm).</li><li>Verify the IMDS endpoint is reachable on the VM. See [below](#verify-imds-is-available-on-the-vm) for instructions.</li></ul>|
|
||||
|Multiple attempts failed to obtain a token from the managed identity endpoint.|The credential has exhausted its retries for a token request.|<ul><li>Refer to the error message for more details on specific failures.<li>Ensure the VM is configured for managed identity as described in [managed identity documentation](https://docs.microsoft.com/azure/active-directory/managed-identities-azure-resources/qs-configure-portal-windows-vm).</li><li>Verify the IMDS endpoint is reachable on the VM. See [below](#verify-imds-is-available-on-the-vm) for instructions.</li></ul>|
|
||||
|
||||
#### Verify IMDS is available on the VM
|
||||
|
||||
If you have access to the VM, you can use `curl` to verify the managed identity endpoint is available.
|
||||
|
||||
```sh
|
||||
curl 'http://169.254.169.254/metadata/identity/oauth2/token?resource=https://management.core.windows.net&api-version=2018-02-01' -H "Metadata: true"
|
||||
```
|
||||
|
||||
> This command's output will contain an access token and SHOULD NOT BE SHARED, to avoid compromising account security.
|
||||
|
||||
### Azure App Service and Azure Functions managed identity
|
||||
|
||||
| Error Message |Description| Mitigation |
|
||||
|---|---|---|
|
||||
|Get "`http://169.254.169.254/...`" i/o timeout|The App Service host hasn't set environment variables for managed identity configuration.|<ul><li>Ensure the App Service is configured for managed identity as described in [App Service documentation](https://docs.microsoft.com/azure/app-service/overview-managed-identity).</li><li>Verify the App Service environment is properly configured and the managed identity endpoint is available. See [below](#verify-the-app-service-managed-identity-endpoint-is-available) for instructions.</li></ul>|
|
||||
|
||||
#### Verify the App Service managed identity endpoint is available
|
||||
|
||||
If you can SSH into the App Service, you can verify managed identity is available in the environment. First ensure the environment variables `IDENTITY_ENDPOINT` and `IDENTITY_SECRET` are set. Then you can verify the managed identity endpoint is available using `curl`.
|
||||
|
||||
```sh
|
||||
curl "$IDENTITY_ENDPOINT?resource=https://management.core.windows.net&api-version=2019-08-01" -H "X-IDENTITY-HEADER: $IDENTITY_HEADER"
|
||||
```
|
||||
|
||||
> This command's output will contain an access token and SHOULD NOT BE SHARED, to avoid compromising account security.
|
||||
|
||||
### Azure Kubernetes Service managed identity
|
||||
|
||||
#### Pod Identity
|
||||
|
||||
| Error Message |Description| Mitigation |
|
||||
|---|---|---|
|
||||
|"no azure identity found for request clientID"|The application attempted to authenticate before an identity was assigned to its pod|Verify the pod is labeled correctly. This also occurs when a correctly labeled pod authenticates before the identity is ready. To prevent initialization races, configure NMI to set the Retry-After header in its responses as described in [Pod Identity documentation](https://azure.github.io/aad-pod-identity/docs/configure/feature_flags/#set-retry-after-header-in-nmi-response).
|
||||
|
||||
<a id="azure-cli"></a>
|
||||
## Troubleshoot AzureCliCredential authentication issues
|
||||
|
||||
| Error Message |Description| Mitigation |
|
||||
|---|---|---|
|
||||
|Azure CLI not found on path|The Azure CLI isn’t installed or isn't on the application's path.|<ul><li>Ensure the Azure CLI is installed as described in [Azure CLI documentation](https://docs.microsoft.com/cli/azure/install-azure-cli).</li><li>Validate the installation location is in the application's `PATH` environment variable.</li></ul>|
|
||||
|Please run 'az login' to set up account|No account is currently logged into the Azure CLI, or the login has expired.|<ul><li>Run `az login` to log into the Azure CLI. More information about Azure CLI authentication is available in the [Azure CLI documentation](https://docs.microsoft.com/cli/azure/authenticate-azure-cli).</li><li>Verify that the Azure CLI can obtain tokens. See [below](#verify-the-azure-cli-can-obtain-tokens) for instructions.</li></ul>|
|
||||
|
||||
#### Verify the Azure CLI can obtain tokens
|
||||
|
||||
You can manually verify that the Azure CLI can authenticate and obtain tokens. First, use the `account` command to verify the logged in account.
|
||||
|
||||
```azurecli
|
||||
az account show
|
||||
```
|
||||
|
||||
Once you've verified the Azure CLI is using the correct account, you can validate that it's able to obtain tokens for that account.
|
||||
|
||||
```azurecli
|
||||
az account get-access-token --output json --resource https://management.core.windows.net
|
||||
```
|
||||
|
||||
> This command's output will contain an access token and SHOULD NOT BE SHARED, to avoid compromising account security.
|
||||
|
||||
<a id="workload"></a>
|
||||
## Troubleshoot `WorkloadIdentityCredential` authentication issues
|
||||
|
||||
| Error Message |Description| Mitigation |
|
||||
|---|---|---|
|
||||
|no client ID/tenant ID/token file specified|Incomplete configuration|In most cases these values are provided via environment variables set by Azure Workload Identity.<ul><li>If your application runs on Azure Kubernetes Servide (AKS) or a cluster that has deployed the Azure Workload Identity admission webhook, check pod labels and service account configuration. See the [AKS documentation](https://learn.microsoft.com/azure/aks/workload-identity-deploy-cluster#disable-workload-identity) and [Azure Workload Identity troubleshooting guide](https://azure.github.io/azure-workload-identity/docs/troubleshooting.html) for more details.<li>If your application isn't running on AKS or your cluster hasn't deployed the Workload Identity admission webhook, set these values in `WorkloadIdentityCredentialOptions`
|
||||
|
||||
## Get additional help
|
||||
|
||||
Additional information on ways to reach out for support can be found in [SUPPORT.md](https://github.com/Azure/azure-sdk-for-go/blob/main/SUPPORT.md).
|
6
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/assets.json
generated
vendored
Normal file
6
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/assets.json
generated
vendored
Normal file
|
@ -0,0 +1,6 @@
|
|||
{
|
||||
"AssetsRepo": "Azure/azure-sdk-assets",
|
||||
"AssetsRepoPrefixPath": "go",
|
||||
"TagPrefix": "go/azidentity",
|
||||
"Tag": "go/azidentity_6225ab0470"
|
||||
}
|
190
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azidentity.go
generated
vendored
Normal file
190
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azidentity.go
generated
vendored
Normal file
|
@ -0,0 +1,190 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package azidentity
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"errors"
|
||||
"io"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"os"
|
||||
"regexp"
|
||||
"strings"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/cloud"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/streaming"
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/public"
|
||||
)
|
||||
|
||||
const (
|
||||
azureAdditionallyAllowedTenants = "AZURE_ADDITIONALLY_ALLOWED_TENANTS"
|
||||
azureAuthorityHost = "AZURE_AUTHORITY_HOST"
|
||||
azureClientCertificatePassword = "AZURE_CLIENT_CERTIFICATE_PASSWORD"
|
||||
azureClientCertificatePath = "AZURE_CLIENT_CERTIFICATE_PATH"
|
||||
azureClientID = "AZURE_CLIENT_ID"
|
||||
azureClientSecret = "AZURE_CLIENT_SECRET"
|
||||
azureFederatedTokenFile = "AZURE_FEDERATED_TOKEN_FILE"
|
||||
azurePassword = "AZURE_PASSWORD"
|
||||
azureRegionalAuthorityName = "AZURE_REGIONAL_AUTHORITY_NAME"
|
||||
azureTenantID = "AZURE_TENANT_ID"
|
||||
azureUsername = "AZURE_USERNAME"
|
||||
|
||||
organizationsTenantID = "organizations"
|
||||
developerSignOnClientID = "04b07795-8ddb-461a-bbee-02f9e1bf7b46"
|
||||
defaultSuffix = "/.default"
|
||||
tenantIDValidationErr = "invalid tenantID. You can locate your tenantID by following the instructions listed here: https://docs.microsoft.com/partner-center/find-ids-and-domain-names"
|
||||
)
|
||||
|
||||
var (
|
||||
// capability CP1 indicates the client application is capable of handling CAE claims challenges
|
||||
cp1 = []string{"CP1"}
|
||||
// CP1 is disabled until CAE support is added back
|
||||
disableCP1 = true
|
||||
)
|
||||
|
||||
var getConfidentialClient = func(clientID, tenantID string, cred confidential.Credential, co *azcore.ClientOptions, additionalOpts ...confidential.Option) (confidentialClient, error) {
|
||||
if !validTenantID(tenantID) {
|
||||
return confidential.Client{}, errors.New(tenantIDValidationErr)
|
||||
}
|
||||
authorityHost, err := setAuthorityHost(co.Cloud)
|
||||
if err != nil {
|
||||
return confidential.Client{}, err
|
||||
}
|
||||
authority := runtime.JoinPaths(authorityHost, tenantID)
|
||||
o := []confidential.Option{
|
||||
confidential.WithAzureRegion(os.Getenv(azureRegionalAuthorityName)),
|
||||
confidential.WithHTTPClient(newPipelineAdapter(co)),
|
||||
}
|
||||
if !disableCP1 {
|
||||
o = append(o, confidential.WithClientCapabilities(cp1))
|
||||
}
|
||||
o = append(o, additionalOpts...)
|
||||
if strings.ToLower(tenantID) == "adfs" {
|
||||
o = append(o, confidential.WithInstanceDiscovery(false))
|
||||
}
|
||||
return confidential.New(authority, clientID, cred, o...)
|
||||
}
|
||||
|
||||
var getPublicClient = func(clientID, tenantID string, co *azcore.ClientOptions, additionalOpts ...public.Option) (public.Client, error) {
|
||||
if !validTenantID(tenantID) {
|
||||
return public.Client{}, errors.New(tenantIDValidationErr)
|
||||
}
|
||||
authorityHost, err := setAuthorityHost(co.Cloud)
|
||||
if err != nil {
|
||||
return public.Client{}, err
|
||||
}
|
||||
o := []public.Option{
|
||||
public.WithAuthority(runtime.JoinPaths(authorityHost, tenantID)),
|
||||
public.WithHTTPClient(newPipelineAdapter(co)),
|
||||
}
|
||||
if !disableCP1 {
|
||||
o = append(o, public.WithClientCapabilities(cp1))
|
||||
}
|
||||
o = append(o, additionalOpts...)
|
||||
if strings.ToLower(tenantID) == "adfs" {
|
||||
o = append(o, public.WithInstanceDiscovery(false))
|
||||
}
|
||||
return public.New(clientID, o...)
|
||||
}
|
||||
|
||||
// setAuthorityHost initializes the authority host for credentials. Precedence is:
|
||||
// 1. cloud.Configuration.ActiveDirectoryAuthorityHost value set by user
|
||||
// 2. value of AZURE_AUTHORITY_HOST
|
||||
// 3. default: Azure Public Cloud
|
||||
func setAuthorityHost(cc cloud.Configuration) (string, error) {
|
||||
host := cc.ActiveDirectoryAuthorityHost
|
||||
if host == "" {
|
||||
if len(cc.Services) > 0 {
|
||||
return "", errors.New("missing ActiveDirectoryAuthorityHost for specified cloud")
|
||||
}
|
||||
host = cloud.AzurePublic.ActiveDirectoryAuthorityHost
|
||||
if envAuthorityHost := os.Getenv(azureAuthorityHost); envAuthorityHost != "" {
|
||||
host = envAuthorityHost
|
||||
}
|
||||
}
|
||||
u, err := url.Parse(host)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
if u.Scheme != "https" {
|
||||
return "", errors.New("cannot use an authority host without https")
|
||||
}
|
||||
return host, nil
|
||||
}
|
||||
|
||||
// validTenantID return true is it receives a valid tenantID, returns false otherwise
|
||||
func validTenantID(tenantID string) bool {
|
||||
match, err := regexp.MatchString("^[0-9a-zA-Z-.]+$", tenantID)
|
||||
if err != nil {
|
||||
return false
|
||||
}
|
||||
return match
|
||||
}
|
||||
|
||||
func newPipelineAdapter(opts *azcore.ClientOptions) pipelineAdapter {
|
||||
pl := runtime.NewPipeline(component, version, runtime.PipelineOptions{}, opts)
|
||||
return pipelineAdapter{pl: pl}
|
||||
}
|
||||
|
||||
type pipelineAdapter struct {
|
||||
pl runtime.Pipeline
|
||||
}
|
||||
|
||||
func (p pipelineAdapter) CloseIdleConnections() {
|
||||
// do nothing
|
||||
}
|
||||
|
||||
func (p pipelineAdapter) Do(r *http.Request) (*http.Response, error) {
|
||||
req, err := runtime.NewRequest(r.Context(), r.Method, r.URL.String())
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if r.Body != nil && r.Body != http.NoBody {
|
||||
// create a rewindable body from the existing body as required
|
||||
var body io.ReadSeekCloser
|
||||
if rsc, ok := r.Body.(io.ReadSeekCloser); ok {
|
||||
body = rsc
|
||||
} else {
|
||||
b, err := io.ReadAll(r.Body)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
body = streaming.NopCloser(bytes.NewReader(b))
|
||||
}
|
||||
err = req.SetBody(body, r.Header.Get("Content-Type"))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
resp, err := p.pl.Do(req)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return resp, err
|
||||
}
|
||||
|
||||
// enables fakes for test scenarios
|
||||
type confidentialClient interface {
|
||||
AcquireTokenSilent(ctx context.Context, scopes []string, options ...confidential.AcquireSilentOption) (confidential.AuthResult, error)
|
||||
AcquireTokenByAuthCode(ctx context.Context, code string, redirectURI string, scopes []string, options ...confidential.AcquireByAuthCodeOption) (confidential.AuthResult, error)
|
||||
AcquireTokenByCredential(ctx context.Context, scopes []string, options ...confidential.AcquireByCredentialOption) (confidential.AuthResult, error)
|
||||
AcquireTokenOnBehalfOf(ctx context.Context, userAssertion string, scopes []string, options ...confidential.AcquireOnBehalfOfOption) (confidential.AuthResult, error)
|
||||
}
|
||||
|
||||
// enables fakes for test scenarios
|
||||
type publicClient interface {
|
||||
AcquireTokenSilent(ctx context.Context, scopes []string, options ...public.AcquireSilentOption) (public.AuthResult, error)
|
||||
AcquireTokenByUsernamePassword(ctx context.Context, scopes []string, username string, password string, options ...public.AcquireByUsernamePasswordOption) (public.AuthResult, error)
|
||||
AcquireTokenByDeviceCode(ctx context.Context, scopes []string, options ...public.AcquireByDeviceCodeOption) (public.DeviceCode, error)
|
||||
AcquireTokenByAuthCode(ctx context.Context, code string, redirectURI string, scopes []string, options ...public.AcquireByAuthCodeOption) (public.AuthResult, error)
|
||||
AcquireTokenInteractive(ctx context.Context, scopes []string, options ...public.AcquireInteractiveOption) (public.AuthResult, error)
|
||||
}
|
180
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azure_cli_credential.go
generated
vendored
Normal file
180
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azure_cli_credential.go
generated
vendored
Normal file
|
@ -0,0 +1,180 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package azidentity
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"os"
|
||||
"os/exec"
|
||||
"regexp"
|
||||
"runtime"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
)
|
||||
|
||||
const (
|
||||
credNameAzureCLI = "AzureCLICredential"
|
||||
timeoutCLIRequest = 10 * time.Second
|
||||
)
|
||||
|
||||
// used by tests to fake invoking the CLI
|
||||
type azureCLITokenProvider func(ctx context.Context, resource string, tenantID string) ([]byte, error)
|
||||
|
||||
// AzureCLICredentialOptions contains optional parameters for AzureCLICredential.
|
||||
type AzureCLICredentialOptions struct {
|
||||
// AdditionallyAllowedTenants specifies tenants for which the credential may acquire tokens, in addition
|
||||
// to TenantID. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant the
|
||||
// logged in account can access.
|
||||
AdditionallyAllowedTenants []string
|
||||
// TenantID identifies the tenant the credential should authenticate in.
|
||||
// Defaults to the CLI's default tenant, which is typically the home tenant of the logged in user.
|
||||
TenantID string
|
||||
|
||||
tokenProvider azureCLITokenProvider
|
||||
}
|
||||
|
||||
// init returns an instance of AzureCLICredentialOptions initialized with default values.
|
||||
func (o *AzureCLICredentialOptions) init() {
|
||||
if o.tokenProvider == nil {
|
||||
o.tokenProvider = defaultTokenProvider()
|
||||
}
|
||||
}
|
||||
|
||||
// AzureCLICredential authenticates as the identity logged in to the Azure CLI.
|
||||
type AzureCLICredential struct {
|
||||
s *syncer
|
||||
tokenProvider azureCLITokenProvider
|
||||
}
|
||||
|
||||
// NewAzureCLICredential constructs an AzureCLICredential. Pass nil to accept default options.
|
||||
func NewAzureCLICredential(options *AzureCLICredentialOptions) (*AzureCLICredential, error) {
|
||||
cp := AzureCLICredentialOptions{}
|
||||
if options != nil {
|
||||
cp = *options
|
||||
}
|
||||
cp.init()
|
||||
c := AzureCLICredential{tokenProvider: cp.tokenProvider}
|
||||
c.s = newSyncer(credNameAzureCLI, cp.TenantID, cp.AdditionallyAllowedTenants, c.requestToken, c.requestToken)
|
||||
return &c, nil
|
||||
}
|
||||
|
||||
// GetToken requests a token from the Azure CLI. This credential doesn't cache tokens, so every call invokes the CLI.
|
||||
// This method is called automatically by Azure SDK clients.
|
||||
func (c *AzureCLICredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
if len(opts.Scopes) != 1 {
|
||||
return azcore.AccessToken{}, errors.New(credNameAzureCLI + ": GetToken() requires exactly one scope")
|
||||
}
|
||||
// CLI expects an AAD v1 resource, not a v2 scope
|
||||
opts.Scopes = []string{strings.TrimSuffix(opts.Scopes[0], defaultSuffix)}
|
||||
return c.s.GetToken(ctx, opts)
|
||||
}
|
||||
|
||||
func (c *AzureCLICredential) requestToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
b, err := c.tokenProvider(ctx, opts.Scopes[0], opts.TenantID)
|
||||
if err != nil {
|
||||
return azcore.AccessToken{}, err
|
||||
}
|
||||
at, err := c.createAccessToken(b)
|
||||
if err != nil {
|
||||
return azcore.AccessToken{}, err
|
||||
}
|
||||
return at, nil
|
||||
}
|
||||
|
||||
func defaultTokenProvider() func(ctx context.Context, resource string, tenantID string) ([]byte, error) {
|
||||
return func(ctx context.Context, resource string, tenantID string) ([]byte, error) {
|
||||
match, err := regexp.MatchString("^[0-9a-zA-Z-.:/]+$", resource)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if !match {
|
||||
return nil, fmt.Errorf(`%s: unexpected scope "%s". Only alphanumeric characters and ".", ";", "-", and "/" are allowed`, credNameAzureCLI, resource)
|
||||
}
|
||||
|
||||
// set a default timeout for this authentication iff the application hasn't done so already
|
||||
var cancel context.CancelFunc
|
||||
if _, hasDeadline := ctx.Deadline(); !hasDeadline {
|
||||
ctx, cancel = context.WithTimeout(ctx, timeoutCLIRequest)
|
||||
defer cancel()
|
||||
}
|
||||
|
||||
commandLine := "az account get-access-token -o json --resource " + resource
|
||||
if tenantID != "" {
|
||||
commandLine += " --tenant " + tenantID
|
||||
}
|
||||
var cliCmd *exec.Cmd
|
||||
if runtime.GOOS == "windows" {
|
||||
dir := os.Getenv("SYSTEMROOT")
|
||||
if dir == "" {
|
||||
return nil, newCredentialUnavailableError(credNameAzureCLI, "environment variable 'SYSTEMROOT' has no value")
|
||||
}
|
||||
cliCmd = exec.CommandContext(ctx, "cmd.exe", "/c", commandLine)
|
||||
cliCmd.Dir = dir
|
||||
} else {
|
||||
cliCmd = exec.CommandContext(ctx, "/bin/sh", "-c", commandLine)
|
||||
cliCmd.Dir = "/bin"
|
||||
}
|
||||
cliCmd.Env = os.Environ()
|
||||
var stderr bytes.Buffer
|
||||
cliCmd.Stderr = &stderr
|
||||
|
||||
output, err := cliCmd.Output()
|
||||
if err != nil {
|
||||
msg := stderr.String()
|
||||
var exErr *exec.ExitError
|
||||
if errors.As(err, &exErr) && exErr.ExitCode() == 127 || strings.HasPrefix(msg, "'az' is not recognized") {
|
||||
msg = "Azure CLI not found on path"
|
||||
}
|
||||
if msg == "" {
|
||||
msg = err.Error()
|
||||
}
|
||||
return nil, newCredentialUnavailableError(credNameAzureCLI, msg)
|
||||
}
|
||||
|
||||
return output, nil
|
||||
}
|
||||
}
|
||||
|
||||
func (c *AzureCLICredential) createAccessToken(tk []byte) (azcore.AccessToken, error) {
|
||||
t := struct {
|
||||
AccessToken string `json:"accessToken"`
|
||||
Authority string `json:"_authority"`
|
||||
ClientID string `json:"_clientId"`
|
||||
ExpiresOn string `json:"expiresOn"`
|
||||
IdentityProvider string `json:"identityProvider"`
|
||||
IsMRRT bool `json:"isMRRT"`
|
||||
RefreshToken string `json:"refreshToken"`
|
||||
Resource string `json:"resource"`
|
||||
TokenType string `json:"tokenType"`
|
||||
UserID string `json:"userId"`
|
||||
}{}
|
||||
err := json.Unmarshal(tk, &t)
|
||||
if err != nil {
|
||||
return azcore.AccessToken{}, err
|
||||
}
|
||||
|
||||
// the Azure CLI's "expiresOn" is local time
|
||||
exp, err := time.ParseInLocation("2006-01-02 15:04:05.999999", t.ExpiresOn, time.Local)
|
||||
if err != nil {
|
||||
return azcore.AccessToken{}, fmt.Errorf("Error parsing token expiration time %q: %v", t.ExpiresOn, err)
|
||||
}
|
||||
|
||||
converted := azcore.AccessToken{
|
||||
Token: t.AccessToken,
|
||||
ExpiresOn: exp.UTC(),
|
||||
}
|
||||
return converted, nil
|
||||
}
|
||||
|
||||
var _ azcore.TokenCredential = (*AzureCLICredential)(nil)
|
138
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/chained_token_credential.go
generated
vendored
Normal file
138
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/chained_token_credential.go
generated
vendored
Normal file
|
@ -0,0 +1,138 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package azidentity
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"strings"
|
||||
"sync"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/internal/log"
|
||||
)
|
||||
|
||||
// ChainedTokenCredentialOptions contains optional parameters for ChainedTokenCredential.
|
||||
type ChainedTokenCredentialOptions struct {
|
||||
// RetrySources configures how the credential uses its sources. When true, the credential always attempts to
|
||||
// authenticate through each source in turn, stopping when one succeeds. When false, the credential authenticates
|
||||
// only through this first successful source--it never again tries the sources which failed.
|
||||
RetrySources bool
|
||||
}
|
||||
|
||||
// ChainedTokenCredential links together multiple credentials and tries them sequentially when authenticating. By default,
|
||||
// it tries all the credentials until one authenticates, after which it always uses that credential.
|
||||
type ChainedTokenCredential struct {
|
||||
cond *sync.Cond
|
||||
iterating bool
|
||||
name string
|
||||
retrySources bool
|
||||
sources []azcore.TokenCredential
|
||||
successfulCredential azcore.TokenCredential
|
||||
}
|
||||
|
||||
// NewChainedTokenCredential creates a ChainedTokenCredential. Pass nil for options to accept defaults.
|
||||
func NewChainedTokenCredential(sources []azcore.TokenCredential, options *ChainedTokenCredentialOptions) (*ChainedTokenCredential, error) {
|
||||
if len(sources) == 0 {
|
||||
return nil, errors.New("sources must contain at least one TokenCredential")
|
||||
}
|
||||
for _, source := range sources {
|
||||
if source == nil { // cannot have a nil credential in the chain or else the application will panic when GetToken() is called on nil
|
||||
return nil, errors.New("sources cannot contain nil")
|
||||
}
|
||||
}
|
||||
cp := make([]azcore.TokenCredential, len(sources))
|
||||
copy(cp, sources)
|
||||
if options == nil {
|
||||
options = &ChainedTokenCredentialOptions{}
|
||||
}
|
||||
return &ChainedTokenCredential{
|
||||
cond: sync.NewCond(&sync.Mutex{}),
|
||||
name: "ChainedTokenCredential",
|
||||
retrySources: options.RetrySources,
|
||||
sources: cp,
|
||||
}, nil
|
||||
}
|
||||
|
||||
// GetToken calls GetToken on the chained credentials in turn, stopping when one returns a token.
|
||||
// This method is called automatically by Azure SDK clients.
|
||||
func (c *ChainedTokenCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
if !c.retrySources {
|
||||
// ensure only one goroutine at a time iterates the sources and perhaps sets c.successfulCredential
|
||||
c.cond.L.Lock()
|
||||
for {
|
||||
if c.successfulCredential != nil {
|
||||
c.cond.L.Unlock()
|
||||
return c.successfulCredential.GetToken(ctx, opts)
|
||||
}
|
||||
if !c.iterating {
|
||||
c.iterating = true
|
||||
// allow other goroutines to wait while this one iterates
|
||||
c.cond.L.Unlock()
|
||||
break
|
||||
}
|
||||
c.cond.Wait()
|
||||
}
|
||||
}
|
||||
|
||||
var (
|
||||
err error
|
||||
errs []error
|
||||
successfulCredential azcore.TokenCredential
|
||||
token azcore.AccessToken
|
||||
unavailableErr *credentialUnavailableError
|
||||
)
|
||||
for _, cred := range c.sources {
|
||||
token, err = cred.GetToken(ctx, opts)
|
||||
if err == nil {
|
||||
log.Writef(EventAuthentication, "%s authenticated with %s", c.name, extractCredentialName(cred))
|
||||
successfulCredential = cred
|
||||
break
|
||||
}
|
||||
errs = append(errs, err)
|
||||
// continue to the next source iff this one returned credentialUnavailableError
|
||||
if !errors.As(err, &unavailableErr) {
|
||||
break
|
||||
}
|
||||
}
|
||||
if c.iterating {
|
||||
c.cond.L.Lock()
|
||||
// this is nil when all credentials returned an error
|
||||
c.successfulCredential = successfulCredential
|
||||
c.iterating = false
|
||||
c.cond.L.Unlock()
|
||||
c.cond.Broadcast()
|
||||
}
|
||||
// err is the error returned by the last GetToken call. It will be nil when that call succeeds
|
||||
if err != nil {
|
||||
// return credentialUnavailableError iff all sources did so; return AuthenticationFailedError otherwise
|
||||
msg := createChainedErrorMessage(errs)
|
||||
if errors.As(err, &unavailableErr) {
|
||||
err = newCredentialUnavailableError(c.name, msg)
|
||||
} else {
|
||||
res := getResponseFromError(err)
|
||||
err = newAuthenticationFailedError(c.name, msg, res, err)
|
||||
}
|
||||
}
|
||||
return token, err
|
||||
}
|
||||
|
||||
func createChainedErrorMessage(errs []error) string {
|
||||
msg := "failed to acquire a token.\nAttempted credentials:"
|
||||
for _, err := range errs {
|
||||
msg += fmt.Sprintf("\n\t%s", err.Error())
|
||||
}
|
||||
return msg
|
||||
}
|
||||
|
||||
func extractCredentialName(credential azcore.TokenCredential) string {
|
||||
return strings.TrimPrefix(fmt.Sprintf("%T", credential), "*azidentity.")
|
||||
}
|
||||
|
||||
var _ azcore.TokenCredential = (*ChainedTokenCredential)(nil)
|
47
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/ci.yml
generated
vendored
Normal file
47
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/ci.yml
generated
vendored
Normal file
|
@ -0,0 +1,47 @@
|
|||
# NOTE: Please refer to https://aka.ms/azsdk/engsys/ci-yaml before editing this file.
|
||||
trigger:
|
||||
branches:
|
||||
include:
|
||||
- main
|
||||
- feature/*
|
||||
- hotfix/*
|
||||
- release/*
|
||||
paths:
|
||||
include:
|
||||
- sdk/azidentity/
|
||||
|
||||
pr:
|
||||
branches:
|
||||
include:
|
||||
- main
|
||||
- feature/*
|
||||
- hotfix/*
|
||||
- release/*
|
||||
paths:
|
||||
include:
|
||||
- sdk/azidentity/
|
||||
|
||||
stages:
|
||||
- template: /eng/pipelines/templates/jobs/archetype-sdk-client.yml
|
||||
parameters:
|
||||
RunLiveTests: true
|
||||
ServiceDirectory: 'azidentity'
|
||||
PreSteps:
|
||||
- pwsh: |
|
||||
[System.Convert]::FromBase64String($env:PFX_CONTENTS) | Set-Content -Path $(Agent.TempDirectory)/test.pfx -AsByteStream
|
||||
Set-Content -Path $(Agent.TempDirectory)/test.pem -Value $env:PEM_CONTENTS
|
||||
[System.Convert]::FromBase64String($env:SNI_CONTENTS) | Set-Content -Path $(Agent.TempDirectory)/testsni.pfx -AsByteStream
|
||||
env:
|
||||
PFX_CONTENTS: $(net-identity-spcert-pfx)
|
||||
PEM_CONTENTS: $(net-identity-spcert-pem)
|
||||
SNI_CONTENTS: $(net-identity-spcert-sni)
|
||||
EnvVars:
|
||||
AZURE_IDENTITY_TEST_TENANTID: $(net-identity-tenantid)
|
||||
AZURE_IDENTITY_TEST_USERNAME: $(net-identity-username)
|
||||
AZURE_IDENTITY_TEST_PASSWORD: $(net-identity-password)
|
||||
IDENTITY_SP_TENANT_ID: $(net-identity-sp-tenantid)
|
||||
IDENTITY_SP_CLIENT_ID: $(net-identity-sp-clientid)
|
||||
IDENTITY_SP_CLIENT_SECRET: $(net-identity-sp-clientsecret)
|
||||
IDENTITY_SP_CERT_PEM: $(Agent.TempDirectory)/test.pem
|
||||
IDENTITY_SP_CERT_PFX: $(Agent.TempDirectory)/test.pfx
|
||||
IDENTITY_SP_CERT_SNI: $(Agent.TempDirectory)/testsni.pfx
|
83
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/client_assertion_credential.go
generated
vendored
Normal file
83
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/client_assertion_credential.go
generated
vendored
Normal file
|
@ -0,0 +1,83 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package azidentity
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
|
||||
)
|
||||
|
||||
const credNameAssertion = "ClientAssertionCredential"
|
||||
|
||||
// ClientAssertionCredential authenticates an application with assertions provided by a callback function.
|
||||
// This credential is for advanced scenarios. [ClientCertificateCredential] has a more convenient API for
|
||||
// the most common assertion scenario, authenticating a service principal with a certificate. See
|
||||
// [Azure AD documentation] for details of the assertion format.
|
||||
//
|
||||
// [Azure AD documentation]: https://docs.microsoft.com/azure/active-directory/develop/active-directory-certificate-credentials#assertion-format
|
||||
type ClientAssertionCredential struct {
|
||||
client confidentialClient
|
||||
s *syncer
|
||||
}
|
||||
|
||||
// ClientAssertionCredentialOptions contains optional parameters for ClientAssertionCredential.
|
||||
type ClientAssertionCredentialOptions struct {
|
||||
azcore.ClientOptions
|
||||
|
||||
// AdditionallyAllowedTenants specifies additional tenants for which the credential may acquire tokens.
|
||||
// Add the wildcard value "*" to allow the credential to acquire tokens for any tenant in which the
|
||||
// application is registered.
|
||||
AdditionallyAllowedTenants []string
|
||||
// DisableInstanceDiscovery should be set true only by applications authenticating in disconnected clouds, or
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Azure AD instance metadata
|
||||
// from https://login.microsoft.com before authenticating. Setting this to true will skip this request, making
|
||||
// the application responsible for ensuring the configured authority is valid and trustworthy.
|
||||
DisableInstanceDiscovery bool
|
||||
}
|
||||
|
||||
// NewClientAssertionCredential constructs a ClientAssertionCredential. The getAssertion function must be thread safe. Pass nil for options to accept defaults.
|
||||
func NewClientAssertionCredential(tenantID, clientID string, getAssertion func(context.Context) (string, error), options *ClientAssertionCredentialOptions) (*ClientAssertionCredential, error) {
|
||||
if getAssertion == nil {
|
||||
return nil, errors.New("getAssertion must be a function that returns assertions")
|
||||
}
|
||||
if options == nil {
|
||||
options = &ClientAssertionCredentialOptions{}
|
||||
}
|
||||
cred := confidential.NewCredFromAssertionCallback(
|
||||
func(ctx context.Context, _ confidential.AssertionRequestOptions) (string, error) {
|
||||
return getAssertion(ctx)
|
||||
},
|
||||
)
|
||||
c, err := getConfidentialClient(clientID, tenantID, cred, &options.ClientOptions, confidential.WithInstanceDiscovery(!options.DisableInstanceDiscovery))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
cac := ClientAssertionCredential{client: c}
|
||||
cac.s = newSyncer(credNameAssertion, tenantID, options.AdditionallyAllowedTenants, cac.requestToken, cac.silentAuth)
|
||||
return &cac, nil
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Azure Active Directory. This method is called automatically by Azure SDK clients.
|
||||
func (c *ClientAssertionCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
return c.s.GetToken(ctx, opts)
|
||||
}
|
||||
|
||||
func (c *ClientAssertionCredential) silentAuth(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
ar, err := c.client.AcquireTokenSilent(ctx, opts.Scopes, confidential.WithTenantID(opts.TenantID))
|
||||
return azcore.AccessToken{Token: ar.AccessToken, ExpiresOn: ar.ExpiresOn.UTC()}, err
|
||||
}
|
||||
|
||||
func (c *ClientAssertionCredential) requestToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
ar, err := c.client.AcquireTokenByCredential(ctx, opts.Scopes, confidential.WithTenantID(opts.TenantID))
|
||||
return azcore.AccessToken{Token: ar.AccessToken, ExpiresOn: ar.ExpiresOn.UTC()}, err
|
||||
}
|
||||
|
||||
var _ azcore.TokenCredential = (*ClientAssertionCredential)(nil)
|
172
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/client_certificate_credential.go
generated
vendored
Normal file
172
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/client_certificate_credential.go
generated
vendored
Normal file
|
@ -0,0 +1,172 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package azidentity
|
||||
|
||||
import (
|
||||
"context"
|
||||
"crypto"
|
||||
"crypto/x509"
|
||||
"encoding/pem"
|
||||
"errors"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
|
||||
"golang.org/x/crypto/pkcs12"
|
||||
)
|
||||
|
||||
const credNameCert = "ClientCertificateCredential"
|
||||
|
||||
// ClientCertificateCredentialOptions contains optional parameters for ClientCertificateCredential.
|
||||
type ClientCertificateCredentialOptions struct {
|
||||
azcore.ClientOptions
|
||||
|
||||
// AdditionallyAllowedTenants specifies additional tenants for which the credential may acquire tokens.
|
||||
// Add the wildcard value "*" to allow the credential to acquire tokens for any tenant in which the
|
||||
// application is registered.
|
||||
AdditionallyAllowedTenants []string
|
||||
// DisableInstanceDiscovery should be set true only by applications authenticating in disconnected clouds, or
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Azure AD instance metadata
|
||||
// from https://login.microsoft.com before authenticating. Setting this to true will skip this request, making
|
||||
// the application responsible for ensuring the configured authority is valid and trustworthy.
|
||||
DisableInstanceDiscovery bool
|
||||
// SendCertificateChain controls whether the credential sends the public certificate chain in the x5c
|
||||
// header of each token request's JWT. This is required for Subject Name/Issuer (SNI) authentication.
|
||||
// Defaults to False.
|
||||
SendCertificateChain bool
|
||||
}
|
||||
|
||||
// ClientCertificateCredential authenticates a service principal with a certificate.
|
||||
type ClientCertificateCredential struct {
|
||||
client confidentialClient
|
||||
s *syncer
|
||||
}
|
||||
|
||||
// NewClientCertificateCredential constructs a ClientCertificateCredential. Pass nil for options to accept defaults.
|
||||
func NewClientCertificateCredential(tenantID string, clientID string, certs []*x509.Certificate, key crypto.PrivateKey, options *ClientCertificateCredentialOptions) (*ClientCertificateCredential, error) {
|
||||
if len(certs) == 0 {
|
||||
return nil, errors.New("at least one certificate is required")
|
||||
}
|
||||
if options == nil {
|
||||
options = &ClientCertificateCredentialOptions{}
|
||||
}
|
||||
cred, err := confidential.NewCredFromCert(certs, key)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
var o []confidential.Option
|
||||
if options.SendCertificateChain {
|
||||
o = append(o, confidential.WithX5C())
|
||||
}
|
||||
o = append(o, confidential.WithInstanceDiscovery(!options.DisableInstanceDiscovery))
|
||||
c, err := getConfidentialClient(clientID, tenantID, cred, &options.ClientOptions, o...)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
cc := ClientCertificateCredential{client: c}
|
||||
cc.s = newSyncer(credNameCert, tenantID, options.AdditionallyAllowedTenants, cc.requestToken, cc.silentAuth)
|
||||
return &cc, nil
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Azure Active Directory. This method is called automatically by Azure SDK clients.
|
||||
func (c *ClientCertificateCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
return c.s.GetToken(ctx, opts)
|
||||
}
|
||||
|
||||
func (c *ClientCertificateCredential) silentAuth(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
ar, err := c.client.AcquireTokenSilent(ctx, opts.Scopes, confidential.WithTenantID(opts.TenantID))
|
||||
return azcore.AccessToken{Token: ar.AccessToken, ExpiresOn: ar.ExpiresOn.UTC()}, err
|
||||
}
|
||||
|
||||
func (c *ClientCertificateCredential) requestToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
ar, err := c.client.AcquireTokenByCredential(ctx, opts.Scopes, confidential.WithTenantID(opts.TenantID))
|
||||
return azcore.AccessToken{Token: ar.AccessToken, ExpiresOn: ar.ExpiresOn.UTC()}, err
|
||||
}
|
||||
|
||||
// ParseCertificates loads certificates and a private key, in PEM or PKCS12 format, for use with NewClientCertificateCredential.
|
||||
// Pass nil for password if the private key isn't encrypted. This function can't decrypt keys in PEM format.
|
||||
func ParseCertificates(certData []byte, password []byte) ([]*x509.Certificate, crypto.PrivateKey, error) {
|
||||
var blocks []*pem.Block
|
||||
var err error
|
||||
if len(password) == 0 {
|
||||
blocks, err = loadPEMCert(certData)
|
||||
}
|
||||
if len(blocks) == 0 || err != nil {
|
||||
blocks, err = loadPKCS12Cert(certData, string(password))
|
||||
}
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
var certs []*x509.Certificate
|
||||
var pk crypto.PrivateKey
|
||||
for _, block := range blocks {
|
||||
switch block.Type {
|
||||
case "CERTIFICATE":
|
||||
c, err := x509.ParseCertificate(block.Bytes)
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
certs = append(certs, c)
|
||||
case "PRIVATE KEY":
|
||||
if pk != nil {
|
||||
return nil, nil, errors.New("certData contains multiple private keys")
|
||||
}
|
||||
pk, err = x509.ParsePKCS8PrivateKey(block.Bytes)
|
||||
if err != nil {
|
||||
pk, err = x509.ParsePKCS1PrivateKey(block.Bytes)
|
||||
}
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
case "RSA PRIVATE KEY":
|
||||
if pk != nil {
|
||||
return nil, nil, errors.New("certData contains multiple private keys")
|
||||
}
|
||||
pk, err = x509.ParsePKCS1PrivateKey(block.Bytes)
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
}
|
||||
}
|
||||
if len(certs) == 0 {
|
||||
return nil, nil, errors.New("found no certificate")
|
||||
}
|
||||
if pk == nil {
|
||||
return nil, nil, errors.New("found no private key")
|
||||
}
|
||||
return certs, pk, nil
|
||||
}
|
||||
|
||||
func loadPEMCert(certData []byte) ([]*pem.Block, error) {
|
||||
blocks := []*pem.Block{}
|
||||
for {
|
||||
var block *pem.Block
|
||||
block, certData = pem.Decode(certData)
|
||||
if block == nil {
|
||||
break
|
||||
}
|
||||
blocks = append(blocks, block)
|
||||
}
|
||||
if len(blocks) == 0 {
|
||||
return nil, errors.New("didn't find any PEM blocks")
|
||||
}
|
||||
return blocks, nil
|
||||
}
|
||||
|
||||
func loadPKCS12Cert(certData []byte, password string) ([]*pem.Block, error) {
|
||||
blocks, err := pkcs12.ToPEM(certData, password)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if len(blocks) == 0 {
|
||||
// not mentioning PKCS12 in this message because we end up here when certData is garbage
|
||||
return nil, errors.New("didn't find any certificate content")
|
||||
}
|
||||
return blocks, err
|
||||
}
|
||||
|
||||
var _ azcore.TokenCredential = (*ClientCertificateCredential)(nil)
|
75
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/client_secret_credential.go
generated
vendored
Normal file
75
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/client_secret_credential.go
generated
vendored
Normal file
|
@ -0,0 +1,75 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package azidentity
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
|
||||
)
|
||||
|
||||
const credNameSecret = "ClientSecretCredential"
|
||||
|
||||
// ClientSecretCredentialOptions contains optional parameters for ClientSecretCredential.
|
||||
type ClientSecretCredentialOptions struct {
|
||||
azcore.ClientOptions
|
||||
|
||||
// AdditionallyAllowedTenants specifies additional tenants for which the credential may acquire tokens.
|
||||
// Add the wildcard value "*" to allow the credential to acquire tokens for any tenant in which the
|
||||
// application is registered.
|
||||
AdditionallyAllowedTenants []string
|
||||
// DisableInstanceDiscovery should be set true only by applications authenticating in disconnected clouds, or
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Azure AD instance metadata
|
||||
// from https://login.microsoft.com before authenticating. Setting this to true will skip this request, making
|
||||
// the application responsible for ensuring the configured authority is valid and trustworthy.
|
||||
DisableInstanceDiscovery bool
|
||||
}
|
||||
|
||||
// ClientSecretCredential authenticates an application with a client secret.
|
||||
type ClientSecretCredential struct {
|
||||
client confidentialClient
|
||||
s *syncer
|
||||
}
|
||||
|
||||
// NewClientSecretCredential constructs a ClientSecretCredential. Pass nil for options to accept defaults.
|
||||
func NewClientSecretCredential(tenantID string, clientID string, clientSecret string, options *ClientSecretCredentialOptions) (*ClientSecretCredential, error) {
|
||||
if options == nil {
|
||||
options = &ClientSecretCredentialOptions{}
|
||||
}
|
||||
cred, err := confidential.NewCredFromSecret(clientSecret)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
c, err := getConfidentialClient(
|
||||
clientID, tenantID, cred, &options.ClientOptions, confidential.WithInstanceDiscovery(!options.DisableInstanceDiscovery),
|
||||
)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
csc := ClientSecretCredential{client: c}
|
||||
csc.s = newSyncer(credNameSecret, tenantID, options.AdditionallyAllowedTenants, csc.requestToken, csc.silentAuth)
|
||||
return &csc, nil
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Azure Active Directory. This method is called automatically by Azure SDK clients.
|
||||
func (c *ClientSecretCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
return c.s.GetToken(ctx, opts)
|
||||
}
|
||||
|
||||
func (c *ClientSecretCredential) silentAuth(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
ar, err := c.client.AcquireTokenSilent(ctx, opts.Scopes, confidential.WithTenantID(opts.TenantID))
|
||||
return azcore.AccessToken{Token: ar.AccessToken, ExpiresOn: ar.ExpiresOn.UTC()}, err
|
||||
}
|
||||
|
||||
func (c *ClientSecretCredential) requestToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
ar, err := c.client.AcquireTokenByCredential(ctx, opts.Scopes, confidential.WithTenantID(opts.TenantID))
|
||||
return azcore.AccessToken{Token: ar.AccessToken, ExpiresOn: ar.ExpiresOn.UTC()}, err
|
||||
}
|
||||
|
||||
var _ azcore.TokenCredential = (*ClientSecretCredential)(nil)
|
209
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/default_azure_credential.go
generated
vendored
Normal file
209
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/default_azure_credential.go
generated
vendored
Normal file
|
@ -0,0 +1,209 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package azidentity
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"os"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/internal/log"
|
||||
)
|
||||
|
||||
// DefaultAzureCredentialOptions contains optional parameters for DefaultAzureCredential.
|
||||
// These options may not apply to all credentials in the chain.
|
||||
type DefaultAzureCredentialOptions struct {
|
||||
azcore.ClientOptions
|
||||
|
||||
// AdditionallyAllowedTenants specifies additional tenants for which the credential may acquire tokens. Add
|
||||
// the wildcard value "*" to allow the credential to acquire tokens for any tenant. This value can also be
|
||||
// set as a semicolon delimited list of tenants in the environment variable AZURE_ADDITIONALLY_ALLOWED_TENANTS.
|
||||
AdditionallyAllowedTenants []string
|
||||
// DisableInstanceDiscovery should be set true only by applications authenticating in disconnected clouds, or
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Azure AD instance metadata
|
||||
// from https://login.microsoft.com before authenticating. Setting this to true will skip this request, making
|
||||
// the application responsible for ensuring the configured authority is valid and trustworthy.
|
||||
DisableInstanceDiscovery bool
|
||||
// TenantID identifies the tenant the Azure CLI should authenticate in.
|
||||
// Defaults to the CLI's default tenant, which is typically the home tenant of the user logged in to the CLI.
|
||||
TenantID string
|
||||
}
|
||||
|
||||
// DefaultAzureCredential is a default credential chain for applications that will deploy to Azure.
|
||||
// It combines credentials suitable for deployment with credentials suitable for local development.
|
||||
// It attempts to authenticate with each of these credential types, in the following order, stopping
|
||||
// when one provides a token:
|
||||
//
|
||||
// - [EnvironmentCredential]
|
||||
// - [WorkloadIdentityCredential], if environment variable configuration is set by the Azure workload
|
||||
// identity webhook. Use [WorkloadIdentityCredential] directly when not using the webhook or needing
|
||||
// more control over its configuration.
|
||||
// - [ManagedIdentityCredential]
|
||||
// - [AzureCLICredential]
|
||||
//
|
||||
// Consult the documentation for these credential types for more information on how they authenticate.
|
||||
// Once a credential has successfully authenticated, DefaultAzureCredential will use that credential for
|
||||
// every subsequent authentication.
|
||||
type DefaultAzureCredential struct {
|
||||
chain *ChainedTokenCredential
|
||||
}
|
||||
|
||||
// NewDefaultAzureCredential creates a DefaultAzureCredential. Pass nil for options to accept defaults.
|
||||
func NewDefaultAzureCredential(options *DefaultAzureCredentialOptions) (*DefaultAzureCredential, error) {
|
||||
var creds []azcore.TokenCredential
|
||||
var errorMessages []string
|
||||
|
||||
if options == nil {
|
||||
options = &DefaultAzureCredentialOptions{}
|
||||
}
|
||||
additionalTenants := options.AdditionallyAllowedTenants
|
||||
if len(additionalTenants) == 0 {
|
||||
if tenants := os.Getenv(azureAdditionallyAllowedTenants); tenants != "" {
|
||||
additionalTenants = strings.Split(tenants, ";")
|
||||
}
|
||||
}
|
||||
|
||||
envCred, err := NewEnvironmentCredential(&EnvironmentCredentialOptions{
|
||||
ClientOptions: options.ClientOptions,
|
||||
DisableInstanceDiscovery: options.DisableInstanceDiscovery,
|
||||
additionallyAllowedTenants: additionalTenants,
|
||||
})
|
||||
if err == nil {
|
||||
creds = append(creds, envCred)
|
||||
} else {
|
||||
errorMessages = append(errorMessages, "EnvironmentCredential: "+err.Error())
|
||||
creds = append(creds, &defaultCredentialErrorReporter{credType: "EnvironmentCredential", err: err})
|
||||
}
|
||||
|
||||
// workload identity requires values for AZURE_AUTHORITY_HOST, AZURE_CLIENT_ID, AZURE_FEDERATED_TOKEN_FILE, AZURE_TENANT_ID
|
||||
wic, err := NewWorkloadIdentityCredential(&WorkloadIdentityCredentialOptions{
|
||||
AdditionallyAllowedTenants: additionalTenants,
|
||||
ClientOptions: options.ClientOptions,
|
||||
DisableInstanceDiscovery: options.DisableInstanceDiscovery,
|
||||
})
|
||||
if err == nil {
|
||||
creds = append(creds, wic)
|
||||
} else {
|
||||
errorMessages = append(errorMessages, credNameWorkloadIdentity+": "+err.Error())
|
||||
creds = append(creds, &defaultCredentialErrorReporter{credType: credNameWorkloadIdentity, err: err})
|
||||
}
|
||||
o := &ManagedIdentityCredentialOptions{ClientOptions: options.ClientOptions}
|
||||
if ID, ok := os.LookupEnv(azureClientID); ok {
|
||||
o.ID = ClientID(ID)
|
||||
}
|
||||
miCred, err := NewManagedIdentityCredential(o)
|
||||
if err == nil {
|
||||
creds = append(creds, &timeoutWrapper{mic: miCred, timeout: time.Second})
|
||||
} else {
|
||||
errorMessages = append(errorMessages, credNameManagedIdentity+": "+err.Error())
|
||||
creds = append(creds, &defaultCredentialErrorReporter{credType: credNameManagedIdentity, err: err})
|
||||
}
|
||||
|
||||
cliCred, err := NewAzureCLICredential(&AzureCLICredentialOptions{AdditionallyAllowedTenants: additionalTenants, TenantID: options.TenantID})
|
||||
if err == nil {
|
||||
creds = append(creds, cliCred)
|
||||
} else {
|
||||
errorMessages = append(errorMessages, credNameAzureCLI+": "+err.Error())
|
||||
creds = append(creds, &defaultCredentialErrorReporter{credType: credNameAzureCLI, err: err})
|
||||
}
|
||||
|
||||
err = defaultAzureCredentialConstructorErrorHandler(len(creds), errorMessages)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
chain, err := NewChainedTokenCredential(creds, nil)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
chain.name = "DefaultAzureCredential"
|
||||
return &DefaultAzureCredential{chain: chain}, nil
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Azure Active Directory. This method is called automatically by Azure SDK clients.
|
||||
func (c *DefaultAzureCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
return c.chain.GetToken(ctx, opts)
|
||||
}
|
||||
|
||||
var _ azcore.TokenCredential = (*DefaultAzureCredential)(nil)
|
||||
|
||||
func defaultAzureCredentialConstructorErrorHandler(numberOfSuccessfulCredentials int, errorMessages []string) (err error) {
|
||||
errorMessage := strings.Join(errorMessages, "\n\t")
|
||||
|
||||
if numberOfSuccessfulCredentials == 0 {
|
||||
return errors.New(errorMessage)
|
||||
}
|
||||
|
||||
if len(errorMessages) != 0 {
|
||||
log.Writef(EventAuthentication, "NewDefaultAzureCredential failed to initialize some credentials:\n\t%s", errorMessage)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// defaultCredentialErrorReporter is a substitute for credentials that couldn't be constructed.
|
||||
// Its GetToken method always returns a credentialUnavailableError having the same message as
|
||||
// the error that prevented constructing the credential. This ensures the message is present
|
||||
// in the error returned by ChainedTokenCredential.GetToken()
|
||||
type defaultCredentialErrorReporter struct {
|
||||
credType string
|
||||
err error
|
||||
}
|
||||
|
||||
func (d *defaultCredentialErrorReporter) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
if _, ok := d.err.(*credentialUnavailableError); ok {
|
||||
return azcore.AccessToken{}, d.err
|
||||
}
|
||||
return azcore.AccessToken{}, newCredentialUnavailableError(d.credType, d.err.Error())
|
||||
}
|
||||
|
||||
var _ azcore.TokenCredential = (*defaultCredentialErrorReporter)(nil)
|
||||
|
||||
// timeoutWrapper prevents a potentially very long timeout when managed identity isn't available
|
||||
type timeoutWrapper struct {
|
||||
mic *ManagedIdentityCredential
|
||||
// timeout applies to all auth attempts until one doesn't time out
|
||||
timeout time.Duration
|
||||
}
|
||||
|
||||
// GetToken wraps DefaultAzureCredential's initial managed identity auth attempt with a short timeout
|
||||
// because managed identity may not be available and connecting to IMDS can take several minutes to time out.
|
||||
func (w *timeoutWrapper) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
var tk azcore.AccessToken
|
||||
var err error
|
||||
// no need to synchronize around this value because it's written only within ChainedTokenCredential's critical section
|
||||
if w.timeout > 0 {
|
||||
c, cancel := context.WithTimeout(ctx, w.timeout)
|
||||
defer cancel()
|
||||
tk, err = w.mic.GetToken(c, opts)
|
||||
if isAuthFailedDueToContext(err) {
|
||||
err = newCredentialUnavailableError(credNameManagedIdentity, "managed identity timed out")
|
||||
} else {
|
||||
// some managed identity implementation is available, so don't apply the timeout to future calls
|
||||
w.timeout = 0
|
||||
}
|
||||
} else {
|
||||
tk, err = w.mic.GetToken(ctx, opts)
|
||||
}
|
||||
return tk, err
|
||||
}
|
||||
|
||||
// unwraps nested AuthenticationFailedErrors to get the root error
|
||||
func isAuthFailedDueToContext(err error) bool {
|
||||
for {
|
||||
var authFailedErr *AuthenticationFailedError
|
||||
if !errors.As(err, &authFailedErr) {
|
||||
break
|
||||
}
|
||||
err = authFailedErr.err
|
||||
}
|
||||
return errors.Is(err, context.Canceled) || errors.Is(err, context.DeadlineExceeded)
|
||||
}
|
136
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/device_code_credential.go
generated
vendored
Normal file
136
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/device_code_credential.go
generated
vendored
Normal file
|
@ -0,0 +1,136 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package azidentity
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/public"
|
||||
)
|
||||
|
||||
const credNameDeviceCode = "DeviceCodeCredential"
|
||||
|
||||
// DeviceCodeCredentialOptions contains optional parameters for DeviceCodeCredential.
|
||||
type DeviceCodeCredentialOptions struct {
|
||||
azcore.ClientOptions
|
||||
|
||||
// AdditionallyAllowedTenants specifies additional tenants for which the credential may acquire
|
||||
// tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant.
|
||||
AdditionallyAllowedTenants []string
|
||||
// ClientID is the ID of the application users will authenticate to.
|
||||
// Defaults to the ID of an Azure development application.
|
||||
ClientID string
|
||||
// DisableInstanceDiscovery should be set true only by applications authenticating in disconnected clouds, or
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Azure AD instance metadata
|
||||
// from https://login.microsoft.com before authenticating. Setting this to true will skip this request, making
|
||||
// the application responsible for ensuring the configured authority is valid and trustworthy.
|
||||
DisableInstanceDiscovery bool
|
||||
// TenantID is the Azure Active Directory tenant the credential authenticates in. Defaults to the
|
||||
// "organizations" tenant, which can authenticate work and school accounts. Required for single-tenant
|
||||
// applications.
|
||||
TenantID string
|
||||
|
||||
// UserPrompt controls how the credential presents authentication instructions. The credential calls
|
||||
// this function with authentication details when it receives a device code. By default, the credential
|
||||
// prints these details to stdout.
|
||||
UserPrompt func(context.Context, DeviceCodeMessage) error
|
||||
}
|
||||
|
||||
func (o *DeviceCodeCredentialOptions) init() {
|
||||
if o.TenantID == "" {
|
||||
o.TenantID = organizationsTenantID
|
||||
}
|
||||
if o.ClientID == "" {
|
||||
o.ClientID = developerSignOnClientID
|
||||
}
|
||||
if o.UserPrompt == nil {
|
||||
o.UserPrompt = func(ctx context.Context, dc DeviceCodeMessage) error {
|
||||
fmt.Println(dc.Message)
|
||||
return nil
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// DeviceCodeMessage contains the information a user needs to complete authentication.
|
||||
type DeviceCodeMessage struct {
|
||||
// UserCode is the user code returned by the service.
|
||||
UserCode string `json:"user_code"`
|
||||
// VerificationURL is the URL at which the user must authenticate.
|
||||
VerificationURL string `json:"verification_uri"`
|
||||
// Message is user instruction from Azure Active Directory.
|
||||
Message string `json:"message"`
|
||||
}
|
||||
|
||||
// DeviceCodeCredential acquires tokens for a user via the device code flow, which has the
|
||||
// user browse to an Azure Active Directory URL, enter a code, and authenticate. It's useful
|
||||
// for authenticating a user in an environment without a web browser, such as an SSH session.
|
||||
// If a web browser is available, InteractiveBrowserCredential is more convenient because it
|
||||
// automatically opens a browser to the login page.
|
||||
type DeviceCodeCredential struct {
|
||||
account public.Account
|
||||
client publicClient
|
||||
s *syncer
|
||||
prompt func(context.Context, DeviceCodeMessage) error
|
||||
}
|
||||
|
||||
// NewDeviceCodeCredential creates a DeviceCodeCredential. Pass nil to accept default options.
|
||||
func NewDeviceCodeCredential(options *DeviceCodeCredentialOptions) (*DeviceCodeCredential, error) {
|
||||
cp := DeviceCodeCredentialOptions{}
|
||||
if options != nil {
|
||||
cp = *options
|
||||
}
|
||||
cp.init()
|
||||
c, err := getPublicClient(
|
||||
cp.ClientID, cp.TenantID, &cp.ClientOptions, public.WithInstanceDiscovery(!cp.DisableInstanceDiscovery),
|
||||
)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
cred := DeviceCodeCredential{client: c, prompt: cp.UserPrompt}
|
||||
cred.s = newSyncer(credNameDeviceCode, cp.TenantID, cp.AdditionallyAllowedTenants, cred.requestToken, cred.silentAuth)
|
||||
return &cred, nil
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Azure Active Directory. It will begin the device code flow and poll until the user completes authentication.
|
||||
// This method is called automatically by Azure SDK clients.
|
||||
func (c *DeviceCodeCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
return c.s.GetToken(ctx, opts)
|
||||
}
|
||||
|
||||
func (c *DeviceCodeCredential) requestToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
dc, err := c.client.AcquireTokenByDeviceCode(ctx, opts.Scopes, public.WithTenantID(opts.TenantID))
|
||||
if err != nil {
|
||||
return azcore.AccessToken{}, err
|
||||
}
|
||||
err = c.prompt(ctx, DeviceCodeMessage{
|
||||
Message: dc.Result.Message,
|
||||
UserCode: dc.Result.UserCode,
|
||||
VerificationURL: dc.Result.VerificationURL,
|
||||
})
|
||||
if err != nil {
|
||||
return azcore.AccessToken{}, err
|
||||
}
|
||||
ar, err := dc.AuthenticationResult(ctx)
|
||||
if err != nil {
|
||||
return azcore.AccessToken{}, err
|
||||
}
|
||||
c.account = ar.Account
|
||||
return azcore.AccessToken{Token: ar.AccessToken, ExpiresOn: ar.ExpiresOn.UTC()}, err
|
||||
}
|
||||
|
||||
func (c *DeviceCodeCredential) silentAuth(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
ar, err := c.client.AcquireTokenSilent(ctx, opts.Scopes,
|
||||
public.WithSilentAccount(c.account),
|
||||
public.WithTenantID(opts.TenantID),
|
||||
)
|
||||
return azcore.AccessToken{Token: ar.AccessToken, ExpiresOn: ar.ExpiresOn.UTC()}, err
|
||||
}
|
||||
|
||||
var _ azcore.TokenCredential = (*DeviceCodeCredential)(nil)
|
164
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/environment_credential.go
generated
vendored
Normal file
164
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/environment_credential.go
generated
vendored
Normal file
|
@ -0,0 +1,164 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package azidentity
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"os"
|
||||
"strings"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/internal/log"
|
||||
)
|
||||
|
||||
const envVarSendCertChain = "AZURE_CLIENT_SEND_CERTIFICATE_CHAIN"
|
||||
|
||||
// EnvironmentCredentialOptions contains optional parameters for EnvironmentCredential
|
||||
type EnvironmentCredentialOptions struct {
|
||||
azcore.ClientOptions
|
||||
|
||||
// DisableInstanceDiscovery should be set true only by applications authenticating in disconnected clouds, or
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Azure AD instance metadata
|
||||
// from https://login.microsoft.com before authenticating. Setting this to true will skip this request, making
|
||||
// the application responsible for ensuring the configured authority is valid and trustworthy.
|
||||
DisableInstanceDiscovery bool
|
||||
// additionallyAllowedTenants is used only by NewDefaultAzureCredential() to enable that constructor's explicit
|
||||
// option to override the value of AZURE_ADDITIONALLY_ALLOWED_TENANTS. Applications using EnvironmentCredential
|
||||
// directly should set that variable instead. This field should remain unexported to preserve this credential's
|
||||
// unambiguous "all configuration from environment variables" design.
|
||||
additionallyAllowedTenants []string
|
||||
}
|
||||
|
||||
// EnvironmentCredential authenticates a service principal with a secret or certificate, or a user with a password, depending
|
||||
// on environment variable configuration. It reads configuration from these variables, in the following order:
|
||||
//
|
||||
// # Service principal with client secret
|
||||
//
|
||||
// AZURE_TENANT_ID: ID of the service principal's tenant. Also called its "directory" ID.
|
||||
//
|
||||
// AZURE_CLIENT_ID: the service principal's client ID
|
||||
//
|
||||
// AZURE_CLIENT_SECRET: one of the service principal's client secrets
|
||||
//
|
||||
// # Service principal with certificate
|
||||
//
|
||||
// AZURE_TENANT_ID: ID of the service principal's tenant. Also called its "directory" ID.
|
||||
//
|
||||
// AZURE_CLIENT_ID: the service principal's client ID
|
||||
//
|
||||
// AZURE_CLIENT_CERTIFICATE_PATH: path to a PEM or PKCS12 certificate file including the private key.
|
||||
//
|
||||
// AZURE_CLIENT_CERTIFICATE_PASSWORD: (optional) password for the certificate file.
|
||||
//
|
||||
// # User with username and password
|
||||
//
|
||||
// AZURE_TENANT_ID: (optional) tenant to authenticate in. Defaults to "organizations".
|
||||
//
|
||||
// AZURE_CLIENT_ID: client ID of the application the user will authenticate to
|
||||
//
|
||||
// AZURE_USERNAME: a username (usually an email address)
|
||||
//
|
||||
// AZURE_PASSWORD: the user's password
|
||||
//
|
||||
// # Configuration for multitenant applications
|
||||
//
|
||||
// To enable multitenant authentication, set AZURE_ADDITIONALLY_ALLOWED_TENANTS with a semicolon delimited list of tenants
|
||||
// the credential may request tokens from in addition to the tenant specified by AZURE_TENANT_ID. Set
|
||||
// AZURE_ADDITIONALLY_ALLOWED_TENANTS to "*" to enable the credential to request a token from any tenant.
|
||||
type EnvironmentCredential struct {
|
||||
cred azcore.TokenCredential
|
||||
}
|
||||
|
||||
// NewEnvironmentCredential creates an EnvironmentCredential. Pass nil to accept default options.
|
||||
func NewEnvironmentCredential(options *EnvironmentCredentialOptions) (*EnvironmentCredential, error) {
|
||||
if options == nil {
|
||||
options = &EnvironmentCredentialOptions{}
|
||||
}
|
||||
tenantID := os.Getenv(azureTenantID)
|
||||
if tenantID == "" {
|
||||
return nil, errors.New("missing environment variable AZURE_TENANT_ID")
|
||||
}
|
||||
clientID := os.Getenv(azureClientID)
|
||||
if clientID == "" {
|
||||
return nil, errors.New("missing environment variable " + azureClientID)
|
||||
}
|
||||
// tenants set by NewDefaultAzureCredential() override the value of AZURE_ADDITIONALLY_ALLOWED_TENANTS
|
||||
additionalTenants := options.additionallyAllowedTenants
|
||||
if len(additionalTenants) == 0 {
|
||||
if tenants := os.Getenv(azureAdditionallyAllowedTenants); tenants != "" {
|
||||
additionalTenants = strings.Split(tenants, ";")
|
||||
}
|
||||
}
|
||||
if clientSecret := os.Getenv(azureClientSecret); clientSecret != "" {
|
||||
log.Write(EventAuthentication, "EnvironmentCredential will authenticate with ClientSecretCredential")
|
||||
o := &ClientSecretCredentialOptions{
|
||||
AdditionallyAllowedTenants: additionalTenants,
|
||||
ClientOptions: options.ClientOptions,
|
||||
DisableInstanceDiscovery: options.DisableInstanceDiscovery,
|
||||
}
|
||||
cred, err := NewClientSecretCredential(tenantID, clientID, clientSecret, o)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &EnvironmentCredential{cred: cred}, nil
|
||||
}
|
||||
if certPath := os.Getenv(azureClientCertificatePath); certPath != "" {
|
||||
log.Write(EventAuthentication, "EnvironmentCredential will authenticate with ClientCertificateCredential")
|
||||
certData, err := os.ReadFile(certPath)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf(`failed to read certificate file "%s": %v`, certPath, err)
|
||||
}
|
||||
var password []byte
|
||||
if v := os.Getenv(azureClientCertificatePassword); v != "" {
|
||||
password = []byte(v)
|
||||
}
|
||||
certs, key, err := ParseCertificates(certData, password)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf(`failed to load certificate from "%s": %v`, certPath, err)
|
||||
}
|
||||
o := &ClientCertificateCredentialOptions{
|
||||
AdditionallyAllowedTenants: additionalTenants,
|
||||
ClientOptions: options.ClientOptions,
|
||||
DisableInstanceDiscovery: options.DisableInstanceDiscovery,
|
||||
}
|
||||
if v, ok := os.LookupEnv(envVarSendCertChain); ok {
|
||||
o.SendCertificateChain = v == "1" || strings.ToLower(v) == "true"
|
||||
}
|
||||
cred, err := NewClientCertificateCredential(tenantID, clientID, certs, key, o)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &EnvironmentCredential{cred: cred}, nil
|
||||
}
|
||||
if username := os.Getenv(azureUsername); username != "" {
|
||||
if password := os.Getenv(azurePassword); password != "" {
|
||||
log.Write(EventAuthentication, "EnvironmentCredential will authenticate with UsernamePasswordCredential")
|
||||
o := &UsernamePasswordCredentialOptions{
|
||||
AdditionallyAllowedTenants: additionalTenants,
|
||||
ClientOptions: options.ClientOptions,
|
||||
DisableInstanceDiscovery: options.DisableInstanceDiscovery,
|
||||
}
|
||||
cred, err := NewUsernamePasswordCredential(tenantID, clientID, username, password, o)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &EnvironmentCredential{cred: cred}, nil
|
||||
}
|
||||
return nil, errors.New("no value for AZURE_PASSWORD")
|
||||
}
|
||||
return nil, errors.New("incomplete environment variable configuration. Only AZURE_TENANT_ID and AZURE_CLIENT_ID are set")
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Azure Active Directory. This method is called automatically by Azure SDK clients.
|
||||
func (c *EnvironmentCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
return c.cred.GetToken(ctx, opts)
|
||||
}
|
||||
|
||||
var _ azcore.TokenCredential = (*EnvironmentCredential)(nil)
|
129
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/errors.go
generated
vendored
Normal file
129
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/errors.go
generated
vendored
Normal file
|
@ -0,0 +1,129 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package azidentity
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io"
|
||||
"net/http"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/internal/errorinfo"
|
||||
msal "github.com/AzureAD/microsoft-authentication-library-for-go/apps/errors"
|
||||
)
|
||||
|
||||
// getResponseFromError retrieves the response carried by
|
||||
// an AuthenticationFailedError or MSAL CallErr, if any
|
||||
func getResponseFromError(err error) *http.Response {
|
||||
var a *AuthenticationFailedError
|
||||
var c msal.CallErr
|
||||
var res *http.Response
|
||||
if errors.As(err, &c) {
|
||||
res = c.Resp
|
||||
} else if errors.As(err, &a) {
|
||||
res = a.RawResponse
|
||||
}
|
||||
return res
|
||||
}
|
||||
|
||||
// AuthenticationFailedError indicates an authentication request has failed.
|
||||
type AuthenticationFailedError struct {
|
||||
// RawResponse is the HTTP response motivating the error, if available.
|
||||
RawResponse *http.Response
|
||||
|
||||
credType string
|
||||
message string
|
||||
err error
|
||||
}
|
||||
|
||||
func newAuthenticationFailedError(credType string, message string, resp *http.Response, err error) error {
|
||||
return &AuthenticationFailedError{credType: credType, message: message, RawResponse: resp, err: err}
|
||||
}
|
||||
|
||||
// Error implements the error interface. Note that the message contents are not contractual and can change over time.
|
||||
func (e *AuthenticationFailedError) Error() string {
|
||||
if e.RawResponse == nil {
|
||||
return e.credType + ": " + e.message
|
||||
}
|
||||
msg := &bytes.Buffer{}
|
||||
fmt.Fprintf(msg, e.credType+" authentication failed\n")
|
||||
fmt.Fprintf(msg, "%s %s://%s%s\n", e.RawResponse.Request.Method, e.RawResponse.Request.URL.Scheme, e.RawResponse.Request.URL.Host, e.RawResponse.Request.URL.Path)
|
||||
fmt.Fprintln(msg, "--------------------------------------------------------------------------------")
|
||||
fmt.Fprintf(msg, "RESPONSE %s\n", e.RawResponse.Status)
|
||||
fmt.Fprintln(msg, "--------------------------------------------------------------------------------")
|
||||
body, err := io.ReadAll(e.RawResponse.Body)
|
||||
e.RawResponse.Body.Close()
|
||||
if err != nil {
|
||||
fmt.Fprintf(msg, "Error reading response body: %v", err)
|
||||
} else if len(body) > 0 {
|
||||
e.RawResponse.Body = io.NopCloser(bytes.NewReader(body))
|
||||
if err := json.Indent(msg, body, "", " "); err != nil {
|
||||
// failed to pretty-print so just dump it verbatim
|
||||
fmt.Fprint(msg, string(body))
|
||||
}
|
||||
} else {
|
||||
fmt.Fprint(msg, "Response contained no body")
|
||||
}
|
||||
fmt.Fprintln(msg, "\n--------------------------------------------------------------------------------")
|
||||
var anchor string
|
||||
switch e.credType {
|
||||
case credNameAzureCLI:
|
||||
anchor = "azure-cli"
|
||||
case credNameCert:
|
||||
anchor = "client-cert"
|
||||
case credNameSecret:
|
||||
anchor = "client-secret"
|
||||
case credNameManagedIdentity:
|
||||
anchor = "managed-id"
|
||||
case credNameUserPassword:
|
||||
anchor = "username-password"
|
||||
case credNameWorkloadIdentity:
|
||||
anchor = "workload"
|
||||
}
|
||||
if anchor != "" {
|
||||
fmt.Fprintf(msg, "To troubleshoot, visit https://aka.ms/azsdk/go/identity/troubleshoot#%s", anchor)
|
||||
}
|
||||
return msg.String()
|
||||
}
|
||||
|
||||
// NonRetriable indicates the request which provoked this error shouldn't be retried.
|
||||
func (*AuthenticationFailedError) NonRetriable() {
|
||||
// marker method
|
||||
}
|
||||
|
||||
var _ errorinfo.NonRetriable = (*AuthenticationFailedError)(nil)
|
||||
|
||||
// credentialUnavailableError indicates a credential can't attempt authentication because it lacks required
|
||||
// data or state
|
||||
type credentialUnavailableError struct {
|
||||
message string
|
||||
}
|
||||
|
||||
// newCredentialUnavailableError is an internal helper that ensures consistent error message formatting
|
||||
func newCredentialUnavailableError(credType, message string) error {
|
||||
msg := fmt.Sprintf("%s: %s", credType, message)
|
||||
return &credentialUnavailableError{msg}
|
||||
}
|
||||
|
||||
// NewCredentialUnavailableError constructs an error indicating a credential can't attempt authentication
|
||||
// because it lacks required data or state. When [ChainedTokenCredential] receives this error it will try
|
||||
// its next credential, if any.
|
||||
func NewCredentialUnavailableError(message string) error {
|
||||
return &credentialUnavailableError{message}
|
||||
}
|
||||
|
||||
// Error implements the error interface. Note that the message contents are not contractual and can change over time.
|
||||
func (e *credentialUnavailableError) Error() string {
|
||||
return e.message
|
||||
}
|
||||
|
||||
// NonRetriable is a marker method indicating this error should not be retried. It has no implementation.
|
||||
func (e *credentialUnavailableError) NonRetriable() {}
|
||||
|
||||
var _ errorinfo.NonRetriable = (*credentialUnavailableError)(nil)
|
106
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/interactive_browser_credential.go
generated
vendored
Normal file
106
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/interactive_browser_credential.go
generated
vendored
Normal file
|
@ -0,0 +1,106 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package azidentity
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/public"
|
||||
)
|
||||
|
||||
const credNameBrowser = "InteractiveBrowserCredential"
|
||||
|
||||
// InteractiveBrowserCredentialOptions contains optional parameters for InteractiveBrowserCredential.
|
||||
type InteractiveBrowserCredentialOptions struct {
|
||||
azcore.ClientOptions
|
||||
|
||||
// AdditionallyAllowedTenants specifies additional tenants for which the credential may acquire
|
||||
// tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant.
|
||||
AdditionallyAllowedTenants []string
|
||||
// ClientID is the ID of the application users will authenticate to.
|
||||
// Defaults to the ID of an Azure development application.
|
||||
ClientID string
|
||||
|
||||
// DisableInstanceDiscovery should be set true only by applications authenticating in disconnected clouds, or
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Azure AD instance metadata
|
||||
// from https://login.microsoft.com before authenticating. Setting this to true will skip this request, making
|
||||
// the application responsible for ensuring the configured authority is valid and trustworthy.
|
||||
DisableInstanceDiscovery bool
|
||||
|
||||
// LoginHint pre-populates the account prompt with a username. Users may choose to authenticate a different account.
|
||||
LoginHint string
|
||||
// RedirectURL is the URL Azure Active Directory will redirect to with the access token. This is required
|
||||
// only when setting ClientID, and must match a redirect URI in the application's registration.
|
||||
// Applications which have registered "http://localhost" as a redirect URI need not set this option.
|
||||
RedirectURL string
|
||||
|
||||
// TenantID is the Azure Active Directory tenant the credential authenticates in. Defaults to the
|
||||
// "organizations" tenant, which can authenticate work and school accounts.
|
||||
TenantID string
|
||||
}
|
||||
|
||||
func (o *InteractiveBrowserCredentialOptions) init() {
|
||||
if o.TenantID == "" {
|
||||
o.TenantID = organizationsTenantID
|
||||
}
|
||||
if o.ClientID == "" {
|
||||
o.ClientID = developerSignOnClientID
|
||||
}
|
||||
}
|
||||
|
||||
// InteractiveBrowserCredential opens a browser to interactively authenticate a user.
|
||||
type InteractiveBrowserCredential struct {
|
||||
account public.Account
|
||||
client publicClient
|
||||
options InteractiveBrowserCredentialOptions
|
||||
s *syncer
|
||||
}
|
||||
|
||||
// NewInteractiveBrowserCredential constructs a new InteractiveBrowserCredential. Pass nil to accept default options.
|
||||
func NewInteractiveBrowserCredential(options *InteractiveBrowserCredentialOptions) (*InteractiveBrowserCredential, error) {
|
||||
cp := InteractiveBrowserCredentialOptions{}
|
||||
if options != nil {
|
||||
cp = *options
|
||||
}
|
||||
cp.init()
|
||||
c, err := getPublicClient(cp.ClientID, cp.TenantID, &cp.ClientOptions, public.WithInstanceDiscovery(!cp.DisableInstanceDiscovery))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
ibc := InteractiveBrowserCredential{client: c, options: cp}
|
||||
ibc.s = newSyncer(credNameBrowser, cp.TenantID, cp.AdditionallyAllowedTenants, ibc.requestToken, ibc.silentAuth)
|
||||
return &ibc, nil
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Azure Active Directory. This method is called automatically by Azure SDK clients.
|
||||
func (c *InteractiveBrowserCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
return c.s.GetToken(ctx, opts)
|
||||
}
|
||||
|
||||
func (c *InteractiveBrowserCredential) requestToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
ar, err := c.client.AcquireTokenInteractive(ctx, opts.Scopes,
|
||||
public.WithLoginHint(c.options.LoginHint),
|
||||
public.WithRedirectURI(c.options.RedirectURL),
|
||||
public.WithTenantID(opts.TenantID),
|
||||
)
|
||||
if err == nil {
|
||||
c.account = ar.Account
|
||||
}
|
||||
return azcore.AccessToken{Token: ar.AccessToken, ExpiresOn: ar.ExpiresOn.UTC()}, err
|
||||
}
|
||||
|
||||
func (c *InteractiveBrowserCredential) silentAuth(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
ar, err := c.client.AcquireTokenSilent(ctx, opts.Scopes,
|
||||
public.WithSilentAccount(c.account),
|
||||
public.WithTenantID(opts.TenantID),
|
||||
)
|
||||
return azcore.AccessToken{Token: ar.AccessToken, ExpiresOn: ar.ExpiresOn.UTC()}, err
|
||||
}
|
||||
|
||||
var _ azcore.TokenCredential = (*InteractiveBrowserCredential)(nil)
|
14
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/logging.go
generated
vendored
Normal file
14
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/logging.go
generated
vendored
Normal file
|
@ -0,0 +1,14 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package azidentity
|
||||
|
||||
import "github.com/Azure/azure-sdk-for-go/sdk/internal/log"
|
||||
|
||||
// EventAuthentication entries contain information about authentication.
|
||||
// This includes information like the names of environment variables
|
||||
// used when obtaining credentials and the type of credential used.
|
||||
const EventAuthentication log.Event = "Authentication"
|
388
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/managed_identity_client.go
generated
vendored
Normal file
388
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/managed_identity_client.go
generated
vendored
Normal file
|
@ -0,0 +1,388 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package azidentity
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"os"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/streaming"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/internal/log"
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
|
||||
)
|
||||
|
||||
const (
|
||||
arcIMDSEndpoint = "IMDS_ENDPOINT"
|
||||
identityEndpoint = "IDENTITY_ENDPOINT"
|
||||
identityHeader = "IDENTITY_HEADER"
|
||||
identityServerThumbprint = "IDENTITY_SERVER_THUMBPRINT"
|
||||
headerMetadata = "Metadata"
|
||||
imdsEndpoint = "http://169.254.169.254/metadata/identity/oauth2/token"
|
||||
msiEndpoint = "MSI_ENDPOINT"
|
||||
imdsAPIVersion = "2018-02-01"
|
||||
azureArcAPIVersion = "2019-08-15"
|
||||
serviceFabricAPIVersion = "2019-07-01-preview"
|
||||
|
||||
qpClientID = "client_id"
|
||||
qpResID = "mi_res_id"
|
||||
)
|
||||
|
||||
type msiType int
|
||||
|
||||
const (
|
||||
msiTypeAppService msiType = iota
|
||||
msiTypeAzureArc
|
||||
msiTypeCloudShell
|
||||
msiTypeIMDS
|
||||
msiTypeServiceFabric
|
||||
)
|
||||
|
||||
// managedIdentityClient provides the base for authenticating in managed identity environments
|
||||
// This type includes an runtime.Pipeline and TokenCredentialOptions.
|
||||
type managedIdentityClient struct {
|
||||
pipeline runtime.Pipeline
|
||||
msiType msiType
|
||||
endpoint string
|
||||
id ManagedIDKind
|
||||
}
|
||||
|
||||
type wrappedNumber json.Number
|
||||
|
||||
func (n *wrappedNumber) UnmarshalJSON(b []byte) error {
|
||||
c := string(b)
|
||||
if c == "\"\"" {
|
||||
return nil
|
||||
}
|
||||
return json.Unmarshal(b, (*json.Number)(n))
|
||||
}
|
||||
|
||||
// setIMDSRetryOptionDefaults sets zero-valued fields to default values appropriate for IMDS
|
||||
func setIMDSRetryOptionDefaults(o *policy.RetryOptions) {
|
||||
if o.MaxRetries == 0 {
|
||||
o.MaxRetries = 5
|
||||
}
|
||||
if o.MaxRetryDelay == 0 {
|
||||
o.MaxRetryDelay = 1 * time.Minute
|
||||
}
|
||||
if o.RetryDelay == 0 {
|
||||
o.RetryDelay = 2 * time.Second
|
||||
}
|
||||
if o.StatusCodes == nil {
|
||||
o.StatusCodes = []int{
|
||||
// IMDS docs recommend retrying 404, 429 and all 5xx
|
||||
// https://docs.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-to-use-vm-token#error-handling
|
||||
http.StatusNotFound, // 404
|
||||
http.StatusTooManyRequests, // 429
|
||||
http.StatusInternalServerError, // 500
|
||||
http.StatusNotImplemented, // 501
|
||||
http.StatusBadGateway, // 502
|
||||
http.StatusGatewayTimeout, // 504
|
||||
http.StatusHTTPVersionNotSupported, // 505
|
||||
http.StatusVariantAlsoNegotiates, // 506
|
||||
http.StatusInsufficientStorage, // 507
|
||||
http.StatusLoopDetected, // 508
|
||||
http.StatusNotExtended, // 510
|
||||
http.StatusNetworkAuthenticationRequired, // 511
|
||||
}
|
||||
}
|
||||
if o.TryTimeout == 0 {
|
||||
o.TryTimeout = 1 * time.Minute
|
||||
}
|
||||
}
|
||||
|
||||
// newManagedIdentityClient creates a new instance of the ManagedIdentityClient with the ManagedIdentityCredentialOptions
|
||||
// that are passed into it along with a default pipeline.
|
||||
// options: ManagedIdentityCredentialOptions configure policies for the pipeline and the authority host that
|
||||
// will be used to retrieve tokens and authenticate
|
||||
func newManagedIdentityClient(options *ManagedIdentityCredentialOptions) (*managedIdentityClient, error) {
|
||||
if options == nil {
|
||||
options = &ManagedIdentityCredentialOptions{}
|
||||
}
|
||||
cp := options.ClientOptions
|
||||
c := managedIdentityClient{id: options.ID, endpoint: imdsEndpoint, msiType: msiTypeIMDS}
|
||||
env := "IMDS"
|
||||
if endpoint, ok := os.LookupEnv(identityEndpoint); ok {
|
||||
if _, ok := os.LookupEnv(identityHeader); ok {
|
||||
if _, ok := os.LookupEnv(identityServerThumbprint); ok {
|
||||
env = "Service Fabric"
|
||||
c.endpoint = endpoint
|
||||
c.msiType = msiTypeServiceFabric
|
||||
} else {
|
||||
env = "App Service"
|
||||
c.endpoint = endpoint
|
||||
c.msiType = msiTypeAppService
|
||||
}
|
||||
} else if _, ok := os.LookupEnv(arcIMDSEndpoint); ok {
|
||||
env = "Azure Arc"
|
||||
c.endpoint = endpoint
|
||||
c.msiType = msiTypeAzureArc
|
||||
}
|
||||
} else if endpoint, ok := os.LookupEnv(msiEndpoint); ok {
|
||||
env = "Cloud Shell"
|
||||
c.endpoint = endpoint
|
||||
c.msiType = msiTypeCloudShell
|
||||
} else {
|
||||
setIMDSRetryOptionDefaults(&cp.Retry)
|
||||
}
|
||||
c.pipeline = runtime.NewPipeline(component, version, runtime.PipelineOptions{}, &cp)
|
||||
|
||||
if log.Should(EventAuthentication) {
|
||||
log.Writef(EventAuthentication, "Managed Identity Credential will use %s managed identity", env)
|
||||
}
|
||||
|
||||
return &c, nil
|
||||
}
|
||||
|
||||
// provideToken acquires a token for MSAL's confidential.Client, which caches the token
|
||||
func (c *managedIdentityClient) provideToken(ctx context.Context, params confidential.TokenProviderParameters) (confidential.TokenProviderResult, error) {
|
||||
result := confidential.TokenProviderResult{}
|
||||
tk, err := c.authenticate(ctx, c.id, params.Scopes)
|
||||
if err == nil {
|
||||
result.AccessToken = tk.Token
|
||||
result.ExpiresInSeconds = int(time.Until(tk.ExpiresOn).Seconds())
|
||||
}
|
||||
return result, err
|
||||
}
|
||||
|
||||
// authenticate acquires an access token
|
||||
func (c *managedIdentityClient) authenticate(ctx context.Context, id ManagedIDKind, scopes []string) (azcore.AccessToken, error) {
|
||||
msg, err := c.createAuthRequest(ctx, id, scopes)
|
||||
if err != nil {
|
||||
return azcore.AccessToken{}, err
|
||||
}
|
||||
|
||||
resp, err := c.pipeline.Do(msg)
|
||||
if err != nil {
|
||||
return azcore.AccessToken{}, newAuthenticationFailedError(credNameManagedIdentity, err.Error(), nil, err)
|
||||
}
|
||||
|
||||
if runtime.HasStatusCode(resp, http.StatusOK, http.StatusCreated) {
|
||||
return c.createAccessToken(resp)
|
||||
}
|
||||
|
||||
if c.msiType == msiTypeIMDS && resp.StatusCode == 400 {
|
||||
if id != nil {
|
||||
return azcore.AccessToken{}, newAuthenticationFailedError(credNameManagedIdentity, "the requested identity isn't assigned to this resource", resp, nil)
|
||||
}
|
||||
return azcore.AccessToken{}, newCredentialUnavailableError(credNameManagedIdentity, "no default identity is assigned to this resource")
|
||||
}
|
||||
|
||||
return azcore.AccessToken{}, newAuthenticationFailedError(credNameManagedIdentity, "authentication failed", resp, nil)
|
||||
}
|
||||
|
||||
func (c *managedIdentityClient) createAccessToken(res *http.Response) (azcore.AccessToken, error) {
|
||||
value := struct {
|
||||
// these are the only fields that we use
|
||||
Token string `json:"access_token,omitempty"`
|
||||
RefreshToken string `json:"refresh_token,omitempty"`
|
||||
ExpiresIn wrappedNumber `json:"expires_in,omitempty"` // this field should always return the number of seconds for which a token is valid
|
||||
ExpiresOn interface{} `json:"expires_on,omitempty"` // the value returned in this field varies between a number and a date string
|
||||
}{}
|
||||
if err := runtime.UnmarshalAsJSON(res, &value); err != nil {
|
||||
return azcore.AccessToken{}, fmt.Errorf("internal AccessToken: %v", err)
|
||||
}
|
||||
if value.ExpiresIn != "" {
|
||||
expiresIn, err := json.Number(value.ExpiresIn).Int64()
|
||||
if err != nil {
|
||||
return azcore.AccessToken{}, err
|
||||
}
|
||||
return azcore.AccessToken{Token: value.Token, ExpiresOn: time.Now().Add(time.Second * time.Duration(expiresIn)).UTC()}, nil
|
||||
}
|
||||
switch v := value.ExpiresOn.(type) {
|
||||
case float64:
|
||||
return azcore.AccessToken{Token: value.Token, ExpiresOn: time.Unix(int64(v), 0).UTC()}, nil
|
||||
case string:
|
||||
if expiresOn, err := strconv.Atoi(v); err == nil {
|
||||
return azcore.AccessToken{Token: value.Token, ExpiresOn: time.Unix(int64(expiresOn), 0).UTC()}, nil
|
||||
}
|
||||
return azcore.AccessToken{}, newAuthenticationFailedError(credNameManagedIdentity, "unexpected expires_on value: "+v, res, nil)
|
||||
default:
|
||||
msg := fmt.Sprintf("unsupported type received in expires_on: %T, %v", v, v)
|
||||
return azcore.AccessToken{}, newAuthenticationFailedError(credNameManagedIdentity, msg, res, nil)
|
||||
}
|
||||
}
|
||||
|
||||
func (c *managedIdentityClient) createAuthRequest(ctx context.Context, id ManagedIDKind, scopes []string) (*policy.Request, error) {
|
||||
switch c.msiType {
|
||||
case msiTypeIMDS:
|
||||
return c.createIMDSAuthRequest(ctx, id, scopes)
|
||||
case msiTypeAppService:
|
||||
return c.createAppServiceAuthRequest(ctx, id, scopes)
|
||||
case msiTypeAzureArc:
|
||||
// need to perform preliminary request to retreive the secret key challenge provided by the HIMDS service
|
||||
key, err := c.getAzureArcSecretKey(ctx, scopes)
|
||||
if err != nil {
|
||||
msg := fmt.Sprintf("failed to retreive secret key from the identity endpoint: %v", err)
|
||||
return nil, newAuthenticationFailedError(credNameManagedIdentity, msg, nil, err)
|
||||
}
|
||||
return c.createAzureArcAuthRequest(ctx, id, scopes, key)
|
||||
case msiTypeServiceFabric:
|
||||
return c.createServiceFabricAuthRequest(ctx, id, scopes)
|
||||
case msiTypeCloudShell:
|
||||
return c.createCloudShellAuthRequest(ctx, id, scopes)
|
||||
default:
|
||||
return nil, newCredentialUnavailableError(credNameManagedIdentity, "managed identity isn't supported in this environment")
|
||||
}
|
||||
}
|
||||
|
||||
func (c *managedIdentityClient) createIMDSAuthRequest(ctx context.Context, id ManagedIDKind, scopes []string) (*policy.Request, error) {
|
||||
request, err := runtime.NewRequest(ctx, http.MethodGet, c.endpoint)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
request.Raw().Header.Set(headerMetadata, "true")
|
||||
q := request.Raw().URL.Query()
|
||||
q.Add("api-version", imdsAPIVersion)
|
||||
q.Add("resource", strings.Join(scopes, " "))
|
||||
if id != nil {
|
||||
if id.idKind() == miResourceID {
|
||||
q.Add(qpResID, id.String())
|
||||
} else {
|
||||
q.Add(qpClientID, id.String())
|
||||
}
|
||||
}
|
||||
request.Raw().URL.RawQuery = q.Encode()
|
||||
return request, nil
|
||||
}
|
||||
|
||||
func (c *managedIdentityClient) createAppServiceAuthRequest(ctx context.Context, id ManagedIDKind, scopes []string) (*policy.Request, error) {
|
||||
request, err := runtime.NewRequest(ctx, http.MethodGet, c.endpoint)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
request.Raw().Header.Set("X-IDENTITY-HEADER", os.Getenv(identityHeader))
|
||||
q := request.Raw().URL.Query()
|
||||
q.Add("api-version", "2019-08-01")
|
||||
q.Add("resource", scopes[0])
|
||||
if id != nil {
|
||||
if id.idKind() == miResourceID {
|
||||
q.Add(qpResID, id.String())
|
||||
} else {
|
||||
q.Add(qpClientID, id.String())
|
||||
}
|
||||
}
|
||||
request.Raw().URL.RawQuery = q.Encode()
|
||||
return request, nil
|
||||
}
|
||||
|
||||
func (c *managedIdentityClient) createServiceFabricAuthRequest(ctx context.Context, id ManagedIDKind, scopes []string) (*policy.Request, error) {
|
||||
request, err := runtime.NewRequest(ctx, http.MethodGet, c.endpoint)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
q := request.Raw().URL.Query()
|
||||
request.Raw().Header.Set("Accept", "application/json")
|
||||
request.Raw().Header.Set("Secret", os.Getenv(identityHeader))
|
||||
q.Add("api-version", serviceFabricAPIVersion)
|
||||
q.Add("resource", strings.Join(scopes, " "))
|
||||
if id != nil {
|
||||
log.Write(EventAuthentication, "WARNING: Service Fabric doesn't support selecting a user-assigned identity at runtime")
|
||||
if id.idKind() == miResourceID {
|
||||
q.Add(qpResID, id.String())
|
||||
} else {
|
||||
q.Add(qpClientID, id.String())
|
||||
}
|
||||
}
|
||||
request.Raw().URL.RawQuery = q.Encode()
|
||||
return request, nil
|
||||
}
|
||||
|
||||
func (c *managedIdentityClient) getAzureArcSecretKey(ctx context.Context, resources []string) (string, error) {
|
||||
// create the request to retreive the secret key challenge provided by the HIMDS service
|
||||
request, err := runtime.NewRequest(ctx, http.MethodGet, c.endpoint)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
request.Raw().Header.Set(headerMetadata, "true")
|
||||
q := request.Raw().URL.Query()
|
||||
q.Add("api-version", azureArcAPIVersion)
|
||||
q.Add("resource", strings.Join(resources, " "))
|
||||
request.Raw().URL.RawQuery = q.Encode()
|
||||
// send the initial request to get the short-lived secret key
|
||||
response, err := c.pipeline.Do(request)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
// the endpoint is expected to return a 401 with the WWW-Authenticate header set to the location
|
||||
// of the secret key file. Any other status code indicates an error in the request.
|
||||
if response.StatusCode != 401 {
|
||||
msg := fmt.Sprintf("expected a 401 response, received %d", response.StatusCode)
|
||||
return "", newAuthenticationFailedError(credNameManagedIdentity, msg, response, nil)
|
||||
}
|
||||
header := response.Header.Get("WWW-Authenticate")
|
||||
if len(header) == 0 {
|
||||
return "", errors.New("did not receive a value from WWW-Authenticate header")
|
||||
}
|
||||
// the WWW-Authenticate header is expected in the following format: Basic realm=/some/file/path.key
|
||||
pos := strings.LastIndex(header, "=")
|
||||
if pos == -1 {
|
||||
return "", fmt.Errorf("did not receive a correct value from WWW-Authenticate header: %s", header)
|
||||
}
|
||||
key, err := os.ReadFile(header[pos+1:])
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("could not read file (%s) contents: %v", header[pos+1:], err)
|
||||
}
|
||||
return string(key), nil
|
||||
}
|
||||
|
||||
func (c *managedIdentityClient) createAzureArcAuthRequest(ctx context.Context, id ManagedIDKind, resources []string, key string) (*policy.Request, error) {
|
||||
request, err := runtime.NewRequest(ctx, http.MethodGet, c.endpoint)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
request.Raw().Header.Set(headerMetadata, "true")
|
||||
request.Raw().Header.Set("Authorization", fmt.Sprintf("Basic %s", key))
|
||||
q := request.Raw().URL.Query()
|
||||
q.Add("api-version", azureArcAPIVersion)
|
||||
q.Add("resource", strings.Join(resources, " "))
|
||||
if id != nil {
|
||||
log.Write(EventAuthentication, "WARNING: Azure Arc doesn't support user-assigned managed identities")
|
||||
if id.idKind() == miResourceID {
|
||||
q.Add(qpResID, id.String())
|
||||
} else {
|
||||
q.Add(qpClientID, id.String())
|
||||
}
|
||||
}
|
||||
request.Raw().URL.RawQuery = q.Encode()
|
||||
return request, nil
|
||||
}
|
||||
|
||||
func (c *managedIdentityClient) createCloudShellAuthRequest(ctx context.Context, id ManagedIDKind, scopes []string) (*policy.Request, error) {
|
||||
request, err := runtime.NewRequest(ctx, http.MethodPost, c.endpoint)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
request.Raw().Header.Set(headerMetadata, "true")
|
||||
data := url.Values{}
|
||||
data.Set("resource", strings.Join(scopes, " "))
|
||||
dataEncoded := data.Encode()
|
||||
body := streaming.NopCloser(strings.NewReader(dataEncoded))
|
||||
if err := request.SetBody(body, "application/x-www-form-urlencoded"); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if id != nil {
|
||||
log.Write(EventAuthentication, "WARNING: Cloud Shell doesn't support user-assigned managed identities")
|
||||
q := request.Raw().URL.Query()
|
||||
if id.idKind() == miResourceID {
|
||||
q.Add(qpResID, id.String())
|
||||
} else {
|
||||
q.Add(qpClientID, id.String())
|
||||
}
|
||||
}
|
||||
return request, nil
|
||||
}
|
127
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/managed_identity_credential.go
generated
vendored
Normal file
127
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/managed_identity_credential.go
generated
vendored
Normal file
|
@ -0,0 +1,127 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package azidentity
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
|
||||
)
|
||||
|
||||
const credNameManagedIdentity = "ManagedIdentityCredential"
|
||||
|
||||
type managedIdentityIDKind int
|
||||
|
||||
const (
|
||||
miClientID managedIdentityIDKind = 0
|
||||
miResourceID managedIdentityIDKind = 1
|
||||
)
|
||||
|
||||
// ManagedIDKind identifies the ID of a managed identity as either a client or resource ID
|
||||
type ManagedIDKind interface {
|
||||
fmt.Stringer
|
||||
idKind() managedIdentityIDKind
|
||||
}
|
||||
|
||||
// ClientID is the client ID of a user-assigned managed identity.
|
||||
type ClientID string
|
||||
|
||||
func (ClientID) idKind() managedIdentityIDKind {
|
||||
return miClientID
|
||||
}
|
||||
|
||||
// String returns the string value of the ID.
|
||||
func (c ClientID) String() string {
|
||||
return string(c)
|
||||
}
|
||||
|
||||
// ResourceID is the resource ID of a user-assigned managed identity.
|
||||
type ResourceID string
|
||||
|
||||
func (ResourceID) idKind() managedIdentityIDKind {
|
||||
return miResourceID
|
||||
}
|
||||
|
||||
// String returns the string value of the ID.
|
||||
func (r ResourceID) String() string {
|
||||
return string(r)
|
||||
}
|
||||
|
||||
// ManagedIdentityCredentialOptions contains optional parameters for ManagedIdentityCredential.
|
||||
type ManagedIdentityCredentialOptions struct {
|
||||
azcore.ClientOptions
|
||||
|
||||
// ID is the ID of a managed identity the credential should authenticate. Set this field to use a specific identity
|
||||
// instead of the hosting environment's default. The value may be the identity's client ID or resource ID, but note that
|
||||
// some platforms don't accept resource IDs.
|
||||
ID ManagedIDKind
|
||||
}
|
||||
|
||||
// ManagedIdentityCredential authenticates an Azure managed identity in any hosting environment supporting managed identities.
|
||||
// This credential authenticates a system-assigned identity by default. Use ManagedIdentityCredentialOptions.ID to specify a
|
||||
// user-assigned identity. See Azure Active Directory documentation for more information about managed identities:
|
||||
// https://docs.microsoft.com/azure/active-directory/managed-identities-azure-resources/overview
|
||||
type ManagedIdentityCredential struct {
|
||||
client confidentialClient
|
||||
mic *managedIdentityClient
|
||||
s *syncer
|
||||
}
|
||||
|
||||
// NewManagedIdentityCredential creates a ManagedIdentityCredential. Pass nil to accept default options.
|
||||
func NewManagedIdentityCredential(options *ManagedIdentityCredentialOptions) (*ManagedIdentityCredential, error) {
|
||||
if options == nil {
|
||||
options = &ManagedIdentityCredentialOptions{}
|
||||
}
|
||||
mic, err := newManagedIdentityClient(options)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
cred := confidential.NewCredFromTokenProvider(mic.provideToken)
|
||||
|
||||
// It's okay to give MSAL an invalid client ID because MSAL will use it only as part of a cache key.
|
||||
// ManagedIdentityClient handles all the details of authentication and won't receive this value from MSAL.
|
||||
clientID := "SYSTEM-ASSIGNED-MANAGED-IDENTITY"
|
||||
if options.ID != nil {
|
||||
clientID = options.ID.String()
|
||||
}
|
||||
// similarly, it's okay to give MSAL an incorrect authority URL because that URL won't be used
|
||||
c, err := confidential.New("https://login.microsoftonline.com/common", clientID, cred)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
m := ManagedIdentityCredential{client: c, mic: mic}
|
||||
m.s = newSyncer(credNameManagedIdentity, "", nil, m.requestToken, m.silentAuth)
|
||||
return &m, nil
|
||||
}
|
||||
|
||||
// GetToken requests an access token from the hosting environment. This method is called automatically by Azure SDK clients.
|
||||
func (c *ManagedIdentityCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
if len(opts.Scopes) != 1 {
|
||||
err := errors.New(credNameManagedIdentity + ": GetToken() requires exactly one scope")
|
||||
return azcore.AccessToken{}, err
|
||||
}
|
||||
// managed identity endpoints require an AADv1 resource (i.e. token audience), not a v2 scope, so we remove "/.default" here
|
||||
opts.Scopes = []string{strings.TrimSuffix(opts.Scopes[0], defaultSuffix)}
|
||||
return c.s.GetToken(ctx, opts)
|
||||
}
|
||||
|
||||
func (c *ManagedIdentityCredential) requestToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
ar, err := c.client.AcquireTokenByCredential(ctx, opts.Scopes)
|
||||
return azcore.AccessToken{Token: ar.AccessToken, ExpiresOn: ar.ExpiresOn.UTC()}, err
|
||||
}
|
||||
|
||||
func (c *ManagedIdentityCredential) silentAuth(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
ar, err := c.client.AcquireTokenSilent(ctx, opts.Scopes)
|
||||
return azcore.AccessToken{Token: ar.AccessToken, ExpiresOn: ar.ExpiresOn.UTC()}, err
|
||||
}
|
||||
|
||||
var _ azcore.TokenCredential = (*ManagedIdentityCredential)(nil)
|
99
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/on_behalf_of_credential.go
generated
vendored
Normal file
99
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/on_behalf_of_credential.go
generated
vendored
Normal file
|
@ -0,0 +1,99 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package azidentity
|
||||
|
||||
import (
|
||||
"context"
|
||||
"crypto"
|
||||
"crypto/x509"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
|
||||
)
|
||||
|
||||
const credNameOBO = "OnBehalfOfCredential"
|
||||
|
||||
// OnBehalfOfCredential authenticates a service principal via the on-behalf-of flow. This is typically used by
|
||||
// middle-tier services that authorize requests to other services with a delegated user identity. Because this
|
||||
// is not an interactive authentication flow, an application using it must have admin consent for any delegated
|
||||
// permissions before requesting tokens for them. See [Azure Active Directory documentation] for more details.
|
||||
//
|
||||
// [Azure Active Directory documentation]: https://docs.microsoft.com/azure/active-directory/develop/v2-oauth2-on-behalf-of-flow
|
||||
type OnBehalfOfCredential struct {
|
||||
assertion string
|
||||
client confidentialClient
|
||||
s *syncer
|
||||
}
|
||||
|
||||
// OnBehalfOfCredentialOptions contains optional parameters for OnBehalfOfCredential
|
||||
type OnBehalfOfCredentialOptions struct {
|
||||
azcore.ClientOptions
|
||||
|
||||
// AdditionallyAllowedTenants specifies additional tenants for which the credential may acquire tokens.
|
||||
// Add the wildcard value "*" to allow the credential to acquire tokens for any tenant in which the
|
||||
// application is registered.
|
||||
AdditionallyAllowedTenants []string
|
||||
// DisableInstanceDiscovery should be set true only by applications authenticating in disconnected clouds, or
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Azure AD instance metadata
|
||||
// from https://login.microsoft.com before authenticating. Setting this to true will skip this request, making
|
||||
// the application responsible for ensuring the configured authority is valid and trustworthy.
|
||||
DisableInstanceDiscovery bool
|
||||
// SendCertificateChain applies only when the credential is configured to authenticate with a certificate.
|
||||
// This setting controls whether the credential sends the public certificate chain in the x5c header of each
|
||||
// token request's JWT. This is required for, and only used in, Subject Name/Issuer (SNI) authentication.
|
||||
SendCertificateChain bool
|
||||
}
|
||||
|
||||
// NewOnBehalfOfCredentialWithCertificate constructs an OnBehalfOfCredential that authenticates with a certificate.
|
||||
// See [ParseCertificates] for help loading a certificate.
|
||||
func NewOnBehalfOfCredentialWithCertificate(tenantID, clientID, userAssertion string, certs []*x509.Certificate, key crypto.PrivateKey, options *OnBehalfOfCredentialOptions) (*OnBehalfOfCredential, error) {
|
||||
cred, err := confidential.NewCredFromCert(certs, key)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return newOnBehalfOfCredential(tenantID, clientID, userAssertion, cred, options)
|
||||
}
|
||||
|
||||
// NewOnBehalfOfCredentialWithSecret constructs an OnBehalfOfCredential that authenticates with a client secret.
|
||||
func NewOnBehalfOfCredentialWithSecret(tenantID, clientID, userAssertion, clientSecret string, options *OnBehalfOfCredentialOptions) (*OnBehalfOfCredential, error) {
|
||||
cred, err := confidential.NewCredFromSecret(clientSecret)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return newOnBehalfOfCredential(tenantID, clientID, userAssertion, cred, options)
|
||||
}
|
||||
|
||||
func newOnBehalfOfCredential(tenantID, clientID, userAssertion string, cred confidential.Credential, options *OnBehalfOfCredentialOptions) (*OnBehalfOfCredential, error) {
|
||||
if options == nil {
|
||||
options = &OnBehalfOfCredentialOptions{}
|
||||
}
|
||||
opts := []confidential.Option{}
|
||||
if options.SendCertificateChain {
|
||||
opts = append(opts, confidential.WithX5C())
|
||||
}
|
||||
opts = append(opts, confidential.WithInstanceDiscovery(!options.DisableInstanceDiscovery))
|
||||
c, err := getConfidentialClient(clientID, tenantID, cred, &options.ClientOptions, opts...)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
obo := OnBehalfOfCredential{assertion: userAssertion, client: c}
|
||||
obo.s = newSyncer(credNameOBO, tenantID, options.AdditionallyAllowedTenants, obo.requestToken, obo.requestToken)
|
||||
return &obo, nil
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Azure Active Directory. This method is called automatically by Azure SDK clients.
|
||||
func (o *OnBehalfOfCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
return o.s.GetToken(ctx, opts)
|
||||
}
|
||||
|
||||
func (o *OnBehalfOfCredential) requestToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
ar, err := o.client.AcquireTokenOnBehalfOf(ctx, o.assertion, opts.Scopes, confidential.WithTenantID(opts.TenantID))
|
||||
return azcore.AccessToken{Token: ar.AccessToken, ExpiresOn: ar.ExpiresOn.UTC()}, err
|
||||
}
|
||||
|
||||
var _ azcore.TokenCredential = (*OnBehalfOfCredential)(nil)
|
130
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/syncer.go
generated
vendored
Normal file
130
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/syncer.go
generated
vendored
Normal file
|
@ -0,0 +1,130 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package azidentity
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"strings"
|
||||
"sync"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/internal/log"
|
||||
)
|
||||
|
||||
type authFn func(context.Context, policy.TokenRequestOptions) (azcore.AccessToken, error)
|
||||
|
||||
// syncer synchronizes authentication calls so that goroutines can share a credential instance
|
||||
type syncer struct {
|
||||
addlTenants []string
|
||||
authing bool
|
||||
cond *sync.Cond
|
||||
reqToken, silent authFn
|
||||
name, tenant string
|
||||
}
|
||||
|
||||
func newSyncer(name, tenant string, additionalTenants []string, reqToken, silentAuth authFn) *syncer {
|
||||
return &syncer{
|
||||
addlTenants: resolveAdditionalTenants(additionalTenants),
|
||||
cond: &sync.Cond{L: &sync.Mutex{}},
|
||||
name: name,
|
||||
reqToken: reqToken,
|
||||
silent: silentAuth,
|
||||
tenant: tenant,
|
||||
}
|
||||
}
|
||||
|
||||
// GetToken ensures that only one goroutine authenticates at a time
|
||||
func (s *syncer) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
var at azcore.AccessToken
|
||||
var err error
|
||||
if len(opts.Scopes) == 0 {
|
||||
return at, errors.New(s.name + ".GetToken() requires at least one scope")
|
||||
}
|
||||
// we don't resolve the tenant for managed identities because they can acquire tokens only from their home tenants
|
||||
if s.name != credNameManagedIdentity {
|
||||
tenant, err := s.resolveTenant(opts.TenantID)
|
||||
if err != nil {
|
||||
return at, err
|
||||
}
|
||||
opts.TenantID = tenant
|
||||
}
|
||||
auth := false
|
||||
s.cond.L.Lock()
|
||||
defer s.cond.L.Unlock()
|
||||
for {
|
||||
at, err = s.silent(ctx, opts)
|
||||
if err == nil {
|
||||
// got a token
|
||||
break
|
||||
}
|
||||
if !s.authing {
|
||||
// this goroutine will request a token
|
||||
s.authing, auth = true, true
|
||||
break
|
||||
}
|
||||
// another goroutine is acquiring a token; wait for it to finish, then try silent auth again
|
||||
s.cond.Wait()
|
||||
}
|
||||
if auth {
|
||||
s.authing = false
|
||||
at, err = s.reqToken(ctx, opts)
|
||||
s.cond.Broadcast()
|
||||
}
|
||||
if err != nil {
|
||||
// Return credentialUnavailableError directly because that type affects the behavior of credential chains.
|
||||
// Otherwise, return AuthenticationFailedError.
|
||||
var unavailableErr *credentialUnavailableError
|
||||
if !errors.As(err, &unavailableErr) {
|
||||
res := getResponseFromError(err)
|
||||
err = newAuthenticationFailedError(s.name, err.Error(), res, err)
|
||||
}
|
||||
} else if log.Should(EventAuthentication) {
|
||||
scope := strings.Join(opts.Scopes, ", ")
|
||||
msg := fmt.Sprintf(`%s.GetToken() acquired a token for scope "%s"\n`, s.name, scope)
|
||||
log.Write(EventAuthentication, msg)
|
||||
}
|
||||
return at, err
|
||||
}
|
||||
|
||||
// resolveTenant returns the correct tenant for a token request given the credential's
|
||||
// configuration, or an error when the specified tenant isn't allowed by that configuration
|
||||
func (s *syncer) resolveTenant(requested string) (string, error) {
|
||||
if requested == "" || requested == s.tenant {
|
||||
return s.tenant, nil
|
||||
}
|
||||
if s.tenant == "adfs" {
|
||||
return "", errors.New("ADFS doesn't support tenants")
|
||||
}
|
||||
if !validTenantID(requested) {
|
||||
return "", errors.New(tenantIDValidationErr)
|
||||
}
|
||||
for _, t := range s.addlTenants {
|
||||
if t == "*" || t == requested {
|
||||
return requested, nil
|
||||
}
|
||||
}
|
||||
return "", fmt.Errorf(`%s isn't configured to acquire tokens for tenant %q. To enable acquiring tokens for this tenant add it to the AdditionallyAllowedTenants on the credential options, or add "*" to allow acquiring tokens for any tenant`, s.name, requested)
|
||||
}
|
||||
|
||||
// resolveAdditionalTenants returns a copy of tenants, simplified when tenants contains a wildcard
|
||||
func resolveAdditionalTenants(tenants []string) []string {
|
||||
if len(tenants) == 0 {
|
||||
return nil
|
||||
}
|
||||
for _, t := range tenants {
|
||||
// a wildcard makes all other values redundant
|
||||
if t == "*" {
|
||||
return []string{"*"}
|
||||
}
|
||||
}
|
||||
cp := make([]string, len(tenants))
|
||||
copy(cp, tenants)
|
||||
return cp
|
||||
}
|
81
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/username_password_credential.go
generated
vendored
Normal file
81
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/username_password_credential.go
generated
vendored
Normal file
|
@ -0,0 +1,81 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package azidentity
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/AzureAD/microsoft-authentication-library-for-go/apps/public"
|
||||
)
|
||||
|
||||
const credNameUserPassword = "UsernamePasswordCredential"
|
||||
|
||||
// UsernamePasswordCredentialOptions contains optional parameters for UsernamePasswordCredential.
|
||||
type UsernamePasswordCredentialOptions struct {
|
||||
azcore.ClientOptions
|
||||
|
||||
// AdditionallyAllowedTenants specifies additional tenants for which the credential may acquire tokens.
|
||||
// Add the wildcard value "*" to allow the credential to acquire tokens for any tenant in which the
|
||||
// application is registered.
|
||||
AdditionallyAllowedTenants []string
|
||||
// DisableInstanceDiscovery should be set true only by applications authenticating in disconnected clouds, or
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Azure AD instance metadata
|
||||
// from https://login.microsoft.com before authenticating. Setting this to true will skip this request, making
|
||||
// the application responsible for ensuring the configured authority is valid and trustworthy.
|
||||
DisableInstanceDiscovery bool
|
||||
}
|
||||
|
||||
// UsernamePasswordCredential authenticates a user with a password. Microsoft doesn't recommend this kind of authentication,
|
||||
// because it's less secure than other authentication flows. This credential is not interactive, so it isn't compatible
|
||||
// with any form of multi-factor authentication, and the application must already have user or admin consent.
|
||||
// This credential can only authenticate work and school accounts; it can't authenticate Microsoft accounts.
|
||||
type UsernamePasswordCredential struct {
|
||||
account public.Account
|
||||
client publicClient
|
||||
password, username string
|
||||
s *syncer
|
||||
}
|
||||
|
||||
// NewUsernamePasswordCredential creates a UsernamePasswordCredential. clientID is the ID of the application the user
|
||||
// will authenticate to. Pass nil for options to accept defaults.
|
||||
func NewUsernamePasswordCredential(tenantID string, clientID string, username string, password string, options *UsernamePasswordCredentialOptions) (*UsernamePasswordCredential, error) {
|
||||
if options == nil {
|
||||
options = &UsernamePasswordCredentialOptions{}
|
||||
}
|
||||
c, err := getPublicClient(clientID, tenantID, &options.ClientOptions, public.WithInstanceDiscovery(!options.DisableInstanceDiscovery))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
upc := UsernamePasswordCredential{client: c, password: password, username: username}
|
||||
upc.s = newSyncer(credNameUserPassword, tenantID, options.AdditionallyAllowedTenants, upc.requestToken, upc.silentAuth)
|
||||
return &upc, nil
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Azure Active Directory. This method is called automatically by Azure SDK clients.
|
||||
func (c *UsernamePasswordCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
return c.s.GetToken(ctx, opts)
|
||||
}
|
||||
|
||||
func (c *UsernamePasswordCredential) requestToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
ar, err := c.client.AcquireTokenByUsernamePassword(ctx, opts.Scopes, c.username, c.password, public.WithTenantID(opts.TenantID))
|
||||
if err == nil {
|
||||
c.account = ar.Account
|
||||
}
|
||||
return azcore.AccessToken{Token: ar.AccessToken, ExpiresOn: ar.ExpiresOn.UTC()}, err
|
||||
}
|
||||
|
||||
func (c *UsernamePasswordCredential) silentAuth(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
ar, err := c.client.AcquireTokenSilent(ctx, opts.Scopes,
|
||||
public.WithSilentAccount(c.account),
|
||||
public.WithTenantID(opts.TenantID),
|
||||
)
|
||||
return azcore.AccessToken{Token: ar.AccessToken, ExpiresOn: ar.ExpiresOn.UTC()}, err
|
||||
}
|
||||
|
||||
var _ azcore.TokenCredential = (*UsernamePasswordCredential)(nil)
|
15
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/version.go
generated
vendored
Normal file
15
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/version.go
generated
vendored
Normal file
|
@ -0,0 +1,15 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package azidentity
|
||||
|
||||
const (
|
||||
// UserAgent is the string to be used in the user agent string when making requests.
|
||||
component = "azidentity"
|
||||
|
||||
// Version is the semantic version (see http://semver.org) of this module.
|
||||
version = "v1.3.0"
|
||||
)
|
126
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/workload_identity.go
generated
vendored
Normal file
126
vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/workload_identity.go
generated
vendored
Normal file
|
@ -0,0 +1,126 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
|
||||
package azidentity
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"os"
|
||||
"sync"
|
||||
"time"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
)
|
||||
|
||||
const credNameWorkloadIdentity = "WorkloadIdentityCredential"
|
||||
|
||||
// WorkloadIdentityCredential supports Azure workload identity on Kubernetes.
|
||||
// See [Azure Kubernetes Service documentation] for more information.
|
||||
//
|
||||
// [Azure Kubernetes Service documentation]: https://learn.microsoft.com/azure/aks/workload-identity-overview
|
||||
type WorkloadIdentityCredential struct {
|
||||
assertion, file string
|
||||
cred *ClientAssertionCredential
|
||||
expires time.Time
|
||||
mtx *sync.RWMutex
|
||||
}
|
||||
|
||||
// WorkloadIdentityCredentialOptions contains optional parameters for WorkloadIdentityCredential.
|
||||
type WorkloadIdentityCredentialOptions struct {
|
||||
azcore.ClientOptions
|
||||
|
||||
// AdditionallyAllowedTenants specifies additional tenants for which the credential may acquire tokens.
|
||||
// Add the wildcard value "*" to allow the credential to acquire tokens for any tenant in which the
|
||||
// application is registered.
|
||||
AdditionallyAllowedTenants []string
|
||||
// ClientID of the service principal. Defaults to the value of the environment variable AZURE_CLIENT_ID.
|
||||
ClientID string
|
||||
// DisableInstanceDiscovery should be set true only by applications authenticating in disconnected clouds, or
|
||||
// private clouds such as Azure Stack. It determines whether the credential requests Azure AD instance metadata
|
||||
// from https://login.microsoft.com before authenticating. Setting this to true will skip this request, making
|
||||
// the application responsible for ensuring the configured authority is valid and trustworthy.
|
||||
DisableInstanceDiscovery bool
|
||||
// TenantID of the service principal. Defaults to the value of the environment variable AZURE_TENANT_ID.
|
||||
TenantID string
|
||||
// TokenFilePath is the path a file containing the workload identity token. Defaults to the value of the
|
||||
// environment variable AZURE_FEDERATED_TOKEN_FILE.
|
||||
TokenFilePath string
|
||||
}
|
||||
|
||||
// NewWorkloadIdentityCredential constructs a WorkloadIdentityCredential. Service principal configuration is read
|
||||
// from environment variables as set by the Azure workload identity webhook. Set options to override those values.
|
||||
func NewWorkloadIdentityCredential(options *WorkloadIdentityCredentialOptions) (*WorkloadIdentityCredential, error) {
|
||||
if options == nil {
|
||||
options = &WorkloadIdentityCredentialOptions{}
|
||||
}
|
||||
ok := false
|
||||
clientID := options.ClientID
|
||||
if clientID == "" {
|
||||
if clientID, ok = os.LookupEnv(azureClientID); !ok {
|
||||
return nil, errors.New("no client ID specified. Check pod configuration or set ClientID in the options")
|
||||
}
|
||||
}
|
||||
file := options.TokenFilePath
|
||||
if file == "" {
|
||||
if file, ok = os.LookupEnv(azureFederatedTokenFile); !ok {
|
||||
return nil, errors.New("no token file specified. Check pod configuration or set TokenFilePath in the options")
|
||||
}
|
||||
}
|
||||
tenantID := options.TenantID
|
||||
if tenantID == "" {
|
||||
if tenantID, ok = os.LookupEnv(azureTenantID); !ok {
|
||||
return nil, errors.New("no tenant ID specified. Check pod configuration or set TenantID in the options")
|
||||
}
|
||||
}
|
||||
w := WorkloadIdentityCredential{file: file, mtx: &sync.RWMutex{}}
|
||||
caco := ClientAssertionCredentialOptions{
|
||||
AdditionallyAllowedTenants: options.AdditionallyAllowedTenants,
|
||||
ClientOptions: options.ClientOptions,
|
||||
DisableInstanceDiscovery: options.DisableInstanceDiscovery,
|
||||
}
|
||||
cred, err := NewClientAssertionCredential(tenantID, clientID, w.getAssertion, &caco)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
// we want "WorkloadIdentityCredential" in log messages, not "ClientAssertionCredential"
|
||||
cred.s.name = credNameWorkloadIdentity
|
||||
w.cred = cred
|
||||
return &w, nil
|
||||
}
|
||||
|
||||
// GetToken requests an access token from Azure Active Directory. Azure SDK clients call this method automatically.
|
||||
func (w *WorkloadIdentityCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
|
||||
return w.cred.GetToken(ctx, opts)
|
||||
}
|
||||
|
||||
// getAssertion returns the specified file's content, which is expected to be a Kubernetes service account token.
|
||||
// Kubernetes is responsible for updating the file as service account tokens expire.
|
||||
func (w *WorkloadIdentityCredential) getAssertion(context.Context) (string, error) {
|
||||
w.mtx.RLock()
|
||||
if w.expires.Before(time.Now()) {
|
||||
// ensure only one goroutine at a time updates the assertion
|
||||
w.mtx.RUnlock()
|
||||
w.mtx.Lock()
|
||||
defer w.mtx.Unlock()
|
||||
// double check because another goroutine may have acquired the write lock first and done the update
|
||||
if now := time.Now(); w.expires.Before(now) {
|
||||
content, err := os.ReadFile(w.file)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
w.assertion = string(content)
|
||||
// Kubernetes rotates service account tokens when they reach 80% of their total TTL. The shortest TTL
|
||||
// is 1 hour. That implies the token we just read is valid for at least 12 minutes (20% of 1 hour),
|
||||
// but we add some margin for safety.
|
||||
w.expires = now.Add(10 * time.Minute)
|
||||
}
|
||||
} else {
|
||||
defer w.mtx.RUnlock()
|
||||
}
|
||||
return w.assertion, nil
|
||||
}
|
39
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/CHANGELOG.md
generated
vendored
39
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/CHANGELOG.md
generated
vendored
|
@ -1,5 +1,44 @@
|
|||
# Release History
|
||||
|
||||
## 1.1.0 (2023-07-13)
|
||||
|
||||
### Features Added
|
||||
|
||||
* Added [Blob Batch API](https://learn.microsoft.com/rest/api/storageservices/blob-batch).
|
||||
* Added support for bearer challenge for identity based managed disks.
|
||||
* Added support for GetAccountInfo to container and blob level clients.
|
||||
* Added [UploadBlobFromURL API](https://learn.microsoft.com/rest/api/storageservices/put-blob-from-url).
|
||||
* Added support for CopySourceAuthorization to appendblob.AppendBlockFromURL
|
||||
* Added support for tag permission in Container SAS.
|
||||
|
||||
### Bugs Fixed
|
||||
|
||||
* Fixed time formatting for the conditional request headers. Fixes [#20475](https://github.com/Azure/azure-sdk-for-go/issues/20475).
|
||||
* Fixed an issue where passing a blob tags map of length 0 would result in the x-ms-tags header to be sent to the service with an empty string as value.
|
||||
|
||||
* Fixed block size and number of blocks calculation in `UploadBuffer` and `UploadFile`. Fixes [#20735](https://github.com/Azure/azure-sdk-for-go/issues/20735).
|
||||
|
||||
### Other Changes
|
||||
|
||||
* Add `dragonfly` to the list of build constraints for `blockblob`.
|
||||
* Updating version of azcore to 1.6.0 and azidentity to 1.3.0
|
||||
|
||||
## 1.1.0-beta.1 (2023-05-09)
|
||||
|
||||
### Features Added
|
||||
|
||||
* Added [Blob Batch API](https://learn.microsoft.com/rest/api/storageservices/blob-batch).
|
||||
* Added support for bearer challenge for identity based managed disks.
|
||||
* Added support for GetAccountInfo to container and blob level clients.
|
||||
* Added [UploadBlobFromURL API](https://learn.microsoft.com/rest/api/storageservices/put-blob-from-url).
|
||||
* Added support for CopySourceAuthorization to appendblob.AppendBlockFromURL
|
||||
* Added support for tag permission in Container SAS.
|
||||
|
||||
### Bugs Fixed
|
||||
|
||||
* Fixed time formatting for the conditional request headers. Fixes [#20475](https://github.com/Azure/azure-sdk-for-go/issues/20475).
|
||||
* Fixed an issue where passing a blob tags map of length 0 would result in the x-ms-tags header to be sent to the service with an empty string as value.
|
||||
|
||||
## 1.0.0 (2023-02-07)
|
||||
|
||||
### Features Added
|
||||
|
|
150
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/README.md
generated
vendored
150
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/README.md
generated
vendored
|
@ -1,47 +1,51 @@
|
|||
# Azure Blob Storage SDK for Go
|
||||
# Azure Blob Storage module for Go
|
||||
|
||||
> Server Version: 2020-10-02
|
||||
> Service Version: 2020-10-02
|
||||
|
||||
Azure Blob storage is Microsoft's object storage solution for the cloud. Blob
|
||||
storage is optimized for storing massive amounts of unstructured data.
|
||||
Unstructured data is data that does not adhere to a particular data model or
|
||||
definition, such as text or binary data.
|
||||
Azure Blob Storage is Microsoft's object storage solution for the cloud. Blob
|
||||
Storage is optimized for storing massive amounts of unstructured data - data that does not adhere to a particular data model or
|
||||
definition, such as text or binary data. For more information, see [Introduction to Azure Blob Storage](https://learn.microsoft.com/azure/storage/blobs/storage-blobs-introduction).
|
||||
|
||||
[Source code][source] | [API reference documentation][docs] | [REST API documentation][rest_docs] | [Product documentation][product_docs]
|
||||
Use the Azure Blob Storage client module `github.com/Azure/azure-sdk-for-go/sdk/storage/azblob` to:
|
||||
|
||||
* Authenticate clients with Azure Blob Storage
|
||||
* Manipulate containers and blobs in an Azure storage account
|
||||
|
||||
Key links:
|
||||
|
||||
[Source code][source] | [API reference documentation][docs] | [REST API documentation][rest_docs] | [Product documentation][product_docs] | [Samples][go_samples]
|
||||
|
||||
## Getting started
|
||||
|
||||
### Install the package
|
||||
|
||||
Install the Azure Blob Storage SDK for Go with [go get][goget]:
|
||||
|
||||
```Powershell
|
||||
go get github.com/Azure/azure-sdk-for-go/sdk/storage/azblob
|
||||
```
|
||||
|
||||
If you're going to authenticate with Azure Active Directory (recommended), install the [azidentity][azidentity] module.
|
||||
```Powershell
|
||||
go get github.com/Azure/azure-sdk-for-go/sdk/azidentity
|
||||
```
|
||||
|
||||
### Prerequisites
|
||||
|
||||
A supported [Go][godevdl] version (the Azure SDK supports the two most recent Go releases).
|
||||
|
||||
You need an [Azure subscription][azure_sub] and a
|
||||
[Storage Account][storage_account_docs] to use this package.
|
||||
|
||||
To create a new Storage Account, you can use the [Azure Portal][storage_account_create_portal],
|
||||
- Go, version 1.18 or higher - [Install Go](https://go.dev/doc/install)
|
||||
- Azure subscription - [Create a free account](https://azure.microsoft.com/free/)
|
||||
- Azure storage account - To create a storage account, use tools including the [Azure portal][storage_account_create_portal],
|
||||
[Azure PowerShell][storage_account_create_ps], or the [Azure CLI][storage_account_create_cli].
|
||||
Here's an example using the Azure CLI:
|
||||
|
||||
```Powershell
|
||||
```bash
|
||||
az storage account create --name MyStorageAccount --resource-group MyResourceGroup --location westus --sku Standard_LRS
|
||||
```
|
||||
|
||||
### Install the package
|
||||
|
||||
Install the Azure Blob Storage client module for Go with [go get][goget]:
|
||||
|
||||
```bash
|
||||
go get github.com/Azure/azure-sdk-for-go/sdk/storage/azblob
|
||||
```
|
||||
|
||||
If you plan to authenticate with Azure Active Directory (recommended), also install the [azidentity][azidentity] module.
|
||||
|
||||
```bash
|
||||
go get github.com/Azure/azure-sdk-for-go/sdk/azidentity
|
||||
```
|
||||
|
||||
### Authenticate the client
|
||||
|
||||
In order to interact with the Azure Blob Storage service, you'll need to create an instance of the `azblob.Client` type. The [azidentity][azidentity] module makes it easy to add Azure Active Directory support for authenticating Azure SDK clients with their corresponding Azure services.
|
||||
To interact with the Azure Blob Storage service, you'll need to create an instance of the `azblob.Client` type. The [azidentity][azidentity] module makes it easy to add Azure Active Directory support for authenticating Azure SDK clients with their corresponding Azure services.
|
||||
|
||||
```go
|
||||
// create a credential for authenticating with Azure Active Directory
|
||||
|
@ -53,11 +57,17 @@ client, err := azblob.NewClient("https://MYSTORAGEACCOUNT.blob.core.windows.net/
|
|||
// TODO: handle err
|
||||
```
|
||||
|
||||
Learn more about enabling Azure Active Directory for authentication with Azure Storage in [our documentation][storage_ad] and [our samples](#next-steps).
|
||||
Learn more about enabling Azure Active Directory for authentication with Azure Storage:
|
||||
|
||||
* [Authorize access to blobs using Azure Active Directory][storage_ad]
|
||||
|
||||
Other options for authentication include connection strings, shared key, shared access signatures (SAS), and anonymous public access. Use the appropriate client constructor function for the authentication mechanism you wish to use. For examples, see:
|
||||
|
||||
* [Blob samples][samples]
|
||||
|
||||
## Key concepts
|
||||
|
||||
Blob storage is designed for:
|
||||
Blob Storage is designed for:
|
||||
|
||||
- Serving images or documents directly to a browser.
|
||||
- Storing files for distributed access.
|
||||
|
@ -66,23 +76,41 @@ Blob storage is designed for:
|
|||
- Storing data for backup and restore, disaster recovery, and archiving.
|
||||
- Storing data for analysis by an on-premises or Azure-hosted service.
|
||||
|
||||
Blob storage offers three types of resources:
|
||||
Blob Storage offers three types of resources:
|
||||
|
||||
- The _storage account_
|
||||
- One or more _containers_ in a storage account
|
||||
- One ore more _blobs_ in a container
|
||||
- One or more _blobs_ in a container
|
||||
|
||||
Instances of the `azblob.Client` type provide methods for manipulating containers and blobs within a storage account.
|
||||
The storage account is specified when the `azblob.Client` is constructed.
|
||||
Use the appropriate client constructor function for the authentication mechanism you wish to use.
|
||||
|
||||
Learn more about options for authentication _(including Connection Strings, Shared Key, Shared Access Signatures (SAS), Azure Active Directory (AAD), and anonymous public access)_ [in our examples.](https://github.com/Azure/azure-sdk-for-go/blob/main/sdk/storage/azblob/examples_test.go)
|
||||
### Specialized clients
|
||||
|
||||
The Azure Blob Storage client module for Go also provides specialized clients in various subpackages. Use these clients when you need to interact with a specific kind of blob. Learn more about [block blobs, append blobs, and page blobs](https://learn.microsoft.com/rest/api/storageservices/understanding-block-blobs--append-blobs--and-page-blobs).
|
||||
|
||||
- [appendblob][append_blob]
|
||||
- [blockblob][block_blob]
|
||||
- [pageblob][page_blob]
|
||||
|
||||
The [blob][blob] package contains APIs common to all blob types. This includes APIs for deleting and undeleting a blob, setting metadata, and more.
|
||||
|
||||
The [lease][lease] package contains clients for managing leases on blobs and containers. See the [REST API reference](https://learn.microsoft.com/rest/api/storageservices/lease-blob#remarks) for general information on leases.
|
||||
|
||||
The [container][container] package contains APIs specific to containers. This includes APIs for setting access policies or properties, and more.
|
||||
|
||||
The [service][service] package contains APIs specific to the Blob service. This includes APIs for manipulating containers, retrieving account information, and more.
|
||||
|
||||
The [sas][sas] package contains utilities to aid in the creation and manipulation of shared access signature (SAS) tokens.
|
||||
See the package's documentation for more information.
|
||||
|
||||
### Goroutine safety
|
||||
We guarantee that all client instance methods are goroutine-safe and independent of each other ([guideline](https://azure.github.io/azure-sdk/golang_introduction.html#thread-safety)). This ensures that the recommendation of reusing client instances is always safe, even across goroutines.
|
||||
|
||||
### About blob metadata
|
||||
Blob metadata name/value pairs are valid HTTP headers and should adhere to all restrictions governing HTTP headers. Metadata names must be valid HTTP header names, may contain only ASCII characters, and should be treated as case-insensitive. Base64-encode or URL-encode metadata values containing non-ASCII characters.
|
||||
We guarantee that all client instance methods are goroutine-safe and independent of each other (see [guideline](https://azure.github.io/azure-sdk/golang_introduction.html#thread-safety)). This ensures that the recommendation to reuse client instances is always safe, even across goroutines.
|
||||
|
||||
### Blob metadata
|
||||
|
||||
Blob metadata name-value pairs are valid HTTP headers and should adhere to all restrictions governing HTTP headers. Metadata names must be valid HTTP header names, may contain only ASCII characters, and should be treated as case-insensitive. Base64-encode or URL-encode metadata values containing non-ASCII characters.
|
||||
|
||||
### Additional concepts
|
||||
<!-- CLIENT COMMON BAR -->
|
||||
|
@ -94,7 +122,7 @@ Blob metadata name/value pairs are valid HTTP headers and should adhere to all r
|
|||
|
||||
## Examples
|
||||
|
||||
### Uploading a blob
|
||||
### Upload a blob
|
||||
|
||||
```go
|
||||
const (
|
||||
|
@ -122,7 +150,7 @@ _, err = client.UploadFile(context.TODO(), containerName, blobName, file, nil)
|
|||
// TODO: handle error
|
||||
```
|
||||
|
||||
### Downloading a blob
|
||||
### Download a blob
|
||||
|
||||
```go
|
||||
// this example accesses a public blob via anonymous access, so no credentials are required
|
||||
|
@ -139,7 +167,7 @@ _, err = client.DownloadFile(context.TODO(), "samples", "cloud.jpg", file, nil)
|
|||
// TODO: handle error
|
||||
```
|
||||
|
||||
### Enumerating blobs
|
||||
### Enumerate blobs
|
||||
|
||||
```go
|
||||
const (
|
||||
|
@ -177,7 +205,7 @@ All Blob service operations will return an
|
|||
[*azcore.ResponseError][azcore_response_error] on failure with a
|
||||
populated `ErrorCode` field. Many of these errors are recoverable.
|
||||
The [bloberror][blob_error] package provides the possible Storage error codes
|
||||
along with various helper facilities for error handling.
|
||||
along with helper facilities for error handling.
|
||||
|
||||
```go
|
||||
const (
|
||||
|
@ -203,27 +231,6 @@ if bloberror.HasCode(err, bloberror.ContainerBeingDeleted, bloberror.ContainerNo
|
|||
|
||||
Get started with our [Blob samples][samples]. They contain complete examples of the above snippets and more.
|
||||
|
||||
### Specialized clients
|
||||
|
||||
The Azure Blob Storage SDK for Go also provides specialized clients in various subpackages.
|
||||
Use these clients when you need to interact with a specific kind of blob.
|
||||
Learn more about the various types of blobs from the following links.
|
||||
|
||||
- [appendblob][append_blob] - [REST docs](https://docs.microsoft.com/rest/api/storageservices/understanding-block-blobs--append-blobs--and-page-blobs#about-append-blobs)
|
||||
- [blockblob][block_blob] - [REST docs](https://docs.microsoft.com/rest/api/storageservices/understanding-block-blobs--append-blobs--and-page-blobs#about-block-blobs)
|
||||
- [pageblob][page_blob] - [REST docs](https://docs.microsoft.com/rest/api/storageservices/understanding-block-blobs--append-blobs--and-page-blobs#about-page-blobs)
|
||||
|
||||
The [blob][blob] package contains APIs common to all blob types. This includes APIs for deleting and undeleting a blob, setting metadata, and more.
|
||||
|
||||
The [lease][lease] package contains clients for managing leases on blobs and containers. Please see the [reference docs](https://docs.microsoft.com/rest/api/storageservices/lease-blob#remarks) for general information on leases.
|
||||
|
||||
The [container][container] package contains APIs specific to containers. This includes APIs setting access policies or properties, and more.
|
||||
|
||||
The [service][service] package contains APIs specific to blob service. This includes APIs for manipulating containers, retrieving account information, and more.
|
||||
|
||||
The [sas][sas] package contains utilities to aid in the creation and manipulation of Shared Access Signature tokens.
|
||||
See the package's documentation for more information.
|
||||
|
||||
## Contributing
|
||||
|
||||
See the [Storage CONTRIBUTING.md][storage_contrib] for details on building,
|
||||
|
@ -243,19 +250,20 @@ additional questions or comments.
|
|||
|
||||
<!-- LINKS -->
|
||||
[source]: https://github.com/Azure/azure-sdk-for-go/tree/main/sdk/storage/azblob
|
||||
[docs]: https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob
|
||||
[rest_docs]: https://docs.microsoft.com/rest/api/storageservices/blob-service-rest-api
|
||||
[product_docs]: https://docs.microsoft.com/azure/storage/blobs/storage-blobs-overview
|
||||
[docs]: https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob#section_documentation
|
||||
[rest_docs]: https://learn.microsoft.com/rest/api/storageservices/blob-service-rest-api
|
||||
[product_docs]: https://learn.microsoft.com/azure/storage/blobs/storage-blobs-overview
|
||||
[godevdl]: https://go.dev/dl/
|
||||
[goget]: https://pkg.go.dev/cmd/go#hdr-Add_dependencies_to_current_module_and_install_them
|
||||
[storage_account_docs]: https://docs.microsoft.com/azure/storage/common/storage-account-overview
|
||||
[storage_account_create_ps]: https://docs.microsoft.com/azure/storage/common/storage-quickstart-create-account?tabs=azure-powershell
|
||||
[storage_account_create_cli]: https://docs.microsoft.com/azure/storage/common/storage-quickstart-create-account?tabs=azure-cli
|
||||
[storage_account_create_portal]: https://docs.microsoft.com/azure/storage/common/storage-quickstart-create-account?tabs=azure-portal
|
||||
[azure_cli]: https://docs.microsoft.com/cli/azure
|
||||
[go_samples]: https://github.com/Azure-Samples/azure-sdk-for-go-samples/tree/main
|
||||
[storage_account_docs]: https://learn.microsoft.com/azure/storage/common/storage-account-overview
|
||||
[storage_account_create_ps]: https://learn.microsoft.com/azure/storage/common/storage-quickstart-create-account?tabs=azure-powershell
|
||||
[storage_account_create_cli]: https://learn.microsoft.com/azure/storage/common/storage-quickstart-create-account?tabs=azure-cli
|
||||
[storage_account_create_portal]: https://learn.microsoft.com/azure/storage/common/storage-quickstart-create-account?tabs=azure-portal
|
||||
[azure_cli]: https://learn.microsoft.com/cli/azure
|
||||
[azure_sub]: https://azure.microsoft.com/free/
|
||||
[azidentity]: https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity
|
||||
[storage_ad]: https://docs.microsoft.com/azure/storage/common/storage-auth-aad
|
||||
[storage_ad]: https://learn.microsoft.com/azure/storage/common/storage-auth-aad
|
||||
[azcore_response_error]: https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azcore#ResponseError
|
||||
[samples]: https://github.com/Azure/azure-sdk-for-go/blob/main/sdk/storage/azblob/examples_test.go
|
||||
[append_blob]: https://github.com/Azure/azure-sdk-for-go/tree/main/sdk/storage/azblob/appendblob/client.go
|
||||
|
|
29
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/appendblob/client.go
generated
vendored
29
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/appendblob/client.go
generated
vendored
|
@ -8,6 +8,7 @@ package appendblob
|
|||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"io"
|
||||
"os"
|
||||
"time"
|
||||
|
@ -22,9 +23,7 @@ import (
|
|||
)
|
||||
|
||||
// ClientOptions contains the optional parameters when creating a Client.
|
||||
type ClientOptions struct {
|
||||
azcore.ClientOptions
|
||||
}
|
||||
type ClientOptions base.ClientOptions
|
||||
|
||||
// Client represents a client to an Azure Storage append blob;
|
||||
type Client base.CompositeClient[generated.BlobClient, generated.AppendBlobClient]
|
||||
|
@ -34,7 +33,7 @@ type Client base.CompositeClient[generated.BlobClient, generated.AppendBlobClien
|
|||
// - cred - an Azure AD credential, typically obtained via the azidentity module
|
||||
// - options - client options; pass nil to accept the default values
|
||||
func NewClient(blobURL string, cred azcore.TokenCredential, options *ClientOptions) (*Client, error) {
|
||||
authPolicy := runtime.NewBearerTokenPolicy(cred, []string{shared.TokenScope}, nil)
|
||||
authPolicy := shared.NewStorageChallengePolicy(cred)
|
||||
conOptions := shared.GetClientOptions(options)
|
||||
conOptions.PerRetryPolicies = append(conOptions.PerRetryPolicies, authPolicy)
|
||||
pl := runtime.NewPipeline(exported.ModuleName,
|
||||
|
@ -255,14 +254,10 @@ func (ab *Client) SetLegalHold(ctx context.Context, legalHold bool, options *blo
|
|||
return ab.BlobClient().SetLegalHold(ctx, legalHold, options)
|
||||
}
|
||||
|
||||
// SetTier operation sets the tier on a blob. The operation is allowed on a page
|
||||
// blob in a premium storage account and on a block blob in a blob storage account (locally
|
||||
// redundant storage only). A premium page blob's tier determines the allowed size, IOPS, and
|
||||
// bandwidth of the blob. A block blob's tier determines Hot/Cool/Archive storage type. This operation
|
||||
// does not update the blob's ETag.
|
||||
// For detailed information about block blob level tiering see https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-storage-tiers.
|
||||
// SetTier
|
||||
// Deprecated: SetTier only works for page blob in premium storage account and block blob in blob storage account.
|
||||
func (ab *Client) SetTier(ctx context.Context, tier blob.AccessTier, o *blob.SetTierOptions) (blob.SetTierResponse, error) {
|
||||
return ab.BlobClient().SetTier(ctx, tier, o)
|
||||
return blob.SetTierResponse{}, errors.New("operation will not work on this blob type. SetTier only works for page blob in premium storage account and block blob in blob storage account")
|
||||
}
|
||||
|
||||
// SetExpiry operation sets an expiry time on an existing blob. This operation is only allowed on Hierarchical Namespace enabled accounts.
|
||||
|
@ -282,6 +277,12 @@ func (ab *Client) GetProperties(ctx context.Context, o *blob.GetPropertiesOption
|
|||
return ab.BlobClient().GetProperties(ctx, o)
|
||||
}
|
||||
|
||||
// GetAccountInfo provides account level information
|
||||
// For more information, see https://learn.microsoft.com/en-us/rest/api/storageservices/get-account-information?tabs=shared-access-signatures.
|
||||
func (ab *Client) GetAccountInfo(ctx context.Context, o *blob.GetAccountInfoOptions) (blob.GetAccountInfoResponse, error) {
|
||||
return ab.BlobClient().GetAccountInfo(ctx, o)
|
||||
}
|
||||
|
||||
// SetHTTPHeaders changes a blob's HTTP headers.
|
||||
// For more information, see https://docs.microsoft.com/rest/api/storageservices/set-blob-properties.
|
||||
func (ab *Client) SetHTTPHeaders(ctx context.Context, HTTPHeaders blob.HTTPHeaders, o *blob.SetHTTPHeadersOptions) (blob.SetHTTPHeadersResponse, error) {
|
||||
|
@ -326,10 +327,10 @@ func (ab *Client) GetTags(ctx context.Context, o *blob.GetTagsOptions) (blob.Get
|
|||
return ab.BlobClient().GetTags(ctx, o)
|
||||
}
|
||||
|
||||
// CopyFromURL synchronously copies the data at the source URL to a block blob, with sizes up to 256 MB.
|
||||
// For more information, see https://docs.microsoft.com/en-us/rest/api/storageservices/copy-blob-from-url.
|
||||
// CopyFromURL
|
||||
// Deprecated: CopyFromURL works only with block blob
|
||||
func (ab *Client) CopyFromURL(ctx context.Context, copySource string, o *blob.CopyFromURLOptions) (blob.CopyFromURLResponse, error) {
|
||||
return ab.BlobClient().CopyFromURL(ctx, copySource, o)
|
||||
return blob.CopyFromURLResponse{}, errors.New("operation will not work on this blob type. CopyFromURL works only with block blob")
|
||||
}
|
||||
|
||||
// Concurrent Download Functions -----------------------------------------------------------------------------------------
|
||||
|
|
4
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/appendblob/models.go
generated
vendored
4
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/appendblob/models.go
generated
vendored
|
@ -100,6 +100,9 @@ func (o *AppendBlockOptions) format() (*generated.AppendBlobClientAppendBlockOpt
|
|||
|
||||
// AppendBlockFromURLOptions contains the optional parameters for the Client.AppendBlockFromURL method.
|
||||
type AppendBlockFromURLOptions struct {
|
||||
// Only Bearer type is supported. Credentials should be a valid OAuth access token to copy source.
|
||||
CopySourceAuthorization *string
|
||||
|
||||
// SourceContentValidation contains the validation mechanism used on the range of bytes read from the source.
|
||||
SourceContentValidation blob.SourceContentValidationType
|
||||
|
||||
|
@ -126,6 +129,7 @@ func (o *AppendBlockFromURLOptions) format() (*generated.AppendBlobClientAppendB
|
|||
|
||||
options := &generated.AppendBlobClientAppendBlockFromURLOptions{
|
||||
SourceRange: exported.FormatHTTPRange(o.Range),
|
||||
CopySourceAuthorization: o.CopySourceAuthorization,
|
||||
}
|
||||
|
||||
if o.SourceContentValidation != nil {
|
||||
|
|
2
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/assets.json
generated
vendored
2
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/assets.json
generated
vendored
|
@ -2,5 +2,5 @@
|
|||
"AssetsRepo": "Azure/azure-sdk-assets",
|
||||
"AssetsRepoPrefixPath": "go",
|
||||
"TagPrefix": "go/storage/azblob",
|
||||
"Tag": "go/storage/azblob_46e572d43a"
|
||||
"Tag": "go/storage/azblob_a772b9c866"
|
||||
}
|
||||
|
|
29
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blob/client.go
generated
vendored
29
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blob/client.go
generated
vendored
|
@ -25,9 +25,7 @@ import (
|
|||
)
|
||||
|
||||
// ClientOptions contains the optional parameters when creating a Client.
|
||||
type ClientOptions struct {
|
||||
azcore.ClientOptions
|
||||
}
|
||||
type ClientOptions base.ClientOptions
|
||||
|
||||
// Client represents a URL to an Azure Storage blob; the blob may be a block blob, append blob, or page blob.
|
||||
type Client base.Client[generated.BlobClient]
|
||||
|
@ -37,12 +35,12 @@ type Client base.Client[generated.BlobClient]
|
|||
// - cred - an Azure AD credential, typically obtained via the azidentity module
|
||||
// - options - client options; pass nil to accept the default values
|
||||
func NewClient(blobURL string, cred azcore.TokenCredential, options *ClientOptions) (*Client, error) {
|
||||
authPolicy := runtime.NewBearerTokenPolicy(cred, []string{shared.TokenScope}, nil)
|
||||
authPolicy := shared.NewStorageChallengePolicy(cred)
|
||||
conOptions := shared.GetClientOptions(options)
|
||||
conOptions.PerRetryPolicies = append(conOptions.PerRetryPolicies, authPolicy)
|
||||
pl := runtime.NewPipeline(exported.ModuleName, exported.ModuleVersion, runtime.PipelineOptions{}, &conOptions.ClientOptions)
|
||||
|
||||
return (*Client)(base.NewBlobClient(blobURL, pl, nil)), nil
|
||||
return (*Client)(base.NewBlobClient(blobURL, pl, &cred)), nil
|
||||
}
|
||||
|
||||
// NewClientWithNoCredential creates an instance of Client with the specified values.
|
||||
|
@ -100,6 +98,10 @@ func (b *Client) sharedKey() *SharedKeyCredential {
|
|||
return base.SharedKey((*base.Client[generated.BlobClient])(b))
|
||||
}
|
||||
|
||||
func (b *Client) credential() any {
|
||||
return base.Credential((*base.Client[generated.BlobClient])(b))
|
||||
}
|
||||
|
||||
// URL returns the URL endpoint used by the Client object.
|
||||
func (b *Client) URL() string {
|
||||
return b.generated().Endpoint()
|
||||
|
@ -114,7 +116,7 @@ func (b *Client) WithSnapshot(snapshot string) (*Client, error) {
|
|||
}
|
||||
p.Snapshot = snapshot
|
||||
|
||||
return (*Client)(base.NewBlobClient(p.String(), b.generated().Pipeline(), b.sharedKey())), nil
|
||||
return (*Client)(base.NewBlobClient(p.String(), b.generated().Pipeline(), b.credential())), nil
|
||||
}
|
||||
|
||||
// WithVersionID creates a new AppendBlobURL object identical to the source but with the specified version id.
|
||||
|
@ -126,7 +128,7 @@ func (b *Client) WithVersionID(versionID string) (*Client, error) {
|
|||
}
|
||||
p.VersionID = versionID
|
||||
|
||||
return (*Client)(base.NewBlobClient(p.String(), b.generated().Pipeline(), b.sharedKey())), nil
|
||||
return (*Client)(base.NewBlobClient(p.String(), b.generated().Pipeline(), b.credential())), nil
|
||||
}
|
||||
|
||||
// Delete marks the specified blob or snapshot for deletion. The blob is later deleted during garbage collection.
|
||||
|
@ -264,6 +266,14 @@ func (b *Client) CopyFromURL(ctx context.Context, copySource string, options *Co
|
|||
return resp, err
|
||||
}
|
||||
|
||||
// GetAccountInfo provides account level information
|
||||
// For more information, see https://learn.microsoft.com/en-us/rest/api/storageservices/get-account-information?tabs=shared-access-signatures.
|
||||
func (b *Client) GetAccountInfo(ctx context.Context, o *GetAccountInfoOptions) (GetAccountInfoResponse, error) {
|
||||
getAccountInfoOptions := o.format()
|
||||
resp, err := b.generated().GetAccountInfo(ctx, getAccountInfoOptions)
|
||||
return resp, err
|
||||
}
|
||||
|
||||
// GetSASURL is a convenience method for generating a SAS token for the currently pointed at blob.
|
||||
// It can only be used if the credential supplied during creation was a SharedKeyCredential.
|
||||
func (b *Client) GetSASURL(permissions sas.BlobPermissions, expiry time.Time, o *GetSASURLOptions) (string, error) {
|
||||
|
@ -313,12 +323,11 @@ func (b *Client) download(ctx context.Context, writer io.WriterAt, o downloadOpt
|
|||
count := o.Range.Count
|
||||
if count == CountToEnd { // If size not specified, calculate it
|
||||
// If we don't have the length at all, get it
|
||||
downloadBlobOptions := o.getDownloadBlobOptions(HTTPRange{}, nil)
|
||||
dr, err := b.DownloadStream(ctx, downloadBlobOptions)
|
||||
gr, err := b.GetProperties(ctx, o.getBlobPropertiesOptions())
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
count = *dr.ContentLength - o.Range.Offset
|
||||
count = *gr.ContentLength - o.Range.Offset
|
||||
}
|
||||
|
||||
if count <= 0 {
|
||||
|
|
11
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blob/models.go
generated
vendored
11
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blob/models.go
generated
vendored
|
@ -565,3 +565,14 @@ func (o *CopyFromURLOptions) format() (*generated.BlobClientCopyFromURLOptions,
|
|||
leaseAccessConditions, modifiedAccessConditions := exported.FormatBlobAccessConditions(o.BlobAccessConditions)
|
||||
return options, o.SourceModifiedAccessConditions, modifiedAccessConditions, leaseAccessConditions
|
||||
}
|
||||
|
||||
// ---------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
// GetAccountInfoOptions provides set of options for Client.GetAccountInfo
|
||||
type GetAccountInfoOptions struct {
|
||||
// placeholder for future options
|
||||
}
|
||||
|
||||
func (o *GetAccountInfoOptions) format() *generated.BlobClientGetAccountInfoOptions {
|
||||
return nil
|
||||
}
|
||||
|
|
3
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blob/responses.go
generated
vendored
3
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blob/responses.go
generated
vendored
|
@ -100,6 +100,9 @@ type SetLegalHoldResponse = generated.BlobClientSetLegalHoldResponse
|
|||
// CopyFromURLResponse contains the response from method BlobClient.CopyFromURL.
|
||||
type CopyFromURLResponse = generated.BlobClientCopyFromURLResponse
|
||||
|
||||
// GetAccountInfoResponse contains the response from method BlobClient.GetAccountInfo.
|
||||
type GetAccountInfoResponse = generated.BlobClientGetAccountInfoResponse
|
||||
|
||||
// AcquireLeaseResponse contains the response from method BlobClient.AcquireLease.
|
||||
type AcquireLeaseResponse = generated.BlobClientAcquireLeaseResponse
|
||||
|
||||
|
|
45
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blockblob/client.go
generated
vendored
45
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blockblob/client.go
generated
vendored
|
@ -12,6 +12,7 @@ import (
|
|||
"encoding/base64"
|
||||
"errors"
|
||||
"io"
|
||||
"math"
|
||||
"os"
|
||||
"sync"
|
||||
"time"
|
||||
|
@ -30,9 +31,7 @@ import (
|
|||
)
|
||||
|
||||
// ClientOptions contains the optional parameters when creating a Client.
|
||||
type ClientOptions struct {
|
||||
azcore.ClientOptions
|
||||
}
|
||||
type ClientOptions base.ClientOptions
|
||||
|
||||
// Client defines a set of operations applicable to block blobs.
|
||||
type Client base.CompositeClient[generated.BlobClient, generated.BlockBlobClient]
|
||||
|
@ -42,7 +41,7 @@ type Client base.CompositeClient[generated.BlobClient, generated.BlockBlobClient
|
|||
// - cred - an Azure AD credential, typically obtained via the azidentity module
|
||||
// - options - client options; pass nil to accept the default values
|
||||
func NewClient(blobURL string, cred azcore.TokenCredential, options *ClientOptions) (*Client, error) {
|
||||
authPolicy := runtime.NewBearerTokenPolicy(cred, []string{shared.TokenScope}, nil)
|
||||
authPolicy := shared.NewStorageChallengePolicy(cred)
|
||||
conOptions := shared.GetClientOptions(options)
|
||||
conOptions.PerRetryPolicies = append(conOptions.PerRetryPolicies, authPolicy)
|
||||
pl := runtime.NewPipeline(exported.ModuleName, exported.ModuleVersion, runtime.PipelineOptions{}, &conOptions.ClientOptions)
|
||||
|
@ -165,6 +164,19 @@ func (bb *Client) Upload(ctx context.Context, body io.ReadSeekCloser, options *U
|
|||
return resp, err
|
||||
}
|
||||
|
||||
// UploadBlobFromURL - The Put Blob from URL operation creates a new Block Blob where the contents of the blob are read from
|
||||
// a given URL. Partial updates are not supported with Put Blob from URL; the content of an existing blob is overwritten
|
||||
// with the content of the new blob. To perform partial updates to a block blob’s contents using a source URL, use the Put
|
||||
// Block from URL API in conjunction with Put Block List.
|
||||
// For more information, see https://learn.microsoft.com/rest/api/storageservices/put-blob-from-url
|
||||
func (bb *Client) UploadBlobFromURL(ctx context.Context, copySource string, options *UploadBlobFromURLOptions) (UploadBlobFromURLResponse, error) {
|
||||
opts, httpHeaders, leaseAccessConditions, cpkInfo, cpkSourceInfo, modifiedAccessConditions, sourceModifiedConditions := options.format()
|
||||
|
||||
resp, err := bb.generated().PutBlobFromURL(ctx, int64(0), copySource, opts, httpHeaders, leaseAccessConditions, cpkInfo, cpkSourceInfo, modifiedAccessConditions, sourceModifiedConditions)
|
||||
|
||||
return resp, err
|
||||
}
|
||||
|
||||
// StageBlock uploads the specified block to the block blob's "staging area" to be later committed by a call to CommitBlockList.
|
||||
// Note that the http client closes the body stream after the request is sent to the service.
|
||||
// For more information, see https://docs.microsoft.com/rest/api/storageservices/put-block.
|
||||
|
@ -316,6 +328,12 @@ func (bb *Client) GetProperties(ctx context.Context, o *blob.GetPropertiesOption
|
|||
return bb.BlobClient().GetProperties(ctx, o)
|
||||
}
|
||||
|
||||
// GetAccountInfo provides account level information
|
||||
// For more information, see https://learn.microsoft.com/en-us/rest/api/storageservices/get-account-information?tabs=shared-access-signatures.
|
||||
func (bb *Client) GetAccountInfo(ctx context.Context, o *blob.GetAccountInfoOptions) (blob.GetAccountInfoResponse, error) {
|
||||
return bb.BlobClient().GetAccountInfo(ctx, o)
|
||||
}
|
||||
|
||||
// SetHTTPHeaders changes a blob's HTTP headers.
|
||||
// For more information, see https://docs.microsoft.com/rest/api/storageservices/set-blob-properties.
|
||||
func (bb *Client) SetHTTPHeaders(ctx context.Context, HTTPHeaders blob.HTTPHeaders, o *blob.SetHTTPHeadersOptions) (blob.SetHTTPHeadersResponse, error) {
|
||||
|
@ -370,21 +388,16 @@ func (bb *Client) CopyFromURL(ctx context.Context, copySource string, o *blob.Co
|
|||
|
||||
// uploadFromReader uploads a buffer in blocks to a block blob.
|
||||
func (bb *Client) uploadFromReader(ctx context.Context, reader io.ReaderAt, actualSize int64, o *uploadFromReaderOptions) (uploadFromReaderResponse, error) {
|
||||
readerSize := actualSize
|
||||
if o.BlockSize == 0 {
|
||||
// If bufferSize > (MaxStageBlockBytes * MaxBlocks), then error
|
||||
if readerSize > MaxStageBlockBytes*MaxBlocks {
|
||||
if actualSize > MaxStageBlockBytes*MaxBlocks {
|
||||
return uploadFromReaderResponse{}, errors.New("buffer is too large to upload to a block blob")
|
||||
}
|
||||
// If bufferSize <= MaxUploadBlobBytes, then Upload should be used with just 1 I/O request
|
||||
if readerSize <= MaxUploadBlobBytes {
|
||||
if actualSize <= MaxUploadBlobBytes {
|
||||
o.BlockSize = MaxUploadBlobBytes // Default if unspecified
|
||||
} else {
|
||||
if remainder := readerSize % MaxBlocks; remainder > 0 {
|
||||
// ensure readerSize is a multiple of MaxBlocks
|
||||
readerSize += (MaxBlocks - remainder)
|
||||
}
|
||||
o.BlockSize = readerSize / MaxBlocks // buffer / max blocks = block size to use all 50,000 blocks
|
||||
o.BlockSize = int64(math.Ceil(float64(actualSize) / MaxBlocks)) // ceil(buffer / max blocks) = block size to use all 50,000 blocks
|
||||
if o.BlockSize < blob.DefaultDownloadBlockSize { // If the block size is smaller than 4MB, round up to 4MB
|
||||
o.BlockSize = blob.DefaultDownloadBlockSize
|
||||
}
|
||||
|
@ -392,9 +405,9 @@ func (bb *Client) uploadFromReader(ctx context.Context, reader io.ReaderAt, actu
|
|||
}
|
||||
}
|
||||
|
||||
if readerSize <= MaxUploadBlobBytes {
|
||||
if actualSize <= MaxUploadBlobBytes {
|
||||
// If the size can fit in 1 Upload call, do it this way
|
||||
var body io.ReadSeeker = io.NewSectionReader(reader, 0, readerSize)
|
||||
var body io.ReadSeeker = io.NewSectionReader(reader, 0, actualSize)
|
||||
if o.Progress != nil {
|
||||
body = streaming.NewRequestProgress(shared.NopCloser(body), o.Progress)
|
||||
}
|
||||
|
@ -405,7 +418,7 @@ func (bb *Client) uploadFromReader(ctx context.Context, reader io.ReaderAt, actu
|
|||
return toUploadReaderAtResponseFromUploadResponse(resp), err
|
||||
}
|
||||
|
||||
var numBlocks = uint16(((readerSize - 1) / o.BlockSize) + 1)
|
||||
var numBlocks = uint16(((actualSize - 1) / o.BlockSize) + 1)
|
||||
if numBlocks > MaxBlocks {
|
||||
// prevent any math bugs from attempting to upload too many blocks which will always fail
|
||||
return uploadFromReaderResponse{}, errors.New("block limit exceeded")
|
||||
|
@ -425,7 +438,7 @@ func (bb *Client) uploadFromReader(ctx context.Context, reader io.ReaderAt, actu
|
|||
|
||||
err := shared.DoBatchTransfer(ctx, &shared.BatchTransferOptions{
|
||||
OperationName: "uploadFromReader",
|
||||
TransferSize: readerSize,
|
||||
TransferSize: actualSize,
|
||||
ChunkSize: o.BlockSize,
|
||||
Concurrency: o.Concurrency,
|
||||
Operation: func(ctx context.Context, offset int64, chunkSize int64) error {
|
||||
|
|
4
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blockblob/mmf_unix.go
generated
vendored
4
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blockblob/mmf_unix.go
generated
vendored
|
@ -1,6 +1,6 @@
|
|||
//go:build go1.18 && (linux || darwin || freebsd || openbsd || netbsd || solaris)
|
||||
//go:build go1.18 && (linux || darwin || dragonfly || freebsd || openbsd || netbsd || solaris || aix)
|
||||
// +build go1.18
|
||||
// +build linux darwin freebsd openbsd netbsd solaris
|
||||
// +build linux darwin dragonfly freebsd openbsd netbsd solaris aix
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License. See License.txt in the project root for license information.
|
||||
|
|
4
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blockblob/mmf_windows.go
generated
vendored
4
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blockblob/mmf_windows.go
generated
vendored
|
@ -26,7 +26,9 @@ func newMMB(size int64) (mmb, error) {
|
|||
if err != nil {
|
||||
return nil, os.NewSyscallError("CreateFileMapping", err)
|
||||
}
|
||||
defer syscall.CloseHandle(hMMF)
|
||||
defer func() {
|
||||
_ = syscall.CloseHandle(hMMF)
|
||||
}()
|
||||
|
||||
addr, err := syscall.MapViewOfFile(hMMF, access, 0, 0, uintptr(size))
|
||||
if err != nil {
|
||||
|
|
50
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blockblob/models.go
generated
vendored
50
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blockblob/models.go
generated
vendored
|
@ -70,6 +70,56 @@ func (o *UploadOptions) format() (*generated.BlockBlobClientUploadOptions, *gene
|
|||
|
||||
// ---------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
// UploadBlobFromURLOptions contains the optional parameters for the Client.UploadBlobFromURL method.
|
||||
type UploadBlobFromURLOptions struct {
|
||||
// Optional. Used to set blob tags in various blob operations.
|
||||
Tags map[string]string
|
||||
|
||||
// Only Bearer type is supported. Credentials should be a valid OAuth access token to copy source.
|
||||
CopySourceAuthorization *string
|
||||
|
||||
// Optional, default is true. Indicates if properties from the source blob should be copied.
|
||||
CopySourceBlobProperties *bool
|
||||
|
||||
// Optional. Specifies a user-defined name-value pair associated with the blob.
|
||||
Metadata map[string]*string
|
||||
|
||||
// Optional. Specifies the md5 calculated for the range of bytes that must be read from the copy source.
|
||||
SourceContentMD5 []byte
|
||||
|
||||
// Optional. Indicates the tier to be set on the blob.
|
||||
Tier *blob.AccessTier
|
||||
|
||||
// Additional optional headers
|
||||
HTTPHeaders *blob.HTTPHeaders
|
||||
AccessConditions *blob.AccessConditions
|
||||
CPKInfo *blob.CPKInfo
|
||||
CPKScopeInfo *blob.CPKScopeInfo
|
||||
SourceModifiedAccessConditions *blob.SourceModifiedAccessConditions
|
||||
}
|
||||
|
||||
func (o *UploadBlobFromURLOptions) format() (*generated.BlockBlobClientPutBlobFromURLOptions, *generated.BlobHTTPHeaders,
|
||||
*generated.LeaseAccessConditions, *generated.CPKInfo, *generated.CPKScopeInfo, *generated.ModifiedAccessConditions,
|
||||
*generated.SourceModifiedAccessConditions) {
|
||||
if o == nil {
|
||||
return nil, nil, nil, nil, nil, nil, nil
|
||||
}
|
||||
|
||||
options := generated.BlockBlobClientPutBlobFromURLOptions{
|
||||
BlobTagsString: shared.SerializeBlobTagsToStrPtr(o.Tags),
|
||||
CopySourceAuthorization: o.CopySourceAuthorization,
|
||||
CopySourceBlobProperties: o.CopySourceBlobProperties,
|
||||
Metadata: o.Metadata,
|
||||
SourceContentMD5: o.SourceContentMD5,
|
||||
Tier: o.Tier,
|
||||
}
|
||||
|
||||
leaseAccessConditions, modifiedAccessConditions := exported.FormatBlobAccessConditions(o.AccessConditions)
|
||||
return &options, o.HTTPHeaders, leaseAccessConditions, o.CPKInfo, o.CPKScopeInfo, modifiedAccessConditions, o.SourceModifiedAccessConditions
|
||||
}
|
||||
|
||||
// ---------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
// StageBlockOptions contains the optional parameters for the Client.StageBlock method.
|
||||
type StageBlockOptions struct {
|
||||
CPKInfo *blob.CPKInfo
|
||||
|
|
3
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blockblob/responses.go
generated
vendored
3
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blockblob/responses.go
generated
vendored
|
@ -16,6 +16,9 @@ import (
|
|||
// UploadResponse contains the response from method Client.Upload.
|
||||
type UploadResponse = generated.BlockBlobClientUploadResponse
|
||||
|
||||
// UploadBlobFromURLResponse contains the response from the method Client.UploadBlobFromURL
|
||||
type UploadBlobFromURLResponse = generated.BlockBlobClientPutBlobFromURLResponse
|
||||
|
||||
// StageBlockResponse contains the response from method Client.StageBlock.
|
||||
type StageBlockResponse = generated.BlockBlobClientStageBlockResponse
|
||||
|
||||
|
|
5
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/ci.yml
generated
vendored
5
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/ci.yml
generated
vendored
|
@ -26,3 +26,8 @@ stages:
|
|||
parameters:
|
||||
ServiceDirectory: 'storage/azblob'
|
||||
RunLiveTests: true
|
||||
EnvVars:
|
||||
AZURE_CLIENT_ID: $(AZBLOB_CLIENT_ID)
|
||||
AZURE_TENANT_ID: $(AZBLOB_TENANT_ID)
|
||||
AZURE_CLIENT_SECRET: $(AZBLOB_CLIENT_SECRET)
|
||||
AZURE_SUBSCRIPTION_ID: $(AZBLOB_SUBSCRIPTION_ID)
|
||||
|
|
5
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/client.go
generated
vendored
5
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/client.go
generated
vendored
|
@ -13,14 +13,13 @@ import (
|
|||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/base"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/shared"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/service"
|
||||
)
|
||||
|
||||
// ClientOptions contains the optional parameters when creating a Client.
|
||||
type ClientOptions struct {
|
||||
azcore.ClientOptions
|
||||
}
|
||||
type ClientOptions base.ClientOptions
|
||||
|
||||
// Client represents a URL to an Azure Storage blob; the blob may be a block blob, append blob, or page blob.
|
||||
type Client struct {
|
||||
|
|
94
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/container/batch_builder.go
generated
vendored
Normal file
94
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/container/batch_builder.go
generated
vendored
Normal file
|
@ -0,0 +1,94 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License. See License.txt in the project root for license information.
|
||||
|
||||
package container
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"net/url"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blob"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/exported"
|
||||
)
|
||||
|
||||
// BatchBuilder is used for creating the batch operations list. It contains the list of either delete or set tier sub-requests.
|
||||
// NOTE: All sub-requests in the batch must be of the same type, either delete or set tier.
|
||||
type BatchBuilder struct {
|
||||
endpoint string
|
||||
authPolicy policy.Policy
|
||||
subRequests []*policy.Request
|
||||
operationType *exported.BlobBatchOperationType
|
||||
}
|
||||
|
||||
func (bb *BatchBuilder) checkOperationType(operationType exported.BlobBatchOperationType) error {
|
||||
if bb.operationType == nil {
|
||||
bb.operationType = &operationType
|
||||
return nil
|
||||
}
|
||||
if *bb.operationType != operationType {
|
||||
return fmt.Errorf("BlobBatch only supports one operation type per batch and is already being used for %s operations", *bb.operationType)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// Delete operation is used to add delete sub-request to the batch builder.
|
||||
func (bb *BatchBuilder) Delete(blobName string, options *BatchDeleteOptions) error {
|
||||
err := bb.checkOperationType(exported.BatchDeleteOperationType)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
blobName = url.PathEscape(blobName)
|
||||
blobURL := runtime.JoinPaths(bb.endpoint, blobName)
|
||||
|
||||
blobClient, err := blob.NewClientWithNoCredential(blobURL, nil)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
deleteOptions, leaseInfo, accessConditions := options.format()
|
||||
req, err := getGeneratedBlobClient(blobClient).DeleteCreateRequest(context.TODO(), deleteOptions, leaseInfo, accessConditions)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// remove x-ms-version header
|
||||
exported.UpdateSubRequestHeaders(req)
|
||||
|
||||
bb.subRequests = append(bb.subRequests, req)
|
||||
return nil
|
||||
}
|
||||
|
||||
// SetTier operation is used to add set tier sub-request to the batch builder.
|
||||
func (bb *BatchBuilder) SetTier(blobName string, accessTier blob.AccessTier, options *BatchSetTierOptions) error {
|
||||
err := bb.checkOperationType(exported.BatchSetTierOperationType)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
blobName = url.PathEscape(blobName)
|
||||
blobURL := runtime.JoinPaths(bb.endpoint, blobName)
|
||||
|
||||
blobClient, err := blob.NewClientWithNoCredential(blobURL, nil)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
setTierOptions, leaseInfo, accessConditions := options.format()
|
||||
req, err := getGeneratedBlobClient(blobClient).SetTierCreateRequest(context.TODO(), accessTier, setTierOptions, leaseInfo, accessConditions)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// remove x-ms-version header
|
||||
exported.UpdateSubRequestHeaders(req)
|
||||
|
||||
bb.subRequests = append(bb.subRequests, req)
|
||||
return nil
|
||||
}
|
97
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/container/client.go
generated
vendored
97
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/container/client.go
generated
vendored
|
@ -7,7 +7,11 @@
|
|||
package container
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/streaming"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/bloberror"
|
||||
"net/http"
|
||||
"net/url"
|
||||
|
@ -28,9 +32,7 @@ import (
|
|||
)
|
||||
|
||||
// ClientOptions contains the optional parameters when creating a Client.
|
||||
type ClientOptions struct {
|
||||
azcore.ClientOptions
|
||||
}
|
||||
type ClientOptions base.ClientOptions
|
||||
|
||||
// Client represents a URL to the Azure Storage container allowing you to manipulate its blobs.
|
||||
type Client base.Client[generated.ContainerClient]
|
||||
|
@ -40,12 +42,12 @@ type Client base.Client[generated.ContainerClient]
|
|||
// - cred - an Azure AD credential, typically obtained via the azidentity module
|
||||
// - options - client options; pass nil to accept the default values
|
||||
func NewClient(containerURL string, cred azcore.TokenCredential, options *ClientOptions) (*Client, error) {
|
||||
authPolicy := runtime.NewBearerTokenPolicy(cred, []string{shared.TokenScope}, nil)
|
||||
authPolicy := shared.NewStorageChallengePolicy(cred)
|
||||
conOptions := shared.GetClientOptions(options)
|
||||
conOptions.PerRetryPolicies = append(conOptions.PerRetryPolicies, authPolicy)
|
||||
pl := runtime.NewPipeline(exported.ModuleName, exported.ModuleVersion, runtime.PipelineOptions{}, &conOptions.ClientOptions)
|
||||
|
||||
return (*Client)(base.NewContainerClient(containerURL, pl, nil)), nil
|
||||
return (*Client)(base.NewContainerClient(containerURL, pl, &cred)), nil
|
||||
}
|
||||
|
||||
// NewClientWithNoCredential creates an instance of Client with the specified values.
|
||||
|
@ -102,6 +104,15 @@ func (c *Client) sharedKey() *SharedKeyCredential {
|
|||
return base.SharedKey((*base.Client[generated.ContainerClient])(c))
|
||||
}
|
||||
|
||||
func (c *Client) credential() any {
|
||||
return base.Credential((*base.Client[generated.ContainerClient])(c))
|
||||
}
|
||||
|
||||
// helper method to return the generated.BlobClient which is used for creating the sub-requests
|
||||
func getGeneratedBlobClient(b *blob.Client) *generated.BlobClient {
|
||||
return base.InnerClient((*base.Client[generated.BlobClient])(b))
|
||||
}
|
||||
|
||||
// URL returns the URL endpoint used by the Client object.
|
||||
func (c *Client) URL() string {
|
||||
return c.generated().Endpoint()
|
||||
|
@ -113,7 +124,7 @@ func (c *Client) URL() string {
|
|||
func (c *Client) NewBlobClient(blobName string) *blob.Client {
|
||||
blobName = url.PathEscape(blobName)
|
||||
blobURL := runtime.JoinPaths(c.URL(), blobName)
|
||||
return (*blob.Client)(base.NewBlobClient(blobURL, c.generated().Pipeline(), c.sharedKey()))
|
||||
return (*blob.Client)(base.NewBlobClient(blobURL, c.generated().Pipeline(), c.credential()))
|
||||
}
|
||||
|
||||
// NewAppendBlobClient creates a new appendblob.Client object by concatenating blobName to the end of
|
||||
|
@ -190,7 +201,7 @@ func (c *Client) Restore(ctx context.Context, deletedContainerVersion string, op
|
|||
// For more information, see https://docs.microsoft.com/rest/api/storageservices/get-container-metadata.
|
||||
func (c *Client) GetProperties(ctx context.Context, o *GetPropertiesOptions) (GetPropertiesResponse, error) {
|
||||
// NOTE: GetMetadata actually calls GetProperties internally because GetProperties returns the metadata AND the properties.
|
||||
// This allows us to not expose a GetProperties method at all simplifying the API.
|
||||
// This allows us to not expose a GetMetadata method at all simplifying the API.
|
||||
// The optionals are nil, like they were in track 1.5
|
||||
opts, leaseAccessConditions := o.format()
|
||||
|
||||
|
@ -226,6 +237,14 @@ func (c *Client) SetAccessPolicy(ctx context.Context, o *SetAccessPolicyOptions)
|
|||
return resp, err
|
||||
}
|
||||
|
||||
// GetAccountInfo provides account level information
|
||||
// For more information, see https://learn.microsoft.com/en-us/rest/api/storageservices/get-account-information?tabs=shared-access-signatures.
|
||||
func (c *Client) GetAccountInfo(ctx context.Context, o *GetAccountInfoOptions) (GetAccountInfoResponse, error) {
|
||||
getAccountInfoOptions := o.format()
|
||||
resp, err := c.generated().GetAccountInfo(ctx, getAccountInfoOptions)
|
||||
return resp, err
|
||||
}
|
||||
|
||||
// NewListBlobsFlatPager returns a pager for blobs starting from the specified Marker. Use an empty
|
||||
// Marker to start enumeration from the beginning. Blob names are returned in lexicographic order.
|
||||
// For more information, see https://docs.microsoft.com/rest/api/storageservices/list-blobs.
|
||||
|
@ -329,3 +348,67 @@ func (c *Client) GetSASURL(permissions sas.ContainerPermissions, expiry time.Tim
|
|||
|
||||
return endpoint, nil
|
||||
}
|
||||
|
||||
// NewBatchBuilder creates an instance of BatchBuilder using the same auth policy as the client.
|
||||
// BatchBuilder is used to build the batch consisting of either delete or set tier sub-requests.
|
||||
// All sub-requests in the batch must be of the same type, either delete or set tier.
|
||||
func (c *Client) NewBatchBuilder() (*BatchBuilder, error) {
|
||||
var authPolicy policy.Policy
|
||||
|
||||
switch cred := c.credential().(type) {
|
||||
case *azcore.TokenCredential:
|
||||
authPolicy = shared.NewStorageChallengePolicy(*cred)
|
||||
case *SharedKeyCredential:
|
||||
authPolicy = exported.NewSharedKeyCredPolicy(cred)
|
||||
case nil:
|
||||
// for authentication using SAS
|
||||
authPolicy = nil
|
||||
default:
|
||||
return nil, fmt.Errorf("unrecognised authentication type %T", cred)
|
||||
}
|
||||
|
||||
return &BatchBuilder{
|
||||
endpoint: c.URL(),
|
||||
authPolicy: authPolicy,
|
||||
}, nil
|
||||
}
|
||||
|
||||
// SubmitBatch operation allows multiple API calls to be embedded into a single HTTP request.
|
||||
// It builds the request body using the BatchBuilder object passed.
|
||||
// BatchBuilder contains the list of operations to be submitted. It supports up to 256 sub-requests in a single batch.
|
||||
// For more information, see https://docs.microsoft.com/rest/api/storageservices/blob-batch.
|
||||
func (c *Client) SubmitBatch(ctx context.Context, bb *BatchBuilder, options *SubmitBatchOptions) (SubmitBatchResponse, error) {
|
||||
if bb == nil || len(bb.subRequests) == 0 {
|
||||
return SubmitBatchResponse{}, errors.New("batch builder is empty")
|
||||
}
|
||||
|
||||
// create the request body
|
||||
batchReq, batchID, err := exported.CreateBatchRequest(&exported.BlobBatchBuilder{
|
||||
AuthPolicy: bb.authPolicy,
|
||||
SubRequests: bb.subRequests,
|
||||
})
|
||||
if err != nil {
|
||||
return SubmitBatchResponse{}, err
|
||||
}
|
||||
|
||||
reader := bytes.NewReader(batchReq)
|
||||
rsc := streaming.NopCloser(reader)
|
||||
multipartContentType := "multipart/mixed; boundary=" + batchID
|
||||
|
||||
resp, err := c.generated().SubmitBatch(ctx, int64(len(batchReq)), multipartContentType, rsc, options.format())
|
||||
if err != nil {
|
||||
return SubmitBatchResponse{}, err
|
||||
}
|
||||
|
||||
batchResponses, err := exported.ParseBlobBatchResponse(resp.Body, resp.ContentType, bb.subRequests)
|
||||
if err != nil {
|
||||
return SubmitBatchResponse{}, err
|
||||
}
|
||||
|
||||
return SubmitBatchResponse{
|
||||
Responses: batchResponses,
|
||||
ContentType: resp.ContentType,
|
||||
RequestID: resp.RequestID,
|
||||
Version: resp.Version,
|
||||
}, nil
|
||||
}
|
||||
|
|
68
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/container/models.go
generated
vendored
68
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/container/models.go
generated
vendored
|
@ -7,6 +7,7 @@
|
|||
package container
|
||||
|
||||
import (
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blob"
|
||||
"reflect"
|
||||
"time"
|
||||
|
||||
|
@ -329,3 +330,70 @@ func formatTime(c *SignedIdentifier) error {
|
|||
|
||||
return nil
|
||||
}
|
||||
|
||||
// ---------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
// GetAccountInfoOptions provides set of options for Client.GetAccountInfo
|
||||
type GetAccountInfoOptions struct {
|
||||
// placeholder for future options
|
||||
}
|
||||
|
||||
func (o *GetAccountInfoOptions) format() *generated.ContainerClientGetAccountInfoOptions {
|
||||
return nil
|
||||
}
|
||||
|
||||
// ---------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
// BatchDeleteOptions contains the optional parameters for the BatchBuilder.Delete method.
|
||||
type BatchDeleteOptions struct {
|
||||
blob.DeleteOptions
|
||||
VersionID *string
|
||||
Snapshot *string
|
||||
}
|
||||
|
||||
func (o *BatchDeleteOptions) format() (*generated.BlobClientDeleteOptions, *generated.LeaseAccessConditions, *generated.ModifiedAccessConditions) {
|
||||
if o == nil {
|
||||
return nil, nil, nil
|
||||
}
|
||||
|
||||
basics := generated.BlobClientDeleteOptions{
|
||||
DeleteSnapshots: o.DeleteSnapshots,
|
||||
DeleteType: o.BlobDeleteType, // None by default
|
||||
Snapshot: o.Snapshot,
|
||||
VersionID: o.VersionID,
|
||||
}
|
||||
|
||||
leaseAccessConditions, modifiedAccessConditions := exported.FormatBlobAccessConditions(o.AccessConditions)
|
||||
return &basics, leaseAccessConditions, modifiedAccessConditions
|
||||
}
|
||||
|
||||
// BatchSetTierOptions contains the optional parameters for the BatchBuilder.SetTier method.
|
||||
type BatchSetTierOptions struct {
|
||||
blob.SetTierOptions
|
||||
VersionID *string
|
||||
Snapshot *string
|
||||
}
|
||||
|
||||
func (o *BatchSetTierOptions) format() (*generated.BlobClientSetTierOptions, *generated.LeaseAccessConditions, *generated.ModifiedAccessConditions) {
|
||||
if o == nil {
|
||||
return nil, nil, nil
|
||||
}
|
||||
|
||||
basics := generated.BlobClientSetTierOptions{
|
||||
RehydratePriority: o.RehydratePriority,
|
||||
Snapshot: o.Snapshot,
|
||||
VersionID: o.VersionID,
|
||||
}
|
||||
|
||||
leaseAccessConditions, modifiedAccessConditions := exported.FormatBlobAccessConditions(o.AccessConditions)
|
||||
return &basics, leaseAccessConditions, modifiedAccessConditions
|
||||
}
|
||||
|
||||
// SubmitBatchOptions contains the optional parameters for the Client.SubmitBatch method.
|
||||
type SubmitBatchOptions struct {
|
||||
// placeholder for future options
|
||||
}
|
||||
|
||||
func (o *SubmitBatchOptions) format() *generated.ContainerClientSubmitBatchOptions {
|
||||
return nil
|
||||
}
|
||||
|
|
22
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/container/responses.go
generated
vendored
22
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/container/responses.go
generated
vendored
|
@ -7,6 +7,7 @@
|
|||
package container
|
||||
|
||||
import (
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/exported"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/generated"
|
||||
)
|
||||
|
||||
|
@ -42,3 +43,24 @@ type GetAccessPolicyResponse = generated.ContainerClientGetAccessPolicyResponse
|
|||
|
||||
// SetAccessPolicyResponse contains the response from method Client.SetAccessPolicy.
|
||||
type SetAccessPolicyResponse = generated.ContainerClientSetAccessPolicyResponse
|
||||
|
||||
// GetAccountInfoResponse contains the response from method Client.GetAccountInfo.
|
||||
type GetAccountInfoResponse = generated.ContainerClientGetAccountInfoResponse
|
||||
|
||||
// SubmitBatchResponse contains the response from method Client.SubmitBatch.
|
||||
type SubmitBatchResponse struct {
|
||||
// Responses contains the responses of the sub-requests in the batch
|
||||
Responses []*BatchResponseItem
|
||||
|
||||
// ContentType contains the information returned from the Content-Type header response.
|
||||
ContentType *string
|
||||
|
||||
// RequestID contains the information returned from the x-ms-request-id header response.
|
||||
RequestID *string
|
||||
|
||||
// Version contains the information returned from the x-ms-version header response.
|
||||
Version *string
|
||||
}
|
||||
|
||||
// BatchResponseItem contains the response for the individual sub-requests.
|
||||
type BatchResponseItem = exported.BatchResponseItem
|
||||
|
|
43
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/doc.go
generated
vendored
43
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/doc.go
generated
vendored
|
@ -51,7 +51,7 @@ Use the key as the credential parameter to authenticate the client:
|
|||
cred, err := azblob.NewSharedKeyCredential(accountName, accountKey)
|
||||
handle(err)
|
||||
|
||||
serviceClient, err := azblob.NewServiceClientWithSharedKey(serviceURL, cred, nil)
|
||||
serviceClient, err := azblob.NewClientWithSharedKeyCredential(serviceURL, cred, nil)
|
||||
handle(err)
|
||||
|
||||
fmt.Println(serviceClient.URL())
|
||||
|
@ -59,11 +59,12 @@ Use the key as the credential parameter to authenticate the client:
|
|||
Using a Connection String
|
||||
|
||||
Depending on your use case and authorization method, you may prefer to initialize a client instance with a connection string instead of providing the account URL and credential separately.
|
||||
To do this, pass the connection string to the service client's `NewServiceClientFromConnectionString` method.
|
||||
To do this, pass the connection string to the service client's `NewClientFromConnectionString` method.
|
||||
The connection string can be found in your storage account in the Azure Portal under the "Access Keys" section.
|
||||
|
||||
connStr := "DefaultEndpointsProtocol=https;AccountName=<my_account_name>;AccountKey=<my_account_key>;EndpointSuffix=core.windows.net"
|
||||
serviceClient, err := azblob.NewServiceClientFromConnectionString(connStr, nil)
|
||||
serviceClient, err := azblob.NewClientFromConnectionString(connStr, nil)
|
||||
handle(err)
|
||||
|
||||
Using a Shared Access Signature (SAS) Token
|
||||
|
||||
|
@ -82,20 +83,20 @@ You can generate a SAS token from the Azure Portal under Shared Access Signature
|
|||
|
||||
cred, err := azblob.NewSharedKeyCredential(accountName, accountKey)
|
||||
handle(err)
|
||||
serviceClient, err := azblob.NewServiceClientWithSharedKey(serviceURL, cred, nil)
|
||||
serviceClient, err := azblob.NewClientWithSharedKeyCredential(serviceURL, cred, nil)
|
||||
handle(err)
|
||||
fmt.Println(serviceClient.URL())
|
||||
|
||||
// Alternatively, you can create SAS on the fly
|
||||
|
||||
resources := azblob.AccountSASResourceTypes{Service: true}
|
||||
permission := azblob.AccountSASPermissions{Read: true}
|
||||
resources := sas.AccountResourceTypes{Service: true}
|
||||
permission := sas.AccountPermissions{Read: true}
|
||||
start := time.Now()
|
||||
expiry := start.AddDate(0, 0, 1)
|
||||
serviceURLWithSAS, err := serviceClient.GetSASURL(resources, permission, start, expiry)
|
||||
serviceURLWithSAS, err := serviceClient.ServiceClient().GetSASURL(resources, permission, expiry, &service.GetSASURLOptions{StartTime: &start})
|
||||
handle(err)
|
||||
|
||||
serviceClientWithSAS, err := azblob.NewServiceClientWithNoCredential(serviceURLWithSAS, nil)
|
||||
serviceClientWithSAS, err := azblob.NewClientWithNoCredential(serviceURLWithSAS, nil)
|
||||
handle(err)
|
||||
|
||||
fmt.Println(serviceClientWithSAS.URL())
|
||||
|
@ -135,13 +136,13 @@ Examples
|
|||
handle(err)
|
||||
|
||||
// The service URL for blob endpoints is usually in the form: http(s)://<account>.blob.core.windows.net/
|
||||
serviceClient, err := azblob.NewServiceClientWithSharedKey(fmt.Sprintf("https://%s.blob.core.windows.net/", accountName), cred, nil)
|
||||
serviceClient, err := azblob.NewClientWithSharedKeyCredential(fmt.Sprintf("https://%s.blob.core.windows.net/", accountName), cred, nil)
|
||||
handle(err)
|
||||
|
||||
// ===== 1. Create a container =====
|
||||
|
||||
// First, create a container client, and use the Create method to create a new container in your account
|
||||
containerClient, err := serviceClient.NewContainerClient("testcontainer")
|
||||
containerClient := serviceClient.ServiceClient().NewContainerClient("testcontainer")
|
||||
handle(err)
|
||||
|
||||
// All APIs have an options' bag struct as a parameter.
|
||||
|
@ -154,13 +155,13 @@ Examples
|
|||
uploadData := "Hello world!"
|
||||
|
||||
// Create a new blockBlobClient from the containerClient
|
||||
blockBlobClient, err := containerClient.NewBlockBlobClient("HelloWorld.txt")
|
||||
blockBlobClient := containerClient.NewBlockBlobClient("HelloWorld.txt")
|
||||
handle(err)
|
||||
|
||||
// Upload data to the block blob
|
||||
blockBlobUploadOptions := azblob.BlockBlobUploadOptions{
|
||||
Metadata: map[string]string{"Foo": "Bar"},
|
||||
TagsMap: map[string]string{"Year": "2022"},
|
||||
blockBlobUploadOptions := blockblob.UploadOptions{
|
||||
Metadata: map[string]*string{"Foo": to.Ptr("Bar")},
|
||||
Tags: map[string]string{"Year": "2022"},
|
||||
}
|
||||
_, err = blockBlobClient.Upload(context.TODO(), streaming.NopCloser(strings.NewReader(uploadData)), &blockBlobUploadOptions)
|
||||
handle(err)
|
||||
|
@ -175,10 +176,9 @@ Examples
|
|||
downloadData, err := io.ReadAll(reader)
|
||||
handle(err)
|
||||
if string(downloadData) != uploadData {
|
||||
handle(errors.New("Uploaded data should be same as downloaded data"))
|
||||
handle(errors.New("uploaded data should be same as downloaded data"))
|
||||
}
|
||||
|
||||
|
||||
if err = reader.Close(); err != nil {
|
||||
handle(err)
|
||||
return
|
||||
|
@ -189,18 +189,15 @@ Examples
|
|||
// To iterate over a page use the NextPage(context.Context) to fetch the next page of results.
|
||||
// PageResponse() can be used to iterate over the results of the specific page.
|
||||
// Always check the Err() method after paging to see if an error was returned by the pager. A pager will return either an error or the page of results.
|
||||
pager := containerClient.ListBlobsFlat(nil)
|
||||
for pager.NextPage(context.TODO()) {
|
||||
resp := pager.PageResponse()
|
||||
pager := containerClient.NewListBlobsFlatPager(nil)
|
||||
for pager.More() {
|
||||
resp, err := pager.NextPage(context.TODO())
|
||||
handle(err)
|
||||
for _, v := range resp.Segment.BlobItems {
|
||||
fmt.Println(*v.Name)
|
||||
}
|
||||
}
|
||||
|
||||
if err = pager.Err(); err != nil {
|
||||
handle(err)
|
||||
}
|
||||
|
||||
// Delete the blob.
|
||||
_, err = blockBlobClient.Delete(context.TODO(), nil)
|
||||
handle(err)
|
||||
|
|
31
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/base/clients.go
generated
vendored
31
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/base/clients.go
generated
vendored
|
@ -7,14 +7,20 @@
|
|||
package base
|
||||
|
||||
import (
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/exported"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/generated"
|
||||
)
|
||||
|
||||
// ClientOptions contains the optional parameters when creating a Client.
|
||||
type ClientOptions struct {
|
||||
azcore.ClientOptions
|
||||
}
|
||||
|
||||
type Client[T any] struct {
|
||||
inner *T
|
||||
sharedKey *exported.SharedKeyCredential
|
||||
credential any
|
||||
}
|
||||
|
||||
func InnerClient[T any](client *Client[T]) *T {
|
||||
|
@ -22,31 +28,40 @@ func InnerClient[T any](client *Client[T]) *T {
|
|||
}
|
||||
|
||||
func SharedKey[T any](client *Client[T]) *exported.SharedKeyCredential {
|
||||
return client.sharedKey
|
||||
switch cred := client.credential.(type) {
|
||||
case *exported.SharedKeyCredential:
|
||||
return cred
|
||||
default:
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
func Credential[T any](client *Client[T]) any {
|
||||
return client.credential
|
||||
}
|
||||
|
||||
func NewClient[T any](inner *T) *Client[T] {
|
||||
return &Client[T]{inner: inner}
|
||||
}
|
||||
|
||||
func NewServiceClient(containerURL string, pipeline runtime.Pipeline, sharedKey *exported.SharedKeyCredential) *Client[generated.ServiceClient] {
|
||||
func NewServiceClient(containerURL string, pipeline runtime.Pipeline, credential any) *Client[generated.ServiceClient] {
|
||||
return &Client[generated.ServiceClient]{
|
||||
inner: generated.NewServiceClient(containerURL, pipeline),
|
||||
sharedKey: sharedKey,
|
||||
credential: credential,
|
||||
}
|
||||
}
|
||||
|
||||
func NewContainerClient(containerURL string, pipeline runtime.Pipeline, sharedKey *exported.SharedKeyCredential) *Client[generated.ContainerClient] {
|
||||
func NewContainerClient(containerURL string, pipeline runtime.Pipeline, credential any) *Client[generated.ContainerClient] {
|
||||
return &Client[generated.ContainerClient]{
|
||||
inner: generated.NewContainerClient(containerURL, pipeline),
|
||||
sharedKey: sharedKey,
|
||||
credential: credential,
|
||||
}
|
||||
}
|
||||
|
||||
func NewBlobClient(blobURL string, pipeline runtime.Pipeline, sharedKey *exported.SharedKeyCredential) *Client[generated.BlobClient] {
|
||||
func NewBlobClient(blobURL string, pipeline runtime.Pipeline, credential any) *Client[generated.BlobClient] {
|
||||
return &Client[generated.BlobClient]{
|
||||
inner: generated.NewBlobClient(blobURL, pipeline),
|
||||
sharedKey: sharedKey,
|
||||
credential: credential,
|
||||
}
|
||||
}
|
||||
|
||||
|
|
279
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/exported/blob_batch.go
generated
vendored
Normal file
279
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/exported/blob_batch.go
generated
vendored
Normal file
|
@ -0,0 +1,279 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License. See License.txt in the project root for license information.
|
||||
|
||||
package exported
|
||||
|
||||
import (
|
||||
"bufio"
|
||||
"bytes"
|
||||
"errors"
|
||||
"fmt"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/internal/log"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/internal/uuid"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/shared"
|
||||
"io"
|
||||
"mime"
|
||||
"mime/multipart"
|
||||
"net/http"
|
||||
"net/textproto"
|
||||
"strconv"
|
||||
"strings"
|
||||
)
|
||||
|
||||
const (
|
||||
batchIdPrefix = "batch_"
|
||||
httpVersion = "HTTP/1.1"
|
||||
httpNewline = "\r\n"
|
||||
)
|
||||
|
||||
// createBatchID is used for creating a new batch id which is used as batch boundary in the request body
|
||||
func createBatchID() (string, error) {
|
||||
batchID, err := uuid.New()
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
return batchIdPrefix + batchID.String(), nil
|
||||
}
|
||||
|
||||
// buildSubRequest is used for building the sub-request. Example:
|
||||
// DELETE /container0/blob0 HTTP/1.1
|
||||
// x-ms-date: Thu, 14 Jun 2018 16:46:54 GMT
|
||||
// Authorization: SharedKey account:G4jjBXA7LI/RnWKIOQ8i9xH4p76pAQ+4Fs4R1VxasaE=
|
||||
// Content-Length: 0
|
||||
func buildSubRequest(req *policy.Request) []byte {
|
||||
var batchSubRequest strings.Builder
|
||||
blobPath := req.Raw().URL.Path
|
||||
if len(req.Raw().URL.RawQuery) > 0 {
|
||||
blobPath += "?" + req.Raw().URL.RawQuery
|
||||
}
|
||||
|
||||
batchSubRequest.WriteString(fmt.Sprintf("%s %s %s%s", req.Raw().Method, blobPath, httpVersion, httpNewline))
|
||||
|
||||
for k, v := range req.Raw().Header {
|
||||
if strings.EqualFold(k, shared.HeaderXmsVersion) {
|
||||
continue
|
||||
}
|
||||
if len(v) > 0 {
|
||||
batchSubRequest.WriteString(fmt.Sprintf("%v: %v%v", k, v[0], httpNewline))
|
||||
}
|
||||
}
|
||||
|
||||
batchSubRequest.WriteString(httpNewline)
|
||||
return []byte(batchSubRequest.String())
|
||||
}
|
||||
|
||||
// CreateBatchRequest creates a new batch request using the sub-requests present in the BlobBatchBuilder.
|
||||
//
|
||||
// Example of a sub-request in the batch request body:
|
||||
//
|
||||
// --batch_357de4f7-6d0b-4e02-8cd2-6361411a9525
|
||||
// Content-Type: application/http
|
||||
// Content-Transfer-Encoding: binary
|
||||
// Content-ID: 0
|
||||
//
|
||||
// DELETE /container0/blob0 HTTP/1.1
|
||||
// x-ms-date: Thu, 14 Jun 2018 16:46:54 GMT
|
||||
// Authorization: SharedKey account:G4jjBXA7LI/RnWKIOQ8i9xH4p76pAQ+4Fs4R1VxasaE=
|
||||
// Content-Length: 0
|
||||
func CreateBatchRequest(bb *BlobBatchBuilder) ([]byte, string, error) {
|
||||
batchID, err := createBatchID()
|
||||
if err != nil {
|
||||
return nil, "", err
|
||||
}
|
||||
|
||||
// Create a new multipart buffer
|
||||
reqBody := &bytes.Buffer{}
|
||||
writer := multipart.NewWriter(reqBody)
|
||||
|
||||
// Set the boundary
|
||||
err = writer.SetBoundary(batchID)
|
||||
if err != nil {
|
||||
return nil, "", err
|
||||
}
|
||||
|
||||
partHeaders := make(textproto.MIMEHeader)
|
||||
partHeaders["Content-Type"] = []string{"application/http"}
|
||||
partHeaders["Content-Transfer-Encoding"] = []string{"binary"}
|
||||
var partWriter io.Writer
|
||||
|
||||
for i, req := range bb.SubRequests {
|
||||
if bb.AuthPolicy != nil {
|
||||
_, err := bb.AuthPolicy.Do(req)
|
||||
if err != nil && !strings.EqualFold(err.Error(), "no more policies") {
|
||||
if log.Should(EventSubmitBatch) {
|
||||
log.Writef(EventSubmitBatch, "failed to authorize sub-request for %v.\nError: %v", req.Raw().URL.Path, err.Error())
|
||||
}
|
||||
return nil, "", err
|
||||
}
|
||||
}
|
||||
|
||||
partHeaders["Content-ID"] = []string{fmt.Sprintf("%v", i)}
|
||||
partWriter, err = writer.CreatePart(partHeaders)
|
||||
if err != nil {
|
||||
return nil, "", err
|
||||
}
|
||||
|
||||
_, err = partWriter.Write(buildSubRequest(req))
|
||||
if err != nil {
|
||||
return nil, "", err
|
||||
}
|
||||
}
|
||||
|
||||
// Close the multipart writer
|
||||
err = writer.Close()
|
||||
if err != nil {
|
||||
return nil, "", err
|
||||
}
|
||||
|
||||
return reqBody.Bytes(), batchID, nil
|
||||
}
|
||||
|
||||
// UpdateSubRequestHeaders updates the sub-request headers.
|
||||
// Removes x-ms-version header.
|
||||
func UpdateSubRequestHeaders(req *policy.Request) {
|
||||
// remove x-ms-version header from the request header
|
||||
for k := range req.Raw().Header {
|
||||
if strings.EqualFold(k, shared.HeaderXmsVersion) {
|
||||
delete(req.Raw().Header, k)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// BatchResponseItem contains the response for the individual sub-requests.
|
||||
type BatchResponseItem struct {
|
||||
ContentID *int
|
||||
ContainerName *string
|
||||
BlobName *string
|
||||
RequestID *string
|
||||
Version *string
|
||||
Error error // nil error indicates that the batch sub-request operation is successful
|
||||
}
|
||||
|
||||
func getResponseBoundary(contentType *string) (string, error) {
|
||||
if contentType == nil {
|
||||
return "", fmt.Errorf("Content-Type returned in SubmitBatch response is nil")
|
||||
}
|
||||
|
||||
_, params, err := mime.ParseMediaType(*contentType)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
if val, ok := params["boundary"]; ok {
|
||||
return val, nil
|
||||
} else {
|
||||
return "", fmt.Errorf("batch boundary not present in Content-Type header of the SubmitBatch response.\nContent-Type: %v", *contentType)
|
||||
}
|
||||
}
|
||||
|
||||
func getContentID(part *multipart.Part) (*int, error) {
|
||||
contentID := part.Header.Get("Content-ID")
|
||||
if contentID == "" {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
val, err := strconv.Atoi(strings.TrimSpace(contentID))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &val, nil
|
||||
}
|
||||
|
||||
func getResponseHeader(key string, resp *http.Response) *string {
|
||||
val := resp.Header.Get(key)
|
||||
if val == "" {
|
||||
return nil
|
||||
}
|
||||
return &val
|
||||
}
|
||||
|
||||
// ParseBlobBatchResponse is used for parsing the batch response body into individual sub-responses for each item in the batch.
|
||||
func ParseBlobBatchResponse(respBody io.ReadCloser, contentType *string, subRequests []*policy.Request) ([]*BatchResponseItem, error) {
|
||||
boundary, err := getResponseBoundary(contentType)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
respReader := multipart.NewReader(respBody, boundary)
|
||||
var responses []*BatchResponseItem
|
||||
|
||||
for {
|
||||
part, err := respReader.NextPart()
|
||||
if errors.Is(err, io.EOF) {
|
||||
break
|
||||
} else if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
batchSubResponse := &BatchResponseItem{}
|
||||
batchSubResponse.ContentID, err = getContentID(part)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if batchSubResponse.ContentID != nil {
|
||||
path := strings.Trim(subRequests[*batchSubResponse.ContentID].Raw().URL.Path, "/")
|
||||
p := strings.Split(path, "/")
|
||||
batchSubResponse.ContainerName = to.Ptr(p[0])
|
||||
batchSubResponse.BlobName = to.Ptr(strings.Join(p[1:], "/"))
|
||||
}
|
||||
|
||||
respBytes, err := io.ReadAll(part)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
respBytes = append(respBytes, byte('\n'))
|
||||
buf := bytes.NewBuffer(respBytes)
|
||||
resp, err := http.ReadResponse(bufio.NewReader(buf), nil)
|
||||
// sub-response parsing error
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
batchSubResponse.RequestID = getResponseHeader(shared.HeaderXmsRequestID, resp)
|
||||
batchSubResponse.Version = getResponseHeader(shared.HeaderXmsVersion, resp)
|
||||
|
||||
// sub-response failure
|
||||
if resp.StatusCode < 200 || resp.StatusCode >= 300 {
|
||||
if len(responses) == 0 && batchSubResponse.ContentID == nil {
|
||||
// this case can happen when the parent request fails.
|
||||
// For example, batch request having more than 256 sub-requests.
|
||||
return nil, fmt.Errorf("%v", string(respBytes))
|
||||
}
|
||||
|
||||
resp.Request = subRequests[*batchSubResponse.ContentID].Raw()
|
||||
batchSubResponse.Error = runtime.NewResponseError(resp)
|
||||
}
|
||||
|
||||
responses = append(responses, batchSubResponse)
|
||||
}
|
||||
|
||||
if len(responses) != len(subRequests) {
|
||||
return nil, fmt.Errorf("expected %v responses, got %v for the batch ID: %v", len(subRequests), len(responses), boundary)
|
||||
}
|
||||
|
||||
return responses, nil
|
||||
}
|
||||
|
||||
// not exported but used for batch request creation
|
||||
|
||||
// BlobBatchBuilder is used for creating the blob batch request
|
||||
type BlobBatchBuilder struct {
|
||||
AuthPolicy policy.Policy
|
||||
SubRequests []*policy.Request
|
||||
}
|
||||
|
||||
// BlobBatchOperationType defines the operation of the blob batch sub-requests.
|
||||
type BlobBatchOperationType string
|
||||
|
||||
const (
|
||||
BatchDeleteOperationType BlobBatchOperationType = "delete"
|
||||
BatchSetTierOperationType BlobBatchOperationType = "set tier"
|
||||
)
|
|
@ -1,5 +1,8 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License.
|
||||
// Licensed under the MIT License. See License.txt in the project root for license information.
|
||||
|
||||
package exported
|
||||
|
||||
|
@ -11,4 +14,7 @@ import (
|
|||
const (
|
||||
// EventUpload is used when we compute number of blocks to upload and size of each block.
|
||||
EventUpload log.Event = "azblob.Upload"
|
||||
|
||||
// EventSubmitBatch is used for logging events related to submit blob batch operation.
|
||||
EventSubmitBatch log.Event = "azblob.SubmitBatch"
|
||||
)
|
||||
|
|
|
@ -8,5 +8,5 @@ package exported
|
|||
|
||||
const (
|
||||
ModuleName = "azblob"
|
||||
ModuleVersion = "v1.0.0"
|
||||
ModuleVersion = "v1.1.0"
|
||||
)
|
||||
|
|
|
@ -30,7 +30,7 @@ directive:
|
|||
where: $
|
||||
transform: >-
|
||||
return $.
|
||||
replace(/func \(client \*ContainerClient\) NewListBlobFlatSegmentPager\(.+\/\/ listBlobFlatSegmentCreateRequest creates the ListBlobFlatSegment request/s, `// listBlobFlatSegmentCreateRequest creates the ListBlobFlatSegment request`).
|
||||
replace(/func \(client \*ContainerClient\) NewListBlobFlatSegmentPager\(.+\/\/ listBlobFlatSegmentCreateRequest creates the ListBlobFlatSegment request/s, `//\n// listBlobFlatSegmentCreateRequest creates the ListBlobFlatSegment request`).
|
||||
replace(/\(client \*ContainerClient\) listBlobFlatSegmentCreateRequest\(/, `(client *ContainerClient) ListBlobFlatSegmentCreateRequest(`).
|
||||
replace(/\(client \*ContainerClient\) listBlobFlatSegmentHandleResponse\(/, `(client *ContainerClient) ListBlobFlatSegmentHandleResponse(`);
|
||||
```
|
||||
|
@ -43,7 +43,7 @@ directive:
|
|||
where: $
|
||||
transform: >-
|
||||
return $.
|
||||
replace(/func \(client \*ServiceClient\) NewListContainersSegmentPager\(.+\/\/ listContainersSegmentCreateRequest creates the ListContainersSegment request/s, `// listContainersSegmentCreateRequest creates the ListContainersSegment request`).
|
||||
replace(/func \(client \*ServiceClient\) NewListContainersSegmentPager\(.+\/\/ listContainersSegmentCreateRequest creates the ListContainersSegment request/s, `//\n// listContainersSegmentCreateRequest creates the ListContainersSegment request`).
|
||||
replace(/\(client \*ServiceClient\) listContainersSegmentCreateRequest\(/, `(client *ServiceClient) ListContainersSegmentCreateRequest(`).
|
||||
replace(/\(client \*ServiceClient\) listContainersSegmentHandleResponse\(/, `(client *ServiceClient) ListContainersSegmentHandleResponse(`);
|
||||
```
|
||||
|
@ -385,3 +385,53 @@ directive:
|
|||
return $.
|
||||
replace(/xml:"CORS>CORSRule"/g, "xml:\"Cors>CorsRule\"");
|
||||
```
|
||||
|
||||
### Fix Content-Type header in submit batch request
|
||||
|
||||
``` yaml
|
||||
directive:
|
||||
- from:
|
||||
- zz_container_client.go
|
||||
- zz_service_client.go
|
||||
where: $
|
||||
transform: >-
|
||||
return $.
|
||||
replace (/req.SetBody\(body\,\s+\"application\/xml\"\)/g, `req.SetBody(body, multipartContentType)`);
|
||||
```
|
||||
|
||||
### Fix response status code check in submit batch request
|
||||
|
||||
``` yaml
|
||||
directive:
|
||||
- from: zz_service_client.go
|
||||
where: $
|
||||
transform: >-
|
||||
return $.
|
||||
replace(/if\s+!runtime\.HasStatusCode\(resp,\s+http\.StatusOK\)\s+\{\s*\n\t\treturn\s+ServiceClientSubmitBatchResponse\{\}\,\s+runtime\.NewResponseError\(resp\)\s*\n\t\}/g,
|
||||
`if !runtime.HasStatusCode(resp, http.StatusAccepted) {\n\t\treturn ServiceClientSubmitBatchResponse{}, runtime.NewResponseError(resp)\n\t}`);
|
||||
```
|
||||
|
||||
### Convert time to GMT for If-Modified-Since and If-Unmodified-Since request headers
|
||||
|
||||
``` yaml
|
||||
directive:
|
||||
- from:
|
||||
- zz_container_client.go
|
||||
- zz_blob_client.go
|
||||
- zz_appendblob_client.go
|
||||
- zz_blockblob_client.go
|
||||
- zz_pageblob_client.go
|
||||
where: $
|
||||
transform: >-
|
||||
return $.
|
||||
replace (/req\.Raw\(\)\.Header\[\"If-Modified-Since\"\]\s+=\s+\[\]string\{modifiedAccessConditions\.IfModifiedSince\.Format\(time\.RFC1123\)\}/g,
|
||||
`req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}`).
|
||||
replace (/req\.Raw\(\)\.Header\[\"If-Unmodified-Since\"\]\s+=\s+\[\]string\{modifiedAccessConditions\.IfUnmodifiedSince\.Format\(time\.RFC1123\)\}/g,
|
||||
`req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}`).
|
||||
replace (/req\.Raw\(\)\.Header\[\"x-ms-source-if-modified-since\"\]\s+=\s+\[\]string\{sourceModifiedAccessConditions\.SourceIfModifiedSince\.Format\(time\.RFC1123\)\}/g,
|
||||
`req.Raw().Header["x-ms-source-if-modified-since"] = []string{(*sourceModifiedAccessConditions.SourceIfModifiedSince).In(gmt).Format(time.RFC1123)}`).
|
||||
replace (/req\.Raw\(\)\.Header\[\"x-ms-source-if-unmodified-since\"\]\s+=\s+\[\]string\{sourceModifiedAccessConditions\.SourceIfUnmodifiedSince\.Format\(time\.RFC1123\)\}/g,
|
||||
`req.Raw().Header["x-ms-source-if-unmodified-since"] = []string{(*sourceModifiedAccessConditions.SourceIfUnmodifiedSince).In(gmt).Format(time.RFC1123)}`).
|
||||
replace (/req\.Raw\(\)\.Header\[\"x-ms-immutability-policy-until-date\"\]\s+=\s+\[\]string\{options\.ImmutabilityPolicyExpiry\.Format\(time\.RFC1123\)\}/g,
|
||||
`req.Raw().Header["x-ms-immutability-policy-until-date"] = []string{(*options.ImmutabilityPolicyExpiry).In(gmt).Format(time.RFC1123)}`);
|
||||
|
||||
|
|
|
@ -6,7 +6,15 @@
|
|||
|
||||
package generated
|
||||
|
||||
import "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
import (
|
||||
"context"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
"time"
|
||||
)
|
||||
|
||||
// used to convert times from UTC to GMT before sending across the wire
|
||||
var gmt = time.FixedZone("GMT", 0)
|
||||
|
||||
func (client *BlobClient) Endpoint() string {
|
||||
return client.endpoint
|
||||
|
@ -15,3 +23,11 @@ func (client *BlobClient) Endpoint() string {
|
|||
func (client *BlobClient) Pipeline() runtime.Pipeline {
|
||||
return client.pl
|
||||
}
|
||||
|
||||
func (client *BlobClient) DeleteCreateRequest(ctx context.Context, options *BlobClientDeleteOptions, leaseAccessConditions *LeaseAccessConditions, modifiedAccessConditions *ModifiedAccessConditions) (*policy.Request, error) {
|
||||
return client.deleteCreateRequest(ctx, options, leaseAccessConditions, modifiedAccessConditions)
|
||||
}
|
||||
|
||||
func (client *BlobClient) SetTierCreateRequest(ctx context.Context, tier AccessTier, options *BlobClientSetTierOptions, leaseAccessConditions *LeaseAccessConditions, modifiedAccessConditions *ModifiedAccessConditions) (*policy.Request, error) {
|
||||
return client.setTierCreateRequest(ctx, tier, options, leaseAccessConditions, modifiedAccessConditions)
|
||||
}
|
||||
|
|
|
@ -110,10 +110,10 @@ func (client *AppendBlobClient) appendBlockCreateRequest(ctx context.Context, co
|
|||
req.Raw().Header["x-ms-encryption-scope"] = []string{*cpkScopeInfo.EncryptionScope}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -283,10 +283,10 @@ func (client *AppendBlobClient) appendBlockFromURLCreateRequest(ctx context.Cont
|
|||
req.Raw().Header["x-ms-blob-condition-appendpos"] = []string{strconv.FormatInt(*appendPositionAccessConditions.AppendPosition, 10)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -298,10 +298,10 @@ func (client *AppendBlobClient) appendBlockFromURLCreateRequest(ctx context.Cont
|
|||
req.Raw().Header["x-ms-if-tags"] = []string{*modifiedAccessConditions.IfTags}
|
||||
}
|
||||
if sourceModifiedAccessConditions != nil && sourceModifiedAccessConditions.SourceIfModifiedSince != nil {
|
||||
req.Raw().Header["x-ms-source-if-modified-since"] = []string{sourceModifiedAccessConditions.SourceIfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["x-ms-source-if-modified-since"] = []string{(*sourceModifiedAccessConditions.SourceIfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if sourceModifiedAccessConditions != nil && sourceModifiedAccessConditions.SourceIfUnmodifiedSince != nil {
|
||||
req.Raw().Header["x-ms-source-if-unmodified-since"] = []string{sourceModifiedAccessConditions.SourceIfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["x-ms-source-if-unmodified-since"] = []string{(*sourceModifiedAccessConditions.SourceIfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if sourceModifiedAccessConditions != nil && sourceModifiedAccessConditions.SourceIfMatch != nil {
|
||||
req.Raw().Header["x-ms-source-if-match"] = []string{string(*sourceModifiedAccessConditions.SourceIfMatch)}
|
||||
|
@ -467,10 +467,10 @@ func (client *AppendBlobClient) createCreateRequest(ctx context.Context, content
|
|||
req.Raw().Header["x-ms-encryption-scope"] = []string{*cpkScopeInfo.EncryptionScope}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -489,7 +489,7 @@ func (client *AppendBlobClient) createCreateRequest(ctx context.Context, content
|
|||
req.Raw().Header["x-ms-tags"] = []string{*options.BlobTagsString}
|
||||
}
|
||||
if options != nil && options.ImmutabilityPolicyExpiry != nil {
|
||||
req.Raw().Header["x-ms-immutability-policy-until-date"] = []string{options.ImmutabilityPolicyExpiry.Format(time.RFC1123)}
|
||||
req.Raw().Header["x-ms-immutability-policy-until-date"] = []string{(*options.ImmutabilityPolicyExpiry).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if options != nil && options.ImmutabilityPolicyMode != nil {
|
||||
req.Raw().Header["x-ms-immutability-policy-mode"] = []string{string(*options.ImmutabilityPolicyMode)}
|
||||
|
@ -601,10 +601,10 @@ func (client *AppendBlobClient) sealCreateRequest(ctx context.Context, options *
|
|||
req.Raw().Header["x-ms-lease-id"] = []string{*leaseAccessConditions.LeaseID}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
|
|
@ -152,10 +152,10 @@ func (client *BlobClient) acquireLeaseCreateRequest(ctx context.Context, duratio
|
|||
req.Raw().Header["x-ms-proposed-lease-id"] = []string{*options.ProposedLeaseID}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -247,10 +247,10 @@ func (client *BlobClient) breakLeaseCreateRequest(ctx context.Context, options *
|
|||
req.Raw().Header["x-ms-lease-break-period"] = []string{strconv.FormatInt(int64(*options.BreakPeriod), 10)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -350,10 +350,10 @@ func (client *BlobClient) changeLeaseCreateRequest(ctx context.Context, leaseID
|
|||
req.Raw().Header["x-ms-lease-id"] = []string{leaseID}
|
||||
req.Raw().Header["x-ms-proposed-lease-id"] = []string{proposedLeaseID}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -458,10 +458,10 @@ func (client *BlobClient) copyFromURLCreateRequest(ctx context.Context, copySour
|
|||
req.Raw().Header["x-ms-access-tier"] = []string{string(*options.Tier)}
|
||||
}
|
||||
if sourceModifiedAccessConditions != nil && sourceModifiedAccessConditions.SourceIfModifiedSince != nil {
|
||||
req.Raw().Header["x-ms-source-if-modified-since"] = []string{sourceModifiedAccessConditions.SourceIfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["x-ms-source-if-modified-since"] = []string{(*sourceModifiedAccessConditions.SourceIfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if sourceModifiedAccessConditions != nil && sourceModifiedAccessConditions.SourceIfUnmodifiedSince != nil {
|
||||
req.Raw().Header["x-ms-source-if-unmodified-since"] = []string{sourceModifiedAccessConditions.SourceIfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["x-ms-source-if-unmodified-since"] = []string{(*sourceModifiedAccessConditions.SourceIfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if sourceModifiedAccessConditions != nil && sourceModifiedAccessConditions.SourceIfMatch != nil {
|
||||
req.Raw().Header["x-ms-source-if-match"] = []string{string(*sourceModifiedAccessConditions.SourceIfMatch)}
|
||||
|
@ -470,10 +470,10 @@ func (client *BlobClient) copyFromURLCreateRequest(ctx context.Context, copySour
|
|||
req.Raw().Header["x-ms-source-if-none-match"] = []string{string(*sourceModifiedAccessConditions.SourceIfNoneMatch)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -499,7 +499,7 @@ func (client *BlobClient) copyFromURLCreateRequest(ctx context.Context, copySour
|
|||
req.Raw().Header["x-ms-tags"] = []string{*options.BlobTagsString}
|
||||
}
|
||||
if options != nil && options.ImmutabilityPolicyExpiry != nil {
|
||||
req.Raw().Header["x-ms-immutability-policy-until-date"] = []string{options.ImmutabilityPolicyExpiry.Format(time.RFC1123)}
|
||||
req.Raw().Header["x-ms-immutability-policy-until-date"] = []string{(*options.ImmutabilityPolicyExpiry).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if options != nil && options.ImmutabilityPolicyMode != nil {
|
||||
req.Raw().Header["x-ms-immutability-policy-mode"] = []string{string(*options.ImmutabilityPolicyMode)}
|
||||
|
@ -625,10 +625,10 @@ func (client *BlobClient) createSnapshotCreateRequest(ctx context.Context, optio
|
|||
req.Raw().Header["x-ms-encryption-scope"] = []string{*cpkScopeInfo.EncryptionScope}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -754,10 +754,10 @@ func (client *BlobClient) deleteCreateRequest(ctx context.Context, options *Blob
|
|||
req.Raw().Header["x-ms-delete-snapshots"] = []string{string(*options.DeleteSnapshots)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -925,10 +925,10 @@ func (client *BlobClient) downloadCreateRequest(ctx context.Context, options *Bl
|
|||
req.Raw().Header["x-ms-encryption-algorithm"] = []string{string(*cpkInfo.EncryptionAlgorithm)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -1277,10 +1277,10 @@ func (client *BlobClient) getPropertiesCreateRequest(ctx context.Context, option
|
|||
req.Raw().Header["x-ms-encryption-algorithm"] = []string{string(*cpkInfo.EncryptionAlgorithm)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -1670,10 +1670,10 @@ func (client *BlobClient) queryCreateRequest(ctx context.Context, options *BlobC
|
|||
req.Raw().Header["x-ms-encryption-algorithm"] = []string{string(*cpkInfo.EncryptionAlgorithm)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -1883,10 +1883,10 @@ func (client *BlobClient) releaseLeaseCreateRequest(ctx context.Context, leaseID
|
|||
req.Raw().Header["x-ms-lease-action"] = []string{"release"}
|
||||
req.Raw().Header["x-ms-lease-id"] = []string{leaseID}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -1974,10 +1974,10 @@ func (client *BlobClient) renewLeaseCreateRequest(ctx context.Context, leaseID s
|
|||
req.Raw().Header["x-ms-lease-action"] = []string{"renew"}
|
||||
req.Raw().Header["x-ms-lease-id"] = []string{leaseID}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -2162,10 +2162,10 @@ func (client *BlobClient) setHTTPHeadersCreateRequest(ctx context.Context, optio
|
|||
req.Raw().Header["x-ms-lease-id"] = []string{*leaseAccessConditions.LeaseID}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -2265,10 +2265,10 @@ func (client *BlobClient) setImmutabilityPolicyCreateRequest(ctx context.Context
|
|||
req.Raw().Header["x-ms-client-request-id"] = []string{*options.RequestID}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if options != nil && options.ImmutabilityPolicyExpiry != nil {
|
||||
req.Raw().Header["x-ms-immutability-policy-until-date"] = []string{options.ImmutabilityPolicyExpiry.Format(time.RFC1123)}
|
||||
req.Raw().Header["x-ms-immutability-policy-until-date"] = []string{(*options.ImmutabilityPolicyExpiry).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if options != nil && options.ImmutabilityPolicyMode != nil {
|
||||
req.Raw().Header["x-ms-immutability-policy-mode"] = []string{string(*options.ImmutabilityPolicyMode)}
|
||||
|
@ -2440,10 +2440,10 @@ func (client *BlobClient) setMetadataCreateRequest(ctx context.Context, options
|
|||
req.Raw().Header["x-ms-encryption-scope"] = []string{*cpkScopeInfo.EncryptionScope}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -2719,10 +2719,10 @@ func (client *BlobClient) startCopyFromURLCreateRequest(ctx context.Context, cop
|
|||
req.Raw().Header["x-ms-rehydrate-priority"] = []string{string(*options.RehydratePriority)}
|
||||
}
|
||||
if sourceModifiedAccessConditions != nil && sourceModifiedAccessConditions.SourceIfModifiedSince != nil {
|
||||
req.Raw().Header["x-ms-source-if-modified-since"] = []string{sourceModifiedAccessConditions.SourceIfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["x-ms-source-if-modified-since"] = []string{(*sourceModifiedAccessConditions.SourceIfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if sourceModifiedAccessConditions != nil && sourceModifiedAccessConditions.SourceIfUnmodifiedSince != nil {
|
||||
req.Raw().Header["x-ms-source-if-unmodified-since"] = []string{sourceModifiedAccessConditions.SourceIfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["x-ms-source-if-unmodified-since"] = []string{(*sourceModifiedAccessConditions.SourceIfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if sourceModifiedAccessConditions != nil && sourceModifiedAccessConditions.SourceIfMatch != nil {
|
||||
req.Raw().Header["x-ms-source-if-match"] = []string{string(*sourceModifiedAccessConditions.SourceIfMatch)}
|
||||
|
@ -2734,10 +2734,10 @@ func (client *BlobClient) startCopyFromURLCreateRequest(ctx context.Context, cop
|
|||
req.Raw().Header["x-ms-source-if-tags"] = []string{*sourceModifiedAccessConditions.SourceIfTags}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -2763,7 +2763,7 @@ func (client *BlobClient) startCopyFromURLCreateRequest(ctx context.Context, cop
|
|||
req.Raw().Header["x-ms-seal-blob"] = []string{strconv.FormatBool(*options.SealBlob)}
|
||||
}
|
||||
if options != nil && options.ImmutabilityPolicyExpiry != nil {
|
||||
req.Raw().Header["x-ms-immutability-policy-until-date"] = []string{options.ImmutabilityPolicyExpiry.Format(time.RFC1123)}
|
||||
req.Raw().Header["x-ms-immutability-policy-until-date"] = []string{(*options.ImmutabilityPolicyExpiry).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if options != nil && options.ImmutabilityPolicyMode != nil {
|
||||
req.Raw().Header["x-ms-immutability-policy-mode"] = []string{string(*options.ImmutabilityPolicyMode)}
|
||||
|
|
|
@ -134,10 +134,10 @@ func (client *BlockBlobClient) commitBlockListCreateRequest(ctx context.Context,
|
|||
req.Raw().Header["x-ms-access-tier"] = []string{string(*options.Tier)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -156,7 +156,7 @@ func (client *BlockBlobClient) commitBlockListCreateRequest(ctx context.Context,
|
|||
req.Raw().Header["x-ms-tags"] = []string{*options.BlobTagsString}
|
||||
}
|
||||
if options != nil && options.ImmutabilityPolicyExpiry != nil {
|
||||
req.Raw().Header["x-ms-immutability-policy-until-date"] = []string{options.ImmutabilityPolicyExpiry.Format(time.RFC1123)}
|
||||
req.Raw().Header["x-ms-immutability-policy-until-date"] = []string{(*options.ImmutabilityPolicyExpiry).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if options != nil && options.ImmutabilityPolicyMode != nil {
|
||||
req.Raw().Header["x-ms-immutability-policy-mode"] = []string{string(*options.ImmutabilityPolicyMode)}
|
||||
|
@ -424,10 +424,10 @@ func (client *BlockBlobClient) putBlobFromURLCreateRequest(ctx context.Context,
|
|||
req.Raw().Header["x-ms-access-tier"] = []string{string(*options.Tier)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -439,10 +439,10 @@ func (client *BlockBlobClient) putBlobFromURLCreateRequest(ctx context.Context,
|
|||
req.Raw().Header["x-ms-if-tags"] = []string{*modifiedAccessConditions.IfTags}
|
||||
}
|
||||
if sourceModifiedAccessConditions != nil && sourceModifiedAccessConditions.SourceIfModifiedSince != nil {
|
||||
req.Raw().Header["x-ms-source-if-modified-since"] = []string{sourceModifiedAccessConditions.SourceIfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["x-ms-source-if-modified-since"] = []string{(*sourceModifiedAccessConditions.SourceIfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if sourceModifiedAccessConditions != nil && sourceModifiedAccessConditions.SourceIfUnmodifiedSince != nil {
|
||||
req.Raw().Header["x-ms-source-if-unmodified-since"] = []string{sourceModifiedAccessConditions.SourceIfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["x-ms-source-if-unmodified-since"] = []string{(*sourceModifiedAccessConditions.SourceIfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if sourceModifiedAccessConditions != nil && sourceModifiedAccessConditions.SourceIfMatch != nil {
|
||||
req.Raw().Header["x-ms-source-if-match"] = []string{string(*sourceModifiedAccessConditions.SourceIfMatch)}
|
||||
|
@ -721,10 +721,10 @@ func (client *BlockBlobClient) stageBlockFromURLCreateRequest(ctx context.Contex
|
|||
req.Raw().Header["x-ms-lease-id"] = []string{*leaseAccessConditions.LeaseID}
|
||||
}
|
||||
if sourceModifiedAccessConditions != nil && sourceModifiedAccessConditions.SourceIfModifiedSince != nil {
|
||||
req.Raw().Header["x-ms-source-if-modified-since"] = []string{sourceModifiedAccessConditions.SourceIfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["x-ms-source-if-modified-since"] = []string{(*sourceModifiedAccessConditions.SourceIfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if sourceModifiedAccessConditions != nil && sourceModifiedAccessConditions.SourceIfUnmodifiedSince != nil {
|
||||
req.Raw().Header["x-ms-source-if-unmodified-since"] = []string{sourceModifiedAccessConditions.SourceIfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["x-ms-source-if-unmodified-since"] = []string{(*sourceModifiedAccessConditions.SourceIfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if sourceModifiedAccessConditions != nil && sourceModifiedAccessConditions.SourceIfMatch != nil {
|
||||
req.Raw().Header["x-ms-source-if-match"] = []string{string(*sourceModifiedAccessConditions.SourceIfMatch)}
|
||||
|
@ -882,10 +882,10 @@ func (client *BlockBlobClient) uploadCreateRequest(ctx context.Context, contentL
|
|||
req.Raw().Header["x-ms-access-tier"] = []string{string(*options.Tier)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -904,7 +904,7 @@ func (client *BlockBlobClient) uploadCreateRequest(ctx context.Context, contentL
|
|||
req.Raw().Header["x-ms-tags"] = []string{*options.BlobTagsString}
|
||||
}
|
||||
if options != nil && options.ImmutabilityPolicyExpiry != nil {
|
||||
req.Raw().Header["x-ms-immutability-policy-until-date"] = []string{options.ImmutabilityPolicyExpiry.Format(time.RFC1123)}
|
||||
req.Raw().Header["x-ms-immutability-policy-until-date"] = []string{(*options.ImmutabilityPolicyExpiry).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if options != nil && options.ImmutabilityPolicyMode != nil {
|
||||
req.Raw().Header["x-ms-immutability-policy-mode"] = []string{string(*options.ImmutabilityPolicyMode)}
|
||||
|
|
|
@ -86,10 +86,10 @@ func (client *ContainerClient) acquireLeaseCreateRequest(ctx context.Context, du
|
|||
req.Raw().Header["x-ms-proposed-lease-id"] = []string{*options.ProposedLeaseID}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
req.Raw().Header["x-ms-version"] = []string{"2020-10-02"}
|
||||
if options != nil && options.RequestID != nil {
|
||||
|
@ -174,10 +174,10 @@ func (client *ContainerClient) breakLeaseCreateRequest(ctx context.Context, opti
|
|||
req.Raw().Header["x-ms-lease-break-period"] = []string{strconv.FormatInt(int64(*options.BreakPeriod), 10)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
req.Raw().Header["x-ms-version"] = []string{"2020-10-02"}
|
||||
if options != nil && options.RequestID != nil {
|
||||
|
@ -270,10 +270,10 @@ func (client *ContainerClient) changeLeaseCreateRequest(ctx context.Context, lea
|
|||
req.Raw().Header["x-ms-lease-id"] = []string{leaseID}
|
||||
req.Raw().Header["x-ms-proposed-lease-id"] = []string{proposedLeaseID}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
req.Raw().Header["x-ms-version"] = []string{"2020-10-02"}
|
||||
if options != nil && options.RequestID != nil {
|
||||
|
@ -447,10 +447,10 @@ func (client *ContainerClient) deleteCreateRequest(ctx context.Context, options
|
|||
req.Raw().Header["x-ms-lease-id"] = []string{*leaseAccessConditions.LeaseID}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
req.Raw().Header["x-ms-version"] = []string{"2020-10-02"}
|
||||
if options != nil && options.RequestID != nil {
|
||||
|
@ -963,10 +963,10 @@ func (client *ContainerClient) releaseLeaseCreateRequest(ctx context.Context, le
|
|||
req.Raw().Header["x-ms-lease-action"] = []string{"release"}
|
||||
req.Raw().Header["x-ms-lease-id"] = []string{leaseID}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
req.Raw().Header["x-ms-version"] = []string{"2020-10-02"}
|
||||
if options != nil && options.RequestID != nil {
|
||||
|
@ -1115,10 +1115,10 @@ func (client *ContainerClient) renewLeaseCreateRequest(ctx context.Context, leas
|
|||
req.Raw().Header["x-ms-lease-action"] = []string{"renew"}
|
||||
req.Raw().Header["x-ms-lease-id"] = []string{leaseID}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
req.Raw().Header["x-ms-version"] = []string{"2020-10-02"}
|
||||
if options != nil && options.RequestID != nil {
|
||||
|
@ -1277,10 +1277,10 @@ func (client *ContainerClient) setAccessPolicyCreateRequest(ctx context.Context,
|
|||
req.Raw().Header["x-ms-blob-public-access"] = []string{string(*options.Access)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
req.Raw().Header["x-ms-version"] = []string{"2020-10-02"}
|
||||
if options != nil && options.RequestID != nil {
|
||||
|
@ -1372,7 +1372,7 @@ func (client *ContainerClient) setMetadataCreateRequest(ctx context.Context, opt
|
|||
}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
req.Raw().Header["x-ms-version"] = []string{"2020-10-02"}
|
||||
if options != nil && options.RequestID != nil {
|
||||
|
@ -1459,7 +1459,7 @@ func (client *ContainerClient) submitBatchCreateRequest(ctx context.Context, con
|
|||
req.Raw().Header["x-ms-client-request-id"] = []string{*options.RequestID}
|
||||
}
|
||||
req.Raw().Header["Accept"] = []string{"application/xml"}
|
||||
return req, req.SetBody(body, "application/xml")
|
||||
return req, req.SetBody(body, multipartContentType)
|
||||
}
|
||||
|
||||
// submitBatchHandleResponse handles the SubmitBatch response.
|
||||
|
|
|
@ -108,10 +108,10 @@ func (client *PageBlobClient) clearPagesCreateRequest(ctx context.Context, conte
|
|||
req.Raw().Header["x-ms-if-sequence-number-eq"] = []string{strconv.FormatInt(*sequenceNumberAccessConditions.IfSequenceNumberEqualTo, 10)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -225,10 +225,10 @@ func (client *PageBlobClient) copyIncrementalCreateRequest(ctx context.Context,
|
|||
}
|
||||
req.Raw().URL.RawQuery = reqQP.Encode()
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -371,10 +371,10 @@ func (client *PageBlobClient) createCreateRequest(ctx context.Context, contentLe
|
|||
req.Raw().Header["x-ms-encryption-scope"] = []string{*cpkScopeInfo.EncryptionScope}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -397,7 +397,7 @@ func (client *PageBlobClient) createCreateRequest(ctx context.Context, contentLe
|
|||
req.Raw().Header["x-ms-tags"] = []string{*options.BlobTagsString}
|
||||
}
|
||||
if options != nil && options.ImmutabilityPolicyExpiry != nil {
|
||||
req.Raw().Header["x-ms-immutability-policy-until-date"] = []string{options.ImmutabilityPolicyExpiry.Format(time.RFC1123)}
|
||||
req.Raw().Header["x-ms-immutability-policy-until-date"] = []string{(*options.ImmutabilityPolicyExpiry).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if options != nil && options.ImmutabilityPolicyMode != nil {
|
||||
req.Raw().Header["x-ms-immutability-policy-mode"] = []string{string(*options.ImmutabilityPolicyMode)}
|
||||
|
@ -528,10 +528,10 @@ func (client *PageBlobClient) GetPageRangesCreateRequest(ctx context.Context, op
|
|||
req.Raw().Header["x-ms-lease-id"] = []string{*leaseAccessConditions.LeaseID}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -662,10 +662,10 @@ func (client *PageBlobClient) GetPageRangesDiffCreateRequest(ctx context.Context
|
|||
req.Raw().Header["x-ms-lease-id"] = []string{*leaseAccessConditions.LeaseID}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -780,10 +780,10 @@ func (client *PageBlobClient) resizeCreateRequest(ctx context.Context, blobConte
|
|||
req.Raw().Header["x-ms-encryption-scope"] = []string{*cpkScopeInfo.EncryptionScope}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -883,10 +883,10 @@ func (client *PageBlobClient) updateSequenceNumberCreateRequest(ctx context.Cont
|
|||
req.Raw().Header["x-ms-lease-id"] = []string{*leaseAccessConditions.LeaseID}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -1024,10 +1024,10 @@ func (client *PageBlobClient) uploadPagesCreateRequest(ctx context.Context, cont
|
|||
req.Raw().Header["x-ms-if-sequence-number-eq"] = []string{strconv.FormatInt(*sequenceNumberAccessConditions.IfSequenceNumberEqualTo, 10)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -1196,10 +1196,10 @@ func (client *PageBlobClient) uploadPagesFromURLCreateRequest(ctx context.Contex
|
|||
req.Raw().Header["x-ms-if-sequence-number-eq"] = []string{strconv.FormatInt(*sequenceNumberAccessConditions.IfSequenceNumberEqualTo, 10)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfModifiedSince != nil {
|
||||
req.Raw().Header["If-Modified-Since"] = []string{modifiedAccessConditions.IfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Modified-Since"] = []string{(*modifiedAccessConditions.IfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfUnmodifiedSince != nil {
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{modifiedAccessConditions.IfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["If-Unmodified-Since"] = []string{(*modifiedAccessConditions.IfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if modifiedAccessConditions != nil && modifiedAccessConditions.IfMatch != nil {
|
||||
req.Raw().Header["If-Match"] = []string{string(*modifiedAccessConditions.IfMatch)}
|
||||
|
@ -1211,10 +1211,10 @@ func (client *PageBlobClient) uploadPagesFromURLCreateRequest(ctx context.Contex
|
|||
req.Raw().Header["x-ms-if-tags"] = []string{*modifiedAccessConditions.IfTags}
|
||||
}
|
||||
if sourceModifiedAccessConditions != nil && sourceModifiedAccessConditions.SourceIfModifiedSince != nil {
|
||||
req.Raw().Header["x-ms-source-if-modified-since"] = []string{sourceModifiedAccessConditions.SourceIfModifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["x-ms-source-if-modified-since"] = []string{(*sourceModifiedAccessConditions.SourceIfModifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if sourceModifiedAccessConditions != nil && sourceModifiedAccessConditions.SourceIfUnmodifiedSince != nil {
|
||||
req.Raw().Header["x-ms-source-if-unmodified-since"] = []string{sourceModifiedAccessConditions.SourceIfUnmodifiedSince.Format(time.RFC1123)}
|
||||
req.Raw().Header["x-ms-source-if-unmodified-since"] = []string{(*sourceModifiedAccessConditions.SourceIfUnmodifiedSince).In(gmt).Format(time.RFC1123)}
|
||||
}
|
||||
if sourceModifiedAccessConditions != nil && sourceModifiedAccessConditions.SourceIfMatch != nil {
|
||||
req.Raw().Header["x-ms-source-if-match"] = []string{string(*sourceModifiedAccessConditions.SourceIfMatch)}
|
||||
|
|
|
@ -513,7 +513,7 @@ func (client *ServiceClient) SubmitBatch(ctx context.Context, contentLength int6
|
|||
if err != nil {
|
||||
return ServiceClientSubmitBatchResponse{}, err
|
||||
}
|
||||
if !runtime.HasStatusCode(resp, http.StatusOK) {
|
||||
if !runtime.HasStatusCode(resp, http.StatusAccepted) {
|
||||
return ServiceClientSubmitBatchResponse{}, runtime.NewResponseError(resp)
|
||||
}
|
||||
return client.submitBatchHandleResponse(resp)
|
||||
|
@ -539,7 +539,7 @@ func (client *ServiceClient) submitBatchCreateRequest(ctx context.Context, conte
|
|||
req.Raw().Header["x-ms-client-request-id"] = []string{*options.RequestID}
|
||||
}
|
||||
req.Raw().Header["Accept"] = []string{"application/xml"}
|
||||
return req, req.SetBody(body, "application/xml")
|
||||
return req, req.SetBody(body, multipartContentType)
|
||||
}
|
||||
|
||||
// submitBatchHandleResponse handles the SubmitBatch response.
|
||||
|
|
113
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/shared/challenge_policy.go
generated
vendored
Normal file
113
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/shared/challenge_policy.go
generated
vendored
Normal file
|
@ -0,0 +1,113 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License. See License.txt in the project root for license information.
|
||||
|
||||
package shared
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
"net/http"
|
||||
"strings"
|
||||
)
|
||||
|
||||
type storageAuthorizer struct {
|
||||
scopes []string
|
||||
tenantID string
|
||||
}
|
||||
|
||||
func NewStorageChallengePolicy(cred azcore.TokenCredential) policy.Policy {
|
||||
s := storageAuthorizer{scopes: []string{TokenScope}}
|
||||
return runtime.NewBearerTokenPolicy(cred, []string{TokenScope}, &policy.BearerTokenOptions{
|
||||
AuthorizationHandler: policy.AuthorizationHandler{
|
||||
OnRequest: s.onRequest,
|
||||
OnChallenge: s.onChallenge,
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
func (s *storageAuthorizer) onRequest(req *policy.Request, authNZ func(policy.TokenRequestOptions) error) error {
|
||||
return authNZ(policy.TokenRequestOptions{Scopes: s.scopes})
|
||||
}
|
||||
|
||||
func (s *storageAuthorizer) onChallenge(req *policy.Request, resp *http.Response, authNZ func(policy.TokenRequestOptions) error) error {
|
||||
// parse the challenge
|
||||
err := s.parseChallenge(resp)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
// TODO: Set tenantID when policy.TokenRequestOptions supports it. https://github.com/Azure/azure-sdk-for-go/issues/19841
|
||||
return authNZ(policy.TokenRequestOptions{Scopes: s.scopes})
|
||||
}
|
||||
|
||||
type challengePolicyError struct {
|
||||
err error
|
||||
}
|
||||
|
||||
func (c *challengePolicyError) Error() string {
|
||||
return c.err.Error()
|
||||
}
|
||||
|
||||
func (*challengePolicyError) NonRetriable() {
|
||||
// marker method
|
||||
}
|
||||
|
||||
func (c *challengePolicyError) Unwrap() error {
|
||||
return c.err
|
||||
}
|
||||
|
||||
// parses Tenant ID from auth challenge
|
||||
// https://login.microsoftonline.com/00000000-0000-0000-0000-000000000000/oauth2/authorize
|
||||
func parseTenant(url string) string {
|
||||
if url == "" {
|
||||
return ""
|
||||
}
|
||||
parts := strings.Split(url, "/")
|
||||
if len(parts) >= 3 {
|
||||
tenant := parts[3]
|
||||
tenant = strings.ReplaceAll(tenant, ",", "")
|
||||
return tenant
|
||||
} else {
|
||||
return ""
|
||||
}
|
||||
}
|
||||
|
||||
func (s *storageAuthorizer) parseChallenge(resp *http.Response) error {
|
||||
authHeader := resp.Header.Get("WWW-Authenticate")
|
||||
if authHeader == "" {
|
||||
return &challengePolicyError{err: errors.New("response has no WWW-Authenticate header for challenge authentication")}
|
||||
}
|
||||
|
||||
// Strip down to auth and resource
|
||||
// Format is "Bearer authorization_uri=\"<site>\" resource_id=\"<site>\""
|
||||
authHeader = strings.ReplaceAll(authHeader, "Bearer ", "")
|
||||
|
||||
parts := strings.Split(authHeader, " ")
|
||||
|
||||
vals := map[string]string{}
|
||||
for _, part := range parts {
|
||||
subParts := strings.Split(part, "=")
|
||||
if len(subParts) == 2 {
|
||||
stripped := strings.ReplaceAll(subParts[1], "\"", "")
|
||||
stripped = strings.TrimSuffix(stripped, ",")
|
||||
vals[subParts[0]] = stripped
|
||||
}
|
||||
}
|
||||
|
||||
s.tenantID = parseTenant(vals["authorization_uri"])
|
||||
|
||||
scope := vals["resource_id"]
|
||||
if scope == "" {
|
||||
return &challengePolicyError{err: errors.New("could not find a valid resource in the WWW-Authenticate header")}
|
||||
}
|
||||
|
||||
if !strings.HasSuffix(scope, "/.default") {
|
||||
scope += "/.default"
|
||||
}
|
||||
s.scopes = []string{scope}
|
||||
return nil
|
||||
}
|
57
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/shared/shared.go
generated
vendored
57
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/shared/shared.go
generated
vendored
|
@ -38,6 +38,8 @@ const (
|
|||
HeaderIfNoneMatch = "If-None-Match"
|
||||
HeaderIfUnmodifiedSince = "If-Unmodified-Since"
|
||||
HeaderRange = "Range"
|
||||
HeaderXmsVersion = "x-ms-version"
|
||||
HeaderXmsRequestID = "x-ms-request-id"
|
||||
)
|
||||
|
||||
const crc64Polynomial uint64 = 0x9A6C9329AC4BC9B5
|
||||
|
@ -85,22 +87,6 @@ func ParseConnectionString(connectionString string) (ParsedConnectionString, err
|
|||
connStrMap[parts[0]] = parts[1]
|
||||
}
|
||||
|
||||
accountName, ok := connStrMap["AccountName"]
|
||||
if !ok {
|
||||
return ParsedConnectionString{}, errors.New("connection string missing AccountName")
|
||||
}
|
||||
|
||||
accountKey, ok := connStrMap["AccountKey"]
|
||||
if !ok {
|
||||
sharedAccessSignature, ok := connStrMap["SharedAccessSignature"]
|
||||
if !ok {
|
||||
return ParsedConnectionString{}, errors.New("connection string missing AccountKey and SharedAccessSignature")
|
||||
}
|
||||
return ParsedConnectionString{
|
||||
ServiceURL: fmt.Sprintf("%v://%v.blob.%v/?%v", defaultScheme, accountName, defaultSuffix, sharedAccessSignature),
|
||||
}, nil
|
||||
}
|
||||
|
||||
protocol, ok := connStrMap["DefaultEndpointsProtocol"]
|
||||
if !ok {
|
||||
protocol = defaultScheme
|
||||
|
@ -111,24 +97,45 @@ func ParseConnectionString(connectionString string) (ParsedConnectionString, err
|
|||
suffix = defaultSuffix
|
||||
}
|
||||
|
||||
if blobEndpoint, ok := connStrMap["BlobEndpoint"]; ok {
|
||||
return ParsedConnectionString{
|
||||
ServiceURL: blobEndpoint,
|
||||
AccountName: accountName,
|
||||
AccountKey: accountKey,
|
||||
}, nil
|
||||
blobEndpoint, has_blobEndpoint := connStrMap["BlobEndpoint"]
|
||||
accountName, has_accountName := connStrMap["AccountName"]
|
||||
|
||||
var serviceURL string
|
||||
if has_blobEndpoint {
|
||||
serviceURL = blobEndpoint
|
||||
} else if has_accountName {
|
||||
serviceURL = fmt.Sprintf("%v://%v.blob.%v", protocol, accountName, suffix)
|
||||
} else {
|
||||
return ParsedConnectionString{}, errors.New("connection string needs either AccountName or BlobEndpoint")
|
||||
}
|
||||
|
||||
if !strings.HasSuffix(serviceURL, "/") {
|
||||
// add a trailing slash to be consistent with the portal
|
||||
serviceURL += "/"
|
||||
}
|
||||
|
||||
accountKey, has_accountKey := connStrMap["AccountKey"]
|
||||
sharedAccessSignature, has_sharedAccessSignature := connStrMap["SharedAccessSignature"]
|
||||
|
||||
if has_accountName && has_accountKey {
|
||||
return ParsedConnectionString{
|
||||
ServiceURL: fmt.Sprintf("%v://%v.blob.%v", protocol, accountName, suffix),
|
||||
ServiceURL: serviceURL,
|
||||
AccountName: accountName,
|
||||
AccountKey: accountKey,
|
||||
}, nil
|
||||
} else if has_sharedAccessSignature {
|
||||
return ParsedConnectionString{
|
||||
ServiceURL: fmt.Sprintf("%v?%v", serviceURL, sharedAccessSignature),
|
||||
}, nil
|
||||
} else {
|
||||
return ParsedConnectionString{}, errors.New("connection string needs either AccountKey or SharedAccessSignature")
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// SerializeBlobTags converts tags to generated.BlobTags
|
||||
func SerializeBlobTags(tagsMap map[string]string) *generated.BlobTags {
|
||||
if tagsMap == nil {
|
||||
if len(tagsMap) == 0 {
|
||||
return nil
|
||||
}
|
||||
blobTagSet := make([]*generated.BlobTag, 0)
|
||||
|
@ -140,7 +147,7 @@ func SerializeBlobTags(tagsMap map[string]string) *generated.BlobTags {
|
|||
}
|
||||
|
||||
func SerializeBlobTagsToStrPtr(tagsMap map[string]string) *string {
|
||||
if tagsMap == nil {
|
||||
if len(tagsMap) == 0 {
|
||||
return nil
|
||||
}
|
||||
tags := make([]string, 0)
|
||||
|
|
7
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/log.go
generated
vendored
7
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/log.go
generated
vendored
|
@ -3,9 +3,14 @@
|
|||
|
||||
package azblob
|
||||
|
||||
import "github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/exported"
|
||||
import (
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/exported"
|
||||
)
|
||||
|
||||
const (
|
||||
// EventUpload is used for logging events related to upload operation.
|
||||
EventUpload = exported.EventUpload
|
||||
|
||||
// EventSubmitBatch is used for logging events related to submit blob batch operation.
|
||||
EventSubmitBatch = exported.EventSubmitBatch
|
||||
)
|
||||
|
|
12
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/pageblob/client.go
generated
vendored
12
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/pageblob/client.go
generated
vendored
|
@ -25,9 +25,7 @@ import (
|
|||
)
|
||||
|
||||
// ClientOptions contains the optional parameters when creating a Client.
|
||||
type ClientOptions struct {
|
||||
azcore.ClientOptions
|
||||
}
|
||||
type ClientOptions base.ClientOptions
|
||||
|
||||
// Client represents a client to an Azure Storage page blob;
|
||||
type Client base.CompositeClient[generated.BlobClient, generated.PageBlobClient]
|
||||
|
@ -37,7 +35,7 @@ type Client base.CompositeClient[generated.BlobClient, generated.PageBlobClient]
|
|||
// - cred - an Azure AD credential, typically obtained via the azidentity module
|
||||
// - options - client options; pass nil to accept the default values
|
||||
func NewClient(blobURL string, cred azcore.TokenCredential, options *ClientOptions) (*Client, error) {
|
||||
authPolicy := runtime.NewBearerTokenPolicy(cred, []string{shared.TokenScope}, nil)
|
||||
authPolicy := shared.NewStorageChallengePolicy(cred)
|
||||
conOptions := shared.GetClientOptions(options)
|
||||
conOptions.PerRetryPolicies = append(conOptions.PerRetryPolicies, authPolicy)
|
||||
pl := runtime.NewPipeline(exported.ModuleName, exported.ModuleVersion, runtime.PipelineOptions{}, &conOptions.ClientOptions)
|
||||
|
@ -363,6 +361,12 @@ func (pb *Client) GetProperties(ctx context.Context, o *blob.GetPropertiesOption
|
|||
return pb.BlobClient().GetProperties(ctx, o)
|
||||
}
|
||||
|
||||
// GetAccountInfo provides account level information
|
||||
// For more information, see https://learn.microsoft.com/en-us/rest/api/storageservices/get-account-information?tabs=shared-access-signatures.
|
||||
func (pb *Client) GetAccountInfo(ctx context.Context, o *blob.GetAccountInfoOptions) (blob.GetAccountInfoResponse, error) {
|
||||
return pb.BlobClient().GetAccountInfo(ctx, o)
|
||||
}
|
||||
|
||||
// SetHTTPHeaders changes a blob's HTTP headers.
|
||||
// For more information, see https://docs.microsoft.com/rest/api/storageservices/set-blob-properties.
|
||||
func (pb *Client) SetHTTPHeaders(ctx context.Context, HTTPHeaders blob.HTTPHeaders, o *blob.SetHTTPHeadersOptions) (blob.SetHTTPHeadersResponse, error) {
|
||||
|
|
38
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/sas/account.go
generated
vendored
38
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/sas/account.go
generated
vendored
|
@ -29,9 +29,9 @@ type AccountSignatureValues struct {
|
|||
Protocol Protocol `param:"spr"` // See the SASProtocol* constants
|
||||
StartTime time.Time `param:"st"` // Not specified if IsZero
|
||||
ExpiryTime time.Time `param:"se"` // Not specified if IsZero
|
||||
Permissions string `param:"sp"` // Create by initializing a AccountSASPermissions and then call String()
|
||||
Permissions string `param:"sp"` // Create by initializing AccountPermissions and then call String()
|
||||
IPRange IPRange `param:"sip"`
|
||||
ResourceTypes string `param:"srt"` // Create by initializing AccountSASResourceTypes and then call String()
|
||||
ResourceTypes string `param:"srt"` // Create by initializing AccountResourceTypes and then call String()
|
||||
}
|
||||
|
||||
// SignWithSharedKey uses an account's shared key credential to sign this signature values to produce
|
||||
|
@ -50,6 +50,12 @@ func (v AccountSignatureValues) SignWithSharedKey(sharedKeyCredential *SharedKey
|
|||
}
|
||||
v.Permissions = perms.String()
|
||||
|
||||
resources, err := parseAccountResourceTypes(v.ResourceTypes)
|
||||
if err != nil {
|
||||
return QueryParameters{}, err
|
||||
}
|
||||
v.ResourceTypes = resources.String()
|
||||
|
||||
startTime, expiryTime, _ := formatTimesForSigning(v.StartTime, v.ExpiryTime, time.Time{})
|
||||
|
||||
stringToSign := strings.Join([]string{
|
||||
|
@ -90,13 +96,13 @@ func (v AccountSignatureValues) SignWithSharedKey(sharedKeyCredential *SharedKey
|
|||
}
|
||||
|
||||
// AccountPermissions type simplifies creating the permissions string for an Azure Storage Account SAS.
|
||||
// Initialize an instance of this type and then call Client.GetSASURL with it or use the String method to set AccountSASSignatureValues Permissions field.
|
||||
// Initialize an instance of this type and then call its String method to set AccountSignatureValues' Permissions field.
|
||||
type AccountPermissions struct {
|
||||
Read, Write, Delete, DeletePreviousVersion, PermanentDelete, List, Add, Create, Update, Process, FilterByTags, Tag, SetImmutabilityPolicy bool
|
||||
}
|
||||
|
||||
// String produces the SAS permissions string for an Azure Storage account.
|
||||
// Call this method to set AccountSASSignatureValues' Permissions field.
|
||||
// Call this method to set AccountSignatureValues' Permissions field.
|
||||
func (p *AccountPermissions) String() string {
|
||||
var buffer bytes.Buffer
|
||||
if p.Read {
|
||||
|
@ -141,7 +147,7 @@ func (p *AccountPermissions) String() string {
|
|||
return buffer.String()
|
||||
}
|
||||
|
||||
// Parse initializes the AccountSASPermissions' fields from a string.
|
||||
// Parse initializes the AccountPermissions' fields from a string.
|
||||
func parseAccountPermissions(s string) (AccountPermissions, error) {
|
||||
p := AccountPermissions{} // Clear out the flags
|
||||
for _, r := range s {
|
||||
|
@ -180,13 +186,13 @@ func parseAccountPermissions(s string) (AccountPermissions, error) {
|
|||
}
|
||||
|
||||
// AccountResourceTypes type simplifies creating the resource types string for an Azure Storage Account SAS.
|
||||
// Initialize an instance of this type and then call its String method to set AccountSASSignatureValues' ResourceTypes field.
|
||||
// Initialize an instance of this type and then call its String method to set AccountSignatureValues' ResourceTypes field.
|
||||
type AccountResourceTypes struct {
|
||||
Service, Container, Object bool
|
||||
}
|
||||
|
||||
// String produces the SAS resource types string for an Azure Storage account.
|
||||
// Call this method to set AccountSASSignatureValues' ResourceTypes field.
|
||||
// Call this method to set AccountSignatureValues' ResourceTypes field.
|
||||
func (rt *AccountResourceTypes) String() string {
|
||||
var buffer bytes.Buffer
|
||||
if rt.Service {
|
||||
|
@ -200,3 +206,21 @@ func (rt *AccountResourceTypes) String() string {
|
|||
}
|
||||
return buffer.String()
|
||||
}
|
||||
|
||||
// parseAccountResourceTypes initializes the AccountResourceTypes' fields from a string.
|
||||
func parseAccountResourceTypes(s string) (AccountResourceTypes, error) {
|
||||
rt := AccountResourceTypes{}
|
||||
for _, r := range s {
|
||||
switch r {
|
||||
case 's':
|
||||
rt.Service = true
|
||||
case 'c':
|
||||
rt.Container = true
|
||||
case 'o':
|
||||
rt.Object = true
|
||||
default:
|
||||
return AccountResourceTypes{}, fmt.Errorf("invalid resource type character: '%v'", r)
|
||||
}
|
||||
}
|
||||
return rt, nil
|
||||
}
|
||||
|
|
26
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/sas/service.go
generated
vendored
26
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/sas/service.go
generated
vendored
|
@ -8,6 +8,7 @@ package sas
|
|||
|
||||
import (
|
||||
"bytes"
|
||||
"errors"
|
||||
"fmt"
|
||||
"strings"
|
||||
"time"
|
||||
|
@ -24,7 +25,7 @@ type BlobSignatureValues struct {
|
|||
StartTime time.Time `param:"st"` // Not specified if IsZero
|
||||
ExpiryTime time.Time `param:"se"` // Not specified if IsZero
|
||||
SnapshotTime time.Time
|
||||
Permissions string `param:"sp"` // Create by initializing a ContainerSASPermissions or BlobSASPermissions and then call String()
|
||||
Permissions string `param:"sp"` // Create by initializing ContainerPermissions or BlobPermissions and then call String()
|
||||
IPRange IPRange `param:"sip"`
|
||||
Identifier string `param:"si"`
|
||||
ContainerName string
|
||||
|
@ -50,8 +51,8 @@ func getDirectoryDepth(path string) string {
|
|||
|
||||
// SignWithSharedKey uses an account's SharedKeyCredential to sign this signature values to produce the proper SAS query parameters.
|
||||
func (v BlobSignatureValues) SignWithSharedKey(sharedKeyCredential *SharedKeyCredential) (QueryParameters, error) {
|
||||
if sharedKeyCredential == nil {
|
||||
return QueryParameters{}, fmt.Errorf("cannot sign SAS query without Shared Key Credential")
|
||||
if v.ExpiryTime.IsZero() || v.Permissions == "" {
|
||||
return QueryParameters{}, errors.New("service SAS is missing at least one of these: ExpiryTime or Permissions")
|
||||
}
|
||||
|
||||
//Make sure the permission characters are in the correct order
|
||||
|
@ -141,6 +142,10 @@ func (v BlobSignatureValues) SignWithUserDelegation(userDelegationCredential *Us
|
|||
return QueryParameters{}, fmt.Errorf("cannot sign SAS query without User Delegation Key")
|
||||
}
|
||||
|
||||
if v.ExpiryTime.IsZero() || v.Permissions == "" {
|
||||
return QueryParameters{}, errors.New("user delegation SAS is missing at least one of these: ExpiryTime or Permissions")
|
||||
}
|
||||
|
||||
// Parse the resource
|
||||
resource := "c"
|
||||
if !v.SnapshotTime.IsZero() {
|
||||
|
@ -261,15 +266,15 @@ func getCanonicalName(account string, containerName string, blobName string, dir
|
|||
}
|
||||
|
||||
// ContainerPermissions type simplifies creating the permissions string for an Azure Storage container SAS.
|
||||
// Initialize an instance of this type and then call Client.GetSASURL with it or use the String method to set BlobSASSignatureValues Permissions field.
|
||||
// Initialize an instance of this type and then call its String method to set BlobSignatureValues' Permissions field.
|
||||
// All permissions descriptions can be found here: https://docs.microsoft.com/en-us/rest/api/storageservices/create-service-sas#permissions-for-a-directory-container-or-blob
|
||||
type ContainerPermissions struct {
|
||||
Read, Add, Create, Write, Delete, DeletePreviousVersion, List, FilterByTags, Move, SetImmutabilityPolicy bool
|
||||
Read, Add, Create, Write, Delete, DeletePreviousVersion, List, Tag, FilterByTags, Move, SetImmutabilityPolicy bool
|
||||
Execute, ModifyOwnership, ModifyPermissions bool // Meant for hierarchical namespace accounts
|
||||
}
|
||||
|
||||
// String produces the SAS permissions string for an Azure Storage container.
|
||||
// Call this method to set BlobSASSignatureValues' Permissions field.
|
||||
// Call this method to set BlobSignatureValues' Permissions field.
|
||||
func (p *ContainerPermissions) String() string {
|
||||
var b bytes.Buffer
|
||||
if p.Read {
|
||||
|
@ -293,6 +298,9 @@ func (p *ContainerPermissions) String() string {
|
|||
if p.List {
|
||||
b.WriteRune('l')
|
||||
}
|
||||
if p.Tag {
|
||||
b.WriteRune('t')
|
||||
}
|
||||
if p.FilterByTags {
|
||||
b.WriteRune('f')
|
||||
}
|
||||
|
@ -333,6 +341,8 @@ func parseContainerPermissions(s string) (ContainerPermissions, error) {
|
|||
p.DeletePreviousVersion = true
|
||||
case 'l':
|
||||
p.List = true
|
||||
case 't':
|
||||
p.Tag = true
|
||||
case 'f':
|
||||
p.FilterByTags = true
|
||||
case 'm':
|
||||
|
@ -353,13 +363,13 @@ func parseContainerPermissions(s string) (ContainerPermissions, error) {
|
|||
}
|
||||
|
||||
// BlobPermissions type simplifies creating the permissions string for an Azure Storage blob SAS.
|
||||
// Initialize an instance of this type and then call Client.GetSASURL with it or use the String method to set BlobSASSignatureValues Permissions field.
|
||||
// Initialize an instance of this type and then call its String method to set BlobSignatureValues' Permissions field.
|
||||
type BlobPermissions struct {
|
||||
Read, Add, Create, Write, Delete, DeletePreviousVersion, PermanentDelete, List, Tag, Move, Execute, Ownership, Permissions, SetImmutabilityPolicy bool
|
||||
}
|
||||
|
||||
// String produces the SAS permissions string for an Azure Storage blob.
|
||||
// Call this method to set BlobSignatureValue's Permissions field.
|
||||
// Call this method to set BlobSignatureValues' Permissions field.
|
||||
func (p *BlobPermissions) String() string {
|
||||
var b bytes.Buffer
|
||||
if p.Read {
|
||||
|
|
94
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/service/batch_builder.go
generated
vendored
Normal file
94
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/service/batch_builder.go
generated
vendored
Normal file
|
@ -0,0 +1,94 @@
|
|||
//go:build go1.18
|
||||
// +build go1.18
|
||||
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// Licensed under the MIT License. See License.txt in the project root for license information.
|
||||
|
||||
package service
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"net/url"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blob"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/exported"
|
||||
)
|
||||
|
||||
// BatchBuilder is used for creating the batch operations list. It contains the list of either delete or set tier sub-requests.
|
||||
// NOTE: All sub-requests in the batch must be of the same type, either delete or set tier.
|
||||
type BatchBuilder struct {
|
||||
endpoint string
|
||||
authPolicy policy.Policy
|
||||
subRequests []*policy.Request
|
||||
operationType *exported.BlobBatchOperationType
|
||||
}
|
||||
|
||||
func (bb *BatchBuilder) checkOperationType(operationType exported.BlobBatchOperationType) error {
|
||||
if bb.operationType == nil {
|
||||
bb.operationType = &operationType
|
||||
return nil
|
||||
}
|
||||
if *bb.operationType != operationType {
|
||||
return fmt.Errorf("BlobBatch only supports one operation type per batch and is already being used for %s operations", *bb.operationType)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// Delete operation is used to add delete sub-request to the batch builder.
|
||||
func (bb *BatchBuilder) Delete(containerName string, blobName string, options *BatchDeleteOptions) error {
|
||||
err := bb.checkOperationType(exported.BatchDeleteOperationType)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
blobName = url.PathEscape(blobName)
|
||||
blobURL := runtime.JoinPaths(bb.endpoint, containerName, blobName)
|
||||
|
||||
blobClient, err := blob.NewClientWithNoCredential(blobURL, nil)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
deleteOptions, leaseInfo, accessConditions := options.format()
|
||||
req, err := getGeneratedBlobClient(blobClient).DeleteCreateRequest(context.TODO(), deleteOptions, leaseInfo, accessConditions)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// remove x-ms-version header
|
||||
exported.UpdateSubRequestHeaders(req)
|
||||
|
||||
bb.subRequests = append(bb.subRequests, req)
|
||||
return nil
|
||||
}
|
||||
|
||||
// SetTier operation is used to add set tier sub-request to the batch builder.
|
||||
func (bb *BatchBuilder) SetTier(containerName string, blobName string, accessTier blob.AccessTier, options *BatchSetTierOptions) error {
|
||||
err := bb.checkOperationType(exported.BatchSetTierOperationType)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
blobName = url.PathEscape(blobName)
|
||||
blobURL := runtime.JoinPaths(bb.endpoint, containerName, blobName)
|
||||
|
||||
blobClient, err := blob.NewClientWithNoCredential(blobURL, nil)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
setTierOptions, leaseInfo, accessConditions := options.format()
|
||||
req, err := getGeneratedBlobClient(blobClient).SetTierCreateRequest(context.TODO(), accessTier, setTierOptions, leaseInfo, accessConditions)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// remove x-ms-version header
|
||||
exported.UpdateSubRequestHeaders(req)
|
||||
|
||||
bb.subRequests = append(bb.subRequests, req)
|
||||
return nil
|
||||
}
|
91
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/service/client.go
generated
vendored
91
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/service/client.go
generated
vendored
|
@ -7,8 +7,13 @@
|
|||
package service
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/streaming"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/bloberror"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/base"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
|
@ -18,7 +23,6 @@ import (
|
|||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blob"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/container"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/base"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/exported"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/generated"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/shared"
|
||||
|
@ -26,9 +30,7 @@ import (
|
|||
)
|
||||
|
||||
// ClientOptions contains the optional parameters when creating a Client.
|
||||
type ClientOptions struct {
|
||||
azcore.ClientOptions
|
||||
}
|
||||
type ClientOptions base.ClientOptions
|
||||
|
||||
// Client represents a URL to the Azure Blob Storage service allowing you to manipulate blob containers.
|
||||
type Client base.Client[generated.ServiceClient]
|
||||
|
@ -38,12 +40,12 @@ type Client base.Client[generated.ServiceClient]
|
|||
// - cred - an Azure AD credential, typically obtained via the azidentity module
|
||||
// - options - client options; pass nil to accept the default values
|
||||
func NewClient(serviceURL string, cred azcore.TokenCredential, options *ClientOptions) (*Client, error) {
|
||||
authPolicy := runtime.NewBearerTokenPolicy(cred, []string{shared.TokenScope}, nil)
|
||||
authPolicy := shared.NewStorageChallengePolicy(cred)
|
||||
conOptions := shared.GetClientOptions(options)
|
||||
conOptions.PerRetryPolicies = append(conOptions.PerRetryPolicies, authPolicy)
|
||||
pl := runtime.NewPipeline(exported.ModuleName, exported.ModuleVersion, runtime.PipelineOptions{}, &conOptions.ClientOptions)
|
||||
|
||||
return (*Client)(base.NewServiceClient(serviceURL, pl, nil)), nil
|
||||
return (*Client)(base.NewServiceClient(serviceURL, pl, &cred)), nil
|
||||
}
|
||||
|
||||
// NewClientWithNoCredential creates an instance of Client with the specified values.
|
||||
|
@ -115,6 +117,15 @@ func (s *Client) sharedKey() *SharedKeyCredential {
|
|||
return base.SharedKey((*base.Client[generated.ServiceClient])(s))
|
||||
}
|
||||
|
||||
func (s *Client) credential() any {
|
||||
return base.Credential((*base.Client[generated.ServiceClient])(s))
|
||||
}
|
||||
|
||||
// helper method to return the generated.BlobClient which is used for creating the sub-requests
|
||||
func getGeneratedBlobClient(b *blob.Client) *generated.BlobClient {
|
||||
return base.InnerClient((*base.Client[generated.BlobClient])(b))
|
||||
}
|
||||
|
||||
// URL returns the URL endpoint used by the Client object.
|
||||
func (s *Client) URL() string {
|
||||
return s.generated().Endpoint()
|
||||
|
@ -124,7 +135,7 @@ func (s *Client) URL() string {
|
|||
// this Client's URL. The new container.Client uses the same request policy pipeline as the Client.
|
||||
func (s *Client) NewContainerClient(containerName string) *container.Client {
|
||||
containerURL := runtime.JoinPaths(s.generated().Endpoint(), containerName)
|
||||
return (*container.Client)(base.NewContainerClient(containerURL, s.generated().Pipeline(), s.sharedKey()))
|
||||
return (*container.Client)(base.NewContainerClient(containerURL, s.generated().Pipeline(), s.credential()))
|
||||
}
|
||||
|
||||
// CreateContainer is a lifecycle method to creates a new container under the specified account.
|
||||
|
@ -154,6 +165,7 @@ func (s *Client) RestoreContainer(ctx context.Context, deletedContainerName stri
|
|||
}
|
||||
|
||||
// GetAccountInfo provides account level information
|
||||
// For more information, see https://learn.microsoft.com/en-us/rest/api/storageservices/get-account-information?tabs=shared-access-signatures.
|
||||
func (s *Client) GetAccountInfo(ctx context.Context, o *GetAccountInfoOptions) (GetAccountInfoResponse, error) {
|
||||
getAccountInfoOptions := o.format()
|
||||
resp, err := s.generated().GetAccountInfo(ctx, getAccountInfoOptions)
|
||||
|
@ -280,3 +292,68 @@ func (s *Client) FilterBlobs(ctx context.Context, where string, o *FilterBlobsOp
|
|||
resp, err := s.generated().FilterBlobs(ctx, where, serviceFilterBlobsOptions)
|
||||
return resp, err
|
||||
}
|
||||
|
||||
// NewBatchBuilder creates an instance of BatchBuilder using the same auth policy as the client.
|
||||
// BatchBuilder is used to build the batch consisting of either delete or set tier sub-requests.
|
||||
// All sub-requests in the batch must be of the same type, either delete or set tier.
|
||||
// NOTE: Service level Blob Batch operation is supported only when the Client was created using SharedKeyCredential and Account SAS.
|
||||
func (s *Client) NewBatchBuilder() (*BatchBuilder, error) {
|
||||
var authPolicy policy.Policy
|
||||
|
||||
switch cred := s.credential().(type) {
|
||||
case *azcore.TokenCredential:
|
||||
authPolicy = shared.NewStorageChallengePolicy(*cred)
|
||||
case *SharedKeyCredential:
|
||||
authPolicy = exported.NewSharedKeyCredPolicy(cred)
|
||||
case nil:
|
||||
// for authentication using SAS
|
||||
authPolicy = nil
|
||||
default:
|
||||
return nil, fmt.Errorf("unrecognised authentication type %T", cred)
|
||||
}
|
||||
|
||||
return &BatchBuilder{
|
||||
endpoint: s.URL(),
|
||||
authPolicy: authPolicy,
|
||||
}, nil
|
||||
}
|
||||
|
||||
// SubmitBatch operation allows multiple API calls to be embedded into a single HTTP request.
|
||||
// It builds the request body using the BatchBuilder object passed.
|
||||
// BatchBuilder contains the list of operations to be submitted. It supports up to 256 sub-requests in a single batch.
|
||||
// For more information, see https://docs.microsoft.com/rest/api/storageservices/blob-batch.
|
||||
func (s *Client) SubmitBatch(ctx context.Context, bb *BatchBuilder, options *SubmitBatchOptions) (SubmitBatchResponse, error) {
|
||||
if bb == nil || len(bb.subRequests) == 0 {
|
||||
return SubmitBatchResponse{}, errors.New("batch builder is empty")
|
||||
}
|
||||
|
||||
// create the request body
|
||||
batchReq, batchID, err := exported.CreateBatchRequest(&exported.BlobBatchBuilder{
|
||||
AuthPolicy: bb.authPolicy,
|
||||
SubRequests: bb.subRequests,
|
||||
})
|
||||
if err != nil {
|
||||
return SubmitBatchResponse{}, err
|
||||
}
|
||||
|
||||
reader := bytes.NewReader(batchReq)
|
||||
rsc := streaming.NopCloser(reader)
|
||||
multipartContentType := "multipart/mixed; boundary=" + batchID
|
||||
|
||||
resp, err := s.generated().SubmitBatch(ctx, int64(len(batchReq)), multipartContentType, rsc, options.format())
|
||||
if err != nil {
|
||||
return SubmitBatchResponse{}, err
|
||||
}
|
||||
|
||||
batchResponses, err := exported.ParseBlobBatchResponse(resp.Body, resp.ContentType, bb.subRequests)
|
||||
if err != nil {
|
||||
return SubmitBatchResponse{}, err
|
||||
}
|
||||
|
||||
return SubmitBatchResponse{
|
||||
Responses: batchResponses,
|
||||
ContentType: resp.ContentType,
|
||||
RequestID: resp.RequestID,
|
||||
Version: resp.Version,
|
||||
}, nil
|
||||
}
|
||||
|
|
57
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/service/models.go
generated
vendored
57
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/service/models.go
generated
vendored
|
@ -8,6 +8,7 @@ package service
|
|||
|
||||
import (
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blob"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/container"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/exported"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/generated"
|
||||
|
@ -299,3 +300,59 @@ func (o *FilterBlobsOptions) format() *generated.ServiceClientFilterBlobsOptions
|
|||
Maxresults: o.MaxResults,
|
||||
}
|
||||
}
|
||||
|
||||
// ---------------------------------------------------------------------------------------------------------------------
|
||||
|
||||
// BatchDeleteOptions contains the optional parameters for the BatchBuilder.Delete method.
|
||||
type BatchDeleteOptions struct {
|
||||
blob.DeleteOptions
|
||||
VersionID *string
|
||||
Snapshot *string
|
||||
}
|
||||
|
||||
func (o *BatchDeleteOptions) format() (*generated.BlobClientDeleteOptions, *generated.LeaseAccessConditions, *generated.ModifiedAccessConditions) {
|
||||
if o == nil {
|
||||
return nil, nil, nil
|
||||
}
|
||||
|
||||
basics := generated.BlobClientDeleteOptions{
|
||||
DeleteSnapshots: o.DeleteSnapshots,
|
||||
DeleteType: o.BlobDeleteType, // None by default
|
||||
Snapshot: o.Snapshot,
|
||||
VersionID: o.VersionID,
|
||||
}
|
||||
|
||||
leaseAccessConditions, modifiedAccessConditions := exported.FormatBlobAccessConditions(o.AccessConditions)
|
||||
return &basics, leaseAccessConditions, modifiedAccessConditions
|
||||
}
|
||||
|
||||
// BatchSetTierOptions contains the optional parameters for the BatchBuilder.SetTier method.
|
||||
type BatchSetTierOptions struct {
|
||||
blob.SetTierOptions
|
||||
VersionID *string
|
||||
Snapshot *string
|
||||
}
|
||||
|
||||
func (o *BatchSetTierOptions) format() (*generated.BlobClientSetTierOptions, *generated.LeaseAccessConditions, *generated.ModifiedAccessConditions) {
|
||||
if o == nil {
|
||||
return nil, nil, nil
|
||||
}
|
||||
|
||||
basics := generated.BlobClientSetTierOptions{
|
||||
RehydratePriority: o.RehydratePriority,
|
||||
Snapshot: o.Snapshot,
|
||||
VersionID: o.VersionID,
|
||||
}
|
||||
|
||||
leaseAccessConditions, modifiedAccessConditions := exported.FormatBlobAccessConditions(o.AccessConditions)
|
||||
return &basics, leaseAccessConditions, modifiedAccessConditions
|
||||
}
|
||||
|
||||
// SubmitBatchOptions contains the optional parameters for the Client.SubmitBatch method.
|
||||
type SubmitBatchOptions struct {
|
||||
// placeholder for future options
|
||||
}
|
||||
|
||||
func (o *SubmitBatchOptions) format() *generated.ServiceClientSubmitBatchOptions {
|
||||
return nil
|
||||
}
|
||||
|
|
19
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/service/responses.go
generated
vendored
19
vendor/github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/service/responses.go
generated
vendored
|
@ -7,6 +7,7 @@
|
|||
package service
|
||||
|
||||
import (
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/exported"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/internal/generated"
|
||||
)
|
||||
|
||||
|
@ -42,3 +43,21 @@ type FilterBlobsResponse = generated.ServiceClientFilterBlobsResponse
|
|||
|
||||
// GetUserDelegationKeyResponse contains the response from method ServiceClient.GetUserDelegationKey.
|
||||
type GetUserDelegationKeyResponse = generated.ServiceClientGetUserDelegationKeyResponse
|
||||
|
||||
// SubmitBatchResponse contains the response from method Client.SubmitBatch.
|
||||
type SubmitBatchResponse struct {
|
||||
// Responses contains the responses of the sub-requests in the batch
|
||||
Responses []*BatchResponseItem
|
||||
|
||||
// ContentType contains the information returned from the Content-Type header response.
|
||||
ContentType *string
|
||||
|
||||
// RequestID contains the information returned from the x-ms-request-id header response.
|
||||
RequestID *string
|
||||
|
||||
// Version contains the information returned from the x-ms-version header response.
|
||||
Version *string
|
||||
}
|
||||
|
||||
// BatchResponseItem contains the response for the individual sub-requests.
|
||||
type BatchResponseItem = exported.BatchResponseItem
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue